Ejemplo n.º 1
0
        /**
         * Generate a remote content request based on the parameters
         * sent from the client.
         * @throws GadgetException
         */
        private sRequest buildHttpRequest(HttpRequestWrapper request)
        {
            Uri url = ValidateUrl(request.getParameter(URL_PARAM));

            sRequest req = new sRequest(url)
                           .setMethod(GetParameter(request, METHOD_PARAM, "GET"))
                           .setPostBody(request.getRequest().ContentEncoding.GetBytes(GetParameter(request, POST_DATA_PARAM, "")))
                           .setContainer(getContainer(request));

            String headerData = GetParameter(request, HEADERS_PARAM, "");

            if (headerData.Length > 0)
            {
                String[] headerList = headerData.Split('&');
                foreach (String header in headerList)
                {
                    String[] parts = header.Split('=');
                    if (parts.Length != 2)
                    {
                        throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR,
                                                  "Malformed header specified,");
                    }
                    req.addHeader(HttpUtility.UrlDecode(parts[0]), HttpUtility.UrlDecode(parts[1]));
                }
            }

            //removeUnsafeHeaders(req);

            req.setIgnoreCache("1".Equals(request.getParameter(NOCACHE_PARAM)));

            if (request.getParameter(GADGET_PARAM) != null)
            {
                req.Gadget = Uri.parse(request.getParameter(GADGET_PARAM));
            }

            // Allow the rewriter to use an externally forced mime type. This is needed
            // allows proper rewriting of <script src="x"/> where x is returned with
            // a content type like text/html which unfortunately happens all too often
            req.setRewriteMimeType(request.getParameter(REWRITE_MIME_TYPE_PARAM));

            // Figure out whether authentication is required
            AuthType auth = AuthType.Parse(GetParameter(request, AUTHZ_PARAM, null));

            req.AuthType = auth;
            if (auth != AuthType.NONE)
            {
                req.setSecurityToken(extractAndValidateToken(request.getContext()));
                req.setOAuthArguments(new OAuthArguments(auth, request.getRequest()));
            }
            return(req);
        }
Ejemplo n.º 2
0
        private sRequest createHttpRequest(sRequest basereq, List <OAuth.Parameter> oauthParams)
        {
            AccessorInfo.OAuthParamLocation?paramLocation = accessorInfo.getParamLocation();

            // paramLocation could be overriden by a run-time parameter to fetchRequest

            sRequest result = new sRequest(basereq);

            // If someone specifies that OAuth parameters go in the body, but then sends a request for
            // data using GET, we've got a choice.  We can throw some type of error, since a GET request
            // can't have a body, or we can stick the parameters somewhere else, like, say, the header.
            // We opt to put them in the header, since that stands some chance of working with some
            // OAuth service providers.
            if (paramLocation == AccessorInfo.OAuthParamLocation.POST_BODY &&
                !result.getMethod().Equals("POST"))
            {
                paramLocation = AccessorInfo.OAuthParamLocation.AUTH_HEADER;
            }

            switch (paramLocation)
            {
            case AccessorInfo.OAuthParamLocation.AUTH_HEADER:
                result.addHeader("Authorization", getAuthorizationHeader(oauthParams));
                break;

            case AccessorInfo.OAuthParamLocation.POST_BODY:
                if (!OAuth.isFormEncoded(result.ContentType))
                {
                    throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
                                                               "OAuth param location can only be post_body if post body is of " +
                                                               "type x-www-form-urlencoded");
                }
                String oauthData = OAuth.formEncode(oauthParams);
                if (result.getPostBodyLength() == 0)
                {
                    result.setPostBody(Encoding.UTF8.GetBytes(oauthData));
                }
                else
                {
                    result.setPostBody(Encoding.UTF8.GetBytes(result.getPostBodyAsString() + '&' + oauthData));
                }
                break;

            case AccessorInfo.OAuthParamLocation.URI_QUERY:
                result.setUri(Uri.parse(OAuth.addParameters(result.getUri().ToString(), oauthParams)));
                break;
            }
            return(result);
        }