private void AddByAppendType(HttpRequestHeaders headers, string key, string value)
{
switch (_appendHeaderType)
{
case AppendHeaderType.Add:
headers.TryAddWithoutValidation(key, value);
break;
case AppendHeaderType.AddIfNotExist:
if (!headers.Contains(key))
{
headers.TryAddWithoutValidation(key, value);
}
break;
case AppendHeaderType.AddOrReplace:
if (headers.Contains(key))
{
headers.Remove(key);
}
headers.TryAddWithoutValidation(key, value);
break;
default:
break;
}
}
/// <summary>
/// Check if Token is Authenticated With User ID
/// </summary>
/// <returns></returns>
private bool IsTokenAuthenticated()
{
HttpRequestHeaders headers = this.Request.Headers;
string _headerToken = string.Empty;
if (headers.Contains("header_token"))
{
_headerToken = headers.GetValues("header_token").First();
}
if (headers.Contains("user_id"))
{
_userId = Convert.ToInt32(headers.GetValues("user_id").First());
}
User_BLL _objUserBll = new User_BLL();
if (_headerToken == string.Empty || _userId == 0)
{
_strJSONContent.Append("{\"status\":\"UnAuthorized\"}");
return(false);
}
else if (!(_objUserBll.IsTokenAuthenticated(_headerToken, _userId)))
{
_strJSONContent.Append("{\"status\":\"UnAuthorized\"}");
return(false);
}
else
{
return(true);
}
}
/// <summary>
/// Verifies the given request parts with the Signature class.
/// </summary>
/// <example>
///
/// </example>
/// <returns>Whether or not the </returns>
/// <param name="request">An Http request that contins the various parts of the signed request.</param>
public async Task <bool> VerifyAsync(HttpRequestMessage request)
{
HttpRequestHeaders headers = request.Headers;
if (!headers.Contains(SIGNATURE_HEADER))
{
throw new InvalidHeadersException($"The header {SIGNATURE_HEADER} is missing");
}
string signatureHeader = headers.GetValues(SIGNATURE_HEADER).First();
Signature signature = new Signature(signatureHeader);
if (!headers.Contains(SIGNED_HEADERS))
{
throw new InvalidHeadersException($"The header {SIGNED_HEADERS} is missing");
}
if (!headers.Contains(DATE_HEADER))
{
throw new InvalidHeadersException($"The header {DATE_HEADER} is missing");
}
if (!this.checker.VerifyDate(headers.GetValues(DATE_HEADER).First()))
{
throw new InvalidHeadersException($"The header {DATE_HEADER} is not within five minutes of the request");
}
return(signature.Validate(this.publicKey, await this.CanonizeAsync(request)));
}
/// <summary>
/// Validating model values for Imagefile
/// </summary>
public static bool ValidateImageHeader(HttpRequestHeaders httprequesHeader, ref string message)
{
try
{
//Check if Thumnail ImageHeight is not passed or empty
if (!httprequesHeader.Contains(Constants.THUMBNAIL_HEIGHT) || string.IsNullOrEmpty(httprequesHeader.GetValues(Constants.THUMBNAIL_HEIGHT).First()))
{
message = $"The given header {Constants.THUMBNAIL_HEIGHT} was not found.";
return(false);
}
//Check if Inline Image Height is not passed or empty
if (!httprequesHeader.Contains(Constants.INLINE_HEIGHT) || string.IsNullOrEmpty(httprequesHeader.GetValues(Constants.INLINE_HEIGHT).First()))
{
message = $"The given header {Constants.INLINE_HEIGHT} was not found.";
return(false);
}
//Check if Thumbnail Image Width is not passed or empty
if (!httprequesHeader.Contains(Constants.THUMBNAIL_WIDTH) || string.IsNullOrEmpty(httprequesHeader.GetValues(Constants.THUMBNAIL_WIDTH).First()))
{
message = $"The given header {Constants.THUMBNAIL_WIDTH} was not found.";
return(false);
}
//Check if Inline Image Width is not passed or empty
if (!httprequesHeader.Contains(Constants.INLINE_WIDTH) || string.IsNullOrEmpty(httprequesHeader.GetValues(Constants.INLINE_WIDTH).First()))
{
message = $"The given header {Constants.INLINE_WIDTH} was not found.";
return(false);
}
return(true);
}
catch
{
return(false);
}
}
public async Task <IHttpActionResult> DeleteIngredient([FromBody] int id)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
if (headers.Contains("id"))
{
id = int.Parse(headers.GetValues("id").First());
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
