public void Json_preferred_and_in_produces()
{
var result = ContentNegotiation.NegotiateAcceptHeader(ApplicationJson, DefaultProduces, logger: null);
result.Success.Should().BeTrue();
result.ContentType.ToString().Should().Be(ApplicationJson);
}
/// <summary>
/// Redirects or responds to an unauthorized request.
/// </summary>
/// <remarks>Uses the Actions passed to the <see cref="RouteProtector"/> to execute this logic in a framework-agnostic way.</remarks>
/// <param name="acceptHeader">The HTTP <c>Accept</c> header of this request.</param>
/// <param name="requestPath">The OWIN request path of this request.</param>
public void OnUnauthorized(string acceptHeader, string requestPath)
{
_deleteCookie(_configuration.Web.AccessTokenCookie);
_deleteCookie(_configuration.Web.RefreshTokenCookie);
var contentNegotiationResult = ContentNegotiation.NegotiateAcceptHeader(acceptHeader, _configuration.Web.Produces, _logger);
bool isHtmlRequest = contentNegotiationResult.Success && contentNegotiationResult.ContentType == ContentType.Html;
if (isHtmlRequest)
{
var redirectTokenBuilder = new StateTokenBuilder(_client, _configuration.Client.ApiKey)
{
Path = requestPath
};
var loginUri = $"{_configuration.Web.Login.Uri}?{StringConstants.StateTokenName}={redirectTokenBuilder}";
_setStatusCode(302);
_redirect(loginUri);
}
else
{
_setStatusCode(401);
_setHeader("WWW-Authenticate", $"Bearer realm=\"{_configuration.Application.Name}\"");
}
}
public void StarStar_header_serves_first_produces()
{
var result = ContentNegotiation.NegotiateAcceptHeader(null, DefaultProduces, logger: null);
result.Success.Should().BeTrue();
result.ContentType.ToString().Should().Be(DefaultProduces.First());
}
public void Html_preferred_but_not_in_produces()
{
var producesOnlyJson = new string[] { ApplicationJson };
var result = ContentNegotiation.NegotiateAcceptHeader("text/html", producesOnlyJson, logger: null);
result.Success.Should().BeFalse();
}
public void Complex_scenario_1_is_html()
{
var headerValue = "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8";
var result = ContentNegotiation.NegotiateAcceptHeader(headerValue, DefaultProduces, logger: null);
result.Success.Should().BeTrue();
result.ContentType.ToString().Should().Be(TextHtml);
}
public void Json_preferred_but_not_in_produces()
{
var producesOnlyHtml = new string[] { TextHtml };
var result = ContentNegotiation.NegotiateAcceptHeader(ApplicationJson, producesOnlyHtml, logger: null);
result.Success.Should().BeFalse();
}
public void Html_preferred_with_higher_quality_factor()
{
var headerValue = "application/json; q=0.8, text/html;q=0.9";
var result = ContentNegotiation.NegotiateAcceptHeader(headerValue, DefaultProduces, logger: null);
result.Success.Should().BeTrue();
result.ContentType.ToString().Should().Be(TextHtml);
}
public void Json_preferred_with_implicit_quality_factor()
{
var headerValue = "text/html; q=0.8, application/json";
var result = ContentNegotiation.NegotiateAcceptHeader(headerValue, DefaultProduces, logger: null);
result.Success.Should().BeTrue();
result.ContentType.ToString().Should().Be(ApplicationJson);
}
public async Task <bool> InvokeAsync(IOwinEnvironment owinContext)
{
if (!_initialized)
{
throw new InvalidOperationException("Route has not been initialized.");
}
var acceptHeader = owinContext.Request.Headers.GetString("Accept");
var contentNegotiationResult = ContentNegotiation.NegotiateAcceptHeader(acceptHeader, _configuration.Web.Produces, _logger);
if (!contentNegotiationResult.Success)
{
_logger.Trace($"Content negotiation failed for request {owinContext.Request.Path}. Skipping", nameof(InvokeAsync));
return(false);
}
try
{
return(await HandleRequestAsync(owinContext, _client, contentNegotiationResult, owinContext.CancellationToken));
}
catch (ResourceException rex)
{
if (contentNegotiationResult.ContentType == ContentType.Json)
{
// Sanitize Stormpath API errors
await Error.CreateFromApiError(owinContext, rex, owinContext.CancellationToken);
return(true);
}
else
{
// todo handle framework errors
_logger.Error(rex, source: nameof(InvokeAsync));
throw;
}
}
catch (Exception ex)
{
if (contentNegotiationResult.ContentType == ContentType.Json)
{
// Sanitize framework-level errors
await Error.Create(owinContext, 400, ex.Message, owinContext.CancellationToken);
return(true);
}
else
{
// todo handle framework errors
_logger.Error(ex, source: nameof(InvokeAsync));
throw;
}
}
}
public void Unsupported_header_fails()
{
var result = ContentNegotiation.NegotiateAcceptHeader("foo/bar", DefaultProduces, logger: null);
result.Success.Should().BeFalse();
}