public async Task <ClientValidationOutcome> ValidateSubscription(Subscription subscription, HubValidationOutcome outcome)
{
if (subscription == null)
{
throw new ArgumentNullException(nameof(subscription));
}
SubscriptionBase callbackParameters = null;
if (outcome == HubValidationOutcome.Canceled)
{
logger.LogDebug("Simulating canceled subscription.");
callbackParameters = new SubscriptionCancelled
{
Reason = $"The subscription {subscription} was canceled for testing purposes.",
};
}
else
{
logger.LogDebug("Verifying subscription.");
callbackParameters = new SubscriptionVerification
{
// Note that this is not necessarily cryptographically random/secure.
Challenge = Guid.NewGuid().ToString("n"),
Lease_Seconds = subscription.Lease_Seconds
};
}
// Default parametres for both cancel/verify.
callbackParameters.Callback = subscription.Callback;
callbackParameters.Events = subscription.Events;
callbackParameters.Mode = subscription.Mode;
callbackParameters.Topic = subscription.Topic;
logger.LogDebug($"Calling callback url: {subscription.Callback}");
var callbackUri = new SubscriptionCallback().GetCallbackUri(subscription, callbackParameters);
var response = await new HttpClient().GetAsync(callbackUri);
if (!response.IsSuccessStatusCode)
{
logger.LogInformation($"Status code was not success but instead {response.StatusCode}");
return(ClientValidationOutcome.NotVerified);
}
if (outcome == HubValidationOutcome.Valid)
{
var challenge = ((SubscriptionVerification)callbackParameters).Challenge;
var responseBody = (await response.Content.ReadAsStringAsync());
if (responseBody != challenge)
{
logger.LogInformation($"Callback result for verification request was not equal to challenge. Response body: '{responseBody}', Challenge: '{challenge}'.");
return(ClientValidationOutcome.NotVerified);
}
return(ClientValidationOutcome.Verified);
}
return(ClientValidationOutcome.NotVerified);
}
public HttpResponseMessage Get([FromUri(Name = "hub")] SubscriptionVerification subscriptionVerification)
{
if (subscriptionVerification.Mode == "subscribe" && subscriptionVerification.Verify_Token == facebookService.VerificationToken)
{
var response = Request.CreateResponse(HttpStatusCode.OK);
response.Content = new StringContent(subscriptionVerification.Challenge);
return(response);
}
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
public void Get_ReturnsExpectedStatusCode(string challenge, string verifyToken, HttpStatusCode expectedStatusCode)
{
var userRealTimeController = new UserRealtimeCallbackController(null, verifyToken);
userRealTimeController.Request = new HttpRequestMessage();
var subscriptionVerification = new SubscriptionVerification
{
Challenge = challenge,
Mode = "subscribe",
Verify_Token = "bar"
};
Assert.Equal(expectedStatusCode, userRealTimeController.Get(subscriptionVerification).StatusCode);
}
public void Get_ReturnsOk_WithValidParameters(string challenge, string verifyToken)
{
var userRealTimeController = new UserRealtimeCallbackController(null, verifyToken);
userRealTimeController.Request = new HttpRequestMessage();
var subscriptionVerification = new SubscriptionVerification
{
Challenge = challenge,
Mode = "subscribe",
Verify_Token = verifyToken
};
Assert.Equal(challenge, userRealTimeController.Get(subscriptionVerification).Content.ReadAsStringAsync().Result);
}
public virtual HttpResponseMessage Get(SubscriptionVerification subscriptionVerification)
{
try
{
FacebookClient client = FacebookConfiguration.ClientProvider.CreateClient();
client.VerifyGetSubscription(subscriptionVerification.Mode, subscriptionVerification.Verify_Token, subscriptionVerification.Challenge, VerifyToken);
}
catch (ArgumentException argumentException)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, argumentException));
}
return(new HttpResponseMessage
{
Content = new StringContent(subscriptionVerification.Challenge)
});
}
public IActionResult SubscriptionVerification(string connectionId, [FromQuery] SubscriptionVerification hub)
{
if (!this.config.GetValue("Settings:ValidateSubscriptionValidations", true))
{
return(this.Content(hub.Challenge));
}
var verificationValidation = this.clientSubscriptions.ValidateVerification(connectionId, hub);
if (hub.Mode == SubscriptionMode.denied)
{
this.clientSubscriptions.RemoveSubscription(connectionId, hub.Topic);
this.webSubClientHubContext.Clients.Clients(connectionId).SendAsync("error", hub.Reason);
}
else
{
switch (verificationValidation)
{
case SubscriptionVerificationValidation.IsPendingVerification:
this.clientSubscriptions.ActivateSubscription(hub.Topic);
break;
case SubscriptionVerificationValidation.DoesNotExist:
return(this.NotFound());
case SubscriptionVerificationValidation.IsAlreadyActive:
break;
case SubscriptionVerificationValidation.IsPendingDeletion:
this.clientSubscriptions.RemoveSubscription(connectionId, hub.Topic);
break;
default:
break;
}
this.webSubClientHubContext.Clients.Clients(connectionId).SendAsync("updatedSubscriptions", this.clientSubscriptions.GetClientSubscriptions(connectionId));
return(this.Content(hub.Challenge));
}
return(this.Content(""));
}
public async Task <ClientValidationOutcome> ValidateSubscription(Subscription sub)
{
if (sub == null)
{
throw new ArgumentNullException(nameof(sub));
}
logger.LogDebug("Verifying sub.");
SubscriptionVerification callbackParameters = new SubscriptionVerification
{
// Note that this is not necessarily cryptographically random/secure.
Challenge = Guid.NewGuid().ToString("n"),
Callback = sub.Callback,
Events = sub.Events,
Mode = sub.Mode,
Topic = sub.Topic
};
logger.LogDebug($"Calling callback url: {sub.Callback}");
var callbackUri = new SubscriptionCallback().GetCallbackUri(sub);
var response = await new HttpClient().GetAsync(callbackUri);
if (!response.IsSuccessStatusCode)
{
logger.LogInformation($"Status code was not success but instead {response.StatusCode}");
return(ClientValidationOutcome.NotVerified);
}
var challenge = callbackParameters.Challenge;
var responseBody = (await response.Content.ReadAsStringAsync());
if (responseBody != challenge)
{
logger.LogInformation($"Callback result for verification request was not equal to challenge. Response body: '{responseBody}', Challenge: '{challenge}'.");
return(ClientValidationOutcome.NotVerified);
}
return(ClientValidationOutcome.Verified);
}
