/// <summary>
/// Handles the unauthorized action.
/// </summary>
/// <param name="filterContext">The filter context.</param>
/// <param name="baseException">The base exception.</param>
protected virtual void HandleUnauthorizedAction(ActionExecutingContext filterContext, BaseException baseException)
{
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
ApiHandlerBase <HttpRequestBase, HttpResponseBase> .PackageResponse(new HttpBaseApiContextContainer(filterContext.HttpContext.Request, filterContext.HttpContext.Response), null, null, ex : baseException, settings : settings);
filterContext.Result = null;
}
else
{
filterContext.Result = new RedirectToRouteResult(routeValues: getUnauthenticationRedirection.Invoke(baseException?.ToExceptionInfo()));
}
}
/// <summary>
/// APIs the proxy.
/// </summary>
/// <param name="method">The method.</param>
/// <param name="url">The URL.</param>
/// <param name="cookieTokenKey">The cookie token key.</param>
/// <returns>System.Object.</returns>
public object ApiProxy(string method, string url, string cookieTokenKey = null)
{
if (!string.IsNullOrWhiteSpace(url))
{
var headers = this.Request.Headers;
if (!string.IsNullOrWhiteSpace(cookieTokenKey))
{
headers.Add(cookieTokenKey, this.Request.Cookies.Get(cookieTokenKey)?.Value);
}
var context = (RestApiRouter.FirstInstance as RestApiRouter <HttpRequestBase, HttpResponseBase>)?.ProcessRequestToRuntimeContext(method.SafeToString(HttpConstants.HttpMethod.Get), new Uri(this.Request.Url.GetPrimaryUri() + url.TrimStart(new char[] { '/', ' ' })), headers, true);
if (context != null)
{
string jsonBody;
return(ApiHandlerBase.InternalInvoke(context.ApiInstance, context.ApiMethod, Request.InputStream.ReadStreamToBytes(), this.Request.Url, context.EntityKey, out jsonBody));
}
}
return(null);
}
/// <summary>
/// Packages the response.
/// </summary>
/// <param name="controller">The controller.</param>
/// <param name="data">The data.</param>
/// <param name="ex">The ex.</param>
public static void PackageResponse(this Controller controller, object data, BaseException ex = null)
{
ApiHandlerBase <HttpRequestBase, HttpResponseBase> .PackageResponse(
new HttpBaseApiContextContainer(controller.Request, controller.Response), data, null, ex);
}
private ApiHandlerOutput Process(ApiInputHandler input)
{
string typeName = Business.Resource.GetType(input.Resource);
if (string.IsNullOrWhiteSpace(typeName))
{
throw new ApiNotFoundException(input.Resource);
}
bool canAccess = Business.Authorization.CanAccess(input.Resource, Context.Current.User);
if (!canAccess)
{
logger.Warn($"Access denied for resource {input.Resource}");
throw new SecurityException(Messages.AccessDenied);
}
if (Business.Authorization.RequireToken(input.Resource))
{
string token = input.Context.Request.Headers["ZestyApiToken"];
if (string.IsNullOrWhiteSpace(token))
{
token = input.Context.Request.Query["t"];
}
if (!Business.Authorization.IsValid(Context.Current.User.Id, input.Context.Session.Id, token))
{
logger.Warn($"Invalid token for resource {input.Resource}");
throw new SecurityException(Messages.TokenMissing);
}
}
ApiCacheItem cacheItem = ApiCache.Get(input);
if (cacheItem != null)
{
logger.Info($"Output found in cache for request {input.Resource}");
return(cacheItem.Output);
}
else
{
ApiHandlerBase handler = InstanceHelper.Create <ApiHandlerBase>(typeName);
ApiHandlerOutput output = handler.Process(input);
if (output.CachePolicy == ApiCachePolicy.Enable)
{
cacheItem = new ApiCacheItem
{
Created = DateTime.Now,
Output = output,
Payload = input.Body,
Resource = input.Resource
};
ApiCache.Store(cacheItem);
logger.Info($"Output stored in cache for request {input.Resource}");
}
if (output.ResourceHistoryOutput != null && output.ResourceHistoryOutput.ResourceHistoryPolicy == ApiResourceHistoryPolicy.Save)
{
Business.History.Save(output.ResourceHistoryOutput.Item);
}
return(output);
}
}
/// <summary>
/// Packages the response.
/// </summary>
/// <param name="response">The response.</param>
/// <param name="data">The data.</param>
/// <param name="ex">The ex.</param>
protected void PackageResponse(HttpResponseBase response, object data, BaseException ex = null)
{
ApiHandlerBase <HttpRequestBase, HttpResponseBase> .PackageResponse(new HttpBaseApiContextContainer(null, response), data, null, ex, settings : setting);
}
