private void GatherLogInformation(bool updateSessionFromCookie, AppInfo appInfo, out HeContext context, out int espaceId, out int tenantId, out string sessionId, out int userId)
{
context = null;
sessionId = null;
espaceId = 0;
tenantId = 0;
userId = 0;
if (appInfo != null)
{
if (updateSessionFromCookie)
{
try {
// Update login information if necessary
var loginInfo = new MobileLoginInfoEndpoint(appInfo, appInfo.GetMobileLoginConfigurations()).ReadLoginInfoFromRequest();
loginInfo.Validate();
userId = loginInfo.UserId;
tenantId = loginInfo.TenantId;
} catch {
}
}
try {
espaceId = appInfo.eSpaceId;
context = appInfo.OsContext;
} catch { }
if (context != null)
{
try { sessionId = context.Session.SessionID; } catch { }
}
}
}
private MobileLoginInfoEndpoint ValidateRequestLogin(AppInfo appInfo, HeContext context, bool ignoreCSRFToken)
{
MobileLoginInfoEndpoint loginEndpoint = new MobileLoginInfoEndpoint(appInfo, appInfo.GetMobileLoginConfigurations());
try {
var login = loginEndpoint.ReadLoginInfoFromRequest();
login.Validate(ignoreCSRFToken);
loginEndpoint.Login(login, context.Session);
} catch (InvalidLoginException ex) {
throw new ExposeRestException("Invalid Login", HttpStatusCode.Forbidden, ex);
}
return(loginEndpoint);
}
/// <summary>
/// Gets User information of the authenticated user for a Mobile Application
/// This method is designed for interoperability scenarios where you need to embed a Responsive screen in your mobile application
/// </summary>
/// <param name="userId">Returns the user identifier, or NullIdentifier() (userId = 0) if user is not logged in</param>
/// <param name="isPersistent">True if the login is persistent</param>
public static void GetMobileAppLoginInfo(out int userId, out bool isPersistent)
{
var appInfo = AppInfo.GetAppInfo();
var loginEndpoint = new MobileLoginInfoEndpoint(appInfo, appInfo.GetMobileLoginConfigurations());
var loginInfo = loginEndpoint.ReadLoginInfoFromRequest();
loginInfo.Validate();
loginInfo.Refresh();
userId = loginInfo.UserId;
isPersistent = loginInfo.IsPersistent;
}
protected IHttpActionResult endpoint(string input, string endpointName, string apiVersion, EndpointImplementationDelegate implementation)
{
AppInfo appInfo = null;
HeContext heContext = null;
MobileLoginInfoEndpoint loginEndpoint = null;
Payload.ResponseVersionInfo responseVersionInfo = null;
try {
appInfo = AppInfo.GetAppInfo();
heContext = appInfo.OsContext;
if (appInfo == null || !appInfo.IsApplicationEnabled)
{
return(GetScreenServiceResult(HttpStatusCode.ServiceUnavailable, GetExceptionPayload(new ApplicationBackendUnavailableException("Application Backend Unavailable"))));
}
ValidateRequestSecurity();
heContext.Session.EnableNewRuntimeSessionStorage();
loginEndpoint = ValidateRequestLogin(appInfo, heContext);
Payload.RequestPayload requestPayload;
try {
requestPayload = JsonConvert.DeserializeObject <Payload.RequestPayload>(input, BehaviorsConfiguration.SerializerSettings);
} catch (Exception ex) {
throw GetBadRequestException("Failed to parse JSON request content.", ex);
}
if (requestPayload.VersionInfo == null)
{
throw GetBadRequestException("Missing Version Info in the request content.");
}
responseVersionInfo = new Payload.ResponseVersionInfo(requestPayload.VersionInfo, RunningInfo.ESpaceVersionToken, apiVersion);
if (responseVersionInfo.HasApiVersionChanged)
{
return(GetScreenServiceResult(new Payload.EmptyDataPayload(), responseVersionInfo, loginEndpoint, heContext));
}
else
{
SetCurrentStateFromHeaders();
object dataResponsePayload = implementation(heContext, requestPayload.ViewName, requestPayload.ScreenData, requestPayload.InputParameters);
