我有一个授权处理程序,用于授权用户使用我的服务。如果授权失败,我想直接从授权中间件写一个自定义响应,所以直到现在我仍使用以下代码:
protected async Task SetUnauthorized(AuthorizationHandlerContext context, string json) {
_logger.LogInformation($"Authorization failed: {json}");
context.Fail();
_httpContextAccessor.HttpContext.Response.OnStarting(async () => {
_httpContextAccessor.HttpContext.Response.StatusCode = StatusCodes.Status401Unauthorized;
_httpContextAccessor.HttpContext.Response.ContentType = "application/json";
await _httpContextAccessor.HttpContext.Response.WriteAsync(json);
});
}
直到现在,我都从未遇到过这种实现的问题,但是当我开始在xUnit的集成测试中测试失败时,这些测试突然因堆栈溢出而中止。
使用Visual Studio调试测试时,我发现堆栈溢出错误是由OnStarting()被按下时执行WriteAsync()导致的无限循环引起的。那么在没有引起堆栈溢出的情况下实现此行为的正确方法是什么?
从Rider启动日志:
...
[16:26:06 INF] Executed action WebAPI.Controllers.v1.Client.TokenController.CreateToken (WebAPI) in 118.8913ms
[16:26:06 INF] Executed endpoint 'WebAPI.Controllers.v1.Client.TokenController.CreateToken (WebAPI)'
[16:26:06 INF] Request finished in 223.6489ms 400 application/json; charset=utf-8
[16:26:06 INF] Request starting HTTP/1.1 POST http://localhost/api/v1/client/token/token application/json; charset=utf-8
[16:26:06 INF] Authorization failed: {"code":"InvalidApplication","message":"Invalid Application Name or Application Secret."}
[16:26:06 INF] Authorization failed.
[16:26:06 INF] AuthenticationScheme: Bearer was challenged.
Stack overflow.
16:28:35.609 |E| Stack overflow exception occurred in test. Test run is aborted.
...