Ingredient ingredient = await db.Ingredients.FindAsync(id);
if (ingredient == null)
{
return(NotFound());
}
db.Ingredients.Remove(ingredient);
await db.SaveChangesAsync();
return(Ok(ingredient));
}
public static List <string> ReadUserPassHeader(HttpRequestHeaders header)
{
List <string> list = new List <string>();
string userName = string.Empty;
string password = string.Empty;
string userKarbord = string.Empty;
if (header.Contains("userName"))
{
userName = header.GetValues("userName").First();
}
if (header.Contains("password"))
{
password = header.GetValues("password").First();
}
if (header.Contains("userKarbord"))
{
userKarbord = header.GetValues("userKarbord").First();
}
list.Add(userName);
list.Add(password);
list.Add(userKarbord);
return(list);
}
public bool AdminLogged(HttpRequestHeaders header)
{
if (header.Contains("name") && header.Contains("password"))
{
var name = header.GetValues("name").First();
var password = header.GetValues("password").First();
return(adminLogic.Login(name, password));
}
return(false);
}
public void Test1()
{
object responseResult;
IStudentService student = Lark.Core.Lark.Wrap <IStudentService>("http://localhost:6346");
responseResult = student.QueryName(12, "upper", "234");
System.Console.WriteLine(responseResult.ToString());
WrapBase wrap = (WrapBase)student;
HttpRequestHeaders HttpRequestHeaders = wrap.MyHttpRequestMessagea.Headers;
HttpContent httpContent = wrap.MyHttpRequestMessagea.Content;
List <string> values = new List <string>();
IEnumerable <string> valuesEnumrable = null;
//appcode:just one
Assert.IsTrue(HttpRequestHeaders.Contains("appcode") || httpContent.Headers.Contains("appcode"));
bool l = HttpRequestHeaders.TryGetValues("appcode", out valuesEnumrable) ? true : httpContent.Headers.TryGetValues("appcode", out valuesEnumrable);
values = valuesEnumrable.ToList();
values.Sort();
string valuestr = string.Join(",", values);
Assert.IsTrue("appcode111111111111" == valuestr);
//supportversion:3
Assert.IsTrue(HttpRequestHeaders.Contains("supportversion") || httpContent.Headers.Contains("supportversion"));
l = HttpRequestHeaders.TryGetValues("supportversion", out valuesEnumrable) ? true : httpContent.Headers.TryGetValues("supportversion", out valuesEnumrable);
values = valuesEnumrable.ToList();
Assert.IsTrue(l && values.Count == 3);
values.Sort();
valuestr = string.Join(",", values);
Assert.IsTrue("1.0,2.0,3.0" == valuestr);
//case:2
Assert.IsTrue(HttpRequestHeaders.Contains("case") || httpContent.Headers.Contains("case"));
l = HttpRequestHeaders.TryGetValues("case", out valuesEnumrable) ? true : httpContent.Headers.TryGetValues("case", out valuesEnumrable);
values = valuesEnumrable.ToList();
Assert.IsTrue(l && values.Count == 2);
values.Sort();
valuestr = string.Join(",", values);
Assert.IsTrue("lower,upper" == valuestr);
//prefix:1
Assert.IsTrue(HttpRequestHeaders.Contains("prefix") || httpContent.Headers.Contains("prefix"));
l = HttpRequestHeaders.TryGetValues("prefix", out valuesEnumrable) ? true : httpContent.Headers.TryGetValues("prefix", out valuesEnumrable);
values = valuesEnumrable.ToList();
Assert.IsTrue(l && values.Count == 1);
values.Sort();
valuestr = string.Join(",", values);
Assert.IsTrue("234" == valuestr);
}
private static void InjectW3CHeaders(Activity currentActivity, HttpRequestHeaders requestHeaders)
{
if (!requestHeaders.Contains(W3C.W3CConstants.TraceParentHeader))
{
requestHeaders.Add(W3C.W3CConstants.TraceParentHeader, currentActivity.Id);
}
if (!requestHeaders.Contains(W3C.W3CConstants.TraceStateHeader) &&
currentActivity.TraceStateString != null)
{
requestHeaders.Add(W3C.W3CConstants.TraceStateHeader,
currentActivity.TraceStateString);
}
}
public async Task <IHttpActionResult> GetIngredient(int id)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
Ingredient ingredient = await db.Ingredients.FindAsync(id);
if (ingredient == null)
{
return(NotFound());
}
return(Ok(ingredient));
}
/// <summary>
/// Gets from request headers.
