faysilalshareef/interceptors
skills/microservice/grpc/interceptors/SKILL.md
Use when adding gRPC interceptors for exception mapping, culture switching, or claims extraction.
$ install --global
skillsauthnpx skillsauth add faysilalshareef/dotnet-ai-kit interceptorsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 1, 2026, 3:08 AM147.7s1 file scanned
SKILL.md
- name:
- interceptors
- description:
- Use when adding gRPC interceptors for exception mapping, culture switching, or claims extraction.
- category:
- microservice/grpc
- agent:
- command-architect
- when_to_use:
- When creating or modifying gRPC interceptors for exception mapping, culture, or claims
Interceptors — Cross-Cutting gRPC Concerns
Core Principles
- Interceptors handle cross-cutting concerns for gRPC calls
ApplicationExceptionInterceptormaps domain exceptions toRpcExceptionwith ProblemDetailsThreadCultureInterceptorreads language header and sets thread culture- Access claims extracted from
access-claims-binmetadata header - Registration order matters: culture before exception interceptor
- Both server and client interceptors are supported
Key Patterns
Application Exception Interceptor (Server)
namespace {Company}.{Domain}.Grpc.Interceptors;
public sealed class ApplicationExceptionInterceptor(
ILogger<ApplicationExceptionInterceptor> logger) : Interceptor
{
public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(
TRequest request,
ServerCallContext context,
UnaryServerMethod<TRequest, TResponse> continuation)
{
try
{
return await continuation(request, context);
}
catch (DomainException ex) when (ex is IProblemDetailsProvider provider)
{
logger.LogWarning(ex, "Domain exception: {Message}", ex.Message);
var problemDetails = provider.ToProblemDetails();
var metadata = new Metadata
{
{ "problem-details-bin",
Encoding.UTF8.GetBytes(
JsonConvert.SerializeObject(problemDetails)) }
};
throw new RpcException(
new Status(MapStatusCode(ex), ex.Message), metadata);
}
catch (Exception ex)
{
logger.LogError(ex, "Unhandled exception in gRPC handler");
throw new RpcException(
new Status(StatusCode.Internal, "Internal server error"));
}
}
private static StatusCode MapStatusCode(DomainException ex) => ex switch
{
NotFoundException => StatusCode.NotFound,
ConflictException => StatusCode.AlreadyExists,
ValidationException => StatusCode.InvalidArgument,
UnauthorizedException => StatusCode.PermissionDenied,
_ => StatusCode.Internal
};
}
Thread Culture Interceptor (Server)
namespace {Company}.{Domain}.Grpc.Interceptors;
public sealed class ThreadCultureInterceptor : Interceptor
{
public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(
TRequest request,
ServerCallContext context,
UnaryServerMethod<TRequest, TResponse> continuation)
{
var languageHeader = context.RequestHeaders
.FirstOrDefault(h => h.Key == "language")?.Value;
if (!string.IsNullOrEmpty(languageHeader))
{
var culture = new CultureInfo(languageHeader);
Thread.CurrentThread.CurrentCulture = culture;
Thread.CurrentThread.CurrentUICulture = culture;
}
return await continuation(request, context);
}
}
Access Claims Interceptor (Server)
namespace {Company}.{Domain}.Grpc.Interceptors;
public sealed class AccessClaimsInterceptor : Interceptor
{
public override async Task<TResponse> UnaryServerHandler<TRequest, TResponse>(
TRequest request,
ServerCallContext context,
UnaryServerMethod<TRequest, TResponse> continuation)
{
var claimsEntry = context.RequestHeaders
.FirstOrDefault(h => h.Key == "access-claims-bin");
if (claimsEntry is not null)
{
var claimsJson = Encoding.UTF8.GetString(claimsEntry.ValueBytes);
var claims = JsonConvert.DeserializeObject<AccessClaims>(claimsJson);
context.UserState["AccessClaims"] = claims;
}
return await continuation(request, context);
}
}
Client Interceptor (For Outgoing Calls)
namespace {Company}.{Domain}.Grpc.Interceptors;
public sealed class LanguageClientInterceptor : Interceptor
{
public override AsyncUnaryCall<TResponse> AsyncUnaryCall<TRequest, TResponse>(
TRequest request,
ClientInterceptorContext<TRequest, TResponse> context,
AsyncUnaryCallContinuation<TRequest, TResponse> continuation)
{
var headers = context.Options.Headers ?? new Metadata();
headers.Add("language", CultureInfo.CurrentCulture.Name);
var newContext = new ClientInterceptorContext<TRequest, TResponse>(
context.Method, context.Host,
context.Options.WithHeaders(headers));
return continuation(request, newContext);
}
}
Registration
builder.Services.AddGrpc(options =>
{
// Order matters: first registered = first executed
options.Interceptors.Add<ThreadCultureInterceptor>();
options.Interceptors.Add<AccessClaimsInterceptor>();
options.Interceptors.Add<ApplicationExceptionInterceptor>();
});
Anti-Patterns
| Anti-Pattern | Correct Approach | |---|---| | Exception handling in every service method | Use exception interceptor | | Culture setting in every handler | Use culture interceptor | | Wrong interceptor order | Culture before exception interceptor | | Exposing stack traces to clients | Log internally, return clean error to client |
Detect Existing Patterns
# Find interceptors
grep -r ": Interceptor" --include="*.cs" src/
# Find interceptor registration
grep -r "Interceptors.Add" --include="*.cs" src/
# Find ProblemDetails in gRPC context
grep -r "problem-details-bin" --include="*.cs" src/
Adding to Existing Project
- Check existing interceptor chain — maintain registration order
- Match exception mapping to existing domain exception hierarchy
- Follow ProblemDetails format for error metadata
- Add client interceptors when calling other services (language propagation)
- Test interceptor behavior with unit tests
Related Knowledge
- knowledge/grpc-patterns.md — cross-cutting gRPC patterns (streaming, deadlines, error mapping)
Related Skills
faysilalshareef/verification-gate
data-ai
VerifiedTrustedCommunity
Use when about to claim work is complete, fixed, passing, or ready — before committing, creating PRs, or moving to the next task. Requires running verification commands and confirming output before making any success claims.
2SKILL.mdUpdated Jun 1, 2026
faysilalshareef/systematic-debugging
development
VerifiedTrustedCommunity
Use when encountering any bug, test failure, build error, or unexpected behavior — before proposing fixes or making changes.
2SKILL.mdUpdated Jun 1, 2026
faysilalshareef/session-management
development
VerifiedTrustedCommunity
Use when checkpointing, wrapping up, or handing off an AI-assisted development session.
2SKILL.mdUpdated Jun 1, 2026
faysilalshareef/sdd-lifecycle
development
VerifiedTrustedCommunity
Use when following the Specification-Driven Development lifecycle from plan through ship.
2SKILL.mdUpdated Jun 1, 2026