public async Task <ClientValidationOutcome> ValidateSubscription(Subscription subscription, HubValidationOutcome outcome) { if (subscription == null) { throw new ArgumentNullException(nameof(subscription)); } SubscriptionBase callbackParameters = null; if (outcome == HubValidationOutcome.Canceled) { logger.LogDebug("Simulating canceled subscription."); callbackParameters = new SubscriptionCancelled { Reason = $"The subscription {subscription} was canceled for testing purposes.", }; } else { logger.LogDebug("Verifying subscription."); callbackParameters = new SubscriptionVerification { // Note that this is not necessarily cryptographically random/secure. Challenge = Guid.NewGuid().ToString("n"), Lease_Seconds = subscription.Lease_Seconds }; } // Default parametres for both cancel/verify. callbackParameters.Callback = subscription.Callback; callbackParameters.Events = subscription.Events; callbackParameters.Mode = subscription.Mode; callbackParameters.Topic = subscription.Topic; logger.LogDebug($"Calling callback url: {subscription.Callback}"); var callbackUri = new SubscriptionCallback().GetCallbackUri(subscription, callbackParameters); var response = await new HttpClient().GetAsync(callbackUri); if (!response.IsSuccessStatusCode) { logger.LogInformation($"Status code was not success but instead {response.StatusCode}"); return(ClientValidationOutcome.NotVerified); } if (outcome == HubValidationOutcome.Valid) { var challenge = ((SubscriptionVerification)callbackParameters).Challenge; var responseBody = (await response.Content.ReadAsStringAsync()); if (responseBody != challenge) { logger.LogInformation($"Callback result for verification request was not equal to challenge. Response body: '{responseBody}', Challenge: '{challenge}'."); return(ClientValidationOutcome.NotVerified); } return(ClientValidationOutcome.Verified); } return(ClientValidationOutcome.NotVerified); }
public HttpResponseMessage Get([FromUri(Name = "hub")] SubscriptionVerification subscriptionVerification) { if (subscriptionVerification.Mode == "subscribe" && subscriptionVerification.Verify_Token == facebookService.VerificationToken) { var response = Request.CreateResponse(HttpStatusCode.OK); response.Content = new StringContent(subscriptionVerification.Challenge); return(response); } return(Request.CreateResponse(HttpStatusCode.NotFound)); }
public void Get_ReturnsExpectedStatusCode(string challenge, string verifyToken, HttpStatusCode expectedStatusCode) { var userRealTimeController = new UserRealtimeCallbackController(null, verifyToken); userRealTimeController.Request = new HttpRequestMessage(); var subscriptionVerification = new SubscriptionVerification { Challenge = challenge, Mode = "subscribe", Verify_Token = "bar" }; Assert.Equal(expectedStatusCode, userRealTimeController.Get(subscriptionVerification).StatusCode); }
public void Get_ReturnsOk_WithValidParameters(string challenge, string verifyToken) { var userRealTimeController = new UserRealtimeCallbackController(null, verifyToken); userRealTimeController.Request = new HttpRequestMessage(); var subscriptionVerification = new SubscriptionVerification { Challenge = challenge, Mode = "subscribe", Verify_Token = verifyToken }; Assert.Equal(challenge, userRealTimeController.Get(subscriptionVerification).Content.ReadAsStringAsync().Result); }
public virtual HttpResponseMessage Get(SubscriptionVerification subscriptionVerification) { try { FacebookClient client = FacebookConfiguration.ClientProvider.CreateClient(); client.VerifyGetSubscription(subscriptionVerification.Mode, subscriptionVerification.Verify_Token, subscriptionVerification.Challenge, VerifyToken); } catch (ArgumentException argumentException) { return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, argumentException)); } return(new HttpResponseMessage { Content = new StringContent(subscriptionVerification.Challenge) }); }
public IActionResult SubscriptionVerification(string connectionId, [FromQuery] SubscriptionVerification hub) { if (!this.config.GetValue("Settings:ValidateSubscriptionValidations", true)) { return(this.Content(hub.Challenge)); } var verificationValidation = this.clientSubscriptions.ValidateVerification(connectionId, hub); if (hub.Mode == SubscriptionMode.denied) { this.clientSubscriptions.RemoveSubscription(connectionId, hub.Topic); this.webSubClientHubContext.Clients.Clients(connectionId).SendAsync("error", hub.Reason); } else { switch (verificationValidation) { case SubscriptionVerificationValidation.IsPendingVerification: this.clientSubscriptions.ActivateSubscription(hub.Topic); break; case SubscriptionVerificationValidation.DoesNotExist: return(this.NotFound()); case SubscriptionVerificationValidation.IsAlreadyActive: break; case SubscriptionVerificationValidation.IsPendingDeletion: this.clientSubscriptions.RemoveSubscription(connectionId, hub.Topic); break; default: break; } this.webSubClientHubContext.Clients.Clients(connectionId).SendAsync("updatedSubscriptions", this.clientSubscriptions.GetClientSubscriptions(connectionId)); return(this.Content(hub.Challenge)); } return(this.Content("")); }
public async Task <ClientValidationOutcome> ValidateSubscription(Subscription sub) { if (sub == null) { throw new ArgumentNullException(nameof(sub)); } logger.LogDebug("Verifying sub."); SubscriptionVerification callbackParameters = new SubscriptionVerification { // Note that this is not necessarily cryptographically random/secure. Challenge = Guid.NewGuid().ToString("n"), Callback = sub.Callback, Events = sub.Events, Mode = sub.Mode, Topic = sub.Topic }; logger.LogDebug($"Calling callback url: {sub.Callback}"); var callbackUri = new SubscriptionCallback().GetCallbackUri(sub); var response = await new HttpClient().GetAsync(callbackUri); if (!response.IsSuccessStatusCode) { logger.LogInformation($"Status code was not success but instead {response.StatusCode}"); return(ClientValidationOutcome.NotVerified); } var challenge = callbackParameters.Challenge; var responseBody = (await response.Content.ReadAsStringAsync()); if (responseBody != challenge) { logger.LogInformation($"Callback result for verification request was not equal to challenge. Response body: '{responseBody}', Challenge: '{challenge}'."); return(ClientValidationOutcome.NotVerified); } return(ClientValidationOutcome.Verified); }