public IActionResult DeletePathway( [FromHeader(Name = "Access-Token")] string accessToken, string id) { string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString(); _logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/delete/{{id}} )"); _storage.IpWatchList[clientIpAddress].MethodCallTally++; switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty)) { case Security.AccessLevel.None: case Security.AccessLevel.User: _storage.IpWatchList[clientIpAddress].FailedAttempts++; _logger.LogInformation($"{clientIpAddress}: invalid access token value"); return(Unauthorized()); } if (!_security.IsValidId(id)) { _logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}."); return(BadRequest(ErrorResponseManifest.Get(1))); } if (!_storage.PathwayList.ContainsKey(id)) { _logger.LogInformation($"{clientIpAddress}: pathway {id} found."); return(NoContent()); } _storage.PathwayList.Remove(id); return(Ok(ErrorResponseManifest.Get(0))); }
public IActionResult CreatePathway([FromHeader(Name = "Access-Token")] string accessToken, [FromBody] CreatePathwayRequest pathwayReq) { string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString(); _logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/create )"); _storage.IpWatchList[clientIpAddress].MethodCallTally++; switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty)) { case Security.AccessLevel.None: case Security.AccessLevel.User: _storage.IpWatchList[clientIpAddress].FailedAttempts++; _logger.LogInformation($"{clientIpAddress}: invalid access token"); return(Unauthorized()); } if (!_security.IsValidId(pathwayReq.Id)) { _logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {pathwayReq.Id}."); return(BadRequest(ErrorResponseManifest.Get(1))); } if (_storage.PathwayList.ContainsKey(pathwayReq.Id)) { _logger.LogInformation($"{clientIpAddress}: pathway {pathwayReq.Id} already exists."); return(StatusCode(409, ErrorResponseManifest.Get(2))); } if (_storage.PathwayList.Count >= _settings.Value.PathwayMaximumPayloads) { _logger.LogInformation($"{clientIpAddress}: pathway {pathwayReq.Id} at maximum payloads."); return(StatusCode(429, ErrorResponseManifest.Get(3))); } _storage.PathwayList.Add(pathwayReq.Id, new StorageModels.Pathway { Id = pathwayReq.Id, ReadToken = pathwayReq.ReadToken, WriteToken = pathwayReq.WriteToken, MaxPayloadsCount = pathwayReq.MaxPayloadsCount, MaxTotalPayloadsSize = pathwayReq.MaxTotalPayloadsSize, MaxReferencesCount = pathwayReq.MaxReferencesCount, MaxTotalReferencesSize = pathwayReq.MaxTotalReferencesSize }); return(Ok()); }
/// <summary> /// The work to do. /// </summary> /// <param name="httpContext">the http information</param> /// <param name="storage">the storage for the serer operation</param> /// <returns></returns> public Task Invoke(HttpContext httpContext, IStorage storage) { lock (LockPoint) { string ipAddress = httpContext.Connection.RemoteIpAddress.ToString(); if (!storage.IpWatchList.ContainsKey(ipAddress)) { storage.IpWatchList.Add(ipAddress, new IpWatch() { IpAddress = ipAddress, IsWhitelisted = false, LatestAttempt = DateTime.Now }); } var ipEntry = storage.IpWatchList[ipAddress]; if (ipEntry.FailedAttempts >= 3 && DateTime.Now.Subtract(ipEntry.LatestAttempt).TotalMinutes < 1) { httpContext.Response.StatusCode = 451; var buff = System.Text.Encoding.UTF8.GetBytes(Serializer <ErrorResponse> .ToJson(ErrorResponseManifest.Get(-1))); httpContext.Response.Body.Write(buff, 0, buff.Length); ipEntry.LatestAttempt = DateTime.Now; return(Task.CompletedTask); } else { if (ipEntry.FailedAttempts >= 3) { ipEntry.FailedAttempts--; } ipEntry.LatestAttempt = DateTime.Now; return(_next(httpContext)); } } }
