public ActionResult CardForm(Models.CardResponse cardResponse)
{
if (ModelState.IsValid)
{
return(View("Sent", cardResponse));
}
else
{
return(View());
}
}
/// <summary>
/// The POST method for the ticket controller.
/// </summary>
/// <param name="cardResponse">Value from the POST request body.</param>
/// <returns>The asynchronous task.</returns>
// POST api/ticket
public async Task <HttpResponseMessage> Post(Models.CardResponse cardResponse)
{
HttpRequestMessage request = this.ActionContext.Request;
// Validate that we have a bearer token.
if (request.Headers.Authorization == null ||
!string.Equals(request.Headers.Authorization.Scheme, BearerTokenType, StringComparison.OrdinalIgnoreCase) ||
string.IsNullOrEmpty(request.Headers.Authorization.Parameter))
{
return(request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError()));
}
string bearerToken = request.Headers.Authorization.Parameter;
ActionableMessageTokenValidator validator = new ActionableMessageTokenValidator();
// ValidateTokenAsync will verify the following
// 1. The token is issued by Microsoft and its digital signature is valid.
// 2. The token has not expired.
// 3. The audience claim matches the service domain URL.
ActionableMessageTokenValidationResult result = await validator.ValidateTokenAsync(bearerToken, WebServiceHost);
if (!result.ValidationSucceeded)
{
if (result.Exception != null)
{
Trace.TraceError(result.Exception.ToString());
}
return(request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError()));
}
// We have a valid token. Your application should verify the sender and/or the ActionPerformer
//
// You should also return the CARD-ACTION-STATUS header in the response.
// The value of the header will be displayed to the user.
if (!result.Sender.ToLower().EndsWith(SenderEmailDomain))
{
HttpResponseMessage errorResponse = request.CreateErrorResponse(HttpStatusCode.Forbidden, new HttpError());
errorResponse.Headers.Add("CARD-ACTION-STATUS", "Invalid sender or the action performer is not allowed.");
return(errorResponse);
}
// prepare the response
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK);
response.Headers.Add("CARD-ACTION-STATUS", "Comment recorded...");
// Further business logic code here to process the support ticket.
#region Business logic code here to process the support ticket.
List <Models.Comment> comments = new List <Models.Comment>();
string newComment = cardResponse.Comment;
if (cardResponse.CachedComments != null)
{
JArray cachedComments = (JArray)cardResponse.CachedComments;
comments.AddRange(cachedComments.ToObject <List <Models.Comment> >());
}
// add this comment
comments.Add(new Models.Comment()
{
ActionPerformer = result.ActionPerformer, CommentDate = DateTime.Now, CommentText = newComment
});
// create the card
AdaptiveCards.AdaptiveCard refreshCard = CreateRefreshCard(comments);
if (refreshCard != null)
{
// add the Action.Http block to the card.
refreshCard.Actions.Add(CreateHttpAction(comments));
response.Headers.Add("CARD-UPDATE-IN-BODY", "true");
response.Content = new StringContent(refreshCard.ToJson());
}
#endregion
return(response);
}
