public static OAuthRequest GenerateConsumerRequest(OAuthConfig config, Uri requestUri, NameValueCollection requestParams, HttpMethods httpMethod) { if (config == null) throw new ArgumentNullException("config"); if (requestUri == null) throw new ArgumentNullException("requestUri"); if (requestParams == null) requestParams = new NameValueCollection(); var request = new OAuthRequest(); request.requestUri = requestUri; request.config = config; request.httpMethod = httpMethod; request.requestType = RequestTypes.ConsumerRequest; // Parse any existing URI Params request.ParseUriParams(requestUri, requestParams); // Assign request params request.requestParams = requestParams; // Setup required params request.requestParams[config.OAuthConsumerKeyKey] = config.OAuthConsumerKey; return request; }
public Route(HttpMethods httpMethod, string endpoint, Action<RoutedHttpRequest, HttpListenerResponse> callback) { HttpMethod = httpMethod; Callback = callback; Endpoint = endpoint; Regex = BuildRegex(Endpoint); }
public Request(Uri uri,string controllerName,string actionName,HttpMethods method= HttpMethods.All) { this.Uri = uri; this.ActionName = actionName; this.ControllerName = controllerName; this.Method = method; }
public void AddCommand(string controllerName, string actionName,HttpMethods method, ICommand cmd) { SortedDictionary<string, Dictionary<HttpMethods, ICommand>> actions = null; if (!_Datas.TryGetValue(controllerName, out actions)) { actions = new SortedDictionary<string, Dictionary<HttpMethods, ICommand>>(); _Datas.Add(controllerName,actions); } Dictionary<HttpMethods, ICommand> methods = null; if (!actions.TryGetValue(actionName, out methods)) { methods = new Dictionary<HttpMethods, ICommand>(); actions.Add(actionName,methods); } if (((int)method & (int)HttpMethods.GET) > 0) { if (methods.ContainsKey(HttpMethods.GET)) methods[HttpMethods.GET] = cmd; else methods.Add(HttpMethods.GET,cmd); } if (((int)method & (int)HttpMethods.POST) > 0) { if (methods.ContainsKey(HttpMethods.POST)) methods[HttpMethods.POST] = cmd; else methods.Add(HttpMethods.POST, cmd); } if (((int)method & (int)HttpMethods.PUT) > 0) { if (methods.ContainsKey(HttpMethods.PUT)) methods[HttpMethods.PUT] = cmd; else methods.Add(HttpMethods.PUT, cmd); } if (((int)method & (int)HttpMethods.DELETE) > 0) { if (methods.ContainsKey(HttpMethods.DELETE)) methods[HttpMethods.DELETE] = cmd; else methods.Add(HttpMethods.DELETE, cmd); } }
public void BetterReturnsTrueWhenTheMethodAndUrlAreTheSame(HttpMethods method1, string url1, HttpMethods method2, string url2, bool expectedResult) { var request1 = new HttpRequest(method1, url1); var request2 = new HttpRequest(method2, url2); Assert.True(request1.Equals(request2) == expectedResult); }
public HttpRequestV2(IHttpHeaders headers, HttpMethods method, string protocol, Uri uri, string[] requestParameters) { _headers = headers; _method = method; _protocol = protocol; _uri = uri; _requestParameters = requestParameters; }
/// <summary> /// Подписывает запрос /// </summary> /// <param name="httpMethod"> /// метод, используемый для запроса /// </param> /// <param name="requestUrl"> /// адрес для запроса /// </param> /// <param name="requestParameters"> /// параметры запроса /// </param> /// <param name="consumerInfo"> /// информация о программе клиенте /// </param> /// <param name="token"> /// токен /// </param> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="ArgumentOutOfRangeException"></exception> /// <returns> /// подписанная сторока запроса /// </returns> public static string Sign(HttpMethods httpMethod, string requestUrl, List<RequestParameter> requestParameters, ConsumerInfo consumerInfo, OAuthToken token) { if (consumerInfo.CallbackUrl == null && consumerInfo.ConsumerKey == null && consumerInfo.ConsumerSecret == null) throw new ArgumentNullException("consumerInfo"); // Подготовка и нормализация операндов для подписи // Определяем метод запроса if ((httpMethod < 0) && (httpMethod > (HttpMethods) 3)) throw new ArgumentOutOfRangeException("httpMethod"); var baseHttpMethod = httpMethod.ToString().ToUpper() + "&"; // определяем и нормализуем Url запроса if (string.IsNullOrWhiteSpace(requestUrl)) throw new ArgumentNullException("requestUrl"); var baseRequesUrl = Uri.EscapeDataString(requestUrl) + "&"; // Определяем и нормализуем параметры запроса if (requestParameters == null) throw new ArgumentNullException("requestParameters"); // нормализуем и сортируем список параметров requestParameters = NormalizeRequestParameters(requestParameters); var baseParameters = string.Join("&", requestParameters.Select(param => param.Name + "=" + param.Value)); //строка для подписывания var baseRequestString = baseHttpMethod + baseRequesUrl + Uri.EscapeDataString(baseParameters); #if DEBUG Debug.WriteLine(string.Format("Подписываемая строка {0}", baseRequestString)); #endif // Определяем ключ для подписи var baseKey = token == null ? consumerInfo.ConsumerSecret + "&" + string.Empty : consumerInfo.ConsumerSecret + "&" + token.Secret; // осуществляем шифрование var encoder = new HMACSHA1 {Key = Encoding.ASCII.GetBytes(baseKey)}; var buffer = Encoding.ASCII.GetBytes(baseRequestString); var signatureByte = encoder.ComputeHash(buffer, 0, buffer.Length); // получаем стороку подписи в представлении Base64 var sigmature = Convert.ToBase64String(signatureByte); #if DEBUG Debug.WriteLine(string.Format("Подписанная строка {0}", sigmature)); #endif /* Формируем подписанную строку запроса */ // Для формирования стоки запроса к параметрам добавляем параметр с цифровой подписью requestParameters.Add(new RequestParameter(OAuthParam.Signature, NormalizeParameter(sigmature))); // формируем строку var signedUrlString = requestUrl + "?" + string.Join("&", requestParameters.Select(param => param.Name + "=" + param.Value)); #if DEBUG Debug.WriteLine(string.Format("Подписанная строка запроса {0}", signedUrlString)); #endif // возвращаем подписанную строку return signedUrlString; }
public static OAuthRequest GenerateProtectedRequest(OAuthConfig config, Uri requestUri, NameValueCollection requestParams, HttpMethods httpMethod) { var request = GenerateSignedRequest(config, requestUri, requestParams, httpMethod); request.requestParams[config.OAuthTokenKey] = config.OAuthToken; request.requestType = RequestTypes.ProtectedRequest; return request; }
public WADLMethod(String methodName, HttpMethods method) : base() { this.name = methodName; this.method = method; this.queryType = QueryTypes.urlEncoded; this.parameters = new List<WADLParam>(); this.headers = new List<WADLParam>(); this.representations = new List<WADLRepresentation>(); }
public void Should_Get_Right_Method(HttpMethods method) { // Arrange var methodName = Enum.GetName(typeof(HttpMethods), method); var target = GetTarget(); // Act var actual = target.Provide(methodName); // Assert actual.ToString().ShouldBe(methodName); }
public async void DoesNotPersistRequestIfItAlreadyExists2(HttpMethods method, string url, int times) { var request = new HttpRequest { Method = HttpMethods.Get, Url = "http://localhost:3000/good" }; var sqlite = new Mock<ISQLiteAsyncConnection>(); sqlite.Setup(s => s.Get<HttpRequest>()).Returns(Task.FromResult(new List<HttpRequest> { request })); var newRequest = new HttpRequest { Method = method, Url = url }; var requestHistory = new RequestHistory(sqlite.Object); await requestHistory.AddRequestAsync(newRequest); sqlite.Verify(s => s.InsertAsync(It.IsAny<HttpRequest>()), times.ToTimes()); }
public ICommand GetOrCreateCommand(RouteData routeData,HttpMethods method,Context context) { SortedDictionary<string, Dictionary<HttpMethods,ICommand>> actions = null; if (!_Datas.TryGetValue(routeData.ControllerName, out actions)) { return null; } Dictionary<HttpMethods, ICommand> methods = null; if (!actions.TryGetValue(routeData.ActionName, out methods)) { return null; } foreach (var pair in methods) { if (((int)pair.Key & (int)method) > 0) return pair.Value; } return null; }
public PretendRequestInfo(string url, HttpMethods httpMethod = HttpMethods.Get, bool forPrinting = false, bool forSrcAttr = false) { HttpMethod = httpMethod; if (forPrinting) url = url.Replace("/bloom/", "/bloom/OriginalImages/"); // In the real request, RawUrl does not include this prefix RawUrl = url.Replace(ServerBase.ServerUrl, ""); // When JavaScript inserts a real path into the html it replaces the three magic html characters with these substitutes. // For this PretendRequestInfo we simulate that by doing the replace here in the url. if (forSrcAttr) url = EnhancedImageServer.SimulateJavaScriptHandlingOfHtml(url); // Reducing the /// emulates a behavior of the real HttpListener LocalPathWithoutQuery = url.Replace(ServerBase.ServerUrl, "").Replace("/bloom/OriginalImages///", "/bloom/OriginalImages/").Replace("/bloom///", "/bloom/").UnescapeCharsForHttp(); }