public IActionResult WithdrawPathwayPayload( [FromHeader(Name = "Access-Token")] string accessToken, [FromHeader(Name = "Pathway-Token")] string pathwayToken, string id) { string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString(); _logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/withdraw/{{id}} )"); _storage.IpWatchList[clientIpAddress].MethodCallTally++; switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty)) { case Security.AccessLevel.None: _storage.IpWatchList[clientIpAddress].FailedAttempts++; _logger.LogInformation($"{clientIpAddress}: invalid access token value"); return(Unauthorized()); } if (!_security.IsValidId(id)) { _logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}."); return(BadRequest(ErrorResponseManifest.Get(1))); } if (!_storage.PathwayList.ContainsKey(id)) { _logger.LogInformation($"{clientIpAddress}: pathway {id} not found."); return(NotFound()); } switch (ValidatePathwayToken(id, pathwayToken)) { case PathwayAccessLevel.None: _logger.LogInformation($"{clientIpAddress}: pathway {id} withdrawal denied: no access."); return(StatusCode(405, ErrorResponseManifest.Get(8))); case PathwayAccessLevel.Write: _logger.LogInformation($"{clientIpAddress}: pathway {id} withdrawal denied: write access supplied."); return(StatusCode(405, ErrorResponseManifest.Get(9))); } var pathway = _storage.PathwayList[id]; if (pathway.Payloads.Count == 0) { _logger.LogInformation($"{clientIpAddress}: pathway {id} has no payloads."); return(NoContent()); } Payload thisPayload = null; int retries = 3; while (retries >= 0) { if (_storage.PathwayList[id].Payloads.TryDequeue(out thisPayload)) { break; } retries--; } if (retries == -1) { _logger.LogError($"{clientIpAddress}: pathway {id} not able to retrieve payload within three tries."); return(StatusCode(429, ErrorResponseManifest.Get(10))); } Response.ContentType = thisPayload.ContentType; this.HttpContext.Response.Headers["Content-Transfer-Encoding"] = thisPayload.ContentTransferEncoding; return(Ok(thisPayload.Content)); }
public IActionResult DepositPathwayPayload( [FromHeader(Name = "Access-Token")] string accessToken, [FromHeader(Name = "Pathway-Token")] string pathwayToken, string id, [FromBody] string payload) { string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString(); _logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/deposit/{{id}} )"); _storage.IpWatchList[clientIpAddress].MethodCallTally++; switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty)) { case Security.AccessLevel.None: _storage.IpWatchList[clientIpAddress].FailedAttempts++; _logger.LogInformation($"{clientIpAddress}: invalid access token value"); return(Unauthorized()); } if (!_security.IsValidId(id)) { _logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}."); return(BadRequest(ErrorResponseManifest.Get(1))); } if (!_storage.PathwayList.ContainsKey(id)) { _logger.LogInformation($"{clientIpAddress}: pathway {id} not found."); return(NoContent()); } var pathway = _storage.PathwayList[id]; pathway.PayloadWriteCount++; pathway.PayloadWriteFailCount++; switch (ValidatePathwayToken(id, pathwayToken)) { case PathwayAccessLevel.None: _logger.LogInformation($"{clientIpAddress}: pathway {id} deposit denied: no access."); return(StatusCode(405, ErrorResponseManifest.Get(8))); case PathwayAccessLevel.Read: _logger.LogInformation($"{clientIpAddress}: pathway {id} deposit denied: read access supplied."); return(StatusCode(405, ErrorResponseManifest.Get(9))); } if (pathway.PayloadsCount >= pathway.MaxPayloadsCount) { _logger.LogInformation($"{clientIpAddress}: pathway deposit would exceed pathway maximum payload count."); return(StatusCode(429, ErrorResponseManifest.Get(4))); } var newPayload = new Payload { Content = payload }; if (this.HttpContext.Request.Headers.ContainsKey("Content-Type")) { newPayload.ContentType = this.HttpContext.Request.Headers["Content-Type"]; } if (this.HttpContext.Request.Headers.ContainsKey("Content-Transfer-Encoding")) { newPayload.ContentTransferEncoding = this.HttpContext.Request.Headers["Content-Transfer-Encoding"]; } pathway.Payloads.Enqueue(newPayload); pathway.PayloadsSize += newPayload.Content.Length; pathway.PayloadWriteFailCount--; return(Ok(ErrorResponseManifest.Get(0))); }