Ejemplo n.º 1
0
        //public static Response AsError(this IResponseFormatter formatter, IViewFactory factory, Exception exception, string title = null)
        //{
        //    var model = new ErrorResponseModel() {Description = exception.Message, Title = title};
        //    return AsError(formatter, factory, model);
        //}

        //public static Response AsError(this IResponseFormatter formatter, IViewFactory factory, ErrorResponseModel responseModel)
        //{
        //    var viewContext = new ViewLocationContext { Context = formatter.Context };
        //    var response = factory.RenderView("error_page", responseModel, viewContext);
        //    response.StatusCode = HttpStatusCode.InternalServerError;
        //    return response;
        //}

        public static Response AsRedirectLocalized(this IResponseFormatter formatter, string location, RedirectResponse.RedirectType type = RedirectResponse.RedirectType.SeeOther)
        {
            var currentCulture = formatter.Context.Culture;

            if (string.IsNullOrWhiteSpace(location) || currentCulture == null)
            {
                return(formatter.AsRedirect(location, type));
            }

            if (currentCulture.Name.StartsWith("en") || currentCulture.Name.Equals("en"))
            {
                return(formatter.AsRedirect(location, type));
            }

            string currName = currentCulture.Name.Length > 2 ? currentCulture.Name.Substring(0, 2) : currentCulture.Name;

            if (location.StartsWith("/"))
            {
                var localizedPath = string.Concat("/", currName, location);
                return(formatter.AsRedirect(localizedPath, type));
            }

            if (location.StartsWith("~/"))
            {
                var localizedPath = string.Concat("~/", currName, location.Substring(1));
                return(formatter.AsRedirect(localizedPath, type));
            }

            return(formatter.AsRedirect(location, type));
        }
Ejemplo n.º 2
0
        public static Response GetIcon(string key, IResponseFormatter response)
        {
            var image = ComicBook.PublisherIcons.GetImage(key);

            if (image == null)
            {
                return(response.AsRedirect("/original/Views/spacer.png"));
            }
            return(response.FromStream(GetBytesFromImage(image), MimeTypes.GetMimeType(".jpg")));
        }
Ejemplo n.º 3
0
        public async Task <Response> ExecuteAsync(NancyContext context, IResponseFormatter response)
        {
            if (ConfigurationStore.GetIsEnabled() == false)
            {
                log.Warn($"{ConfigurationStore.ConfigurationSettingsName} user authentication API was called while the provider was disabled.");
                return(ResponseCreator.BadRequest(new string[] { "This authentication provider is disabled." }));
            }

            if (context.Request.Url.SiteBase.StartsWith("https://", StringComparison.OrdinalIgnoreCase) == false)
            {
                log.Warn($"{ConfigurationStore.ConfigurationSettingsName} user authentication API was called without using https.");
            }

            var postLoginRedirectTo = context.Request.Query["redirectTo"];
            var state = "~/app";

            if (string.IsNullOrWhiteSpace(postLoginRedirectTo) == false)
            {
                state = postLoginRedirectTo;
            }
            var nonce = Nonce.Generate();

            try
            {
                var issuer       = ConfigurationStore.GetIssuer();
                var issuerConfig = await identityProviderConfigDiscoverer.GetConfigurationAsync(issuer);

                var url = urlBuilder.Build(context.Request.Url.SiteBase, issuerConfig, nonce, state);

                return(response.AsRedirect(url)
                       .WithCookie(new NancyCookie("s", State.Protect(state), true, false, DateTime.UtcNow.AddMinutes(20)))
                       .WithCookie(new NancyCookie("n", Nonce.Protect(nonce), true, false, DateTime.UtcNow.AddMinutes(20))));
            }
            catch (Exception ex)
            {
                log.Error(ex);
                return(response.AsRedirect($"{state}?error=Login failed. Please see the Octopus Server logs for more details."));
            }
        }
Ejemplo n.º 4
0
        public async Task <Response> ExecuteAsync(NancyContext context, IResponseFormatter response)
        {
            if (ConfigurationStore.GetIsEnabled() == false)
            {
                log.Warn($"{ConfigurationStore.ConfigurationSettingsName} user authentication API was called while the provider was disabled.");
                return(ResponseCreator.BadRequest(new string[] { "This authentication provider is disabled." }));
            }

