public CloudFoundryCorsHandler(CloudFoundryOptions options, IEnumerable <ISecurityService> securityServices, ILogger <CloudFoundryCorsHandler> logger = null) : base(securityServices, new List <HttpMethod> { HttpMethod.Options }, false, logger) { _options = options; }
public override void Configure(IEndpointOptions options) { base.Configure(options); Log.LogDebug("TfsWorkItemEndPoint::Configure"); _Options = (TfsWorkItemEndPointOptions)options; ValidateConfiguration(_Options); }
public async Task <bool> IsAccessAllowed(HttpContextBase context, IEndpointOptions target) { #pragma warning disable CS0618 // Type or member is obsolete bool isEnabled = _managementOptions == null ? _options.IsEnabled : _options.IsEnabled(_managementOptions); #pragma warning restore CS0618 // Type or member is obsolete // if running on Cloud Foundry, security is enabled, the path starts with /cloudfoundryapplication... if (Platform.IsCloudFoundry && isEnabled) { _logger?.LogTrace("Beginning Cloud Foundry Security Processing"); if (context.Request.HttpMethod == "OPTIONS") { return(true); } var origin = context.Request.Headers.Get("Origin"); context.Response.Headers.Set("Access-Control-Allow-Origin", origin ?? "*"); // identify the application so we can confirm the user making the request has permission if (string.IsNullOrEmpty(_options.ApplicationId)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.APPLICATION_ID_MISSING_MESSAGE)).ConfigureAwait(false); return(false); } // make sure we know where to get user permissions if (string.IsNullOrEmpty(_options.CloudFoundryApi)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.CLOUDFOUNDRY_API_MISSING_MESSAGE)).ConfigureAwait(false); return(false); } _logger?.LogTrace("Getting user permissions"); var sr = await GetPermissions(context).ConfigureAwait(false); if (sr.Code != HttpStatusCode.OK) { await ReturnError(context, sr).ConfigureAwait(false); return(false); } _logger?.LogTrace("Applying user permissions to request"); var permissions = sr.Permissions; if (!target.IsAccessAllowed(permissions)) { await ReturnError(context, new SecurityResult(HttpStatusCode.Forbidden, _base.ACCESS_DENIED_MESSAGE)).ConfigureAwait(false); return(false); } _logger?.LogTrace("Access granted!"); } return(true); }
public CloudFoundryCorsHandler(IEndpointOptions options, IEnumerable <ISecurityService> securityServices, IEnumerable <IManagementOptions> mgmtOptions, ILogger <CloudFoundryCorsHandler> logger = null) : base(securityServices, mgmtOptions, new List <HttpMethod> { HttpMethod.Options }, false, logger) { _options = options; _mgmtOptions = mgmtOptions; }
public void ConfigureEndpoint(IEndpointOptions endpointOptions) { var ep = (IWorkItemEndPoint)Services.GetRequiredService(endpointOptions.ToConfigure); ep.Configure(endpointOptions); Add(ep); Log.LogInformation("ConfigureEndpoint: {EndPointName} {Direction} : Enrichers{EnrichersCount}: {EnrichersList} ", ep.GetType().Name, endpointOptions.Direction, endpointOptions.Enrichers?.Count, endpointOptions.Enrichers?.Select(x => x.GetType().Name)); }
public static void RegisterEndpointOptions(this IServiceCollection services, IEndpointOptions options) { var mgmtOptions = services.BuildServiceProvider().GetServices <IManagementOptions>(); foreach (var mgmtOption in mgmtOptions) { mgmtOption.EndpointOptions.Add(options); } }
public AbstractEndpoint(IEndpointOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } this.options = options; }
public override void Configure(IEndpointOptions options) { _options = (FileSystemWorkItemEndpointOptions)options; if (!System.IO.Directory.Exists(_options.FileStore)) { System.IO.Directory.CreateDirectory(_options.FileStore); } LoadStore(); }
public async Task Invoke(HttpContext context) { _logger.LogDebug("Invoke({0}) contextPath: {1}", context.Request.Path.Value, _mgmtOptions.Path); #pragma warning disable CS0618 // Type or member is obsolete bool isEndpointEnabled = _mgmtOptions == null ? _options.IsEnabled : _options.IsEnabled(_mgmtOptions); #pragma warning restore CS0618 // Type or member is obsolete bool isEndpointExposed = _mgmtOptions == null ? true : _options.IsExposed(_mgmtOptions); if (Platform.IsCloudFoundry && isEndpointEnabled && isEndpointExposed && _base.IsCloudFoundryRequest(context.Request.Path)) { if (string.IsNullOrEmpty(_options.ApplicationId)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.APPLICATION_ID_MISSING_MESSAGE)).ConfigureAwait(false); return; } if (string.IsNullOrEmpty(_options.CloudFoundryApi)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.CLOUDFOUNDRY_API_MISSING_MESSAGE)).ConfigureAwait(false); return; } IEndpointOptions target = FindTargetEndpoint(context.Request.Path); if (target == null) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.ENDPOINT_NOT_CONFIGURED_MESSAGE)).ConfigureAwait(false); return; } var sr = await GetPermissions(context).ConfigureAwait(false); if (sr.Code != HttpStatusCode.OK) { await ReturnError(context, sr).ConfigureAwait(false); return; } var permissions = sr.Permissions; if (!target.IsAccessAllowed(permissions)) { await ReturnError(context, new SecurityResult(HttpStatusCode.Forbidden, _base.ACCESS_DENIED_MESSAGE)).ConfigureAwait(false); return; } } await _next(context).ConfigureAwait(false); }
