Develop Reference

Access HttpContextAccessor from startup.cs in .net Core WebApi

I'm logging exceptions to database in asp.net core. MyDbContext take HttpContextAccessor parameter.So, I'm sending HttpContextAccessor to MyDbContext.cs for access my JWT. But, I can't access my HttpContextAccessor from Startup.cs. How can I achieve this?
Startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddHttpContextAccessor();
services.AddMvc();
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddDbContext<MyDbContext>();
services.AddTransient<IUnitOfWork, UnitOfWork>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseExceptionHandler(builder => builder.Run(async context =>
{
var error = context.Features.Get<IExceptionHandlerFeature>();
context.Response.AddApplicationError(error,???????);//I want access HttpContextAccessor
await context.Response.WriteAsync(error.Error.Message);
}));
app.UseHttpsRedirection();
app.UseMvc();
}
ExceptionHelper.cs
public static class ExceptionHelper
{
public static async Task AddApplicationError(this HttpResponse response, IExceptionHandlerFeature error, IHttpContextAccessor httpContextAccessor)
{
Log log = new Log();
log.Message = error.Error.Message;
MyDbContext context = new MyDbContext(null, httpContextAccessor);
UnitOfWork uow = new UnitOfWork(context);
uow.LogRepo.AddOrUpdate(log);
await uow.CompleteAsync(false);
}
}
MyDbContext
public class MyDbContext : DbContext
{
private readonly IHttpContextAccessor _httpContextAccessor;
public MyDbContext(DbContextOptions<MyDbContext> options, IHttpContextAccessor httpContextAccessor)
: base(GetOptions())
{
_httpContextAccessor = httpContextAccessor;
}
private static DbContextOptions GetOptions()
{
return SqlServerDbContextOptionsExtensions.UseSqlServer(new DbContextOptionsBuilder(), "server=asd; database=; user id=asd; password=1234").Options;
}
public override async Task<int> SaveChangesAsync(CancellationToken cancellationToken = default(CancellationToken))
{
var token = _httpContextAccessor.HttpContext.Request.Headers["Authorization"];
var audits = AuditHelper.AddAuditLog(base.ChangeTracker, token);
return (await base.SaveChangesAsync(true, cancellationToken));
}
}

You can inject whatever you need into the Configure method. You have already added it to the service collection with this line:
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
So all you need to do is add it to the list of arguments on the method like this:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, IHttpContextAccessor accessor)
{
// make use of it here
}
As an aside: I would also point out that it's a bit of a code smell that you are manually creating an instance of your DbContext inside your static helper class when you are using dependency injection.
Update in response to comment
In order to tidy things up a bit I would start by changing your startup to configure you DbContext something like this:
public class Startup
{
private readonly IConfiguration configuration;
public Startup(IConfiguration configuration)
{
this.configuration = configuration;
}
public void ConfigureServices(IServiceCollection services)
{
// register other things here...
services.AddDbContext<DataContext>(o => o.UseSqlServer(
config.GetConnectionString("MyConnectionString") // from appsettings.json
));
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
// set up app here...
}
}
You can then remove the .GetOptions() method from MyDbContext, and change the constructor to:
public MyDbContext(DbContextOptions<MyDbContext> options, IHttpContextAccessor httpContextAccessor)
: base(options)
{
_httpContextAccessor = httpContextAccessor;
}
Then you inject an instance of MyDbContext into whatever class needs access to it. The problem is that (to my knowledge) DI does not work well with static classes/methods, and you are using an extension method on the HttpResponse to log your error.
In my opinion it would be better to create a class that is responsible for logging the error with a dependency on your MyDbContext and have that injected into the Configure method:
public class ErrorLogger
{
private MyDataContext db;
public ErrorLogger(MyDataContext db) => this.db = db;
public void LogError(IExceptionHandlerFeature error)
{
Log log = new Log();
log.Message = error.Error.Message;
UnitOfWork uow = new UnitOfWork(this.db);
uow.LogRepo.AddOrUpdate(log);
await uow.CompleteAsync(false);
}
}
Register it with the DI container as you have with other things, then inject it into Configure instead of the HTTP accessor:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ErrorLogger logger)
{
app.UseExceptionHandler(builder => builder.Run(async context =>
{
var error = context.Features.Get<IExceptionHandlerFeature>();
logger.LogError(error);
await context.Response.WriteAsync(error.Error.Message);
}));
}
I have not tested this, and I am not familiar with .UseExceptionHandler(...) as I use application insights to log exceptions etc (take a look at it if you've not seen it). One thing to be aware of is the scope of your dependencies; your DbContext will be Scoped by default (and I think you should leave it that way), which means you cannot inject it into Singleton objects.