return(GetScreenServiceResult(dataResponsePayload, responseVersionInfo, loginEndpoint, heContext));
}
} catch (Exception ex) {
DatabaseAccess.FreeupResources(false);
var licensingException = ex as LicensingException;
if (licensingException != null)
{
// Already logged
return(GetScreenServiceResult(HttpStatusCode.ServiceUnavailable, GetExceptionPayload(new ApplicationBackendUnavailableException("Application Backend Unavailable"))));
}
HttpStatusCode statusCode = HttpStatusCode.OK;
var exposeRestException = ex as ExposeRestException;
if (exposeRestException != null)
{
statusCode = exposeRestException.StatusCode;
}
// Currently for security reasons we log it here and don't let the handler in client side decide. This can generate many "non-errors" to be logged if exceptions are used for flow control
string errorLogId = ErrorLog.LogApplicationError(ex, heContext, "");
var loggingContext = LoggingHelper.GetLoggingContext();
if (loggingContext != null)
{
loggingContext.ErrorLogId = errorLogId;
}
return(GetScreenServiceResult(statusCode, new Payload.EmptyDataPayload(), responseVersionInfo, GetExceptionPayload(ex), loginEndpoint, heContext));
}
}
// TODO JMR Remove this method and merge it with the above overload when the Obsolete overload is removed
private IHttpActionResult GetScreenServiceResult(HttpStatusCode status, object dataPayload, Payload.ResponseVersionInfo versionInfo, Payload.ExceptionPayload exception, MobileLoginInfoEndpoint loginEndpoint, LoginInfo loginInfo, Func <string> rolesInfo)
{
var responseMessage = new HttpResponseMessage(status);
string rolesInfoserialized = null;
if (loginEndpoint != null && loginInfo != null)
{
if (rolesInfo != null)
{
rolesInfoserialized = loginInfo.UpdateRolesHashAndCalculateRolesInfo(rolesInfo());
}
loginEndpoint.WriteLoginInfoToResponse(loginInfo);
}
responseMessage.Content = new ObjectContent(typeof(Payload.ResponsePayload),
new Payload.ResponsePayload(versionInfo, dataPayload, exception, rolesInfoserialized), JsonMediaTypeFormater);
RestServiceHttpUtils.AddNoCacheHeaders(responseMessage);
if (DebuggerHelper.IsRunning)
{
if (DebuggerHelper.StopImmediately)
{
RestServiceHttpUtils.AddCustomHeader(responseMessage, StopImmediatelyHeaderName, DebuggerHelper.StopImmediately.ToString());
}
else if (DebuggerHelper.RunToBreakpoint != null)
{
RestServiceHttpUtils.AddCustomHeader(responseMessage, RunToBreakpointHeaderName, DebuggerHelper.RunToBreakpoint.ToString(true));
}
}
return(ResponseMessage(responseMessage));
}
protected IHttpActionResult GetScreenServiceResult(HttpStatusCode status, object dataPayload, Payload.ResponseVersionInfo versionInfo, Payload.ExceptionPayload exception, MobileLoginInfoEndpoint loginEndpoint, HeContext context)
{
var hasNewRuntimeSession = context != null && context.Session != null && context.Session.HasNewRuntimeSessionStorage;
return(GetScreenServiceResult(status, dataPayload, versionInfo, exception, loginEndpoint, hasNewRuntimeSession ? context.Session.NewRuntimeLoginInfo : null, hasNewRuntimeSession ? context.Session.GetRolesInfo() : null));
}
protected IHttpActionResult GetScreenServiceResult(object dataPayload, Payload.ResponseVersionInfo versionInfo, MobileLoginInfoEndpoint loginEndpoint, HeContext context)
{
return(GetScreenServiceResult(HttpStatusCode.OK, dataPayload, versionInfo, /*exception*/ null, loginEndpoint, context));
}
protected IHttpActionResult GetScreenServiceResult(object dataPayload, Payload.ResponseVersionInfo versionInfo, MobileLoginInfoEndpoint loginEndpoint, LoginInfo loginInfo, Func <string> rolesInfo)
{
return(GetScreenServiceResult(HttpStatusCode.OK, dataPayload, versionInfo, /*exception*/ null, loginEndpoint, loginInfo, rolesInfo));
}