I need to write a RequestFilterAsyncAttribute of my own, and (in that filter) I need to know whether or not the current service operation has been declared with an [Authenticate] attribute.
My filter is guaranteed to run after the [Authenticate] attribute.
If so, my filter has different behavior on whether the calling user has authorized or not.
This may not be the right approach to take to find this out.
(what I really want to know is, whether or not this service operation is required to be authorized (as indicated by using the [Authenticate], and that my filter only runs if the call passes that authorization (using the JwtAuthProviderReader)
Any metadata that ServiceStack knows about a Service is available from HostContext.Metadata, e.g:
public class MyFilter : RequestFilterAsyncAttribute
{
public override async Task ExecuteAsync(
IRequest req, IResponse res, object requestDto)
{
var opMeta = HostContext.Metadata.GetOperation(requestDto.GetType());
if (opMeta.RequiresAuthentication)
{
//...
}
}
}
It isn’t strictly necessary for ServiceStack to know a Service requires Authentication to implement it, but we maintain it for metadata purposes.
If you ever need to find about any other Request Filter Attribute for a specific Service implementation, you can use reflection on its Service Type, e.g:
var opMeta = HostContext.Metadata.GetOperation(requestDto.GetType());
var authAttr = opMeta.ServiceType.FirstAttribute<AuthenticateAttribute>();
if (authAttr != null)
{
//...
}