How to use identity?

Description
I'm learning ASP.NET Core with MVC pattern and I'm trying to create a custom Roles for my users.
Code
For doing this I setup inside the ConfigureServices method this Identity:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<MyAppContext>(options => options.UseSqlServer(#"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=MyApp;Integrated Security=True;Connect Timeout=30;"));
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<MyAppContext>()
.AddDefaultTokenProviders();
}
then inside the Configure method I declare this:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
new UserRoleSeed(app.ApplicationServices.GetService<RoleManager<IdentityRole>>()).SeedAsync();
}
Essentially I used the Dependency Injection to pass the RoleManager in the UserRoleSeed constructor, which is a configuration class for the role:
public class UserRoleSeed
{
private readonly RoleManager<IdentityRole> _roleManager;
public UserRoleSeed(RoleManager<IdentityRole> roleManager)
{
_roleManager = roleManager;
}
public async void SeedAsync()
{
if ((await _roleManager.FindByNameAsync("Admin")) == null)
{
await _roleManager.CreateAsync(new IdentityRole { Name = "Admin" });
}
}
}
when I start the application I get this error:
System.InvalidOperationException: 'Cannot resolve scoped service 'Microsoft.AspNetCore.Identity.RoleManager`1[Microsoft.AspNetCore.Identity.IdentityRole]' from root provider.'
What I did wrong?
NB: I added only the relevant code.

There are two issues in your code:
resolving RoleManager<IdentityRole> from root provider
SeedAsync will cause object dispose error.
Try steps below to resolve your issue:
Add IServiceProvider to Configure
public void Configure(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider serviceProvider)
Modify SeedAsync from void to Task
public async Task SeedAsync()
Call SeedAsync from Configure
new UserRoleSeed(serviceProvider.GetService<RoleManager<IdentityRole>>()).SeedAsync().Wait();

Getting InvalidOperationException when trying to inject db context into custom middleware

I need to inject a db context object into a custom middleware called AuthenticateClient, but I get the exception:
InvalidOperationException: Cannot resolve scoped service
'LC.Tools.API.Data.ApiDbContext' from root provider.
AuthenticateClient.cs:
public class AuthenticateClient
{
private readonly RequestDelegate _next;
private readonly ILogger _logger;
private readonly GenericUnitOfWork _worker;
public AuthenticateClient(RequestDelegate next, ApiDbContext db, IHttpContextAccessor httpContext, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<Utility.LCLog.Settings> settings)
{
_next = next;
_logger = loggerFactory.CreateLogger(settings.Value.ApplicationName);
_worker = new GenericUnitOfWork(new AppHelper(httpContext, db, env));
}
public async Task Invoke(HttpContext context)
{
if (!context.Request.Headers.Keys.Contains("key") || !context.Request.Headers.Keys.Contains("pass"))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Key or Pass missing from request header values");
return;
}
else
{
Client client;
string key, pass;
key = context.Request.Headers["key"];
pass = context.Request.Headers["pass"];
client = await _worker.GetRepo<Client>().SingleOrDefault(clnt => clnt.Active && clnt.Key.Equals(key) && clnt.Password.Equals(pass));
if (client == null)
{
_logger.LogWarning("Client authentication failed", new string[] { "Key: " + key, "Password: " + pass, "Host: " + context.Request.Host });
context.Response.StatusCode = 401;
await context.Response.WriteAsync("Authentication failed");
return;
}
}
await _next.Invoke(context);
}
}
AuthenticateClientExtension.cs:
public static class AuthenticateClientExtension
{
public static IApplicationBuilder UseClientAuthentication(this IApplicationBuilder builder)
{
return builder.UseMiddleware<AuthenticateClient>();
}
}
Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApiDbContext>(options => options.UseSqlServer(this.ConnectionString));
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<Settings> lclog)
{
loggerFactory.AddLCLog(lclog.Value);
app.UseClientAuthentication();
app.UseMvc();
}
ApiDbContext.cs:
public class ApiDbContext : DbContext, IApiDbContext
{
public ApiDbContext(DbContextOptions<ApiDbContext> options) : base(options) { }
protected override void OnModelCreating(ModelBuilder builder)
{
...
}
}

