public SelfHostRequestData(RouteData routeData, HttpRequestMessage request, ICookies cookies)
{
AddValues(new RouteDataValues(routeData));
var querystring = request.RequestUri.ParseQueryString();
AddValues("Querystring", new NamedKeyValues(querystring));
var formData = request.Content.IsFormData() ? request.Content.ReadAsFormDataAsync().Result : new NameValueCollection();
AddValues(RequestDataSource.Request.ToString(), new NamedKeyValues(formData));
var headers = AggregateKeyValues.For(new HeaderKeyValues(request.Headers),
new HeaderKeyValues(request.Content.Headers));
AddValues(RequestDataSource.Header.ToString(), headers);
Func <string, IEnumerable <string>, bool> ignoreCaseKeyFinder = (key, keys) => keys.Contains(key, StringComparer.InvariantCultureIgnoreCase);
var values = new SimpleKeyValues(key => cookies.Get(key).Value, () => cookies.Request.Select(x => x.Name), ignoreCaseKeyFinder);
var valueSource = new FlatValueSource <object>(values, RequestDataSource.Cookie.ToString());
AddValues(valueSource);
}
public bool Validate(string salt)
{
var applicationPath = _fubuApplicationFiles.RootPath;
var fieldName = _tokenProvider.GetTokenName();
var cookieName = _tokenProvider.GetTokenName(applicationPath);
var cookie = _cookies.Get(cookieName);
if (cookie == null || string.IsNullOrEmpty(cookie.Value))
{
return(false);
}
var cookieToken = _serializer.Deserialize(HttpUtility.UrlDecode(cookie.Value));
var formValue = _requestData.ValuesFor(RequestDataSource.Header).Get(fieldName) as string
??
_requestData.ValuesFor(RequestDataSource.Request).Get(fieldName) as string;
if (formValue.IsEmpty())
{
return(false);
}
var formToken = _serializer.Deserialize(formValue);
if (!string.Equals(cookieToken.Value, formToken.Value, StringComparison.Ordinal))
{
return(false);
}
var currentUsername = AntiForgeryData.GetUsername(Thread.CurrentPrincipal);
if (!string.Equals(formToken.Username, currentUsername, StringComparison.OrdinalIgnoreCase))
{
return(false);
}
if (!string.Equals(salt ?? string.Empty, formToken.Salt, StringComparison.Ordinal))
{
return(false);
}
return(true);
}
public AntiForgeryData GetCookieToken()
{
var applicationPath = _fubuApplicationFiles.RootPath;
string name = _tokenProvider.GetTokenName(applicationPath);
Cookie cookie = _cookies.Get(name);
AntiForgeryData cookieToken = null;
if (cookie != null)
{
try
{
cookieToken = _serializer.Deserialize(HttpUtility.UrlDecode(cookie.Value));
}
catch (FubuException)
{
// TODO -- log this. Need a generic tracing mechanism
}
}
return(cookieToken ?? _tokenProvider.GenerateToken());
}
public Cookie Current()
{
return(_cookies.Get(_settings.Name));
}
public bool Has(string key)
{
Cookie cookie = _cookies.Get(key);
return(cookie != null && cookie.Value.IsNotEmpty());
}
public string get_cookie_info(CookieInfo info)
{
return(_cookies.Get(CookieName).Value);
}
public SelfHostRequestData(RouteData routeData, HttpRequestMessage request, ICookies cookies)
{
AddValues(new RouteDataValues(routeData));
var querystring = request.RequestUri.ParseQueryString();
AddValues("Querystring", new NamedKeyValues(querystring));
var formData = request.Content.IsFormData() ? request.Content.ReadAsFormDataAsync().Result : new NameValueCollection();
AddValues(RequestDataSource.Request.ToString(), new NamedKeyValues(formData));
var headers = AggregateKeyValues.For(new HeaderKeyValues(request.Headers),
new HeaderKeyValues(request.Content.Headers));
AddValues(RequestDataSource.Header.ToString(), headers);
Func<string, IEnumerable<string>, bool> ignoreCaseKeyFinder = (key, keys) => keys.Contains(key, StringComparer.InvariantCultureIgnoreCase);
var values = new SimpleKeyValues(key => cookies.Get(key).Value, () => cookies.Request.Select(x => x.Name), ignoreCaseKeyFinder);
var valueSource = new FlatValueSource<object>(values, RequestDataSource.Cookie.ToString());
AddValues(valueSource);
}
