ASP.NET Web API: get client id in pre-flight request
I have incorporated CORS into my ASP.NET Web API project and I need a way to identify the user making the request before flying. This is because each client has its own authorized origin.
This is what mine looks like CorsPolicyProvider
:
public class MyCorsPolicyProvider : ICorsPolicyProvider {
private CorsPolicy _policy;
public MyCorsPolicyProvider() {
_policy = new CorsPolicy {
AllowAnyMethod= true,
AllowAnyHeader = true
};
}
public Task<CorsPolicy> GetCorsPolicyAsync(HttpRequestMessage request, CancellationToken cancellationToken) {
var clientId = ""; // How do I get this? Getting the user name or any way to uniquely identify the user is fine.
Client client = ClientManager.FindClient(clientId);
if (client != null && !string.IsNullOrEmpty(client.AllowedOrigin)) {
_policy.Origins.Add(client.AllowedOrigin);
}
return Task.FromResult(_policy);
}
}
My pre-flight request does not contain any user information, so I'm not sure if this is possible. But it seems to me that this is a common scenario, no? It would be ideal if I had access to my requirements, but obviously we don't know anything about the user at the moment. Am I approaching this the wrong way?
+3
source to share
No one has answered this question yet
Check out similar questions: