前言

上一節(jié)我們?cè)敿?xì)講解了過(guò)濾器的創(chuàng)建過(guò)程以及粗略的介紹了五種過(guò)濾器，用此五種過(guò)濾器對(duì)實(shí)現(xiàn)對(duì)執(zhí)行Action方法各個(gè)時(shí)期的攔截非常重要。這一節(jié)我們簡(jiǎn)單將講述在Action方法上、控制器上、全局上以及授權(quán)上的自定義特性的執(zhí)行過(guò)程。

APiController?

之前有講到該APiController，也就稍微介紹了，這節(jié)我們來(lái)詳細(xì)此Web API控制器的基類：

1 public abstract class ApiController : IHttpController, IDisposable 2 { 3 // Fields 4 private HttpConfiguration _configuration; 5 private HttpControllerContext _controllerContext; 6 private bool _disposed; 7 private ModelStateDictionary _modelState; 8 private HttpRequestMessage _request; 9 private UrlHelper _urlHelper; 10 11 // Methods 12 protected ApiController(); 13 public void Dispose(); 14 protected virtual void Dispose(bool disposing); 15 public virtual Task<HttpResponseMessage> ExecuteAsync(HttpControllerContext controllerContext, CancellationToken cancellationToken); 16 protected virtual void Initialize(HttpControllerContext controllerContext); 17 internal static Func<Task<HttpResponseMessage>> InvokeActionWithActionFilters(HttpActionContext actionContext, CancellationToken cancellationToken, IEnumerable<IActionFilter> filters, Func<Task<HttpResponseMessage>> innerAction); 18 internal static Func<Task<HttpResponseMessage>> InvokeActionWithAuthorizationFilters(HttpActionContext actionContext, CancellationToken cancellationToken, IEnumerable<IAuthorizationFilter> filters, Func<Task<HttpResponseMessage>> innerAction); 19 internal static Task<HttpResponseMessage> InvokeActionWithExceptionFilters(Task<HttpResponseMessage> actionTask, HttpActionContext actionContext, CancellationToken cancellationToken, IEnumerable<IExceptionFilter> filters); 20 21 // Properties 22 public HttpConfiguration Configuration { get; set; } 23 public HttpControllerContext ControllerContext { get; set; } 24 public ModelStateDictionary ModelState { get; } 25 public HttpRequestMessage Request { get; set; } 26 public UrlHelper Url { get; set; } 27 public IPrincipal User { get; } 28 29 // Nested Types 30 private class FilterGrouping 31 { 32 // Fields 33 private List<IActionFilter> _actionFilters; 34 private List<IAuthorizationFilter> _authorizationFilters; 35 private List<IExceptionFilter> _exceptionFilters; 36 37 // Methods 38 public FilterGrouping(IEnumerable<FilterInfo> filters); 39 private static void Categorize<T>(IFilter filter, List<T> list) where T: class; 40 41 // Properties 42 public IEnumerable<IActionFilter> ActionFilters { get; } 43 public IEnumerable<IAuthorizationFilter> AuthorizationFilters { get; } 44 public IEnumerable<IExceptionFilter> ExceptionFilters { get; } 45 } 46 }

我們首先來(lái)看看此類中的一個(gè)私有類?FilterGrouping?，顧名思義是對(duì)過(guò)濾器分組，我們查看其構(gòu)造函數(shù)看看：

public FilterGrouping(IEnumerable<FilterInfo> filters) {this._actionFilters = new List<IActionFilter>();this._authorizationFilters = new List<IAuthorizationFilter>();this._exceptionFilters = new List<IExceptionFilter>();foreach (FilterInfo info in filters){IFilter instance = info.Instance;Categorize<IActionFilter>(instance, this._actionFilters);Categorize<IAuthorizationFilter>(instance, this._authorizationFilters);Categorize<IExceptionFilter>(instance, this._exceptionFilters);} }

我們僅僅只需?_actionFilters?為例，其余一樣，我們?cè)賮?lái)看看?Categorize?方法：

1 private static void Categorize<T>(IFilter filter, List<T> list) where T: class 2 { 3 T item = filter as T; 4 if (item != null) 5 { 6 list.Add(item); 7 } 8 }

從這里我們可以得知：

當(dāng)我們?cè)贖ttpActionDescriptor初始化創(chuàng)建了封裝了Filter對(duì)象的FilterInfo的集合列表，此時(shí)然后利用此類中的三個(gè)屬性類型：IActionFilter、IAuthorizationFilter、以及IExceptionFilter進(jìn)行過(guò)濾器分組得到對(duì)應(yīng)過(guò)濾器集合列表

執(zhí)行過(guò)程原理解析?