private HttpWebRequest CreateRequest(HttpMethods method) { var serializedPayload = Utility.SerializeParameters(_payload); var url = Driver.Instance.Url; if (UsesQueryString()) { url += '?' + serializedPayload; } var request = (HttpWebRequest)WebRequest.Create(url); request.Method = method.ToString().ToUpper(); // request.Headers["X-Mashape-Language"] = "dotnet"; // request.Headers["X-Mashape-Version"] = Communicator.Version; #if !WINDOWS_PHONE request.Timeout = 10000; request.ReadWriteTimeout = 10000; request.KeepAlive = false; #endif if (!UsesQueryString()) { PayloadData = PreparePost(request, serializedPayload); } return request; }
public static bool Is(this HttpMethods self, HttpMethods method) { return ((int)self & (int)method) != 0; }
internal APIResponse Call(HttpMethods method, string path, object callParams) { string queryString = string.Empty; string content = string.Empty; if (method == HttpMethods.GET || method == HttpMethods.DELETE) queryString = ExtractQueryString(callParams); else if (method == HttpMethods.POST || method == HttpMethods.PUT) content = (new JsonTranslator()).Encode(callParams); string url = String.Format("{0}/{1}{2}", this.State.ApiUrl, path, queryString); return Call(method, path, content, new HttpHelper(url)); }
/// <summary> /// /// </summary> /// <param name="resource"></param> /// <param name="method"></param> /// <param name="ignoreRoot"></param> public RestRequest(string resource, HttpMethods method, bool ignoreRoot) : this(resource, method) { IgnoreRootElement = ignoreRoot; }
// Matching is a bit weak in this demo. // It's written this way to satisfy both the composite gateway and website demos. public bool Matches(RouteData routeData, string httpMethod) => HttpMethods.IsGet(httpMethod) && string.Equals((string)routeData.Values["controller"], "orders", StringComparison.OrdinalIgnoreCase) && routeData.Values.ContainsKey("id");
internal APIResponse Call(HttpMethods method, string path, string content, HttpHelper httpHelper) { var request = httpHelper.HttpWebRequest; request.Method = method.ToString(); request.ContentType = "application/json"; request.Headers.Add("Authorization", "Bearer " + this.State.AccessToken); if ((method == HttpMethods.POST || method == HttpMethods.PUT) && !string.IsNullOrEmpty(content)) { using (var writer = new StreamWriter(request.GetRequestStream())) { writer.Write(content); writer.Close(); } } return GetResponse((HttpWebResponseWrapper)request.GetResponse()); }
/// <inheritdoc /> public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (next == null) { throw new ArgumentNullException(nameof(next)); } var request = context.HttpContext.Request; if (HttpMethods.IsPost(request.Method)) { // 1. Confirm a secure connection. var errorResult = EnsureSecureConnection(ReceiverName, context.HttpContext.Request); if (errorResult != null) { context.Result = errorResult; return; } // 2. Get the expected hash from the signature header. var header = GetRequestHeader(request, DropboxConstants.SignatureHeaderName, out errorResult); if (errorResult != null) { context.Result = errorResult; return; } var expectedHash = FromHex(header, DropboxConstants.SignatureHeaderName); if (expectedHash == null) { context.Result = CreateBadHexEncodingResult(DropboxConstants.SignatureHeaderName); return; } // 3. Get the configured secret key. var secretKey = GetSecretKey( ReceiverName, context.RouteData, DropboxConstants.SecretKeyMinLength, DropboxConstants.SecretKeyMaxLength); if (secretKey == null) { context.Result = new NotFoundResult(); return; } var secret = Encoding.UTF8.GetBytes(secretKey); // 4. Get the actual hash of the request body. var actualHash = await ComputeRequestBodySha256HashAsync(request, secret); // 5. Verify that the actual hash matches the expected hash. if (!SecretEqual(expectedHash, actualHash)) { // Log about the issue and short-circuit remainder of the pipeline. errorResult = CreateBadSignatureResult(DropboxConstants.SignatureHeaderName); context.Result = errorResult; return; } } await next(); }
private static string?GetFuzzyMatchHttpMethod(PageContext context) { // Map HEAD to get. return(HttpMethods.IsHead(context.HttpContext.Request.Method) ? HttpMethods.Get : null); }
/// <summary> /// For framework use only. /// </summary> /// <param name="httpContext"></param> /// <param name="candidates"></param> /// <returns></returns> public Task ApplyAsync(HttpContext httpContext, CandidateSet candidates) { if (httpContext == null) { throw new ArgumentNullException(nameof(httpContext)); } if (candidates == null) { throw new ArgumentNullException(nameof(candidates)); } // Returning a 405 here requires us to return keep track of all 'seen' HTTP methods. We allocate to // keep track of this beause we either need to keep track of the HTTP methods or keep track of the // endpoints - both allocate. // // Those code only runs in the presence of dynamic endpoints anyway. // // We want to return a 405 iff we eliminated ALL of the currently valid endpoints due to HTTP method // mismatch. bool? needs405Endpoint = null; HashSet <string>?methods = null; for (var i = 0; i < candidates.Count; i++) { // We do this check first for consistency with how 405 is implemented for the graph version // of this code. We still want to know if any endpoints in this set require an HTTP method // even if those endpoints are already invalid - hence the null-check. var metadata = candidates[i].Endpoint?.Metadata.GetMetadata <IHttpMethodMetadata>(); if (metadata == null || metadata.HttpMethods.Count == 0) { // Can match any method. needs405Endpoint = false; continue; } // Saw a valid endpoint. needs405Endpoint = needs405Endpoint ?? true; if (!candidates.IsValidCandidate(i)) { continue; } var httpMethod = httpContext.Request.Method; var headers = httpContext.Request.Headers; if (metadata.AcceptCorsPreflight && HttpMethods.Equals(httpMethod, PreflightHttpMethod) && headers.ContainsKey(HeaderNames.Origin) && headers.TryGetValue(HeaderNames.AccessControlRequestMethod, out var accessControlRequestMethod) && !StringValues.IsNullOrEmpty(accessControlRequestMethod)) { needs405Endpoint = false; // We don't return a 405 for a CORS preflight request when the endpoints accept CORS preflight. httpMethod = accessControlRequestMethod; } var matched = false; for (var j = 0; j < metadata.HttpMethods.Count; j++) { var candidateMethod = metadata.HttpMethods[j]; if (!HttpMethods.Equals(httpMethod, candidateMethod)) { methods = methods ?? new HashSet <string>(StringComparer.OrdinalIgnoreCase); methods.Add(candidateMethod); continue; } matched = true; needs405Endpoint = false; break; } if (!matched) { candidates.SetValidity(i, false); } } if (needs405Endpoint == true) { // We saw some endpoints coming in, and we eliminated them all. httpContext.SetEndpoint(CreateRejectionEndpoint(methods !.OrderBy(m => m, StringComparer.OrdinalIgnoreCase))); httpContext.Request.RouteValues = null !; } return(Task.CompletedTask); }
/// <inheritdoc /> public Task Invoke(HttpContext context, ICorsPolicyProvider corsPolicyProvider) { // CORS policy resolution rules: // // 1. If there is an endpoint with IDisableCorsAttribute then CORS is not run // 2. If there is an endpoint with ICorsPolicyMetadata then use its policy or if // there is an endpoint with IEnableCorsAttribute that has a policy name then // fetch policy by name, prioritizing it above policy on middleware // 3. If there is no policy on middleware then use name on middleware var endpoint = context.GetEndpoint(); if (endpoint != null) { // EndpointRoutingMiddleware uses this flag to check if the CORS middleware processed CORS metadata on the endpoint. // The CORS middleware can only make this claim if it observes an actual endpoint. context.Items[CorsMiddlewareWithEndpointInvokedKey] = CorsMiddlewareWithEndpointInvokedValue; } if (!context.Request.Headers.ContainsKey(CorsConstants.Origin)) { return(_next(context)); } // Get the most significant CORS metadata for the endpoint // For backwards compatibility reasons this is then downcast to Enable/Disable metadata var corsMetadata = endpoint?.Metadata.GetMetadata <ICorsMetadata>(); if (corsMetadata is IDisableCorsAttribute) { var isOptionsRequest = HttpMethods.IsOptions(context.Request.Method); var isCorsPreflightRequest = isOptionsRequest && context.Request.Headers.ContainsKey(CorsConstants.AccessControlRequestMethod); if (isCorsPreflightRequest) { // If this is a preflight request, and we disallow CORS, complete the request context.Response.StatusCode = StatusCodes.Status204NoContent; return(Task.CompletedTask); } return(_next(context)); } var corsPolicy = _policy; var policyName = _corsPolicyName; if (corsMetadata is ICorsPolicyMetadata corsPolicyMetadata) { policyName = null; corsPolicy = corsPolicyMetadata.Policy; } else if (corsMetadata is IEnableCorsAttribute enableCorsAttribute && enableCorsAttribute.PolicyName != null) { // If a policy name has been provided on the endpoint metadata then prioritizing it above the static middleware policy policyName = enableCorsAttribute.PolicyName; corsPolicy = null; } if (corsPolicy == null) { // Resolve policy by name if the local policy is not being used var policyTask = corsPolicyProvider.GetPolicyAsync(context, policyName); if (!policyTask.IsCompletedSuccessfully) { return(InvokeCoreAwaited(context, policyTask)); } corsPolicy = policyTask.Result; } return(EvaluateAndApplyPolicy(context, corsPolicy)); async Task InvokeCoreAwaited(HttpContext context, Task <CorsPolicy?> policyTask) { var corsPolicy = await policyTask; await EvaluateAndApplyPolicy(context, corsPolicy); } }
