private static UrlMatchDictionary <RevaleeUrlAuthorization> LoadUrlAuthorizationSettings(IList <ListenerPrefix> listenerPrefixes)
{
var authorizedTargets = new UrlMatchDictionary <RevaleeUrlAuthorization>();
SecuritySettingsConfigSection section = SecuritySettingsConfigSection.GetConfig();
if (section != null)
{
foreach (UrlAuthorizationElement authorizationElement in section.UrlAuthorizations)
{
var authorization = new RevaleeUrlAuthorization(authorizationElement.UrlPrefix,
authorizationElement.FromAddresses,
authorizationElement.Retries);
if (authorization.UrlPrefix.IsLoopback)
{
foreach (ListenerPrefix listenerPrefix in listenerPrefixes)
{
if (authorization.UrlPrefix.Port == listenerPrefix.Port)
{
throw new ConfigurationErrorsException(string.Format("Cannot authorize callbacks to {0} since that port is used by this service.", authorization.UrlPrefix),
authorizationElement.ElementInformation.Source,
authorizationElement.ElementInformation.LineNumber);
}
}
}
authorizedTargets.Add(authorization.UrlPrefix, authorization);
}
}
return(authorizedTargets);
}
private static UrlMatchDictionary<RevaleeUrlAuthorization> LoadUrlAuthorizationSettings(IList<ListenerPrefix> listenerPrefixes)
{
var authorizedTargets = new UrlMatchDictionary<RevaleeUrlAuthorization>();
SecuritySettingsConfigSection section = SecuritySettingsConfigSection.GetConfig();
if (section != null)
{
foreach (UrlAuthorizationElement authorizationElement in section.UrlAuthorizations)
{
var authorization = new RevaleeUrlAuthorization(authorizationElement.UrlPrefix,
authorizationElement.FromAddresses,
authorizationElement.Retries);
if (authorization.UrlPrefix.IsLoopback)
{
foreach (ListenerPrefix listenerPrefix in listenerPrefixes)
{
if (authorization.UrlPrefix.Port == listenerPrefix.Port)
{
throw new ConfigurationErrorsException(string.Format("Cannot authorize callbacks to {0} since that port is used by this service.", authorization.UrlPrefix),
authorizationElement.ElementInformation.Source,
authorizationElement.ElementInformation.LineNumber);
}
}
}
authorizedTargets.Add(authorization.UrlPrefix, authorization);
}
}
return authorizedTargets;
}
public void Process(HttpListenerRequest request, HttpListenerResponse response)
{
try
{
if (request.HttpMethod != "PUT" && request.HttpMethod != "DELETE")
{
FinalizeRejectedResponse(request, response, 405, "Method Not Supported", null);
return;
}
if (request.QueryString.Count < 2)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", null);
return;
}
Guid?guid = RetrieveGuidParameter(request);
if (!guid.HasValue)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", null);
return;
}
Uri url = RetrieveUrlParameter(request);
if (url == null)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", null);
return;
}
if (UrlContainsDangerousMarkup(url))
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", url);
return;
}
RevaleeUrlAuthorization authorization = Supervisor.Configuration.AuthorizedTargets.Match(url);
if (authorization == null)
{
// Keep all authorization errors homogeneous from the client perspective
RevaleeUrlAuthorization.ObfuscateExecutionTime();
FinalizeRejectedResponse(request, response, 401, "Unauthorized", url);
return;
}
if (!authorization.IsAuthorizedRequestSource(request.RemoteEndPoint.Address))
{
// Keep all authorization errors homogeneous from the client perspective
RevaleeUrlAuthorization.ObfuscateExecutionTime();
FinalizeRejectedResponse(request, response, 401, "Unauthorized", url);
return;
}
if (Supervisor.Work.IsOverloaded)
{
FinalizeRejectedResponse(request, response, 503, "Service Unavailable", url);
return;
}
RevaleeTask taskToCancel = RevaleeTask.Revive(DateTime.MinValue, url, DateTime.UtcNow, guid.Value, 0, null);
Supervisor.State.CancelTask(taskToCancel);
FinalizeAcceptedResponse(request, response, guid.Value, url);
return;
}
catch (HttpListenerException hlex)
{
Supervisor.LogException(hlex, TraceEventType.Error, request.RawUrl);
FinalizeRejectedResponse(request, response, 500, "Error Occurred", null);
return;
}
}
public void Process(HttpListenerRequest request, HttpListenerResponse response)
{
try
{
if (request.HttpMethod != "PUT")
{
FinalizeRejectedResponse(request, response, 405, "Method Not Supported", null);
return;
}
if (request.QueryString.Count < 2)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", null);
return;
}
Uri url = RetrieveUrlParameter(request);
if (url == null)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", null);
return;
}
DateTime?time = RetrieveTimeParameter(request);
if (!time.HasValue)
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", url);
return;
}
if (UrlContainsDangerousMarkup(url))
{
FinalizeRejectedResponse(request, response, 400, "Bad Request", url);
return;
}
RevaleeUrlAuthorization authorization = Supervisor.Configuration.AuthorizedTargets.Match(url);
if (authorization == null)
{
// Keep all authorization errors homogeneous from the client perspective
RevaleeUrlAuthorization.ObfuscateExecutionTime();
FinalizeRejectedResponse(request, response, 401, "Unauthorized", url);
return;
}
if (!authorization.IsAuthorizedRequestSource(request.RemoteEndPoint.Address))
{
// Keep all authorization errors homogeneous from the client perspective
RevaleeUrlAuthorization.ObfuscateExecutionTime();
FinalizeRejectedResponse(request, response, 401, "Unauthorized", url);
return;
}
if (Supervisor.Work.IsOverloaded)
{
FinalizeRejectedResponse(request, response, 503, "Service Unavailable", url);
return;
}
string authorizationCipher = RetrieveAuthorizationHeader(request);
RevaleeTask newTask = new RevaleeTask(time.Value, url, authorization.RetryCount, authorizationCipher);
Supervisor.State.AddTask(newTask);
FinalizeAcceptedResponse(request, response, newTask);
return;
}
catch (HttpListenerException hlex)
{
Supervisor.LogException(hlex, TraceEventType.Error, request.RawUrl);
FinalizeRejectedResponse(request, response, 500, "Error Occurred", null);
return;
}
}
