public ActionResult Index(String apikey, string wt = "")
{
Guid apikeyGuid;
try
{
apikeyGuid = new Guid(apikey);
}
catch (ArgumentNullException) { return(InvalidApikeyArg(apikey)); }
catch (FormatException) { return(InvalidApikeyArg(apikey)); }
catch (OverflowException) { return(InvalidApikeyArg(apikey)); }
APIToken token = null;
APIToken widgetToken = null;
Core.DataLayer.Models.Customer customer = null;
if (!string.IsNullOrWhiteSpace(wt))
{
widgetToken = APIToken.ParseToken(wt);
}
using (var context = ContextFactory.APIContext)
{
var k = context.APIKeys.Where(i => i.KeyValue == apikeyGuid && i.IsActive).FirstOrDefault();
if (k == null)
{
Response.StatusCode = 401;
return(Content("The product key (\"apikey\") is invalid. Please see https://www.sizeup.com/developers/documentation for help.", "text/plain"));
// It would be nice to do this instead, but first we need to plug in a page somewhere to
// render the reason. Else you get an opaque HTTP 500 error.
// throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized) {
// ReasonPhrase = "Product key not recognized."
// });
}
token = APIToken.Create(k.Id);
using (var sizeupContext = ContextFactory.SizeUpContext) {
try
{
customer = SizeUp.Core.DataLayer.Customer.GetCustomerByKey(context, sizeupContext, apikeyGuid);
}
catch (System.Data.ObjectNotFoundException exc)
{
// This is actually an error, but the error is a real possibility and I don't
// want it to abort the function. An entire API refactor is planned, which will
// eventually remove the possibility of failure here.
// TODO: if we get a logging framework, log the error.
}
}
}
ViewBag.Customer = customer;
ViewBag.Token = token.GetToken();
ViewBag.SessionId = APISession.Current.SessionId;
ViewBag.InstanceId = RandomString.Get(25);
ViewBag.WidgetToken = widgetToken != null?widgetToken.GetToken() : "";
return(View());
}
public ActionResult Index()
{
using (var context = ContextFactory.SizeUpContext)
{
var token = APIToken.Create(APIContext.Current.ApiToken.APIKeyId);
var data = token.GetToken();
return(Json(data, JsonRequestBehavior.AllowGet));
}
}
protected void CreateToken(Guid key)
{
using (var context = ContextFactory.APIContext)
{
if (!context.APIKeyRoleMappings.Any(i => i.APIKey.KeyValue == key && i.Role.Name.ToLower() == "widget"))
{
throw new HttpException(403, "Not authorized to use the widget");
}
var api = context.APIKeys.Where(i => i.KeyValue == key && i.IsActive).FirstOrDefault();
if (api != null)
{
ViewBag.APIName = api.Name;
var token = APIToken.Create(api.Id);
ViewBag.Token = token.GetToken();
}
else
{
throw new HttpException(403, "Invalid API Key");
}
}
}
