We Keep Coding

ASP.NET Core 6 - Use URI's extension to get Accept header value

I'm migrating an application from NancyFx to Kestrel in ASP.NET Core 6.
In Nancy, you could specify the Accept value in the URI. For example, these Uris:
http://localhost:5000/my/resource.json
http://localhost:5000/my/resource.protobuf
http://localhost:5000/my/resource.xml
Would be the equivalent of setting the Accepts header to application/json, application/protobuf or application/xml respectively.
Does this exist in Kestrel? I remember finding one example, long ago, of regex-ing the route and doing it somewhat manually. But
I can't find that post again, and
If I have to do that, I'm not sure I want to :)
Is there a way to configure this behavior in ASP.NET Core 6?
The object returned from my handler in the controller is already capable of being serialized to json/xml/whatever. I just need to check the URI to set the content-type of the response so the correct formatter will be invoked.
At the moment, I have a client that will speak to both Nancy and Kestrel and it was written to use the URI to get the type. I'm fine to rewrite/update the client so it will use the Accept header. But getting the URI method to work will make the initial integration easier and a refactor to use the headers can come next.

I created a very simple middleware that reads the accept value from the query string and sets the Accept header to the request:
public class AcceptHeaderFromQueryString
{
private readonly RequestDelegate _next;
public AcceptHeaderFromQueryString(RequestDelegate next)
{
_next = next;
}
public async Task InvokeAsync(HttpContext context)
{
var accept = context.Request.Query["accept"];
if (!string.IsNullOrEmpty(accept))
{
context.Request.Headers.Accept = accept;
}
await _next(context);
}
}
Register the middleware:
app.UseMiddleware<AcceptHeaderFromQueryString>();
I added [Produces(MediaTypeNames.Application.Json, MediaTypeNames.Application.Xml)] attribute to my api controller action (this step is not required):
[HttpGet]
[Produces(MediaTypeNames.Application.Json, MediaTypeNames.Application.Xml)]
public IEnumerable<WeatherForecast> Get()
{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = Random.Shared.Next(-20, 55),
Summary = Summaries[Random.Shared.Next(Summaries.Length)]
})
.ToArray();
}
Finally I added support for xml serialization in Program.cs:
builder.Services.AddControllers()
.AddXmlDataContractSerializerFormatters();
Then I tried these urls and they both gave appropriate response:
https://localhost:7258/weatherforecast?accept=application/json
https://localhost:7258/weatherforecast?accept=application/xml

You possibly want the [Consumes] attribute. This allows you to specify a controller action that only gets called from a route of the specified content type.
Obviously this is not using the Accepts header but the content type of the request.

How to design multiple ways to invoke REST API

I am using ASP.NET Web API. I want to REST uri to be
GET /api/v1/documents/1234/download or
GET /api/v1/documents/1234?act=download or
GET /api/v1/documents?id=1234&act=download
Is it possible to have multiple ways to call REST API Url? Is it recommended?
I am using Attribute Routes only
[RoutePrefix("api/v1")]
public class DocumentController : ApiController
{
private readonly DomainService _domainService;
public DocumentController(DomainService domainService)
: base(domainService)
{
_domainService = domainService ?? throw new ArgumentNullException(nameof(domainService));
}
[HttpGet]
[Route("documents/{id:int}")]
public async Task<IHttpActionResult> DownloadDocument([FromUri]int id, [FromUri]string act)
{
if (string.IsNullOrEmpty(act) || act.ToUpper() != "DOWNLOAD")
{
return BadRequest("Invalid action parameter.");
}
return await service.DownloadFile(id);
}
}
with above code only GET /api/v1/documents/1234?act=download works. Is it possible to configure route in a such way that all 3 routes will invoke same action method?

You can add as many Route attributes as required to each method.
So you could do this to your method:
[Route("documents")] // matches /documents?id=123&act=download
[Route("documents/{id:int}")] // matches /documents/123?act=download
[Route("documents/{id:int}/{act}")] // matches /documents/123/download
Personally I think this is quite long-winded, and would try to stick to a single style (the last one if I could choose), but I guess it could depend on your requirements.

Correct HTTP verb to use for a business rules validation endpoint in Web API

I have the below Web API controller. Its sole responsibility is to validate the incoming document against a set of business rules and return a result. Which is the correct HTTP verb to use for this controller action?
//[Http<???>]
public IActionResult ValidateBusinessRules([FromBody BusinessDocument document)
{
var result = ValidateBusinessRules(document);
return Ok(result);
}

[FromBody] explicitly tells the model binder to check the request body for data to bind. And since only certain request allow a body then it means that it works with POST or PUT.
POST would be the default verb to use in this scenario. Taking model state into consideration the action can look like this
[HttpPost]
public IActionResult ValidateBusinessRules([FromBody] BusinessDocument document) {
if(ModelState.IsValid) {
var result = ValidateBusinessRules(document);
if(result.IsValid) { //assuming result has a flag
return Ok(result);
}
return BadRequest(result);//assuming result provides relevant details.
}
return BadRequest(ModelState);
}
That way the status of the response can provide some relevant feedback about the request made.

One could argument that POST should only be used for creating a new entity but as GET is not designed to send data through the request body and the other verbs (PUT = update entity, DELETE = remove entity) don't give you a better option I would say it's OK to use POST for scenarios where you need to get some data from the server and need to send data in the request body.
I would therefore recommend you to use POST here
[HttpPost]
public IActionResult ValidateBusinessRules([FromBody] BusinessDocument document)
{
var result = ValidateBusinessRules(document);
return Ok(result);
}

If you use this endpoint to validate data from form, and then you want to save them through another endpoint, I think, that the best solution would be something like this:
[HttpPost]
[Route("documents")]
public IActionResult ValidateBusinessRules([FromBody] BusinessDocument document)
{
var result = ValidateBusinessRules(document);
if (!result.IsValid)
{
return BadRequest(result);
}
var document = _documentService.Save(document);
return Ok(document);
}
For me it is odd to use POST if you don't want to create new resource.

Wep Api - 405 Method Not Allowed

I have a Web Api project with a controller that has methods for GET, DELETE, POST, and PUT.
When I try to do a POST or PUT to this controller I always get a 405 Method Not Allowed error. The data being sent over looks valid, it's just an object with six simple properties. I put a breakpoint in my method and as expected in this case, it doesn't get hit. I registered a DelegatingHandler (mentioned at Web Api - Catch 405 Method Not Allowed) to inspect the incoming request and outgoing response and I can tell that my request is being processed by the Api (meaning the problem is not with the client). I also used Fiddler to inspect the request/response and the response headers say under Security, Allow: DELETE, GET.
This clearly tells me that PUT and POST are not allowed, for whatever reason, even though I have methods decorated with the [HttpPost] and [HttpPut] attributes and have the routing configured correctly, as far as I can tell. I am using default routing but also have methods which use attribute routing.
This sounds like there may be some kind of security issue, however, I'm able to do POST and PUT in my other controllers and I don't see any differences which I believe would be the cause of the problem.
Here's a snippet of my code:
public class PricesController : ApiController
{
// DELETE: api/Prices/5
[HttpDelete]
[ResponseType(typeof(Price))]
[Route("api/Prices/{id:int}")]
public async Task<IHttpActionResult> DeletePrice(int id)
{
// code omitted
}
// GET: api/Prices/5
[HttpGet]
[ResponseType(typeof(Price))]
[Route("api/Prices/{id:int}")]
public async Task<IHttpActionResult> GetPrice(int id)
{
// code omitted
}
// GET: api/Prices
[HttpGet]
[Route("api/Prices")]
public IQueryable<Price> GetPrices()
{
// code omitted
}
// POST: api/Prices
[HttpPost]
[ResponseType(typeof(Price))]
[Route("api/Prices", Name = "Prices")]
public async Task<IHttpActionResult> PostPrice(Price price)
{
// code omitted
}
// PUT: api/Prices/5
[HttpPut]
[ResponseType(typeof(void))]
[Route("api/Prices/{id:int}")]
public async Task<IHttpActionResult> PutPrice(int id, Price price)
{
// code omitted
}
}
Any help would be appreciated. I've spent all day trying to figure this out.

It sounds like it's not binding correctly.
Can you try decorating Price with [FromBody] before it in your actions?
PostPrice([FromBody] Price price)

How to add multiple Get Post and Delete methods in RESTful Service

I am new to REST Services and would like to know how we can add multiple Get / Post / Delete methods.
for e.g.
We are having following Get Methods: -
GetAllUsers()
GetUserByID(int id)
GetUserByName(string name)
Similarly, Delete methods: -
DeleteAllUsers()
DeleteUserByID(int id)
DeleteUserByName(string name)
Post/Put Methods: -
PutCreateDefaultUser()
PutCreateUser(User user)
PutCreateMultipleUsers(User[] users)
So how to define Get/Delete/Post/Put methods in above case. Is that name it self says which is get / delete /put / post
Also How to set the uri template for each?
What will be the URI of each method?
Note: I am using MVC4 .Net Web API project, I am NOT using WCF

Your examples point out to more of an RPC implementation. REST is based on resources. Each resource has its methods. to Get, Update, Insert and Delete. If you are planning to have what you said in your question, you can do it in your ASP.NET API with no problem: (But be sure that this is NOT REST)
Update (2018)
After some time and experience (and after a user comment on this old answer) I realized it was wrong to say that OP endpoints were not Restfull. The routes can be easily done to achieve that, as my examples already have shown. Funny how we learn and change our own ideas/opinions with time. :)
UserController
[RoutePrefix("api/v1")]
public class UserController : ApiController
{
[HttpGet]
[Route("users")]
public HttpResponseMessage GetAllUsers()
{
...
}
[HttpGet]
[Route("users/{id:int}")]
public HttpResponseMessage GetUserByID(int id)
{
...
}
[HttpGet]
[Route("users/{name:string}")]
public HttpResponseMessage GetUserByName(string name)
{
...
}
[HttpDelete]
public HttpResponseMessage DeleteAllUsers()
{
...
}
[HttpDelete]
[Route("users/{id:int}")]
public HttpResponseMessage DeleteUserByID(int id)
{
...
}
}
With the HttpAttributes, you can have as many HttpDeletes you want. Just put the attribute on top of the action and you're good to go. It also enforces that the methods can only be called using that HTTP verb. So in the Delete above, if you do a call with a GET verb, you'll get nothing. (The action will not be found)
You can also explicitly give a custom route to your action if you so desire. For instance, your call to GetUserByID would be:
GET: http://localhost:2020/api/v1/users/1

Most of the information you require can be found here:
http://www.asp.net/web-api/overview/web-api-routing-and-actions/routing-in-aspnet-web-api
http://www.asp.net/web-api/overview/web-api-routing-and-actions/routing-and-action-selection
You can specify the HTTP method with an attribute: AcceptVerbs, HttpDelete, HttpGet, HttpHead, HttpOptions, HttpPatch, HttpPost, HttpPut.
Otherwise, if the name of the controller method starts with "Get", "Post", "Put", "Delete", "Head", "Options", or "Patch", then by convention the action supports that HTTP method.
If none of the above, the method supports POST.
The Uri will depend on the name of the controller:
/api/controller-name/GetAllUsers