            var model = modelBinder.Bind <LoginRedirectLinkRequestModel>(context);

            var state = model.RedirectAfterLoginTo;

            if (string.IsNullOrWhiteSpace(state))
            {
                state = "/";
            }

            var whitelist = webPortalConfigurationStore.GetTrustedRedirectUrls();

            if (!Requests.IsLocalUrl(state, whitelist))
            {
                log.WarnFormat("Prevented potential Open Redirection attack on an authentication request, to the non-local url {0}", state);
                return(ResponseCreator.BadRequest("Request not allowed, due to potential Open Redirection attack"));
            }

            var nonce = Nonce.GenerateUrlSafeNonce();

            try
            {
                var issuer       = ConfigurationStore.GetIssuer();
                var issuerConfig = await identityProviderConfigDiscoverer.GetConfigurationAsync(issuer);

                var url = urlBuilder.Build(model.ApiAbsUrl, issuerConfig, nonce, state);

                return(ResponseCreator.AsOctopusJson(response, new LoginRedirectLinkResponseModel {
                    ExternalAuthenticationUrl = url
                })
                       .WithCookie(new NancyCookie("s", State.Protect(state), true, false, DateTime.UtcNow.AddMinutes(20)))
                       .WithCookie(new NancyCookie("n", Nonce.Protect(nonce), true, false, DateTime.UtcNow.AddMinutes(20))));
            }
            catch (Exception ex)
            {
                log.Error(ex);
                return(response.AsRedirect($"{state}?error=Login failed. Please see the Octopus Server logs for more details."));
            }
        }
Ejemplo n.º 5
0
 public static Response ThenRedirectTo(this IResponseFormatter response, string viewName)
 {
     return(response.AsRedirect(viewName));
 }
Ejemplo n.º 6
0
 public static Response AsErrorResponse(this IResponseFormatter source, ErrorResponse error, string redirectUri)
 {
     return(source.AsRedirect(string.Concat(redirectUri, error.AsQueryString())));
 }
Ejemplo n.º 7
0
        public CommandRequestHandler <T> OnSuccessCreated(Func <T, string> func)
        {
            _responseFunc = x => _responseFormatter.AsRedirect(func(_command)).WithStatusCode(201).WithResourceIdHeader(_resourceId);

            return(this);
        }
Ejemplo n.º 8
0
 public static Response WithLocation(this IResponseFormatter response, string path,
                                     HttpStatusCode statusCode = HttpStatusCode.Created)
 {
     return(response.AsRedirect(path).WithStatusCode(statusCode));
 }
Ejemplo n.º 9
0
 public static Response GetIcon(string key, IResponseFormatter response)
 {
     var image = ComicBook.PublisherIcons.GetImage(key);
     if (image == null)
     {
         return response.AsRedirect("/original/Views/spacer.png");
     }
     return response.FromStream(GetBytesFromImage(image), MimeTypes.GetMimeType(".jpg"));
 }
Ejemplo n.º 10
0
 public static Response AsErrorResponse(this IResponseFormatter source, ErrorResponse error, string redirectUri = null)
 {
     return(string.IsNullOrEmpty(redirectUri)
         ? source.AsJson(error, HttpStatusCode.BadRequest)
         : source.AsRedirect(string.Concat(redirectUri, error.AsQueryString())));
 }
Ejemplo n.º 11
0
 Response RedirectResponse(IResponseFormatter response, string uri)
 {
     return(response.AsRedirect(uri)
            .WithCookie(new NancyCookie("s", Guid.NewGuid().ToString(), true, false, DateTime.MinValue))
            .WithCookie(new NancyCookie("n", Guid.NewGuid().ToString(), true, false, DateTime.MinValue)));
 }
Ejemplo n.º 12
0
 public static Response GetPageImage(Guid id, int page, IResponseFormatter response)
 {
     var bytes = GetPageImageBytes(id, page);
     if (bytes == null)
     {
         return response.AsRedirect("/Comics/Images/spacer.png");
     }
     return response.FromStream(new MemoryStream(bytes), MimeTypes.GetMimeType(".jpg"));
 }