The solution was to use IApplicationBuilder to create scope and init
ApiDbContext and pass it to the middleware object. I also changed how I register the ApiDbContext
AuthenticateClientExtension.cs:
public static class AuthenticateClientExtension
{
public static IApplicationBuilder UseClientAuthentication(this IApplicationBuilder builder)
{
var scope = builder.ApplicationServices.CreateScope();
ApiDbContext db = scope.ServiceProvider.GetRequiredService<ApiDbContext>();
return builder.UseMiddleware<AuthenticateClient>(db);
}
}
Startup.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApiDbContext>(options => options.UseSqlServer(this.ConnectionString));
...
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions<Settings> lclog)
{
...
app.UseClientAuthentication();
app.UseMvc();
}

Getting "Could not resolve a service of type .." after upgrading to Core 2 Preview 2

I've just upgraded to ASP.NET Core 2 Preview 2 and ran into a problem with the depedency injection. I get
Could not resolve a service of type
'LC.Tools.API.Data.GenericDbContext' for the parameter 'context' of
method 'Configure' on type 'LC.Tools.API.Startup'
when running the project.
I didn't have this problem when using the old version.
DbContext (GenericDbContext):
namespace LC.Tools.API.Data
{
public class GenericDbContext : DbContext
{
public GenericDbContext(DbContextOptions<GenericDbContext> options) : base(options) { }
protected override void OnModelCreating(ModelBuilder builder)
{
//Generic
builder.Entity<Client>();
builder.Entity<Graphic>();
.
.
.
.
.
//Shop
builder.Entity<Models.Shop.Store>().ToTable("ShopClient");
builder.Entity<Models.Shop.Category>().ToTable("ShopCategory");
.
.
.
.
.
.
}
}
Startup.cs:
namespace LC.Tools.API
{
public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
this.HostingEnvironment = env;
}
public void ConfigureServices(IServiceCollection services)
{
services.AddOptions();
services.AddDbContext<Data.GenericDbContext>(options => options.UseSqlServer(this.ConnectionString));
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, Data.GenericDbContext context)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = Microsoft.AspNetCore.HttpOverrides.ForwardedHeaders.XForwardedFor,
ForwardLimit = 2
});
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
app.UseStaticFiles();
app.UseMvc();
Data.Debug.Init.Initalize(context, env);
}
private IHostingEnvironment HostingEnvironment { get; set; }
public IConfigurationRoot Configuration { get; }
private string ConnectionString
{
get
{
return this.HostingEnvironment.IsDevelopment() ? Configuration.GetConnectionString("Development") : Configuration.GetConnectionString("Production");
}
}
}
}
Exception:
An error occurred while starting the application.
InvalidOperationException: Cannot resolve scoped service
'LC.Tools.API.Data.GenericDbContext' from root provider.
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteValidator.ValidateResolution(Type
serviceType, ServiceProvider serviceProvider) Exception: Could not
resolve a service of type 'LC.Tools.API.Data.GenericDbContext' for the
parameter 'context' of method 'Configure' on type
'LC.Tools.API.Startup'.
Microsoft.AspNetCore.Hosting.Internal.ConfigureBuilder.Invoke(object
instance, IApplicationBuilder builder)
InvalidOperationException: Cannot resolve scoped service
'LC.Tools.API.Data.GenericDbContext' from root provider.
Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteValidator.ValidateResolution(Type
serviceType, ServiceProvider serviceProvider)
Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type
serviceType)
Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider
provider, Type serviceType)
Microsoft.AspNetCore.Hosting.Internal.ConfigureBuilder.Invoke(object
instance, IApplicationBuilder builder)

