protected HttpServer(IRavenHttpConfiguration configuration, IResourceStore resourceStore)
{
DefaultResourceStore = resourceStore;
DefaultConfiguration = configuration;
configuration.Container.SatisfyImportsOnce(this);
foreach (var responder in RequestResponders)
{
responder.Value.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
}
switch (configuration.AuthenticationMode.ToLowerInvariant())
{
case "windows":
requestAuthorizer = new WindowsRequestAuthorizer();
break;
case "oauth":
requestAuthorizer = new OAuthRequestAuthorizer();
break;
default:
throw new InvalidOperationException(
string.Format("Unknown AuthenticationMode {0}. Options are Windows and OAuth", configuration.AuthenticationMode));
}
requestAuthorizer.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
}
public HttpServer(InMemoryRavenConfiguration configuration, DocumentDatabase resourceStore)
{
RegisterHttpEndpointTarget();
DefaultResourceStore = resourceStore;
DefaultConfiguration = configuration;
configuration.Container.SatisfyImportsOnce(this);
foreach (var responder in RequestResponders)
{
responder.Value.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
}
switch (configuration.AuthenticationMode.ToLowerInvariant())
{
case "windows":
requestAuthorizer = new WindowsRequestAuthorizer();
break;
case "oauth":
requestAuthorizer = new OAuthRequestAuthorizer();
break;
default:
throw new InvalidOperationException(
string.Format("Unknown AuthenticationMode {0}. Options are Windows and OAuth", configuration.AuthenticationMode));
}
requestAuthorizer.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
RemoveTenantDatabase.Occured.Subscribe(TenantDatabaseRemoved);
}
public HttpServer(InMemoryRavenConfiguration configuration, DocumentDatabase resourceStore)
{
HttpEndpointRegistration.RegisterHttpEndpointTarget();
SystemDatabase = resourceStore;
SystemConfiguration = configuration;
int val;
if (int.TryParse(configuration.Settings["Raven/Tenants/MaxIdleTimeForTenantDatabase"], out val) == false)
{
val = 900;
}
maxTimeDatabaseCanBeIdle = TimeSpan.FromSeconds(val);
if (int.TryParse(configuration.Settings["Raven/Tenants/FrequnecyToCheckForIdleDatabases"], out val) == false)
{
val = 60;
}
frequnecyToCheckForIdleDatabases = TimeSpan.FromSeconds(val);
configuration.Container.SatisfyImportsOnce(this);
InitializeRequestResponders(SystemDatabase);
requestAuthorizer = new MixedModeRequestAuthorizer();
requestAuthorizer.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
}
public void Configure(HttpListener listener, InMemoryRavenConfiguration config)
{
if (string.Equals(config.AuthenticationMode, "Windows", StringComparison.InvariantCultureIgnoreCase) == false)
{
return;
}
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication |
AuthenticationSchemes.Anonymous;
switch (config.AnonymousUserAccessMode)
{
case AnonymousUserAccessMode.None:
listener.AuthenticationSchemeSelectorDelegate = request =>
{
if (NeverSecret.Urls.Contains(request.Url.AbsolutePath, StringComparer.InvariantCultureIgnoreCase))
{
return(AuthenticationSchemes.Anonymous);
}
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
};
break;
case AnonymousUserAccessMode.All:
listener.AuthenticationSchemeSelectorDelegate = request =>
{
if (IsAdminRequest.IsMatch(request.RawUrl))
{
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
}
return(AuthenticationSchemes.Anonymous);
};
break;
case AnonymousUserAccessMode.Get:
listener.AuthenticationSchemeSelectorDelegate = request =>
{
if (NeverSecret.Urls.Contains(request.Url.AbsolutePath, StringComparer.InvariantCultureIgnoreCase))
{
return(AuthenticationSchemes.Anonymous);
}
return(AbstractRequestAuthorizer.IsGetRequest(request.HttpMethod, request.Url.AbsolutePath) ?
AuthenticationSchemes.Anonymous | AuthenticationSchemes.IntegratedWindowsAuthentication :
AuthenticationSchemes.IntegratedWindowsAuthentication);
};
break;
default:
throw new ArgumentException(string.Format("Cannot understand access mode: '{0}'", config.AnonymousUserAccessMode));
}
}
private AuthenticationSchemes AuthenticationSchemeSelectorDelegate(HttpListenerRequest request)
{
var authHeader = request.Headers["Authorization"];
var hasApiKey = "True".Equals(request.Headers["Has-Api-Key"], StringComparison.CurrentCultureIgnoreCase);
var hasSingleUseToken = string.IsNullOrEmpty(request.Headers["Single-Use-Auth-Token"]) == false ||
string.IsNullOrEmpty(request.QueryString["singleUseAuthToken"]) == false;
var hasOAuthTokenInCookie = request.Cookies["OAuth-Token"] != null;
if (hasApiKey || hasOAuthTokenInCookie || hasSingleUseToken ||
string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
// this is an OAuth request that has a token
// we allow this to go through and we will authenticate that on the OAuth Request Authorizer
return(AuthenticationSchemes.Anonymous);
}
if (NeverSecret.IsNeverSecretUrl(request.Url.AbsolutePath))
{
return(AuthenticationSchemes.Anonymous);
}
//CORS pre-flight.
if (configuration.AccessControlAllowOrigin.Count > 0 && request.HttpMethod == "OPTIONS")
{
return(AuthenticationSchemes.Anonymous);
}
if (IsAdminRequest.IsMatch(request.RawUrl) &&
configuration.AnonymousUserAccessMode != AnonymousUserAccessMode.Admin)
{
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
}
switch (configuration.AnonymousUserAccessMode)
{
case AnonymousUserAccessMode.Admin:
case AnonymousUserAccessMode.All:
return(AuthenticationSchemes.Anonymous);
case AnonymousUserAccessMode.Get:
return(AbstractRequestAuthorizer.IsGetRequest(request) ?
