public ActionResult Index(String apikey, string wt = "") { Guid apikeyGuid; try { apikeyGuid = new Guid(apikey); } catch (ArgumentNullException) { return(InvalidApikeyArg(apikey)); } catch (FormatException) { return(InvalidApikeyArg(apikey)); } catch (OverflowException) { return(InvalidApikeyArg(apikey)); } APIToken token = null; APIToken widgetToken = null; Core.DataLayer.Models.Customer customer = null; if (!string.IsNullOrWhiteSpace(wt)) { widgetToken = APIToken.ParseToken(wt); } using (var context = ContextFactory.APIContext) { var k = context.APIKeys.Where(i => i.KeyValue == apikeyGuid && i.IsActive).FirstOrDefault(); if (k == null) { Response.StatusCode = 401; return(Content("The product key (\"apikey\") is invalid. Please see https://www.sizeup.com/developers/documentation for help.", "text/plain")); // It would be nice to do this instead, but first we need to plug in a page somewhere to // render the reason. Else you get an opaque HTTP 500 error. // throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.Unauthorized) { // ReasonPhrase = "Product key not recognized." // }); } token = APIToken.Create(k.Id); using (var sizeupContext = ContextFactory.SizeUpContext) { try { customer = SizeUp.Core.DataLayer.Customer.GetCustomerByKey(context, sizeupContext, apikeyGuid); } catch (System.Data.ObjectNotFoundException exc) { // This is actually an error, but the error is a real possibility and I don't // want it to abort the function. An entire API refactor is planned, which will // eventually remove the possibility of failure here. // TODO: if we get a logging framework, log the error. } } } ViewBag.Customer = customer; ViewBag.Token = token.GetToken(); ViewBag.SessionId = APISession.Current.SessionId; ViewBag.InstanceId = RandomString.Get(25); ViewBag.WidgetToken = widgetToken != null?widgetToken.GetToken() : ""; return(View()); }
public ActionResult Index() { using (var context = ContextFactory.SizeUpContext) { var token = APIToken.Create(APIContext.Current.ApiToken.APIKeyId); var data = token.GetToken(); return(Json(data, JsonRequestBehavior.AllowGet)); } }
protected void CreateToken(Guid key) { using (var context = ContextFactory.APIContext) { if (!context.APIKeyRoleMappings.Any(i => i.APIKey.KeyValue == key && i.Role.Name.ToLower() == "widget")) { throw new HttpException(403, "Not authorized to use the widget"); } var api = context.APIKeys.Where(i => i.KeyValue == key && i.IsActive).FirstOrDefault(); if (api != null) { ViewBag.APIName = api.Name; var token = APIToken.Create(api.Id); ViewBag.Token = token.GetToken(); } else { throw new HttpException(403, "Invalid API Key"); } } }