public override void Configure(IEndpointOptions options) { base.Configure(options); Log.LogDebug("TfsWorkItemEndPoint::Configure"); _Options = (TfsWorkItemEndpointOptions)options; if (string.IsNullOrEmpty(_Options.Query?.Query)) { throw new ArgumentNullException(nameof(_Options.Query)); } }
public async Task Invoke(HttpContext context) { _logger.LogDebug("Invoke({0})", context.Request.Path.Value); if (Platform.IsCloudFoundry && _options.IsEnabled && _base.IsCloudFoundryRequest(context.Request.Path)) { if (string.IsNullOrEmpty(_options.ApplicationId)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.APPLICATION_ID_MISSING_MESSAGE)); return; } if (string.IsNullOrEmpty(_options.CloudFoundryApi)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.CLOUDFOUNDRY_API_MISSING_MESSAGE)); return; } IEndpointOptions target = FindTargetEndpoint(context.Request.Path); if (target == null) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.ENDPOINT_NOT_CONFIGURED_MESSAGE)); return; } var sr = await GetPermissions(context); if (sr.Code != HttpStatusCode.OK) { await ReturnError(context, sr); return; } var permissions = sr.Permissions; if (!target.IsAccessAllowed(permissions)) { await ReturnError(context, new SecurityResult(HttpStatusCode.Forbidden, _base.ACCESS_DENIED_MESSAGE)); return; } } await _next(context); }
public static bool IsEnabled(this IEndpointOptions options, IManagementOptions mgmtOptions) { var endpointOptions = (AbstractEndpointOptions)options; if (endpointOptions.Enabled.HasValue) { return(endpointOptions.Enabled.Value); } if (mgmtOptions.Enabled.HasValue) { return(mgmtOptions.Enabled.Value); } return(endpointOptions.DefaultEnabled); }
public override void Configure(IEndpointOptions options) { base.Configure(options); Log.LogDebug("TfsEndpoint::Configure"); _Options = (ITfsEndpointOptions)options; if (string.IsNullOrEmpty(_Options.Organisation)) { throw new ArgumentNullException(nameof(_Options.Organisation)); } if (string.IsNullOrEmpty(_Options.Project)) { throw new ArgumentNullException(nameof(_Options.Project)); } if (string.IsNullOrEmpty(_Options.AccessToken) && _Options.AuthenticationMode == AuthenticationMode.AccessToken) { throw new ArgumentNullException(nameof(_Options.AccessToken)); } }
public static bool IsExposed(this IEndpointOptions options, IManagementOptions mgmtOptions) { var actOptions = mgmtOptions as ActuatorManagementOptions; if (!string.IsNullOrEmpty(options.Id) && actOptions != null && actOptions.Exposure != null) { var exclude = actOptions.Exposure.Exclude; if (exclude != null && (exclude.Contains("*") || exclude.Contains(options.Id))) { return(false); } var include = actOptions.Exposure.Include; if (include != null && (include.Contains("*") || include.Contains(options.Id))) { return(true); } return(false); } return(true); }
public static string GetContextPath(this IEndpointOptions options, IManagementOptions mgmtContext) { var contextPath = mgmtContext.Path; if (!contextPath.EndsWith("/") && !string.IsNullOrEmpty(options.Path)) { contextPath += "/"; } contextPath += options.Path; if (!options.ExactMatch) { if (!contextPath.EndsWith("/")) { contextPath += "/"; } contextPath += "{**_}"; } return(contextPath); }
public void ConfigureEndpoints(IEndpointOptions source, IEndpointOptions target) { Log.LogDebug("EndpointContainer::ConfigureEndpoints"); if (_Configured) { Log.LogError("EndpointContainer::ConfigureEndpoints: You cant configure Endpoints twice"); throw new Exception("You cant configure Endpoints twice"); } _SourceOptions = source ?? throw new ArgumentNullException(nameof(source)); _TargetOptions = target ?? throw new ArgumentNullException(nameof(target)); if (source is RefEndpointOptions) { // Must load from catalog throw new NotImplementedException("RefEndpointOptions has not yet been implemnted"); } else { var sourceEp = (IEndpoint)Services.GetRequiredService(_SourceOptions.ToConfigure); sourceEp.Configure(_SourceOptions); _Source = sourceEp; } if (target is RefEndpointOptions) { // Must load from catalog throw new NotImplementedException("RefEndpointOptions has not yet been implemnted"); } else { var targetEp = (IEndpoint)Services.GetRequiredService(_TargetOptions.ToConfigure); targetEp.Configure(_TargetOptions); _Target = targetEp; } _Configured = true; }