private bool SetupContent(object content, string contentMediaType, bool contentAsJson, bool contentUseCamelCase, HttpRequest request, HttpRequestMessage requestMessage, string requestMethod) { if (!HttpMethods.IsGet(requestMethod) && !HttpMethods.IsHead(requestMethod) && !HttpMethods.IsDelete(requestMethod) && !HttpMethods.IsTrace(requestMethod)) { if (request.HasFormContentType) { var dataToSend = content != null ? content as IFormCollection : request.Form; requestMessage.Content = ToHttpContent(dataToSend, request.ContentType); return(false); } else { requestMessage.Content = content != null?CreateHttpContent(content, contentMediaType, contentAsJson, contentUseCamelCase) : new StreamContent(request.Body); } } return(true); }
public async Task <Member> GetCurrentClient() { return(await HttpMethods <Member> .GetAsync(Client, "/currentClient")); }
/// <inheritdoc /> public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (next == null) { throw new ArgumentNullException(nameof(next)); } var routeData = context.RouteData; var request = context.HttpContext.Request; if (routeData.TryGetWebHookReceiverName(out var receiverName) && IsApplicable(receiverName) && HttpMethods.IsPost(request.Method)) { // 1. Confirm a secure connection. var errorResult = EnsureSecureConnection(ReceiverName, context.HttpContext.Request); if (errorResult != null) { context.Result = errorResult; return; } // 2. Get the expected hash from the signature headers. var header = GetRequestHeader(request, PusherConstants.SignatureHeaderName, out errorResult); if (errorResult != null) { context.Result = errorResult; return; } var expectedHash = GetDecodedHash(header, PusherConstants.SignatureHeaderName, out errorResult); if (errorResult != null) { context.Result = errorResult; return; } // 3. Get the configured secret key. var secretKeys = GetSecretKeys(ReceiverName, routeData); if (!secretKeys.Exists()) { context.Result = new NotFoundResult(); return; } var applicationKey = GetRequestHeader(request, PusherConstants.SignatureKeyHeaderName, out errorResult); if (errorResult != null) { context.Result = errorResult; return; } var secretKey = secretKeys[applicationKey]; if (secretKey == null || secretKey.Length < PusherConstants.SecretKeyMinLength || secretKey.Length > PusherConstants.SecretKeyMaxLength) { Logger.LogError( 0, "The '{HeaderName}' header value of '{HeaderValue}' is not recognized as a valid " + "application key. Please ensure the correct application key / secret key pairs have " + "been configured.", PusherConstants.SignatureKeyHeaderName, applicationKey); var message = string.Format( CultureInfo.CurrentCulture, Resources.SignatureFilter_SecretNotFound, PusherConstants.SignatureKeyHeaderName, applicationKey); context.Result = new BadRequestObjectResult(message); return; } var secret = Encoding.UTF8.GetBytes(secretKey); // 4. Get the actual hash of the request body. var actualHash = await GetRequestBodyHash_SHA256(request, secret); // 5. Verify that the actual hash matches the expected hash. if (!SecretEqual(expectedHash, actualHash)) { // Log about the issue and short-circuit remainder of the pipeline. errorResult = CreateBadSignatureResult(receiverName, PusherConstants.SignatureHeaderName); context.Result = errorResult; return; } } await next(); }
public ControllerMethod(Type controllerType, HttpMethods method) { _controllerType = controllerType; _method = method; }
public async Task Invoke(HttpContext context) { PathString subpath; if (!context.Request.Path.StartsWithSegments(_options.Path, out subpath)) { await _next(context); return; } var policyName = subpath.ToUriComponent().Trim('/'); if (policyName.Length == 0) { policyName = Constants.DefaultPolicy; } if (_options.AuthorizationPolicy != null) { var principal = await SecurityHelper.GetUserPrincipal(context, _options.AuthorizationPolicy); if (!await _authorizationService.AuthorizeAsync(principal, context, _options.AuthorizationPolicy)) { _logger.AuthorizationFailed(); await _next(context); return; } } HealthCheckPolicy policy = _policyProvider.GetPolicy(policyName); if (policy == null) { _logger.InvalidPolicy(policyName); await _next(context); return; } var response = context.Response; var healthCheckResponse = await _healthService.CheckHealthAsync(policy); if (healthCheckResponse.HasErrors) { _logger.HealthCheckFailed(healthCheckResponse.Errors); if (healthCheckResponse.HasCriticalErrors) { response.StatusCode = StatusCodes.Status503ServiceUnavailable; response.WriteRetryAfterHeader(healthCheckResponse.RetryAfter); } } else { _logger.HealthCheckSucceeded(); response.StatusCode = StatusCodes.Status200OK; } if (_options.SendResults && !HttpMethods.IsHead(context.Request.Method)) { response.ContentType = ApplicationJson; using (var writer = new HttpResponseStreamWriter(response.Body, Encoding.UTF8, 1024, _bytePool, _charPool)) { using (var jsonWriter = new JsonTextWriter(writer)) { jsonWriter.ArrayPool = _jsonCharPool; jsonWriter.CloseOutput = false; _jsonSerializer.Serialize(jsonWriter, healthCheckResponse.Results); } } } }
/// <summary> /// Make an HTTP Request to the Shopify API /// </summary> /// <param name="method">method to be used in the request</param> /// <param name="path">the path that should be requested</param> /// <param name="callParams">any parameters needed or expected by the API</param> /// <seealso cref="http://api.shopify.com/"/> /// <returns>the server response</returns> public object Call(HttpMethods method, string path, object callParams = null) { //NOTE: Shopify limits us to 2 calls per second var tickCount = DateTime.Now.Ticks; const int _minDelta = 750; if (_lastTickCount > 0) { var delta = (int)((tickCount - _lastTickCount) / TimeSpan.TicksPerMillisecond); if (delta < _minDelta) System.Threading.Thread.Sleep(_minDelta - delta); } _lastTickCount = tickCount; string url = String.Format("https://{0}.myshopify.com/admin/{1}", State.ShopName, path); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.ContentType = GetRequestContentType(); request.Headers.Add("X-Shopify-Access-Token", this.State.AccessToken); request.Method = method.ToString(); if (callParams != null) { if (method == HttpMethods.GET || method == HttpMethods.DELETE) { // if no translator assume data is a query string url = String.Format("{0}?{1}", url, callParams.ToString()); //// put params into query string //StringBuilder queryString = new StringBuilder(); //foreach (string key in callParams.Keys) //{ // queryString.AppendFormat("{0}={1}", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(callParams[key])); //} } else if (method == HttpMethods.POST || method == HttpMethods.PUT) { string requestBody; // put params into post body if (Translator == null) { //assume it's a string requestBody = callParams.ToString(); } else { requestBody = Translator.Encode(callParams); } //add the requst body to the request stream if (!String.IsNullOrEmpty(requestBody)) { using (var ms = new MemoryStream()) { using (var writer = new StreamWriter(request.GetRequestStream())) { writer.Write(requestBody); writer.Close(); } } } } } var response = (HttpWebResponse)request.GetResponse(); string result = null; using (Stream stream = response.GetResponseStream()) { StreamReader sr = new StreamReader(stream); result = sr.ReadToEnd(); sr.Close(); } //At least one endpoint will return an empty string, that we need to account for. if (string.IsNullOrWhiteSpace(result)) return null; if (Translator != null) return Translator.Decode(result); return result; }
