I have ASP.Net web api2 odata service running as a separate project in our application server. Initially to consume this in our web server application we have used Breeze.js with angular and later we get the limitation that the service URL cannot be exposed through browser (even not declare as a javascript variable in breeze).
Conceptually we are advised to go with another approach that we have to create another api in the web server, the breeze will use this URL (not exposing the actual app server api) but the web server api should route the actual odata service in the app server
Asp.Net Web api 2 odata services
API services (calling this service routes the app server which running as a separate service)
And the App server api is designed to consume in breeze that is added breeze attributes.
any help would be more appriciated
I have Come up with the solution to setup proxy API handler in the web server level that exposed as a service in the breeze and the service call, post and get will be managed with this proxy web api.
here is the sample
in the web server API, the following code has been added in APP_start/WebApiConfig.cs
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.MapHttpAttributeRoutes();
//The fist value "*" needs to change with the actual redirection Uri
var cors = new EnableCorsAttribute("*", "*", "*", "DataServiceVersion, MaxDataServiceVersion");
config.EnableCors(cors);
config.Routes.MapHttpRoute(name: "Proxy", routeTemplate: "{*path}",
handler: HttpClientFactory.CreatePipeline(innerHandler: new HttpClientHandler(),
handlers: new DelegatingHandler[] { new ProxyHandler() }), defaults: new { path = RouteParameter.Optional },
constraints: null);
}
}
public class ProxyHandler : DelegatingHandler
{
protected override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
var pathandquery = request.RequestUri.PathAndQuery;
// APPserver webapi URL
var uri = "http:localhost/api/";
request.RequestUri = uri;
if (request.Method == HttpMethod.Get)
{
request.Content = null;
return base.SendAsync(request, cancellationToken)
.ContinueWith<HttpResponseMessage>(t =>
{
var response = t.Result;
response.Headers.Add("Access-Control-Allow-Origin", "*");
return response;
});
}
else
{
if (request.Method == HttpMethod.Post)
{
return base.SendAsync(request, cancellationToken)
.ContinueWith<HttpResponseMessage>(t =>
{
var response = t.Result;
response.Headers.Add("Access-Control-Allow-Origin", "*");
response.Headers.Add("Access-Control-Allow-Credentials", "true");
response.Headers.Add("Access-Control-Allow-Methods", "POST");
return response;
});
}
if (request.Method == HttpMethod.Put)
{
return base.SendAsync(request, cancellationToken)
.ContinueWith<HttpResponseMessage>(t =>
{
var response = t.Result;
response.Headers.Add("Access-Control-Allow-Origin", "*");
response.Headers.Add("Access-Control-Allow-Credentials", "true");
response.Headers.Add("Access-Control-Allow-Methods", "PUT");
return response;
});
}
}
return base.SendAsync(request, cancellationToken);
}
}
Exposing this web server API will bring the entire breeze controller metadata without exposing the appserver URL