在 JSON 类型不匹配 ASP.NET Core 上抛出自定义异常

Question

What I am attempting to do is throw my own exceptions when there is a type mismatch between the JsonTokenType and the object/struct I am converting to.

For example, my object is LoginRequest:

public class LoginRequest
{
    [Required]
    public string Username { get; set; }
    [Required]
    public string Password { get; set; }
}

And my controller:

[HttpPost]
public async Task<IActionResult> CreateCredentialsAsync([FromBody] LoginRequest request)
{
    // Do Stuff
}

But if a user provides an integer instead of a string (or really any type mismatch) for the username/password I want to serve a custom exception.

For example imagine the client calls my server with the following JSON body:

POST {ip}/api/login
content-type: application/json
{
    "username": 123,
    "password": "password"
}

now from an IAsyncActionFilter I can read the ModelState and see it is invalid, but I don't see a way to differentiate error causes and throw different exceptions.

What I would like to do is throw a CustomBadRequestException(errorCode: 3, message: "Really, you think that should be a number and not a string") , but if they fail to provide the username at all I want to throw DifferentCustomBadRequestException(errorCode: 2, message: "Nice try hacker")

Do I need a custom model binder in order to do this (or even extend an existing model binder), or do I need some sort of deserialization setting and/or converter that can provide more specific exceptions based on what went wrong, or both?

Bonus question: Is it possible to collect all the errors in the model state before the action filter is called (this sound like it would absolutely require a custom model binder but I figured I would ask)?

Answer 1

I'm not sure I'm fully across your problem statement, but assuming you want more control over model deserialisation, some tweaks can be made to MVC json serialiser options:

public void ConfigureServices(IServiceCollection services)
        {
            services.AddMvc(o => { })
                .AddJsonOptions(s =>
                {
                    s.SerializerSettings.Converters.Add(new Converter()); // one way to gain more control will be to use custom converter for your type, see implementation down below
                    //if you are after something a bit more simple, setting behaviours and handling general error events might work too
                    s.SerializerSettings.MissingMemberHandling = MissingMemberHandling.Error; // you probably want that so your missing 
                    s.SerializerSettings.Error = delegate(object sender, ErrorEventArgs args)
                    {
                        // throw your custom exceptions here
                        var message = args.ErrorContext.Error.Message;
                        args.ErrorContext.Handled = false;
                    };
                });
        }

implementing Converter is fairly easy:

    class Converter : JsonConverter<LoginRequest>
    {
        public override bool CanWrite => false;

        public override void WriteJson(JsonWriter writer, LoginRequest value, JsonSerializer serializer)
        {
            throw new NotImplementedException();
        }

        public override LoginRequest ReadJson(JsonReader reader, Type objectType, LoginRequest existingValue, bool hasExistingValue, JsonSerializer serializer)
        {
            // your logic here
        }
    }

---

UPD after getting a better view of your specific requirement re handling primitive types it seems trying to fiddle with MVC serialiser gets a bit too cumbersome. Reason being, the level of control you're after (especially checking primitive types ) seems to be available on JsonTextReader level, but it seems overriding that would mean reimplementing a significant chunk of library code:

services.AddMvc(o =>
            {
                o.InputFormatters.RemoveType<JsonInputFormatter>();
                o.InputFormatters.Add(new MyJsonInputFormatter(logger, serializerSettings, charPool, objectPoolProvider));// there are quite a few parameters that you need to source from somewhere before instantiating your formatter. 
            })
....
class MyJsonInputFormatter: JsonInputFormatter {
    public override async Task<InputFormatterResult> ReadRequestBodyAsync(
      InputFormatterContext context,
      Encoding encoding)
    {
        ...your whole implementation here...
    }
}

Therefore I think the most viable approach would be injecting custom middleware before MVC and doing something along the lines of schema validation for your raw json. Since MVC will need to re-read your json again (for model binding etc), you would want to check out my other answer that caters for request steam rewinding.