public async Task Invoke(HttpContext context) { if (context == null) { throw new ArgumentNullException(nameof(context)); } var request = context.Request; var clientName = GetClient(request); if (string.IsNullOrEmpty(clientName)) { // context.Response.StatusCode = (int)System.Net.HttpStatusCode.BadRequest; await this.next(context); return; } using (HttpClient client = this._clientFactory.CreateClient(clientName)) { var requestMessage = new HttpRequestMessage(); var requestMethod = request.Method; if (!HttpMethods.IsGet(requestMethod) && !HttpMethods.IsHead(requestMethod) && !HttpMethods.IsDelete(requestMethod) && !HttpMethods.IsTrace(requestMethod)) { var streamContent = new StreamContent(request.Body); requestMessage.Content = streamContent; } // Copy the request headers foreach (var header in request.Headers) { if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()) && requestMessage.Content != null) { requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()); } } requestMessage.RequestUri = new Uri($"{request.Path}{request.QueryString}", UriKind.Relative); requestMessage.Method = new HttpMethod(request.Method); var response = await client.SendAsync(requestMessage, HttpCompletionOption.ResponseContentRead, context.RequestAborted); context.Response.StatusCode = (int)response.StatusCode; foreach (var header in response.Headers) { context.Response.Headers[header.Key] = header.Value.ToArray(); } foreach (var header in response.Content.Headers) { context.Response.Headers[header.Key] = header.Value.ToArray(); } // SendAsync removes chunking from the response. This removes the header so it doesn't expect a chunked response. context.Response.Headers.Remove("transfer-encoding"); await response.Content.CopyToAsync(context.Response.Body); } }
public RequestContext(HttpMethods method, IEnumerable<KeyValuePair<string, object>> payload) { _method = method; _payload = payload; }
public static bool CheckSupportedWebSocketRequest(string method, IHeaderDictionary requestHeaders) { if (!HttpMethods.IsGet(method)) { return(false); } var foundHeader = false; var values = requestHeaders.GetCommaSeparatedValues(HeaderNames.SecWebSocketVersion); foreach (var value in values) { if (string.Equals(value, Constants.Headers.SupportedVersion, StringComparison.OrdinalIgnoreCase)) { // WebSockets are long lived; so if the header values are valid we switch them out for the interned versions. if (values.Length == 1) { requestHeaders.SecWebSocketVersion = Constants.Headers.SupportedVersion; } foundHeader = true; break; } } if (!foundHeader) { return(false); } foundHeader = false; values = requestHeaders.GetCommaSeparatedValues(HeaderNames.Connection); foreach (var value in values) { if (string.Equals(value, HeaderNames.Upgrade, StringComparison.OrdinalIgnoreCase)) { // WebSockets are long lived; so if the header values are valid we switch them out for the interned versions. if (values.Length == 1) { requestHeaders.Connection = HeaderNames.Upgrade; } foundHeader = true; break; } } if (!foundHeader) { return(false); } foundHeader = false; values = requestHeaders.GetCommaSeparatedValues(HeaderNames.Upgrade); foreach (var value in values) { if (string.Equals(value, Constants.Headers.UpgradeWebSocket, StringComparison.OrdinalIgnoreCase)) { // WebSockets are long lived; so if the header values are valid we switch them out for the interned versions. if (values.Length == 1) { requestHeaders.Upgrade = Constants.Headers.UpgradeWebSocket; } foundHeader = true; break; } } if (!foundHeader) { return(false); } return(HandshakeHelpers.IsRequestKeyValid(requestHeaders.SecWebSocketKey.ToString())); }
/// <summary> /// Make an HTTP Request to the Haravan API /// </summary> /// <param name="method">method to be used in the request</param> /// <param name="path">the path that should be requested</param> /// <param name="callParams">any parameters needed or expected by the API</param> /// <seealso cref="http://api.haravan.com/"/> /// <returns>the server response</returns> public object Call(HttpMethods method, string path, object callParams) { string url = String.Format("https://{0}.myharavan.com{1}", State.ShopName, path); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.ContentType = GetRequestContentType(); request.Headers.Add("Authorization", "bearer " + this.State.AccessToken); request.Method = method.ToString(); if (callParams != null) { if (method == HttpMethods.GET || method == HttpMethods.DELETE) { // if no translator assume data is a query string url = String.Format("{0}?{1}", url, callParams.ToString()); //// put params into query string //StringBuilder queryString = new StringBuilder(); //foreach (string key in callParams.Keys) //{ // queryString.AppendFormat("{0}={1}", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(callParams[key])); //} } else if (method == HttpMethods.POST || method == HttpMethods.PUT) { string requestBody; // put params into post body if (Translator == null) { //assume it's a string requestBody = callParams.ToString(); } else { requestBody = Translator.Encode(callParams); } //add the requst body to the request stream if (!String.IsNullOrEmpty(requestBody)) { using (var ms = new MemoryStream()) { using (var writer = new StreamWriter(request.GetRequestStream())) { writer.Write(requestBody); writer.Close(); } } } } } var response = (HttpWebResponse)request.GetResponse(); string result = null; using (Stream stream = response.GetResponseStream()) { StreamReader sr = new StreamReader(stream); result = sr.ReadToEnd(); sr.Close(); } //At least one endpoint will return an empty string, that we need to account for. if (string.IsNullOrWhiteSpace(result)) { return(null); } if (Translator != null) { return(Translator.Decode(result)); } return(result); }
public WeChatResult GetAccessToken(string WeChatId, string WeChatAppSecret, string testFlag, AccessTokenType TokenType) { try { var tokeninfo = ""; var JsonFileName = System.Web.HttpContext.Current.Request.PhysicalApplicationPath + "\\" + "WeChatToken.json"; var DateNow = DateTime.Now; var IsHasRedis = new RedisHelper().Ping(); var IsHasTokenJsonFile = false; var TokenJsonStr = ""; #region 1、有Redis服务器,内存读取;2、无Redis服务器,文件流 if (IsHasRedis) { TokenJsonStr = new RedisHelper().getValue(testFlag + "NormalWeChatToken"); } else { IsHasTokenJsonFile = FileHelper.IsExistFile(JsonFileName); if (IsHasTokenJsonFile) { TokenJsonStr = File.ReadAllText(JsonFileName); } } #endregion //1、token服务器不存在,首次创建;2、token服务器存在判断是否过期,过期则重新获取,未过期则直接使用 var IsNeedUpdateToken = true; List <TokenDef> listToken = new List <TokenDef>(); TokenDef modelToken = null; #region 取得已存储Token if (!string.IsNullOrEmpty(TokenJsonStr)) { listToken = JsonConvert.DeserializeObject <List <TokenDef> >(TokenJsonStr); modelToken = listToken.Where(x => x.TokenType == TokenType && x.WeChatId == WeChatId).FirstOrDefault(); } if (modelToken != null) { if ((DateNow - modelToken.EndTime).Seconds < 0) { IsNeedUpdateToken = false; tokeninfo = modelToken.AccessToken; } } #endregion if (IsNeedUpdateToken) { #region 获取新Token string url = "https://api.weixin.qq.com/cgi-bin/token"; string data = "grant_type=client_credential&appid=" + WeChatId + "&secret=" + WeChatAppSecret + ""; var token = HttpMethods.HttpPost(url, data); if (string.IsNullOrEmpty(token)) { return new WeChatResult() { IsSuccess = false, Msg = "Token请求失败" } } ; List <Info> jobInfoList = JsonConvert.DeserializeObject <List <Info> >("[" + token + "]"); if (jobInfoList.Count > 0) { tokeninfo = jobInfoList[0].access_token; } else { return new WeChatResult() { IsSuccess = false, Msg = "Token请求失败" } }; if (modelToken == null) { listToken.Add(new TokenDef() { WeChatId = WeChatId, TokenType = TokenType, AccessToken = tokeninfo, StartTime = DateNow, EndTime = DateNow.AddHours(1) }); } else { foreach (var item in listToken) { if (item.WeChatId == WeChatId && TokenType == item.TokenType) { item.StartTime = DateNow; item.EndTime = DateNow.AddHours(1); item.AccessToken = tokeninfo; } } } #endregion #region 存储新Token var newJsonToken = JsonConvert.SerializeObject(listToken); if (IsHasRedis) { new RedisHelper().setValue(testFlag + "NormalWeChatToken", newJsonToken); } else { if (!IsHasTokenJsonFile) { FileHelper.CreateFile(JsonFileName); } File.WriteAllText(JsonFileName, newJsonToken); } #endregion } return(new WeChatResult() { IsSuccess = true, Msg = tokeninfo }); } catch (Exception ex) { return(new WeChatResult() { IsSuccess = false, Msg = "Token请求失败" }); } }
private bool IsVoyagerRequest(HttpRequest httpRequest) => HttpMethods.IsGet(httpRequest.Method) && httpRequest.Path.StartsWithSegments(_options.Path);
public async Task Invoke(HttpContext httpContext) { if (!string.Equals(_pairingToken, httpContext.Request.Headers[MSAspNetCoreToken], StringComparison.Ordinal)) { _logger.LogError($"'{MSAspNetCoreToken}' does not match the expected pairing token '{_pairingToken}', request rejected."); httpContext.Response.StatusCode = StatusCodes.Status400BadRequest; return; } // Handle shutdown from ANCM if (HttpMethods.IsPost(httpContext.Request.Method) && httpContext.Request.Path.Equals(ANCMRequestPath) && string.Equals(ANCMShutdownEventHeaderValue, httpContext.Request.Headers[MSAspNetCoreEvent], StringComparison.OrdinalIgnoreCase)) { // Execute shutdown task on background thread without waiting for completion var shutdownTask = Task.Run(() => _applicationLifetime.StopApplication()); httpContext.Response.StatusCode = StatusCodes.Status202Accepted; return; } if (Debugger.IsAttached && string.Equals("DEBUG", httpContext.Request.Method, StringComparison.OrdinalIgnoreCase)) { // The Visual Studio debugger tooling sends a DEBUG request to make IIS & AspNetCoreModule launch the process // so the debugger can attach. Filter out this request from the app. return; } var bodySizeFeature = httpContext.Features.Get <IHttpMaxRequestBodySizeFeature>(); if (bodySizeFeature != null && !bodySizeFeature.IsReadOnly) { // IIS already limits this, no need to do it twice. bodySizeFeature.MaxRequestBodySize = null; } if (_options.ForwardClientCertificate) { var header = httpContext.Request.Headers[MSAspNetCoreClientCert]; if (!StringValues.IsNullOrEmpty(header)) { httpContext.Features.Set <ITlsConnectionFeature>(new ForwardedTlsConnectionFeature(_logger, header)); } } if (_options.ForwardWindowsAuthentication) { // We must always process and clean up the windows identity, even if we don't assign the User. var user = GetUser(httpContext); if (user != null) { // Flow it through to the authentication handler. httpContext.Features.Set(user); if (_options.AutomaticAuthentication) { httpContext.User = user; } } } // Remove the upgrade feature if websockets are not supported by ANCM. // The feature must be removed on a per request basis as the Upgrade feature exists per request. if (!_isWebsocketsSupported) { httpContext.Features.Set <IHttpUpgradeFeature>(null); } await _next(httpContext); }
public HttpRequest(HttpMethods method, string url) { Method = method; Url = url; }
private StreamCopyHttpContent?SetupRequestBodyCopy(HttpRequest request, bool isStreamingRequest, ActivityCancellationTokenSource activityToken) { // If we generate an HttpContent without a Content-Length then for HTTP/1.1 HttpClient will add a Transfer-Encoding: chunked header // even if it's a GET request. Some servers reject requests containing a Transfer-Encoding header if they're not expecting a body. // Try to be as specific as possible about the client's intent to send a body. The one thing we don't want to do is to start // reading the body early because that has side-effects like 100-continue. var hasBody = true; var contentLength = request.Headers.ContentLength; var method = request.Method; var canHaveBodyFeature = request.HttpContext.Features.Get <IHttpRequestBodyDetectionFeature>(); if (canHaveBodyFeature is not null) { // 5.0 servers provide a definitive answer for us. hasBody = canHaveBodyFeature.CanHaveBody; } // https://tools.ietf.org/html/rfc7230#section-3.3.3 // All HTTP/1.1 requests should have Transfer-Encoding or Content-Length. // Http.Sys/IIS will even add a Transfer-Encoding header to HTTP/2 requests with bodies for back-compat. // HTTP/1.0 Connection: close bodies are only allowed on responses, not requests. // https://tools.ietf.org/html/rfc1945#section-7.2.2 // // Transfer-Encoding overrides Content-Length per spec else if (request.Headers.TryGetValue(HeaderNames.TransferEncoding, out var transferEncoding) && transferEncoding.Count == 1 && string.Equals("chunked", transferEncoding.ToString(), StringComparison.OrdinalIgnoreCase)) { hasBody = true; } else if (contentLength.HasValue) { hasBody = contentLength > 0; } // Kestrel HTTP/2: There are no required headers that indicate if there is a request body so we need to sniff other fields. else if (!ProtocolHelper.IsHttp2OrGreater(request.Protocol)) { hasBody = false; } // https://tools.ietf.org/html/rfc7231#section-4.3.1 // A payload within a GET/HEAD/DELETE/CONNECT request message has no defined semantics; sending a payload body on a // GET/HEAD/DELETE/CONNECT request might cause some existing implementations to reject the request. // https://tools.ietf.org/html/rfc7231#section-4.3.8 // A client MUST NOT send a message body in a TRACE request. else if (HttpMethods.IsGet(method) || HttpMethods.IsHead(method) || HttpMethods.IsDelete(method) || HttpMethods.IsConnect(method) || HttpMethods.IsTrace(method)) { hasBody = false; } // else hasBody defaults to true if (hasBody) { if (isStreamingRequest) { DisableMinRequestBodyDataRateAndMaxRequestBodySize(request.HttpContext); } // Note on `autoFlushHttpClientOutgoingStream: isStreamingRequest`: // The.NET Core HttpClient stack keeps its own buffers on top of the underlying outgoing connection socket. // We flush those buffers down to the socket on every write when this is set, // but it does NOT result in calls to flush on the underlying socket. // This is necessary because we proxy http2 transparently, // and we are deliberately unaware of packet structure used e.g. in gRPC duplex channels. // Because the sockets aren't flushed, the perf impact of this choice is expected to be small. // Future: It may be wise to set this to true for *all* http2 incoming requests, // but for now, out of an abundance of caution, we only do it for requests that look like gRPC. return(new StreamCopyHttpContent( request: request, autoFlushHttpClientOutgoingStream: isStreamingRequest, clock: _clock, activityToken)); } return(null); }
private APIResponse Call(HttpMethods method, string path) { return Call(method, path, null); }
public ListItemsAttribute(string url, HttpMethods type) { this.Url = url; this.Type = type; }
/// <summary> /// Creates a new RestRequest instance for a given Resource and Method. /// </summary> /// <param name="resource">The specific resource to access.</param> /// <param name="method">The HTTP method to use for the request.</param> public RestRequest(string resource, HttpMethods method) : this() { Method = method; Resource = resource; }
/// <summary> /// Make an HTTP Request to the Shopify API /// </summary> /// <param name="method">method to be used in the request</param> /// <param name="path">the path that should be requested</param> /// <param name="callParams">any parameters needed or expected by the API</param> /// <seealso cref="http://api.shopify.com/"/> /// <returns>the server response</returns> public object Call(HttpMethods method, string path, object callParams) { string url = String.Format("https://{0}.myshopify.com{1}", State.ShopName, path); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.ContentType = GetRequestContentType(); request.Headers.Add("X-Shopify-Access-Token", this.State.AccessToken); request.Method = method.ToString(); if (callParams != null) { if (method == HttpMethods.GET || method == HttpMethods.DELETE) { // if no translator assume data is a query string url = String.Format("{0}?{1}", url, callParams.ToString()); //// put params into query string //StringBuilder queryString = new StringBuilder(); //foreach (string key in callParams.Keys) //{ // queryString.AppendFormat("{0}={1}", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(callParams[key])); //} } else if (method == HttpMethods.POST || method == HttpMethods.PUT) { string requestBody; // put params into post body if (Translator == null) { //assume it's a string requestBody = callParams.ToString(); } else { requestBody = Translator.Encode(callParams); } //add the requst body to the request stream if (!String.IsNullOrEmpty(requestBody)) { using (var ms = new MemoryStream()) { using (var writer = new StreamWriter(request.GetRequestStream())) { writer.Write(requestBody); writer.Close(); } } } } } var response = (HttpWebResponse)request.GetResponse(); string result = null; using (Stream stream = response.GetResponseStream()) { StreamReader sr = new StreamReader(stream); result = sr.ReadToEnd(); sr.Close(); } if (Translator != null) return Translator.Decode(result); return result; }
public ApiActionAttributes(string action, HttpMethods method) { Action = action; Method = method; }
public HttpRequest(IHttpHeaders headers, HttpMethods method, string protocol, Uri uri, string[] requestParameters, IHttpHeaders queryString, IHttpPost post) { _headers = headers; _method = method; _protocol = protocol; _uri = uri; _requestParameters = requestParameters; _queryString = queryString; _post = post; }
public EntityLink CreateEntityLink(IUrlHelper urlHelper, string routeName, int Id, HttpMethods Method = HttpMethods.Get) { return (new EntityLink() { Method = Method.ToString(), Rel = "self", Href = new Uri(urlHelper.Link(routeName, new { id = Id })) }); }
