Injecting dependencies into custom Web API action filter attribute with Autofac

asp.net-mvc asp.net-web-api dependency-injection autofac action-filter
Mohammad Sepahvand picture Mohammad Sepahvand · Apr 25, 2014 · Viewed 18.5k times · Source

I'm trying to resolve the dependencies of my custom AuthorizeAttribute which I use to decorate my API controllers in an MVC4 app. Problem is that I keep getting a NullReferenceException on the service dependency I use within my custom filter. Here is my Autofac configuration:

public static class WebApiConfig
{
    public static void Register(HttpConfiguration config)
    {
        var builder = new ContainerBuilder();
        builder.RegisterApiControllers(Assembly.GetExecutingAssembly());
        builder.RegisterType<UnitOfWork>().As<IUnitOfWork>().InstancePerApiRequest();
        builder.RegisterType<DatabaseFactory>().As<IDatabaseFactory>().InstancePerApiRequest();
        builder.RegisterAssemblyTypes(typeof(UserProfileRepository).Assembly)
            .Where(t => t.Name.EndsWith("Repository"))
            .AsImplementedInterfaces().InstancePerApiRequest();

        builder.RegisterAssemblyTypes(typeof(IUserProfileMapper).Assembly)
            .Where(t => t.Name.EndsWith("Mapper"))
            .AsImplementedInterfaces().InstancePerApiRequest();

        builder.RegisterAssemblyTypes(typeof(UserProfileSvc).Assembly)
            .Where(t => t.Name.EndsWith("Svc"))
            .AsImplementedInterfaces().InstancePerApiRequest();

        builder.RegisterWebApiFilterProvider(config);
        var container = builder.Build();
        var resolver = new AutofacWebApiDependencyResolver(container);
        config.DependencyResolver = resolver;
    }
}

and my custom authorize filter:

public class MyAuthorizeAttribute : AuthorizeAttribute
{
    public IAuthenticationSvc _authenticationSvc;
    protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
    {
        if (!base.IsAuthorized(actionContext))
        {
            return false;
        }
        var trueUserId = WebSecurity.CurrentUserId;

        if (_authenticationSvc.GetUsersRoles(trueUserId).Any(x => x == "Admin")) return true;
        // NullReferenceException on _authenticationSvc
     }
}

According to the official docs all that is needed is:

var builder = new ContainerBuilder();
builder.RegisterWebApiFilterProvider(GlobalConfiguration.Configuration);

But that doesn't seem to do the trick either. Appreciate any help.

Answer

Toan Nguyen picture Toan Nguyen · Apr 29, 2014

You should configure property injection for your attribute

public class MyAuthorizeAttribute : AuthorizeAttribute
{
    public IAuthenticationSvc AuthenticationSvc { get; set; }
}

and the builder

builder.RegisterType<MyAuthorizeAttribute>().PropertiesAutowired();

Related questions

How to use Ninject with ASP.NET Web API?

In MVC I simply make the class NinjectControllerFactory that implements DefaultControllerFactory interface then do some bindings in it. at last in Global I run it: ControllerBuilder.Current.SetControllerFactory(new NinjectControllerFactory()); But what about using Ninject in ASP.NET Web API? …

Read More
How to pass json POST data to Web API method as an object?

ASP.NET MVC4 Web API application defines post method to save customer. Customer is passed in json format in POST request body. Customer parameter in post method contains null values for properties. How to fix this so that posted data …

Read More
HTTP Error 500.19 and error code : 0x80070021

I have a simple webAPI build by Visual Studio 2013. It works well when I run it from VS13 but when I copy the project in local IIS it gives me the following error. HTTP Error 500.19 - Internal Server Error The …

Read More