You are trying to inject the context into the Configure method which wont work. Remove the injected context from the Configure method and instead inject the service provider and try to resolve the context within the method.
public IServiceProvider ConfigureServices(IServiceCollection services) {
services.AddOptions();
services.AddDbContext<Data.GenericDbContext>(options => options.UseSqlServer(this.ConnectionString));
services.AddMvc();
// Build the intermediate service provider
var serviceProvider = services.BuildServiceProvider();
//return the provider
return serviceProvider;
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory, IServiceProvider serviceProvider) {
//...Other code removed for brevity
var context = serviceProvider.GetService<Data.GenericDbContext>();
Data.Debug.Init.Initalize(context, env);
}

#Nkosi's answer got me on the right track but you don't actually need that many steps, at least in version 2.0 and up:
public void ConfigureServices(IServiceCollection services) {
services.AddOptions();
services.AddDbContext<Data.GenericDbContext>(options => options.UseSqlServer(this.ConnectionString));
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory, IServiceProvider serviceProvider) {
//...Other code removed for brevity
var context = serviceProvider.GetService<Data.GenericDbContext>();
Data.Debug.Init.Initalize(context, env);
}
You don't need to return anything from ConfigureServices or build an intermediate provider in the version I'm running (2.0)

ASP.NET Core JWT Bearer Token Custom Validation

After a lot of reading, I have found a way to implement a custom JWT bearer token validator as below.
Starup.cs:
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory, IApplicationLifetime appLifetime)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseStaticFiles();
app.UseIdentity();
ConfigureAuth(app);
app.UseMvcWithDefaultRoute();
}
private void ConfigureAuth(IApplicationBuilder app)
{
var signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(Configuration.GetSection("TokenAuthentication:SecretKey").Value));
var tokenValidationParameters = new TokenValidationParameters
{
// The signing key must match!
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
// Validate the JWT Issuer (iss) claim
ValidateIssuer = true,
ValidIssuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
// Validate the JWT Audience (aud) claim
ValidateAudience = true,
ValidAudience = Configuration.GetSection("TokenAuthentication:Audience").Value,
// Validate the token expiry
ValidateLifetime = true,
// If you want to allow a certain amount of clock drift, set that here:
ClockSkew = TimeSpan.Zero
};
var jwtBearerOptions = new JwtBearerOptions();
jwtBearerOptions.AutomaticAuthenticate = true;
jwtBearerOptions.AutomaticChallenge = true;
jwtBearerOptions.TokenValidationParameters = tokenValidationParameters;
jwtBearerOptions.SecurityTokenValidators.Clear();
//below line adds the custom validator class
jwtBearerOptions.SecurityTokenValidators.Add(new CustomJwtSecurityTokenHandler());
app.UseJwtBearerAuthentication(jwtBearerOptions);
var tokenProviderOptions = new TokenProviderOptions
{
Path = Configuration.GetSection("TokenAuthentication:TokenPath").Value,
Audience = Configuration.GetSection("TokenAuthentication:Audience").Value,
Issuer = Configuration.GetSection("TokenAuthentication:Issuer").Value,
SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
};
app.UseMiddleware<TokenProviderMiddleware>(Options.Create(tokenProviderOptions));
}
Custom validator class:
public class CustomJwtSecurityTokenHandler : ISecurityTokenValidator
{
private int _maxTokenSizeInBytes = TokenValidationParameters.DefaultMaximumTokenSizeInBytes;
private JwtSecurityTokenHandler _tokenHandler;
public CustomJwtSecurityTokenHandler()
{
_tokenHandler = new JwtSecurityTokenHandler();
}
public bool CanValidateToken
{
get
{
return true;
}
}
public int MaximumTokenSizeInBytes
{
get
{
return _maxTokenSizeInBytes;
}
set
{
_maxTokenSizeInBytes = value;
}
}
public bool CanReadToken(string securityToken)
{
return _tokenHandler.CanReadToken(securityToken);
}
public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
{
//How to access HttpContext/IP address from here?
var principal = _tokenHandler.ValidateToken(securityToken, validationParameters, out validatedToken);
return principal;
}
}
In case of stolen token, I would like to add an additional layer of security to validate that the request is coming from the same client who generated the token.
Questions:
Is there any way I can access HttpContext within the CustomJwtSecurityTokenHandler class so that I could add custom validations based on the current client/requestor?
Is there any other way we can validate the authenticity of the requestor using such method/middleware?

In ASP.NET Core, HttpContext could be obtained using IHttpContextAccessor service. Use DI to pass IHttpContextAccessor instance into your handler and get value of IHttpContextAccessor.HttpContext property.
IHttpContextAccessor service is not registered by default, so you first need to add the following in your Startup.ConfigureServices method:
services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
then modify your CustomJwtSecurityTokenHandler class:
private readonly IHttpContextAccessor _httpContextAccessor;
public CustomJwtSecurityTokenHandler(IHttpContextAccessor httpContextAccessor)
{
_httpContextAccessor = httpContextAccessor;
_tokenHandler = new JwtSecurityTokenHandler();
}
...
public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
{
var httpContext = _httpContextAccessor.HttpContext;
}
You should also use DI technique for JwtSecurityTokenHandler instantiation. Look into Dependency Injection documentation if you are new to all this stuff.
Update: how to manually resolve dependencies (more info here)
modify Configure method to use IServiceProvider serviceProvider:
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory, IApplicationLifetime appLifetime,
IServiceProvider serviceProvider)
{
...
var httpContextAccessor = serviceProvider.GetService<IHttpContextAccessor>();
// and extend ConfigureAuth
ConfigureAuth(app, httpContextAccessor);
...
}

Just to complement another solution and without injection into ISecurityTokenValidator, could be like
In your ISecurityTokenValidator Implementation (CustomJwtSecurityTokenHandler in this case)
public class CustomJwtSecurityTokenHandler : ISecurityTokenValidator {
...
//Set IHttpContextAccessor as public property to set later in Starup class
public IHttpContextAccessor _httpContextAccessor { get; set; };
//Remove injection of httpContextAccessor;
public CustomJwtSecurityTokenHandler()
{
_tokenHandler = new JwtSecurityTokenHandler();
}
...
And in Startup class configure property "CustomJwtSecurityTokenHandler" as global member
public readonly CustomJwtSecurityTokenHandler customJwtSecurityTokenHandler = new()
In ConfigureServices method of Startup class add the global customJwtSecurityTokenHandler.
public void ConfigureServices(IServiceCollection services)
{
...
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(
o =>
{
...
//Add the global ISercurityTokenValidator implementation
o.SecurityTokenValidators.Add(this.customJwtSecurityTokenHandler );
}
);
...
}
Then in Configure method of Startup class pass IHttpContextAccessor instance to property of the global customJwtSecurityTokenHandler (ISecurityTokenValidator)
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory, IApplicationLifetime appLifetime,
IServiceProvider serviceProvider)
{
...
var httpContextAccessor = serviceProvider.GetService<IHttpContextAccessor>();
//And add to property, and not by constructor
customJwtSecurityTokenHandler.httpContextAccessor = httpContextAccessor;
...
}
In my case I've configured SecurityTokenValidator in ConfigureService so In this time there is not exist any instace of IServiceProvider, then in Configure method you can use IServiceProvider to get IHttpContextAccessor

For custom JWT validator, I created a JWTCosumerProvider class inhert to IOAuthBearerAuthenticationProvider. And implement the ValidateIdentity() method to check the identity Claim which i stored the client IP address at first place，then compare to current request Id address after.
public Task ValidateIdentity(OAuthValidateIdentityContext context)
{
var requestIPAddress = context.Ticket.Identity.FindFirst(ClaimTypes.Dns)?.Value;
if (requestIPAddress == null)
context.SetError("Token Invalid", "The IP Address not right");
string clientAddress = JWTHelper.GetClientIPAddress();
if (!requestIPAddress.Equals(clientAddress))
context.SetError("Token Invalid", "The IP Address not right");
return Task.FromResult<object>(null);
}
JWTHelper.GetClientIPAddress()
internal static string GetClientIPAddress()
{
System.Web.HttpContext context = System.Web.HttpContext.Current;
string ipAddress = context.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (!string.IsNullOrEmpty(ipAddress))
{
string[] addresses = ipAddress.Split(',');
if (addresses.Length != 0)
{
return addresses[0];
}
}
return context.Request.ServerVariables["REMOTE_ADDR"];
}
hope this help!