/// <summary> /// The invoke. /// </summary> /// <param name="context"> /// The context. /// </param> /// <returns> /// The <see cref="Task"/>. /// </returns> public async Task HandleHttpRequest(HttpContext context) { var httpClient = new HttpClient(new HttpClientHandler() { AllowAutoRedirect = false }); var requestMessage = new HttpRequestMessage(); var requestMethod = context.Request.Method; if (!HttpMethods.IsGet(requestMethod) && !HttpMethods.IsHead(requestMethod) && !HttpMethods.IsDelete(requestMethod) && !HttpMethods.IsTrace(requestMethod)) { var streamContent = new StreamContent(context.Request.Body); requestMessage.Content = streamContent; } foreach (var header in context.Request.Headers) { if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray())) { requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()); } } if (!requestMessage.Headers.Any(x => x.Key == this.buffer.Configuration["HeaderName"])) { requestMessage.Headers.Add( this.buffer.Configuration["HeaderName"], @"Bearer " + (string)context.Items[RequestOptions.AccessToken]); } requestMessage.Headers.Host = ((Uri)context.Items[RequestOptions.TunnelUrl]).Host + ":" + ((Uri)context.Items[RequestOptions.TunnelUrl]).Port; requestMessage.RequestUri = ((Uri)context.Items[RequestOptions.TunnelUrl]); requestMessage.Method = new HttpMethod(context.Request.Method); using (var responseMessage = await httpClient.SendAsync(requestMessage, HttpCompletionOption.ResponseHeadersRead)) { var statusCode = (int)responseMessage.StatusCode; context.Response.StatusCode = statusCode; foreach (var header in responseMessage.Headers) { context.Response.Headers[header.Key] = new StringValues(header.Value.ToArray()); } foreach (var header in responseMessage.Content.Headers) { context.Response.Headers[header.Key] = header.Value.FirstOrDefault(); } context.Response.Headers.Remove("transfer-encoding"); // Check if there is a redirect - could be with status code 3xx or 201 if (responseMessage.Headers.Location != null) { var location = context.Items["ServiceOriginPattern"] + responseMessage.Headers.Location.ToString(); context.Response.Headers["Location"] = new StringValues(new string[] { location }); } if (statusCode != StatusCodes.Status401Unauthorized && statusCode != StatusCodes.Status403Forbidden) { await responseMessage.Content.CopyToAsync(context.Response.Body); } } }
public async Task InvokeAsync(HttpContext context) { if (context.WebSockets.IsWebSocketRequest) { await _next(context); return; } // Handle requests as per recommendation at http://graphql.org/learn/serving-over-http/ // Inspiration: https://github.com/graphql/express-graphql/blob/master/src/index.js var httpRequest = context.Request; var httpResponse = context.Response; var writer = context.RequestServices.GetRequiredService <IDocumentWriter>(); var cancellationToken = GetCancellationToken(context); // GraphQL HTTP only supports GET and POST methods bool isGet = HttpMethods.IsGet(httpRequest.Method); bool isPost = HttpMethods.IsPost(httpRequest.Method); if (!isGet && !isPost) { httpResponse.Headers["Allow"] = "GET, POST"; await WriteErrorResponseAsync(httpResponse, writer, cancellationToken, $"Invalid HTTP method. Only GET and POST are supported. {DOCS_URL}", httpStatusCode : 405 // Method Not Allowed ); return; } // Parse POST body GraphQLRequest bodyGQLRequest = null; GraphQLRequest[] bodyGQLBatchRequest = null; if (isPost) { if (!MediaTypeHeaderValue.TryParse(httpRequest.ContentType, out var mediaTypeHeader)) { await WriteErrorResponseAsync(httpResponse, writer, cancellationToken, $"Invalid 'Content-Type' header: value '{httpRequest.ContentType}' could not be parsed."); return; } switch (mediaTypeHeader.MediaType) { case MediaType.JSON: var deserializationResult = await _deserializer.DeserializeFromJsonBodyAsync(httpRequest, cancellationToken); if (!deserializationResult.IsSuccessful) { await WriteErrorResponseAsync(httpResponse, writer, cancellationToken, "Body text could not be parsed. Body text should start with '{' for normal graphql query or with '[' for batched query."); return; } bodyGQLRequest = deserializationResult.Single; bodyGQLBatchRequest = deserializationResult.Batch; break; case MediaType.GRAPH_QL: bodyGQLRequest = await DeserializeFromGraphBodyAsync(httpRequest.Body); break; case MediaType.FORM: var formCollection = await httpRequest.ReadFormAsync(); bodyGQLRequest = DeserializeFromFormBody(formCollection); break; default: await WriteErrorResponseAsync(httpResponse, writer, cancellationToken, $"Invalid 'Content-Type' header: non-supported media type. Must be of '{MediaType.JSON}', '{MediaType.GRAPH_QL}' or '{MediaType.FORM}'. {DOCS_URL}"); return; } } // If we don't have a batch request, parse the query from URL too to determine the actual request to run. // Query string params take priority. GraphQLRequest gqlRequest = null; if (bodyGQLBatchRequest == null) { var urlGQLRequest = DeserializeFromQueryString(httpRequest.Query); gqlRequest = new GraphQLRequest { Query = urlGQLRequest.Query ?? bodyGQLRequest?.Query, Inputs = urlGQLRequest.Inputs ?? bodyGQLRequest?.Inputs, Extensions = urlGQLRequest.Extensions ?? bodyGQLRequest?.Extensions, OperationName = urlGQLRequest.OperationName ?? bodyGQLRequest?.OperationName }; } // Prepare context and execute var userContextBuilder = context.RequestServices.GetService <IUserContextBuilder>(); var userContext = userContextBuilder == null ? new Dictionary <string, object>() // in order to allow resolvers to exchange their state through this object : await userContextBuilder.BuildUserContext(context); var executer = context.RequestServices.GetRequiredService <IGraphQLExecuter <TSchema> >(); // Normal execution with single graphql request if (bodyGQLBatchRequest == null) { var stopwatch = ValueStopwatch.StartNew(); await RequestExecutingAsync(gqlRequest); var result = await ExecuteRequestAsync(gqlRequest, userContext, executer, context.RequestServices, cancellationToken); await RequestExecutedAsync(new GraphQLRequestExecutionResult(gqlRequest, result, stopwatch.Elapsed)); await WriteResponseAsync(httpResponse, writer, cancellationToken, result); } // Execute multiple graphql requests in one batch else { var executionResults = new ExecutionResult[bodyGQLBatchRequest.Length]; for (int i = 0; i < bodyGQLBatchRequest.Length; ++i) { var gqlRequestInBatch = bodyGQLBatchRequest[i]; var stopwatch = ValueStopwatch.StartNew(); await RequestExecutingAsync(gqlRequestInBatch, i); var result = await ExecuteRequestAsync(gqlRequestInBatch, userContext, executer, context.RequestServices, cancellationToken); await RequestExecutedAsync(new GraphQLRequestExecutionResult(gqlRequestInBatch, result, stopwatch.Elapsed, i)); executionResults[i] = result; } await WriteResponseAsync(httpResponse, writer, cancellationToken, executionResults); } }
public async Task <IEndpointResult> ProcessAsync(HttpContext context) { _logger.LogDebug($"Starting token request"); NameValueCollection values; if (HttpMethods.IsPost(context.Request.Method)) { if (!context.Request.HasFormContentType) { _logger.LogDebug($"Unsupported media type"); return(new StatusCodeResult(HttpStatusCode.UnsupportedMediaType)); } values = context.Request.Form.AsNameValueCollection(); } else { _logger.LogDebug($"Method not allowed"); return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed)); } var clientResult = await _clientValidator.ValidateAsync(context); if (clientResult.Client == null) { _logger.LogDebug($"Invalid client"); return(VCResponseHelpers.Error(OidcConstants.TokenErrors.InvalidClient)); } var grantType = values.Get(IdentityConstants.GrantTypeParameterName); if (string.IsNullOrEmpty(grantType)) { _logger.LogDebug($"Invalid grant type of : {grantType}"); return(VCResponseHelpers.Error(IdentityConstants.InvalidGrantTypeError)); } var sessionId = values.Get(IdentityConstants.AuthorizationCodeParameterName); if (string.IsNullOrEmpty(sessionId)) { _logger.LogDebug($"Invalid authorization code : {sessionId}"); return(VCResponseHelpers.Error(IdentityConstants.InvalidAuthorizationCodeError)); } var session = await _sessionStore.FindBySessionIdAsync(sessionId); if (session == null) { _logger.LogDebug($"Invalid session : {sessionId}"); return(VCResponseHelpers.Error(IdentityConstants.InvalidSessionError, $"Cannot find stored session")); } if (session.PresentationRequestSatisfied == false) { _logger.LogDebug($"Presentation not satisfied, session id : {sessionId}"); return(VCResponseHelpers.Error(IdentityConstants.InvalidSessionError, "Presentation request wasn't satisfied")); } try { _logger.LogDebug($"Constructing token result for session : {sessionId}"); return(new TokenEndpointResult(session, _tokenIssuerService, _presentationConfigurationService, _sessionStore, _logger)); } catch (Exception e) { _logger.LogError(e, "Failed to create a token response"); return(VCResponseHelpers.Error(IdentityConstants.GeneralError, "Failed to create a token")); } }
