public IActionResult DeletePathway(
[FromHeader(Name = "Access-Token")] string accessToken,
string id)
{
string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString();
_logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/delete/{{id}} )");
_storage.IpWatchList[clientIpAddress].MethodCallTally++;
switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty))
{
case Security.AccessLevel.None:
case Security.AccessLevel.User:
_storage.IpWatchList[clientIpAddress].FailedAttempts++;
_logger.LogInformation($"{clientIpAddress}: invalid access token value");
return(Unauthorized());
}
if (!_security.IsValidId(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}.");
return(BadRequest(ErrorResponseManifest.Get(1)));
}
if (!_storage.PathwayList.ContainsKey(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway {id} found.");
return(NoContent());
}
_storage.PathwayList.Remove(id);
return(Ok(ErrorResponseManifest.Get(0)));
}
public IActionResult CreatePathway([FromHeader(Name = "Access-Token")] string accessToken, [FromBody] CreatePathwayRequest pathwayReq)
{
string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString();
_logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/create )");
_storage.IpWatchList[clientIpAddress].MethodCallTally++;
switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty))
{
case Security.AccessLevel.None:
case Security.AccessLevel.User:
_storage.IpWatchList[clientIpAddress].FailedAttempts++;
_logger.LogInformation($"{clientIpAddress}: invalid access token");
return(Unauthorized());
}
if (!_security.IsValidId(pathwayReq.Id))
{
_logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {pathwayReq.Id}.");
return(BadRequest(ErrorResponseManifest.Get(1)));
}
if (_storage.PathwayList.ContainsKey(pathwayReq.Id))
{
_logger.LogInformation($"{clientIpAddress}: pathway {pathwayReq.Id} already exists.");
return(StatusCode(409, ErrorResponseManifest.Get(2)));
}
if (_storage.PathwayList.Count >= _settings.Value.PathwayMaximumPayloads)
{
_logger.LogInformation($"{clientIpAddress}: pathway {pathwayReq.Id} at maximum payloads.");
return(StatusCode(429, ErrorResponseManifest.Get(3)));
}
_storage.PathwayList.Add(pathwayReq.Id, new StorageModels.Pathway
{
Id = pathwayReq.Id,
ReadToken = pathwayReq.ReadToken,
WriteToken = pathwayReq.WriteToken,
MaxPayloadsCount = pathwayReq.MaxPayloadsCount,
MaxTotalPayloadsSize = pathwayReq.MaxTotalPayloadsSize,
MaxReferencesCount = pathwayReq.MaxReferencesCount,
MaxTotalReferencesSize = pathwayReq.MaxTotalReferencesSize
});
return(Ok());
}
/// <summary>
/// The work to do.
/// </summary>
/// <param name="httpContext">the http information</param>
/// <param name="storage">the storage for the serer operation</param>
/// <returns></returns>
public Task Invoke(HttpContext httpContext, IStorage storage)
{
lock (LockPoint)
{
string ipAddress = httpContext.Connection.RemoteIpAddress.ToString();
if (!storage.IpWatchList.ContainsKey(ipAddress))
{
storage.IpWatchList.Add(ipAddress, new IpWatch()
{
IpAddress = ipAddress,
IsWhitelisted = false,
LatestAttempt = DateTime.Now
});
}
var ipEntry = storage.IpWatchList[ipAddress];
if (ipEntry.FailedAttempts >= 3 && DateTime.Now.Subtract(ipEntry.LatestAttempt).TotalMinutes < 1)
{
httpContext.Response.StatusCode = 451;
var buff = System.Text.Encoding.UTF8.GetBytes(Serializer <ErrorResponse> .ToJson(ErrorResponseManifest.Get(-1)));
httpContext.Response.Body.Write(buff, 0, buff.Length);
ipEntry.LatestAttempt = DateTime.Now;
return(Task.CompletedTask);
}
else
{
if (ipEntry.FailedAttempts >= 3)
{
ipEntry.FailedAttempts--;
}
ipEntry.LatestAttempt = DateTime.Now;
return(_next(httpContext));
}
}
}
public IActionResult WithdrawPathwayPayload(
[FromHeader(Name = "Access-Token")] string accessToken,
[FromHeader(Name = "Pathway-Token")] string pathwayToken,
string id)
{
string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString();
_logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/withdraw/{{id}} )");
