var fontAwesomeIcon = "<span class=\"fa fa-redo\" style=\"font-size:30px; color: red; margin-bottom: 20px; \"> Try again</span>";
TempData["message"] = $"{fontAwesomeIcon} <h5>Something went wrong. Please try again. If problem persist, reach out to your point of contact for additional information</h5>";
I did a Web API deployment in Azure Web API service. I was able to access the URL in browser and Postman. I started getting following error when I try to integrate in ASP.NET Web App in my local development environment;
Access to XMLHttpRequest at ‘https://xyz-dev.azurewebsites.net/api/Authentication/GetTestUser?name=testuser’ from origin ‘http://localhost:17686’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
jquery.js:9172 GET https://xyz-dev.azurewebsites.net/api/Authentication/GetTestUser?name=testuser net::ERR_FAILED
To solve the problem, I did this;
Here is server-side (Web API) code;
Add following to Web API ConfigureServices method;
If interested in learning more about this, read below;
Researched and figured out that browser sends two requests to the server. Tiny request and actual request.
The browser sends a tiny request called a preflight request before the actual request. It includes details such as the HTTP method used and whether any custom HTTP headers are present. The preflight allows the server to see how the actual request would appear before it is sent. The server will then tell the browser whether or not to submit the request, or whether to return an error to the client instead.
See below for problem header without CORS and with CORS in web API;
Headers without CORS implementation in Web API (Problem);
Headers with CORS implementation in Web API (Problem solved);
.NET and SQL Server have always come up short when it comes to handling date and time data. To be fair, most other languages and databases do as well. Although there have always been ways to cover the inadequacies, the work-arounds have always felt clumsy to me. We deal with them so often in our daily lives to the point that they seem rather simple and intuitive to us, yet dates and times are complicated concepts. Initially, both .NET and SQL Server set out to handle some of the most complicated aspects for us, each with its own DateTime data type.
How do we access the configuration settings in the Middleware component in ASP.NET Core applications?
As we know middleware is a component that is used in the application pipeline to handle requests and responses which can help perform pre and post-operation within the request and response API pipeline.
We will be using two approaches, one with simple configuration and second with IOptions pattern. You can read more about it here;
public class CustomMiddleware
{
private readonly RequestDelegate _next;
public CustomMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext httpContext)
{
try
{
await _next(httpContext);
}
catch (Exception ex)
{
throw ex;
//_logger.LogError($"Something went wrong: {ex.Message}");
}
}
}
Approach 1- Using IConfiguration to load the Config settings in Middleware
This approach does not require any custom interface. When CreateDefaultBuilder runs, it load application configuration by default from appsettings.json. This is available to any component in the application.
We are going to inject RequestDelegete and IConfiguration from the constructor in middleware;
public class MiddlewareWithIConfiguration
{
private readonly RequestDelegate _next;
private readonly IConfiguration _configurationSettings;
public MiddlewareWithIConfiguration(RequestDelegate next, IConfiguration optionsSettings)
{
_next = next;
_configurationSettings = optionsSettings;
}
Implement InvokeAsync (assuming we need asynchronous middleware behavior) method.
public async Task InvokeAsync(HttpContext httpContext)
{
try
{
var customerKeyUrl = _configurationSettings["GlobalConfigurationSettings:CustomerConfig:CustomerKeyurl"];
Console.WriteLine($"Middleware using IConfiguration {customerKeyUrl}");
await _next(httpContext);
}
catch (Exception ex)
{
throw ex;
//_logger.LogError($"Something went wrong: {ex.Message}");
}
}
Add this line to Startup.cs file;
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseMiddleware<MiddlewareWithIConfiguration>();
}
Approach 2 – Using IOption to load the Config settings in Middleware
We need to add and configure IOptions in Startup.cs file;
public void ConfigureServices(IServiceCollection services)
{
//Add functionality to inject IOptions<T>
services.AddOptions();
services.Configure<GlobalConfigurationSettings>(Configuration.GetSection("GlobalConfigurationSettings"));
}
We need a custom class to load configuration settings;
public class GlobalConfigurationSettings
{
public string LowerEnvironment { get; set; }
public CustomerConfig CustomerConfig { get; set; }
}
public class CustomerConfig
{
public string CustomerKeyurl { get; set; }
public string CustomerdetailsUrl { get; set; }
public Agency Agency { get; set; }
}
Finally, we will be injecting RequestDelegete and IOptions from the constructor in middleware;
public class MiddlewareWithIOptions
{
private readonly RequestDelegate _next;
private readonly GlobalConfigurationSettings _configurationSettings;
public MiddlewareWithIOptions(RequestDelegate next, IOptions<GlobalConfigurationSettings> optionsSettings)
{
_next = next;
_configurationSettings = optionsSettings.Value;
}
And InvokeAsync method;
public async Task InvokeAsync(HttpContext httpContext)
{
try
{
var lowerEnvironment = _configurationSettings.LowerEnvironment;
var customerKeyUrl = _configurationSettings.CustomerConfig.CustomerKeyurl;
Console.WriteLine($"Middleware using IOptions {lowerEnvironment} - {customerKeyUrl}");
await _next(httpContext);
}
catch (Exception ex)
{
throw ex;
//_logger.LogError($"Something went wrong: {ex.Message}");
}
}
Add this line to Startup.cs file;
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseMiddleware<MiddlewareWithIOptions>();
}
If we want to restrict URL segment, we can write InvokeMethods like this;
public async Task Invoke(HttpContext context)
{
if (context.Request.Path.StartsWithSegments("/swagger")
&& !context.User.Identity.IsAuthenticated)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
return;
}
await _next.Invoke(context);
}
For an example in controllers, refer to this article;