/// </summary>
/// <param name="requestHeaders">The request headers.</param>
/// <returns>API Credentials.</returns>
public static ApiCredentials GetFromRequestHeaders(HttpRequestHeaders requestHeaders)
{
// this could/should be another interface for testing purposes
var authenticationHeader = requestHeaders.Authorization;
if (authenticationHeader.Scheme != Configuration.AuthenticationScheme)
{
return(null);
}
if (!requestHeaders.Contains(Configuration.UsernameHeader))
{
return(null);
}
var username = requestHeaders.GetValues(Configuration.UsernameHeader).FirstOrDefault();
if (username == null)
{
return(null);
}
var decodedBytes = Convert.FromBase64String(authenticationHeader.Parameter);
var signature = Encoding.UTF8.GetString(decodedBytes);
return(new ApiCredentials()
{
Signature = signature,
Username = username
});
}
public async Task <IHttpActionResult> PostIngredient([FromBody] Ingredient ingredient)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
db.Ingredients.Add(ingredient);
await db.SaveChangesAsync();
return(CreatedAtRoute("DefaultApi", new { id = ingredient.id }, ingredient));
}
private static PageSize GetPageSize(HttpRequestHeaders headers, PageSize defaultSize, TraceWriter log)
{
var pageSize = defaultSize;
if (headers.Contains("PageSize"))
{
string pageSizeValue = headers.GetValues("PageSize").First().ToUpperInvariant();
log.Info($"PageSize header found with value: {pageSizeValue}");
var field = typeof(PageSize).GetFields(BindingFlags.Public | BindingFlags.Static).FirstOrDefault(f => f.Name.Equals(pageSizeValue));
if (field != null)
{
pageSize = (PageSize)field.GetValue(null);
}
else
{
log.Error($"Unsupported PageSize header value found, using default value");
}
}
else
{
log.Verbose($"PageSize header NOT found using default value");
}
return(pageSize);
}
/// <summary>
/// Retrieves attributes and metadata for an entity with the specified id.
/// </summary>
/// <param name="entityId">The id of the entity to retrieve</param>
/// <returns>An Entity object containing entity-level metadata and a list of attributes</returns>
public async Task <Entity> FindByEntityAsync(string entityId)
{
if (!headers.Contains("X-Decryption-Key"))
{
throw new InvalidOperationException("Cannot access entity data, as decryption key has not been set");
}
List <AttributeValue> data = await Get <List <AttributeValue> >($"entities/{entityId}/attributes");
Entity entity = await Get <Entity>($"entities/{entityId}");
foreach (AttributeValue attr in data)
{
entity.AddAttributeWithoutPendingChange(attr);
}
return(entity);
}
/*------------------------------------------------------------------------------------------------------------------------
* Method for checking if the user is authenticated to control access to WebAPI routes.
