public void GetCorsPolicyAsync_NoMatchingPaths_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = CorsPolicy.AllowAll;
var subject = new CorsPolicyProvider(policy, new string[] { "/bar", "/baz", "/quux" });
var cp = subject.GetCorsPolicyAsync(Request(origin, "/bad")).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_CallbackAllowOriginButNoOriginRequested_DoesNotAllowOrigin()
{
var policy = new CorsPolicy();
policy.PolicyCallback = o => Task.FromResult(true);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request()).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_OriginIsInAllowedOrigins_AllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.AllowedOrigins.Add(origin);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(origin)).Result;
AssertAllowed(origin, cp);
}
public void GetCorsPolicyAsync_MatchingPath_AllowsOrigin()
{
var origin = "http://foo.com";
var path = "/bar";
var policy = CorsPolicy.AllowAll;
var subject = new CorsPolicyProvider(policy, new string[] { path });
var cp = subject.GetCorsPolicyAsync(Request(origin, path)).Result;
AssertAllowed(origin, cp);
}
public void GetCorsPolicyAsync_CallbackDoesNotAllowOrigin_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.PolicyCallback = o => Task.FromResult(false);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(origin)).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_NoOriginRequested_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.AllowedOrigins.Add(origin);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request()).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_NoMatchingPath_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var path = "/bar";
var policy = Core.Configuration.CorsPolicy.AllowAll;
var subject = new CorsPolicyProvider(policy, new string[] { path });
var cp = subject.GetCorsPolicyAsync(Request(origin, "/baz")).Result;
cp.Should().BeNull();
}
public void GetCorsPolicyAsync_CallbackAllowOrigin_AllowOrigin()
{
var origin = "http://foo.com";
var policy = new Core.Configuration.CorsPolicy();
policy.PolicyCallback = o => Task.FromResult(true);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(origin)).Result;
AssertAllowed(origin, cp);
}
public void GetCorsPolicyAsync_NoOriginRequested_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = new Core.Configuration.CorsPolicy();
policy.AllowedOrigins.Add(origin);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request()).Result;
cp.Should().BeNull();
}
public void Init()
{
_options = new IdentityServerOptions();
_options.Cors.CorsPaths.Clear();
foreach (var path in _allowedPaths)
{
_options.Cors.CorsPaths.Add(new PathString(path));
}
_subject = new CorsPolicyProvider(
TestLogger.Create <CorsPolicyProvider>(),
new Decorator <ICorsPolicyProvider>(_mockInner),
_options,
_mockPolicy);
}
public static ICorsPolicyProvider AsOwinPolicyProvider(this CorsConfiguration corsConfiguration)
{
var attribute = new CorsPolicyProvider
{
PolicyResolver = context => Task.FromResult(
CreatePolicy(
corsConfiguration.Origin, string.Join(",", corsConfiguration.Methods ?? new List <string>()),
string.Join(",", corsConfiguration.Headers ?? new List <string>()),
string.Join(",", corsConfiguration.ExposedHeaders ?? new List <string>())
)
)
};
return(attribute);
}
public static void Register(HttpConfiguration config)
{
var corsPolicyProvider = new CorsPolicyProvider();
config.EnableCors(corsPolicyProvider);
config.SuppressDefaultHostAuthentication();
config.Filters.Add(new HostAuthenticationFilter(OAuthDefaults.AuthenticationType));
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
}
internal void Init()
{
_options = new IdentityServerOptions();
_options.Cors.CorsPaths.Clear();
foreach (var path in _allowedPaths)
{
_options.Cors.CorsPaths.Add(new PathString(path));
}
var svcs = new ServiceCollection();
svcs.AddSingleton <ICorsPolicyService>(_mockPolicy);
var provider = svcs.BuildServiceProvider();
_subject = new CorsPolicyProvider(
TestLogger.Create <CorsPolicyProvider>(),
new Decorator <ICorsPolicyProvider>(_mockInner),
_options, provider);
}
internal void Init()
{
_options = new IdentityServerOptions();
_options.Cors.CorsPaths.Clear();
foreach (var path in _allowedPaths)
{
_options.Cors.CorsPaths.Add(new PathString(path));
}
var ctx = new DefaultHttpContext();
var svcs = new ServiceCollection();
svcs.AddSingleton <ICorsPolicyService>(_mockPolicy);