AuthenticationSchemes.Anonymous | AuthenticationSchemes.IntegratedWindowsAuthentication :
AuthenticationSchemes.IntegratedWindowsAuthentication);
case AnonymousUserAccessMode.None:
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
default:
throw new ArgumentException(string.Format("Cannot understand access mode: '{0}'", configuration.AnonymousUserAccessMode));
}
}
public HttpServer(InMemoryRavenConfiguration configuration, DocumentDatabase resourceStore)
{
HttpEndpointRegistration.RegisterHttpEndpointTarget();
DefaultResourceStore = resourceStore;
DefaultConfiguration = configuration;
int val;
if (int.TryParse(configuration.Settings["Raven/Tenants/MaxIdleTimeForTenantDatabase"], out val) == false)
{
val = 900;
}
maxTimeDatabaseCanBeIdle = TimeSpan.FromSeconds(val);
if (int.TryParse(configuration.Settings["Raven/Tenants/FrequnecyToCheckForIdleDatabases"], out val) == false)
{
val = 60;
}
frequnecyToCheckForIdleDatabases = TimeSpan.FromSeconds(val);
configuration.Container.SatisfyImportsOnce(this);
foreach (var responder in RequestResponders)
{
responder.Value.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
}
switch (configuration.AuthenticationMode.ToLowerInvariant())
{
case "windows":
requestAuthorizer = new WindowsRequestAuthorizer();
break;
case "oauth":
requestAuthorizer = new OAuthRequestAuthorizer();
break;
case "noauth":
requestAuthorizer = new NoAuthRequestAuthorizer();
break;
default:
throw new InvalidOperationException(
string.Format("Unknown AuthenticationMode {0}. Options are Windows, OAuth, and NoAuth", configuration.AuthenticationMode));
}
requestAuthorizer.Initialize(() => currentDatabase.Value, () => currentConfiguration.Value, () => currentTenantId.Value, this);
RemoveTenantDatabase.Occured.Subscribe(TenantDatabaseRemoved);
}
public void Configure(HttpListener listener, IRavenHttpConfiguration config)
{
if (string.Equals(config.AuthenticationMode, "Windows", StringComparison.InvariantCultureIgnoreCase) == false)
{
return;
}
switch (config.AnonymousUserAccessMode)
{
case AnonymousUserAccessMode.None:
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;
break;
case AnonymousUserAccessMode.All:
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication |
AuthenticationSchemes.Anonymous;
listener.AuthenticationSchemeSelectorDelegate = request =>
{
if (request.RawUrl.StartsWith("/admin", StringComparison.InvariantCultureIgnoreCase))
{
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
}
return(AuthenticationSchemes.Anonymous);
};
break;
case AnonymousUserAccessMode.Get:
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication |
AuthenticationSchemes.Anonymous;
listener.AuthenticationSchemeSelectorDelegate = request =>
{
return(AbstractRequestAuthorizer.IsGetRequest(request.HttpMethod, request.Url.AbsolutePath) ?
AuthenticationSchemes.Anonymous | AuthenticationSchemes.IntegratedWindowsAuthentication :
AuthenticationSchemes.IntegratedWindowsAuthentication);
};
break;
default:
throw new ArgumentException("Cannot understand access mode: " + config.AnonymousUserAccessMode);
}
}
private AuthenticationSchemes AuthenticationSchemeSelectorDelegate(HttpListenerRequest request)
{
var authHeader = request.Headers["Authorization"];
if (string.IsNullOrEmpty(authHeader) == false && authHeader.StartsWith("Bearer "))
{
// this is an OAuth request that has a token
// we allow this to go through and we will authenticate that on the OAuth Request Authorizer
return(AuthenticationSchemes.Anonymous);
}
if (NeverSecret.Urls.Contains(request.Url.AbsolutePath))
{
return(AuthenticationSchemes.Anonymous);
}
if (IsAdminRequest.IsMatch(request.RawUrl))
{
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
}
switch (configuration.AnonymousUserAccessMode)
{
case AnonymousUserAccessMode.All:
return(AuthenticationSchemes.Anonymous);
case AnonymousUserAccessMode.Get:
return(AbstractRequestAuthorizer.IsGetRequest(request.HttpMethod, request.Url.AbsolutePath) ?
AuthenticationSchemes.Anonymous | AuthenticationSchemes.IntegratedWindowsAuthentication :
AuthenticationSchemes.IntegratedWindowsAuthentication);
case AnonymousUserAccessMode.None:
return(AuthenticationSchemes.IntegratedWindowsAuthentication);
default:
throw new ArgumentException(string.Format("Cannot understand access mode: '{0}'", configuration.AnonymousUserAccessMode));
}
}
private static bool IsWriteRequest(IHttpContext ctx)
{
return(AbstractRequestAuthorizer.IsGetRequest(ctx.Request.HttpMethod, ctx.Request.Url.AbsoluteUri) ==
false);
}
private static bool IsWriteRequest(HttpRequestMessage request)
{
return(AbstractRequestAuthorizer.IsGetRequest(request.Method.Method, request.RequestUri.AbsoluteUri) == false);
}