* ------------------------------------------------------------------------------------------------------------------------*/
internal static bool checkOnAccess(HttpRequestHeaders header)
{
if (header.Contains("Token"))
{
string token = header.GetValues("Token").First().ToString();
var db = new DBModel();
var query = from u in db.Users
where u.Token == token
select u;
if (query.Any())
{
return(true);
}
else
{
throw new AccessDeniedExc();
};
}
else
{
throw new AccessDeniedExc();
};
}
public async Task <IHttpActionResult> DeleteClientUser([FromBody] int id)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
ClientUser clientUser = await db.ClientUsers.FindAsync(id);
if (clientUser == null)
{
return(NotFound());
}
db.ClientUsers.Remove(clientUser);
await db.SaveChangesAsync();
return(Ok(clientUser));
}
public async Task <IHttpActionResult> PostClientUser([FromBody] ClientUser clientUser)
{
HttpRequestHeaders headers = this.Request.Headers;
string app_key = string.Empty;
if (headers.Contains("app_key"))
{
app_key = headers.GetValues("app_key").First();
}
AuthApp app = await db.AuthApps.Where(a => a.auth_key.Equals(app_key)).FirstAsync();
if (app == null)
{
return(NotFound());
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (ClientUserExists(clientUser.email))
{
return(Ok(db.ClientUsers.Where(c => c.email.Equals(clientUser.email)).First()));
}
db.ClientUsers.Add(clientUser);
await db.SaveChangesAsync();
return(CreatedAtRoute("DefaultApi", new { id = clientUser.id }, clientUser));
}
private static void InjectBackCompatibleRequestId(Activity currentActivity, HttpRequestHeaders requestHeaders)
{
if (!requestHeaders.Contains(RequestResponseHeaders.RequestIdHeader))
{
requestHeaders.Add(RequestResponseHeaders.RequestIdHeader, string.Concat('|', currentActivity.TraceId.ToHexString(), '.', currentActivity.SpanId.ToHexString(), '.'));
}
}
/// <summary>
/// 获取海康加密的headers
/// </summary>
/// <param name="headers"></param>
/// <param name="method"></param>
/// <returns></returns>
private static Dictionary <string, string> GetHikSecurityHeaders(HttpRequestHeaders headers, string method, string url, Dictionary <string, string> formData)
{
method = method.ToUpperInvariant();
Dictionary <string, string> dic = new Dictionary <string, string> {
{ "method", method }
};
if (headers.Contains("accept"))
{
dic.Add("accept", headers.GetValues("accept-header")?.FirstOrDefault()?.Trim() ?? "");
}
if (headers.Any(o => o.Key.ToLower().Equals("content-type")))
{
dic.Add("content-type", headers.GetValues("content-type")?.FirstOrDefault()?.Trim() ?? "");
}
if (headers.Any(o => o.Key.ToLower().Equals("date")))
{
dic.Add("date", headers.GetValues("date")?.FirstOrDefault()?.Trim() ?? "");
}
if (headers.Any(o => o.Key.ToLower().Equals("headers")))
{
dic.Add("headers", headers.GetValues("headers")?.FirstOrDefault()?.Trim() ?? "");
}
dic.Add("url", BuildResource(url, headers, formData));
return(dic);
}
public static bool CheckAuthentication(HttpRequestHeaders headers, IUserService userService, Guid userId)
{
string tokenNumber = string.Empty;
if (headers.Contains("tokenNumber"))
{
tokenNumber = headers.GetValues("tokenNumber").First();
}
else
{
return(false);
}
if (tokenNumber != null && tokenNumber != string.Empty)
{
var addTime = ConfigurationManager.AppSettings["sessionTime"];
var user = userService.GetUser(userId);
if (user != null && user.ExpiryDateTime != null && user.TokenNumber == tokenNumber && user.IsActive == true && user.ExpiryDateTime >= DateTime.Now)
{
// Update ServerNowDateTime............