ctx.RequestServices = svcs.BuildServiceProvider();
var ctxAccessor = new HttpContextAccessor();
ctxAccessor.HttpContext = ctx;
_subject = new CorsPolicyProvider(
TestLogger.Create <CorsPolicyProvider>(),
new Decorator <ICorsPolicyProvider>(_mockInner),
_options,
ctxAccessor);
}
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=316888
var resolver = new DefaultInlineConstraintResolver();
resolver.ConstraintMap.Add("pizza-name", typeof(PizzaNameConstraint));
var config = new HttpConfiguration();
config.MapHttpAttributeRoutes(resolver);
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
config.Services.Replace(typeof(IExceptionLogger), new ElmahExceptionLogger());
var provider = new SimpleModelBinderProvider(typeof(Filter), new FilterBinder());
config.Services.Insert(typeof(ModelBinderProvider), 0, provider);
var kernel = new StandardKernel();
var path = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
var logger = new LoggerConfiguration()
.WriteTo.Debug()
.WriteTo.Console()
.WriteTo.File(Path.Combine(path, "log.txt"))
.Enrich.WithHttpRequestType()
.Enrich.WithWebApiControllerName()
.Enrich.WithWebApiActionName()
#if QA || DEBUG
.MinimumLevel.Verbose()
#elif RELEASE
.MinimumLevel.Warning()
#endif
.CreateLogger();
config.EnsureInitialized();
kernel.Bind <ILogger>().ToConstant(logger);
kernel.Load(new LogicDIModule());
FluentValidationModelValidatorProvider.Configure(config, opt =>
{
opt.ValidatorFactory = new CustomValidatorFactory(kernel);
});
var provide = new CorsPolicyProvider();
provide.PolicyResolver = ctx => Task.FromResult(new System.Web.Cors.CorsPolicy {
AllowAnyHeader = true, AllowAnyMethod = true, AllowAnyOrigin = true
});
app.UseCors(new CorsOptions {
PolicyProvider = provide
});
app.MapSignalR(new HubConfiguration {
EnableDetailedErrors = true
});
app.UseStaticFiles();
app.UseSwagger(typeof(Startup).Assembly).UseSwaggerUi3(settings => settings.ServerUrl = "http://demovm:50698");
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions
{
ClientId = "273410476984-el7qkveap4ss84963sbl5gr4qpkb6445.apps.googleusercontent.com",
ClientSecret = "MJM3XIpsQHPhAEHi-nL9dBvs",
AuthenticationType = "MyGoogle"
});
AddPizzaSecurity(app, kernel);
app.UseNinjectMiddleware(() => kernel).UseNinjectWebApi(config);
}
public void Configuration(IAppBuilder app)
{
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=316888
var config = new HttpConfiguration();
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
config.Services.Replace(typeof(IExceptionLogger), new ElmahExceptionLogger());
//если ошибка loop newtonsoft -помогает узнать какой ответ пришел и какую переменную смотреть
//config.Formatters.JsonFormatter.SerializerSettings.ReferenceLoopHandling = Newtonsoft.Json.ReferenceLoopHandling.Ignore;
var kernel = new StandardKernel();
var path = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
var logger = new LoggerConfiguration()
.WriteTo.Debug()
.WriteTo.Console()
.WriteTo.File(Path.Combine(path, "log.txt"))
.Enrich.WithHttpRequestType()
.Enrich.WithWebApiControllerName()
.Enrich.WithWebApiActionName() // закончили настройку
.MinimumLevel.Verbose()
.CreateLogger(); // создать логер
kernel.Bind <ILogger>().ToConstant(logger);
kernel.Load(new LogicDIModule());
FluentValidationModelValidatorProvider.Configure(config, opt =>
{
opt.ValidatorFactory = new CustomValidatorFactory(kernel);
});
var provide = new CorsPolicyProvider();
provide.PolicyResolver = ctx => Task.FromResult(new System.Web.Cors.CorsPolicy {
AllowAnyHeader = true, AllowAnyMethod = true, AllowAnyOrigin = true
});
app.UseCors(new Microsoft.Owin.Cors.CorsOptions {
PolicyProvider = provide
});
app.UseStaticFiles();
app.UseSwagger(typeof(Startup).Assembly).UseSwaggerUi3(settings => settings.ServerUrl = "http://localhost:50698");
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions
{
ClientId = "740546789549-8v4dr8v2jibtj963r7po5icmkr6up4ja.apps.googleusercontent.com",
ClientSecret = "Ysrz4Odz15usgJVKPzX5BRTR",
AuthenticationType = "MyGoogle"
});
app.Map("/login/google", b => b.Use <GoogleAuthMiddleware>());
LoadIdentityServer(app, kernel);
// AddHangmanSecurity(app, kernel);
//app.MapSignalR(//path:"/signalr" , по умолчанию заданный путь
// configuration: new HubConfiguration {
// EnableDetailedErrors = true,
// EnableJSONP = true
//});
app.UseNinjectMiddleware(() => kernel).UseNinjectWebApi(config);
}