private async Task <bool> InvokeUserinfoEndpointAsync() { OpenIdConnectRequest request; if (HttpMethods.IsGet(Request.Method)) { request = new OpenIdConnectRequest(Request.Query); } else if (HttpMethods.IsPost(Request.Method)) { // Note: if no Content-Type header was specified, assume the userinfo request // doesn't contain any parameter and create an empty OpenIdConnectRequest. if (string.IsNullOrEmpty(Request.ContentType)) { request = new OpenIdConnectRequest(); } else { // May have media/type; charset=utf-8, allow partial match. if (!Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase)) { Logger.LogError("The userinfo request was rejected because an invalid 'Content-Type' " + "header was specified: {ContentType}.", Request.ContentType); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "The specified 'Content-Type' header is not valid." })); } request = new OpenIdConnectRequest(await Request.ReadFormAsync()); } } else { Logger.LogError("The userinfo request was rejected because an invalid " + "HTTP method was specified: {Method}.", Request.Method); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "The specified HTTP method is not valid." })); } // Note: set the message type before invoking the ExtractUserinfoRequest event. request.SetProperty(OpenIdConnectConstants.Properties.MessageType, OpenIdConnectConstants.MessageTypes.UserinfoRequest); // Insert the userinfo request in the ASP.NET context. Context.SetOpenIdConnectRequest(request); var @event = new ExtractUserinfoRequestContext(Context, Scheme, Options, request); await Provider.ExtractUserinfoRequest(@event); if (@event.Result != null) { if (@event.Result.Handled) { Logger.LogDebug("The userinfo request was handled in user code."); return(true); } else if (@event.Result.Skipped) { Logger.LogDebug("The default userinfo request handling was skipped from user code."); return(false); } } else if (@event.IsRejected) { Logger.LogError("The userinfo request was rejected with the following error: {Error} ; {Description}", /* Error: */ @event.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, /* Description: */ @event.ErrorDescription); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = @event.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = @event.ErrorDescription, ErrorUri = @event.ErrorUri })); } Logger.LogInformation("The userinfo request was successfully extracted " + "from the HTTP request: {Request}.", request); string token = null; if (!string.IsNullOrEmpty(request.AccessToken)) { token = request.AccessToken; } else { string header = Request.Headers[HeaderNames.Authorization]; if (!string.IsNullOrEmpty(header)) { if (!header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) { Logger.LogError("The userinfo request was rejected because the " + "'Authorization' header was invalid: {Header}.", header); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "The specified 'Authorization' header is invalid." })); } token = header.Substring("Bearer ".Length); } } if (string.IsNullOrEmpty(token)) { Logger.LogError("The userinfo request was rejected because the access token was missing."); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = "The mandatory 'access_token' parameter is missing." })); } var context = new ValidateUserinfoRequestContext(Context, Scheme, Options, request); await Provider.ValidateUserinfoRequest(context); if (context.Result != null) { if (context.Result.Handled) { Logger.LogDebug("The userinfo request was handled in user code."); return(true); } else if (context.Result.Skipped) { Logger.LogDebug("The default userinfo request handling was skipped from user code."); return(false); } } else if (context.IsRejected) { Logger.LogError("The userinfo request was rejected with the following error: {Error} ; {Description}", /* Error: */ context.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, /* Description: */ context.ErrorDescription); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = context.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = context.ErrorDescription, ErrorUri = context.ErrorUri })); } Logger.LogInformation("The userinfo request was successfully validated."); var ticket = await DeserializeAccessTokenAsync(token, request); if (ticket == null) { Logger.LogError("The userinfo request was rejected because the access token was invalid."); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidToken, ErrorDescription = "The specified access token is not valid." })); } if (ticket.Properties.ExpiresUtc.HasValue && ticket.Properties.ExpiresUtc < Options.SystemClock.UtcNow) { Logger.LogError("The userinfo request was rejected because the access token was expired."); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = OpenIdConnectConstants.Errors.InvalidToken, ErrorDescription = "The specified access token is no longer valid." })); } var notification = new HandleUserinfoRequestContext(Context, Scheme, Options, request, ticket) { Issuer = Context.GetIssuer(Options), Subject = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.Subject) }; // Note: when receiving an access token, its audiences list cannot be used for the "aud" claim // as the client application is not the intented audience but only an authorized presenter. // See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse notification.Audiences.UnionWith(ticket.GetPresenters()); // The following claims are all optional and should be excluded when // no corresponding value has been found in the authentication ticket. if (ticket.HasScope(OpenIdConnectConstants.Scopes.Profile)) { notification.FamilyName = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.FamilyName); notification.GivenName = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.GivenName); notification.BirthDate = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.Birthdate); } if (ticket.HasScope(OpenIdConnectConstants.Scopes.Email)) { notification.Email = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.Email); } if (ticket.HasScope(OpenIdConnectConstants.Scopes.Phone)) { notification.PhoneNumber = ticket.Principal.GetClaim(OpenIdConnectConstants.Claims.PhoneNumber); } await Provider.HandleUserinfoRequest(notification); if (notification.Result != null) { if (notification.Result.Handled) { Logger.LogDebug("The userinfo request was handled in user code."); return(true); } else if (notification.Result.Skipped) { Logger.LogDebug("The default userinfo request handling was skipped from user code."); return(false); } } else if (notification.IsRejected) { Logger.LogError("The userinfo request was rejected with the following error: {Error} ; {Description}", /* Error: */ notification.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, /* Description: */ notification.ErrorDescription); return(await SendUserinfoResponseAsync(new OpenIdConnectResponse { Error = notification.Error ?? OpenIdConnectConstants.Errors.InvalidRequest, ErrorDescription = notification.ErrorDescription, ErrorUri = notification.ErrorUri })); } // Ensure the "sub" claim has been correctly populated. if (string.IsNullOrEmpty(notification.Subject)) { throw new InvalidOperationException("The subject claim cannot be null or empty."); } var response = new OpenIdConnectResponse { [OpenIdConnectConstants.Claims.Subject] = notification.Subject, [OpenIdConnectConstants.Claims.Address] = notification.Address, [OpenIdConnectConstants.Claims.Birthdate] = notification.BirthDate, [OpenIdConnectConstants.Claims.Email] = notification.Email, [OpenIdConnectConstants.Claims.EmailVerified] = notification.EmailVerified, [OpenIdConnectConstants.Claims.FamilyName] = notification.FamilyName, [OpenIdConnectConstants.Claims.GivenName] = notification.GivenName, [OpenIdConnectConstants.Claims.Issuer] = notification.Issuer, [OpenIdConnectConstants.Claims.PhoneNumber] = notification.PhoneNumber, [OpenIdConnectConstants.Claims.PhoneNumberVerified] = notification.PhoneNumberVerified, [OpenIdConnectConstants.Claims.PreferredUsername] = notification.PreferredUsername, [OpenIdConnectConstants.Claims.Profile] = notification.Profile, [OpenIdConnectConstants.Claims.Website] = notification.Website }; switch (notification.Audiences.Count) { case 0: break; case 1: response[OpenIdConnectConstants.Claims.Audience] = notification.Audiences.ElementAt(0); break; default: response[OpenIdConnectConstants.Claims.Audience] = new JArray(notification.Audiences); break; } foreach (var claim in notification.Claims) { response.SetParameter(claim.Key, claim.Value); } return(await SendUserinfoResponseAsync(response)); }