user.ExpiryDateTime = DateTime.Now.AddMinutes(Convert.ToInt32(addTime));
userService.UpdateUser(user);
return(true);
}
else
{
return(false);
}
}
else
{
return(false);
}
}
public IHttpActionResult Post([FromBody] Score body)
{
try
{
if (body == null || body.Name == null || body.Value < 0)
{
throw new DbEntityValidationException();
}
HttpRequestHeaders headers = Request.Headers;
if (!headers.Contains("AuthToken") || !body.Name.Equals(TokenManager.ValidateToken(headers.GetValues("AuthToken").First())))
{
body.Name = "Anonymous";
}
Score newScore = new Score
{
Name = body.Name,
Value = body.Value,
Date = DateTime.Now
};
db.Scores.Add(newScore);
db.SaveChanges();
} catch (Exception e)
{
System.Diagnostics.Debug.Print(e.StackTrace);
return(BadRequest());
}
return(Ok());
}
private void CopyHeaders(string prefix, IHeaderDictionary sourceHeaders, HttpRequestHeaders destinationHeaders)
{
foreach (var sourceHeader in sourceHeaders)
{
if (ShouldAddHeader(sourceHeader.Key) && !destinationHeaders.Contains(sourceHeader.Key))
{
var sourceHeaderValues = sourceHeader.Value.First().Split(';');
var cookieValues = new List <string>();
foreach (var sourceHeaderValue in sourceHeaderValues)
{
var sourceHeaderValueTrimmed = sourceHeaderValue.Trim();
if (ShouldAddCookie(prefix, sourceHeaderValueTrimmed))
{
var cookieKey = GetCookieKey(prefix, sourceHeaderValueTrimmed);
var cookieValue = GetCookieValue(sourceHeaderValueTrimmed);
cookieValue = Uri.UnescapeDataString(cookieValue);
cookieValue = $"{cookieKey}={cookieValue}";
cookieValues.Add(cookieValue);
}
}
if (cookieValues.Any())
{
destinationHeaders.Add(HeaderNames.Cookie, cookieValues);
}
}
}
}
public IHttpActionResult generaApuesta(Apuesta_Model datosApuesta)
{
Apuesta_Model respuesta = new Apuesta_Model();
if (datosApuesta != null)
{
HttpRequestHeaders headers = this.Request.Headers;
string idUsuario = string.Empty;
if (headers.Contains("Id_Usuario"))
{
idUsuario = headers.GetValues("Id_Usuario").First();
}
if (!new Apuesta_Bussines().Autenticado(idUsuario, datosApuesta.ValorApuesta))
{
return(Unauthorized());
}
if (new Apuesta_Bussines().validacionApuesta(datosApuesta))
{
datosApuesta.IdUsuario = int.Parse(idUsuario);
respuesta = new Apuesta_Bussines().generaApuesta(datosApuesta);
}
}
else
{
throw new Exception("Debe Enviar los parametros {NumeroApuesta}, {ColorApuesta}, {ValorApuesta}, {IdRuleta} ");
}
return(Ok(respuesta));
}
private static string GetHeaderOrDefault(
this HttpRequestHeaders headers,
string name)
{
return(headers.Contains(name)
? headers.GetValues(name).First()
: null);
}
/// <summary>
/// Adds a header to the <see cref="HttpRequestHeaders"/> list object.
/// </summary>
/// <param name="headers">The request headers list object.</param>
/// <param name="name">The name of the header to add.</param>
/// <param name="value">The value of the header.</param>
private static void AddHeader(HttpRequestHeaders headers, string name, string value)
{
if (headers.Contains(name))
{
headers.Remove(name);
}
headers.TryAddWithoutValidation(name, value);
}
private void setSessionHeaders(HttpRequestHeaders headers)
{
if (headers.Contains("Cookie"))
{
headers.Remove("Cookie");
}
headers.Add("Cookie", $"PHPSESSID={secureStringToString(sessionId)}");
}
/// <summary>
/// Handy workaround for setting/overriding header properties.
/// Microsoft does not make it easy.
/// </summary>
/// <param name="headers">Header object</param>
/// <param name="name">Name of header property</param>
/// <param name="value">Value to set</param>
internal static void Set(this HttpRequestHeaders headers, string name, string value)
{
if (headers.Contains(name))
{
headers.Remove(name);
}
headers.Add(name, value);
}
public static void SetWithoutValidation(this HttpRequestHeaders headers, string name, string value)
{
if (headers.Contains(name))
{
headers.Remove(name);
}
headers.TryAddWithoutValidation(name, value);
}
private static void InjectBackCompatibleRequestId(Activity currentActivity, HttpRequestHeaders requestHeaders)
{
if (!requestHeaders.Contains(RequestResponseHeaders.RequestIdHeader))
{
requestHeaders.Add(RequestResponseHeaders.RequestIdHeader,
W3CUtilities.FormatTelemetryId(currentActivity.TraceId.ToHexString(),
currentActivity.SpanId.ToHexString()));
}
}
private string GetHeaderValue(HttpRequestHeaders headers, string headerName)
{
if (headers.Contains(headerName))
{
var headerValues = headers.GetValues(headerName).FirstOrDefault();
return(System.Web.HttpUtility.UrlDecode(headerValues));
}
return(null);
}
