I’ve put up on GitHub a sample WCF error handler for REST services, which returns proper HTTP status codes in response to service errors.
The code is very simple – a ServiceBehavior implementation which can be specified in config to tag the RestErrorHandler to a service. Any uncaught exceptions will be routed to the error handler, which sets the HTTP status code and description in the response, based on the type of exception.
The sample defines a ClientException which can be thrown in code to indicate a problem with the client’s request, and the response will be a status 400 with a friendly error message:
throw new ClientException(“Invalid userId. Must be provided as a positive integer”);
– responds:
|
Request URL |
|
http://localhost/Sixeyed.WcfRestErrorHandler.Sample/ErrorProneService.svc/lastLogin?userId=xyz |
|
Error |
|
Status Code: 400, Description: Invalid userId. Must be provided as a positive integer |
Any other uncaught exceptions are hidden from the client. The full details are logged with a GUID to identify the error, and the response to the client is a status 500 with a generic message giving them the GUID to follow up on:
var iUserId = 0;
var dbz = 1 / iUserId;
– logs the divide-by-zero error and responds:
|
Request URL |
|
http://localhost/Sixeyed.WcfRestErrorHandler.Sample/ErrorProneService.svc/dbz |
|
|
|
Error |
|
Status Code: 500, Description: Something has gone wrong. Please contact our support team with helpdesk ID: C9C5A968-4AEA-48C7-B90A-DEC986F80DA5 |
The sample demonstrates two techniques for building the response. For client exceptions, a friendly HTML response is sent in the body as well as the status code and description. Personally I prefer not to do that – it doesn’t make sense to get a 400 error and find text/html when you’re expecting application/json, but it’s easy to do if that’s the functionality you want. The other option is to send an empty response, which the sample does with server exceptions.
The obvious extension is to have multiple exceptions representing all the status codes you want to provide, then your code is as simple as throwing the relevant exception – UnauthorizedException, ForbiddenExeption, NotImplementedException etc – anywhere in the stack, and it will be handled nicely.