_storage.IpWatchList[clientIpAddress].MethodCallTally++;
switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty))
{
case Security.AccessLevel.None:
_storage.IpWatchList[clientIpAddress].FailedAttempts++;
_logger.LogInformation($"{clientIpAddress}: invalid access token value");
return(Unauthorized());
}
if (!_security.IsValidId(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}.");
return(BadRequest(ErrorResponseManifest.Get(1)));
}
if (!_storage.PathwayList.ContainsKey(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway {id} not found.");
return(NotFound());
}
switch (ValidatePathwayToken(id, pathwayToken))
{
case PathwayAccessLevel.None:
_logger.LogInformation($"{clientIpAddress}: pathway {id} withdrawal denied: no access.");
return(StatusCode(405, ErrorResponseManifest.Get(8)));
case PathwayAccessLevel.Write:
_logger.LogInformation($"{clientIpAddress}: pathway {id} withdrawal denied: write access supplied.");
return(StatusCode(405, ErrorResponseManifest.Get(9)));
}
var pathway = _storage.PathwayList[id];
if (pathway.Payloads.Count == 0)
{
_logger.LogInformation($"{clientIpAddress}: pathway {id} has no payloads.");
return(NoContent());
}
Payload thisPayload = null;
int retries = 3;
while (retries >= 0)
{
if (_storage.PathwayList[id].Payloads.TryDequeue(out thisPayload))
{
break;
}
retries--;
}
if (retries == -1)
{
_logger.LogError($"{clientIpAddress}: pathway {id} not able to retrieve payload within three tries.");
return(StatusCode(429, ErrorResponseManifest.Get(10)));
}
Response.ContentType = thisPayload.ContentType;
this.HttpContext.Response.Headers["Content-Transfer-Encoding"] = thisPayload.ContentTransferEncoding;
return(Ok(thisPayload.Content));
}
public IActionResult DepositPathwayPayload(
[FromHeader(Name = "Access-Token")] string accessToken,
[FromHeader(Name = "Pathway-Token")] string pathwayToken,
string id,
[FromBody] string payload)
{
string clientIpAddress = this.HttpContext.Connection.RemoteIpAddress.ToString();
_logger.LogInformation($"{clientIpAddress}: Method call to ( /api/pathway/deposit/{{id}} )");
_storage.IpWatchList[clientIpAddress].MethodCallTally++;
switch (_security.ValidateAccessToken(clientIpAddress, accessToken ?? string.Empty))
{
case Security.AccessLevel.None:
_storage.IpWatchList[clientIpAddress].FailedAttempts++;
_logger.LogInformation($"{clientIpAddress}: invalid access token value");
return(Unauthorized());
}
if (!_security.IsValidId(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway identifier not a valid format: {id}.");
return(BadRequest(ErrorResponseManifest.Get(1)));
}
if (!_storage.PathwayList.ContainsKey(id))
{
_logger.LogInformation($"{clientIpAddress}: pathway {id} not found.");
return(NoContent());
}
var pathway = _storage.PathwayList[id];
pathway.PayloadWriteCount++;
pathway.PayloadWriteFailCount++;
switch (ValidatePathwayToken(id, pathwayToken))
{
case PathwayAccessLevel.None:
_logger.LogInformation($"{clientIpAddress}: pathway {id} deposit denied: no access.");
return(StatusCode(405, ErrorResponseManifest.Get(8)));
case PathwayAccessLevel.Read:
_logger.LogInformation($"{clientIpAddress}: pathway {id} deposit denied: read access supplied.");
return(StatusCode(405, ErrorResponseManifest.Get(9)));
}
if (pathway.PayloadsCount >= pathway.MaxPayloadsCount)
{
_logger.LogInformation($"{clientIpAddress}: pathway deposit would exceed pathway maximum payload count.");
return(StatusCode(429, ErrorResponseManifest.Get(4)));
}
var newPayload = new Payload
{
Content = payload
};
if (this.HttpContext.Request.Headers.ContainsKey("Content-Type"))
{
newPayload.ContentType = this.HttpContext.Request.Headers["Content-Type"];
}
if (this.HttpContext.Request.Headers.ContainsKey("Content-Transfer-Encoding"))
{
newPayload.ContentTransferEncoding = this.HttpContext.Request.Headers["Content-Transfer-Encoding"];
}
pathway.Payloads.Enqueue(newPayload);
pathway.PayloadsSize += newPayload.Content.Length;
pathway.PayloadWriteFailCount--;
return(Ok(ErrorResponseManifest.Get(0)));
}