下面我們通過(guò)例子來(lái)看看之執(zhí)行過(guò)程，我們自定義以下五個(gè)過(guò)濾器

/// <summary>/// 全局的行為過(guò)濾器/// </summary>public class CustomConfigurationActionFilterAttribute : FilterAttribute, IActionFilter{public Task<HttpResponseMessage> ExecuteActionFilterAsync(System.Web.Http.Controllers.HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation){Console.WriteLine(this.GetType().Name);return continuation();}}/// <summary>/// 控制器級(jí)行為過(guò)濾器/// </summary>public class CustomControllerActionFilterAttribute : FilterAttribute, IActionFilter{public Task<HttpResponseMessage> ExecuteActionFilterAsync(System.Web.Http.Controllers.HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation){Console.WriteLine(this.GetType().Name);return continuation();}}/// <summary>/// 控制器方法級(jí)行為過(guò)濾器/// </summary>public class CustomActionFilterAttribute : FilterAttribute, IActionFilter{public Task<HttpResponseMessage> ExecuteActionFilterAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation){Console.WriteLine(this.GetType().Name);return continuation();}}/// <summary>/// 控制器級(jí)授權(quán)訪問(wèn)過(guò)濾器/// </summary>public class CustomControllerAuthorizationFilterAttribute : FilterAttribute, IAuthorizationFilter{public Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation){Console.WriteLine(this.GetType().Name);return continuation();}}/// <summary>/// 控制器方法級(jí)授權(quán)訪問(wèn)過(guò)濾器/// </summary>public class CustomControllerActionAuthorizationFilterAttribute : FilterAttribute, IAuthorizationFilter{public Task<HttpResponseMessage> ExecuteAuthorizationFilterAsync(HttpActionContext actionContext, System.Threading.CancellationToken cancellationToken, Func<Task<HttpResponseMessage>> continuation){Console.WriteLine(this.GetType().Name);return continuation();}}

接下來(lái)就是實(shí)現(xiàn)過(guò)濾器，配置文件中配置全局過(guò)濾器

config.Filters.Add(new CustomConfigurationActionFilterAttribute());

控制器及方法上過(guò)濾器

[CustomControllerAuthorizationFilter][CustomControllerActionFilter]public class ProductController : ApiController{[CustomActionFilter][CustomControllerActionAuthorizationFilter]public string GetFilter(){var sb = new StringBuilder();var actionSelector = this.Configuration.Services.GetActionSelector();var actionDesciptor = actionSelector.SelectAction(this.ControllerContext);foreach (var filterInfo in actionDesciptor.GetFilterPipeline()){sb.AppendLine("【FilterName:" + filterInfo.Instance.GetType().Name + ",FilterScope:" + filterInfo.Scope.ToString() + "】");}return sb.ToString();}}

最后來(lái)查看其結(jié)果：

看到這里是不是有點(diǎn)疑惑怎么按照Global->Controller->Action來(lái)進(jìn)行排序，如果你看過(guò)前面文章就會(huì)知道這是過(guò)濾器管道按照FilterScope來(lái)生成的，實(shí)際上在服務(wù)器端生成的順序?yàn)?CustomControllerAuthorizationFilterAttribute?、?CustomControllerActionAuthorizationFilterAttribute?、?CustomConfigurationActionFilterAttribute?、?CustomControllerActionFilterAttribute?以及?CustomActionFilterAttribute?由此我們得出結(jié)論：

授權(quán)過(guò)濾器不管任何的FilterScope都是優(yōu)于行為過(guò)濾器，而在同一種類型的過(guò)濾器中是根據(jù)FilterScope來(lái)確定執(zhí)行順序的。　

總結(jié)　

有關(guān)更多深入的內(nèi)容就不再探討，本想多寫一點(diǎn)，但是狀態(tài)不佳加上更多內(nèi)容比較復(fù)雜以免說(shuō)不太明白云里霧里，想想還是算了，就這樣了，下面還是給出其一張執(zhí)行的詳細(xì)示意圖，來(lái)源【過(guò)濾器執(zhí)行過(guò)程】

　　

接下來(lái)將通過(guò)實(shí)例詳細(xì)講解Web API中的認(rèn)證（Authentication）以及授權(quán)（Authorization），敬請(qǐng)期待。。。。。。

?

總結(jié)

以上是生活随笔為你收集整理的Web APi之过滤器执行过程原理解析【二】（十一）的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。