public override async Task Invoke(IOwinContext context) { #pragma warning disable CS0612 // Type or member is obsolete bool isEnabled = _mgmtOptions == null ? _options.IsEnabled : _options.IsEnabled(_mgmtOptions); #pragma warning restore CS0612 // Type or member is obsolete // if running on Cloud Foundry, security is enabled, the path starts with /cloudfoundryapplication... if (Platform.IsCloudFoundry && isEnabled && _base.IsCloudFoundryRequest(context.Request.Path.ToString())) { context.Response.Headers.Set("Access-Control-Allow-Credentials", "true"); context.Response.Headers.Set("Access-Control-Allow-Origin", context.Request.Headers.Get("origin")); context.Response.Headers.Set("Access-Control-Allow-Headers", "Authorization,X-Cf-App-Instance,Content-Type"); // don't run security for a CORS request, do return 204 if (context.Request.Method == "OPTIONS") { context.Response.StatusCode = (int)HttpStatusCode.NoContent; return; } _logger?.LogTrace("Beginning Cloud Foundry Security Processing"); // identify the application so we can confirm the user making the request has permission if (string.IsNullOrEmpty(_options.ApplicationId)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.APPLICATION_ID_MISSING_MESSAGE)); return; } // make sure we know where to get user permissions if (string.IsNullOrEmpty(_options.CloudFoundryApi)) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.CLOUDFOUNDRY_API_MISSING_MESSAGE)); return; } _logger?.LogTrace("Identifying which endpoint the request at {EndpointRequestPath} is for", context.Request.Path); IEndpointOptions target = FindTargetEndpoint(context.Request.Path); if (target == null) { await ReturnError(context, new SecurityResult(HttpStatusCode.ServiceUnavailable, _base.ENDPOINT_NOT_CONFIGURED_MESSAGE)); return; } _logger?.LogTrace("Getting user permissions"); var sr = await GetPermissions(context); if (sr.Code != HttpStatusCode.OK) { await ReturnError(context, sr); return; } _logger?.LogTrace("Applying user permissions to request"); var permissions = sr.Permissions; if (!target.IsAccessAllowed(permissions)) { await ReturnError(context, new SecurityResult(HttpStatusCode.Forbidden, _base.ACCESS_DENIED_MESSAGE)); return; } _logger?.LogTrace("Access granted!"); } await Next.Invoke(context); }
public override void Configure(IEndpointOptions options) { Log.LogDebug("TfsWorkItemEndPoint::Configure"); _Options = (TfsWorkItemEndPointOptions)options; }
public static async Task <bool> IsAccessAllowed(this IEnumerable <ISecurityService> securityChecks, HttpContextBase context, IEndpointOptions options) { IEnumerable <Task <bool> > allTasks = securityChecks.Select(service => service.IsAccessAllowed(context, options)); bool[] returnValues = await Task.WhenAll(allTasks); return(returnValues.All(isAccessAllowed => isAccessAllowed == true)); }
public HypermediaService(IManagementOptions mgmtOptions, IEndpointOptions options, ILogger logger = null) { _logger = logger; _mgmtOptions = mgmtOptions ?? throw new ArgumentNullException(nameof(mgmtOptions)); _options = options ?? throw new ArgumentNullException(nameof(options)); }
public abstract void Configure(IEndpointOptions options);
public override void Configure(IEndpointOptions options) { base.Configure(options); _Options = (InMemoryWorkItemEndpointOptions)options; }
private static void RegisterEndpointOptions(this IEnumerable <IManagementOptions> mgmtOptions, IConfiguration configuration, IEndpointOptions options) { if (mgmtOptions.Count() < 1) { _mgmtOptions.Add(new CloudFoundryManagementOptions(configuration)); _mgmtOptions.Add(new ActuatorManagementOptions(configuration)); } foreach (var mgmt in mgmtOptions) { if (!mgmt.EndpointOptions.Contains(options)) { mgmt.EndpointOptions.Add(options); } } }
public static void RegisterEndpointOptions(this IServiceCollection services, IEndpointOptions options) { // the code that was running here is now handled in ActuatorRouteBuilderExtensions }
public TestEndpoint(IEndpointOptions opts) : base(opts) { }
public virtual void Configure(IEndpointOptions options) { Log.LogDebug("Endpoint::Configure"); _InnerOptions = options; EndpointEnrichers.ConfigureEnrichers(_InnerOptions.EndpointEnrichers); }
public void Configure(IEndpointOptions options) { throw new NotImplementedException(); }