/// <summary> /// Called before the action executes, after model binding is complete /// </summary> /// <param name="context">A context for action filters</param> public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { await next(); if (context == null || context.HttpContext == null || context.HttpContext.Request == null) { return; } if (!DataSettingsHelper.DatabaseIsInstalled()) { return; } //only in GET requests if (!HttpMethods.IsGet(context.HttpContext.Request.Method)) { return; } //ajax request should not save bool isAjaxCall = context.HttpContext.Request.Headers["x-requested-with"] == "XMLHttpRequest"; if (isAjaxCall) { return; } //whether is need to store last visited page URL if (!_customerSettings.StoreLastVisitedPage) { return; } //get current page var pageUrl = _webHelper.GetThisPageUrl(true); if (string.IsNullOrEmpty(pageUrl)) { return; } //get previous last page var previousPageUrl = _workContext.CurrentCustomer.GetAttributeFromEntity <string>(SystemCustomerAttributeNames.LastVisitedPage); //save new one if don't match if (!pageUrl.Equals(previousPageUrl, StringComparison.OrdinalIgnoreCase)) { await _genericAttributeService.SaveAttribute(_workContext.CurrentCustomer, SystemCustomerAttributeNames.LastVisitedPage, pageUrl); } if (!string.IsNullOrEmpty(context.HttpContext.Request.Headers[HeaderNames.Referer])) { if (!context.HttpContext.Request.Headers[HeaderNames.Referer].ToString().Contains(context.HttpContext.Request.Host.ToString())) { var previousUrlReferrer = _workContext.CurrentCustomer.GetAttribute <string>(_genericAttributeService, SystemCustomerAttributeNames.LastUrlReferrer); var actualUrlReferrer = context.HttpContext.Request.Headers[HeaderNames.Referer]; if (previousUrlReferrer != actualUrlReferrer) { await _genericAttributeService.SaveAttribute(_workContext.CurrentCustomer, SystemCustomerAttributeNames.LastUrlReferrer, actualUrlReferrer); } } } if (_customerSettings.SaveVisitedPage) { if (!_workContext.CurrentCustomer.IsSearchEngineAccount()) { await _customerActivityService.InsertActivityAsync("PublicStore.Url", pageUrl, pageUrl, _workContext.CurrentCustomer.Id, _webHelper.GetCurrentIpAddress()); } } }
/// <summary> /// Make an HTTP Request to the Shopify API /// </summary> /// <param name="method">method to be used in the request</param> /// <param name="path">the path that should be requested</param> /// <seealso cref="http://api.shopify.com/"/> /// <returns>the server response</returns> public object Call(HttpMethods method, string path) { return Call(method, path, null); }
public ControllerMethod(Type controllerType, HttpMethods method) { _controllerType = controllerType; _method = method; }
public bool Equals(EdgeKey other) { return (IsCorsPreflightRequest == other.IsCorsPreflightRequest && HttpMethods.Equals(HttpMethod, other.HttpMethod)); }
private static bool HasBody(string requestMethod) { return(HttpMethods.IsPut(requestMethod) || HttpMethods.IsPost(requestMethod)); }
public async void CallsOnNextWhenNewDataIsPersisted(HttpMethods method, string url, bool expectedResult) { var oldRequest = new HttpRequest(HttpMethods.Get, "http://localhost:3000/good"); var sqlite = new Mock<ISQLiteAsyncConnection>(); sqlite.Setup(s => s.Get<HttpRequest>()).Returns(Task.FromResult(new List<HttpRequest> { oldRequest })); var newRequest = new HttpRequest(method, url); var requestHistory = new RequestHistory(sqlite.Object); // if onnext is not called by the time the timeout happens, then call OnException. Observable.Timeout(requestHistory.GetRequestsObservable(), TimeSpan.FromSeconds(2)) .Subscribe( _ => Assert.True(expectedResult), ex => Assert.False(expectedResult)); await requestHistory.AddRequestAsync(newRequest); }
/// <summary> /// Make an HTTP Request to the Haravan API /// </summary> /// <param name="method">method to be used in the request</param> /// <param name="path">the path that should be requested</param> /// <seealso cref="http://api.haravan.com/"/> /// <returns>the server response</returns> public object Call(HttpMethods method, string path) { return(Call(method, path, null)); }
internal static bool IsGetOrHeadMethod(string method) { return(HttpMethods.IsGet(method) || HttpMethods.IsHead(method)); }
public RouteResolutionResult Apply(object request, string httpMethod) { if (!this.IsValid) { return(RouteResolutionResult.Error(this, this.ErrorMsg)); } if (HttpMethods != null && HttpMethods.Length != 0 && httpMethod != null && !HttpMethods.Contains(httpMethod) && !HttpMethods.Contains("ANY")) { return(RouteResolutionResult.Error(this, "Allowed HTTP methods '{0}' does not support the specified '{1}' method." .Fmt(HttpMethods.Join(", "), httpMethod))); } var uri = this.Path; var unmatchedVariables = new List <string>(); foreach (var variable in this.variablesMap) { var property = variable.Value; var value = property.GetValue(request); var isWildCard = variable.Key.EndsWith("*"); if (value == null && !isWildCard) { unmatchedVariables.Add(variable.Key); continue; } var variableValue = FormatVariable(value); uri = uri.Replace(VariablePrefix + variable.Key + VariablePostfix, variableValue); } if (unmatchedVariables.Any()) { var errMsg = "Could not match following variables: " + string.Join(",", unmatchedVariables.ToArray()); return(RouteResolutionResult.Error(this, errMsg)); } return(RouteResolutionResult.Success(this, uri)); }
private void Download(string Url, HttpMethods Method = HttpMethods.GET, byte[] PostData = null, string Key = null, System.Net.CookieContainer CookieContainer = null, string Username = null, string Password = null, string Domain = null, string Accept = null, Boolean AllowAutoRedirect = false, string ContentType = null, bool UseDefaultCredentials = false, string UserAgent = null, WebHeaderCollection Headers = null) { try { Logger.Info(string.Format("Url:{0}, Method:{1}, Key:{2}, Username:{3}, Password:{4}, Domain:{5}, Accept:{6}, AllowAutoRedirect:{7}, ContentType:{8}, UseDefaultCredentials:{9}, UserAgent:{10}", Url, Method, Key, Username, Password, Domain, Accept, AllowAutoRedirect, ContentType, UseDefaultCredentials, UserAgent)); StopWatch = new Stopwatch(); StopWatch.Start(); this.Key = Key; this.Url = Url; var request = (HttpWebRequest)WebRequest.Create(Url); if (Headers != null) { foreach (var name in Headers.AllKeys) { try { request.Headers[name] = Headers[name]; } catch (Exception) { } } } if (CookieContainer != null) request.CookieContainer = CookieContainer; this.ContentType = ContentType; this.Accept = Accept; this.AllowAutoRedirect = AllowAutoRedirect; this.UserAgent = UserAgent; request.AllowAutoRedirect = AllowAutoRedirect; if (CookieContainer != null) request.CookieContainer = CookieContainer; if (Accept != null) request.Accept = Accept; if (ContentType != null) request.ContentType = ContentType; if (UserAgent != null) request.UserAgent = UserAgent; if (!string.IsNullOrEmpty(Domain) && !string.IsNullOrEmpty(Username) && !string.IsNullOrEmpty(Password)) { request.Credentials = new System.Net.NetworkCredential(Username, Password, Domain); } else { request.UseDefaultCredentials = UseDefaultCredentials; } request.Method = Method.ToString(); if (Method == HttpMethods.POST || Method == HttpMethods.OPTIONS) { _PostData = PostData; //for post, we typically are posting data, lets get the request stream request.ContentType = "application/x-www-form-urlencoded"; //request.BeginGetRequestStream(BeginRequest, request); request.BeginGetRequestStream(new AsyncCallback(BeginRequest), request); HasElapsed(); } else { //for get's we just jump directly to the get respnose request.BeginGetResponse(new AsyncCallback(HandleResponse), request); HasElapsed(); } } catch (Exception e) { if (OnHttpDownloadError != null) OnHttpDownloadError(this, e, this.Key); } }
private async Task HandleHttpRequest(HttpContext context) { var requestMessage = new HttpRequestMessage(); var requestMethod = context.Request.Method; if (!HttpMethods.IsGet(requestMethod) && !HttpMethods.IsHead(requestMethod) && !HttpMethods.IsDelete(requestMethod) && !HttpMethods.IsTrace(requestMethod)) { var streamContent = new StreamContent(context.Request.Body); requestMessage.Content = streamContent; } // Copy the request headers foreach (var header in context.Request.Headers) { if (header.Key.Equals("Referer") || header.Key.Equals("Origin")) { requestMessage.Headers.TryAddWithoutValidation(header.Key, new string[] { header.Value[0].Replace("https://localhost:8081", "https://www.habbo.com") }); } else { if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()) && requestMessage.Content != null) { requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()); } } } requestMessage.Headers.Host = _options.Host + ":" + _options.Port; string path; if (_options.Strip) { path = context.Request.Path.Value.Replace(_options.StripPath, ""); } else { path = context.Request.Path; } var uriString = $"{_options.Scheme}://{_options.Host}:{_options.Port}{context.Request.PathBase}{path}{context.Request.QueryString}"; requestMessage.RequestUri = new Uri(uriString); requestMessage.Method = new HttpMethod(context.Request.Method); using (var responseMessage = await _httpClient.SendAsync(requestMessage, HttpCompletionOption.ResponseHeadersRead, context.RequestAborted)) { responseMessage.Content = await ReplaceContent(responseMessage, path); context.Response.StatusCode = (int)responseMessage.StatusCode; foreach (var header in responseMessage.Headers) { context.Response.Headers[header.Key] = header.Value.ToArray(); } foreach (var header in responseMessage.Content.Headers) { context.Response.Headers[header.Key] = header.Value.ToArray(); } // SendAsync removes chunking from the response. This removes the header so it doesn't expect a chunked response. context.Response.Headers.Remove("transfer-encoding"); if (!context.Response.StatusCode.Equals(StatusCodes.Status204NoContent)) { await responseMessage.Content.CopyToAsync(context.Response.Body); } } }