Esempio n. 1
0
        public async Task ExecuteNegotiateAsync(HttpContext context, HttpConnectionDispatcherOptions options)
        {
            // Create the log scope and the scope connectionId param will be set when the connection is created.
            var logScope = new ConnectionLogScope(connectionId: string.Empty);

            using (_logger.BeginScope(logScope))
            {
                if (HttpMethods.IsPost(context.Request.Method))
                {
                    // POST /{path}/negotiate
                    await ProcessNegotiate(context, options, logScope);
                }
                else
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.StatusCode  = StatusCodes.Status405MethodNotAllowed;
                }
            }
        }
Esempio n. 2
0
        /// <summary>
        /// Processes the request.
        /// </summary>
        /// <param name="context">The HTTP context.</param>
        /// <returns></returns>
        public async Task <IEndpointResult> ProcessAsync(HttpContext context)
        {
            _logger.LogTrace("Processing introspection request.");

            // validate HTTP
            if (!HttpMethods.IsPost(context.Request.Method))
            {
                _logger.LogWarning("Introspection endpoint only supports POST requests");
                return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
            }

            if (!context.Request.HasFormContentType)
            {
                _logger.LogWarning("Invalid media type for introspection endpoint");
                return(new StatusCodeResult(HttpStatusCode.UnsupportedMediaType));
            }

            return(await ProcessIntrospectionRequestAsync(context));
        }
Esempio n. 3
0
        /// <inheritdoc />
        public void OnResourceExecuting(ResourceExecutingContext context)
        {
            if (context == null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            var request = context.HttpContext.Request;

            if (context.RouteData.TryGetWebHookReceiverName(out var receiverName) &&
                (request.Body == null ||
                 !request.ContentLength.HasValue ||
                 request.ContentLength.Value == 0L ||
                 !HttpMethods.IsPost(request.Method)))
            {
                // Log about the issue and short-circuit remainder of the pipeline.
                context.Result = CreateBadMethodResult(request.Method, receiverName);
            }
        }
Esempio n. 4
0
        public async Task <IEndpointResult> ProcessAsync(
            HttpContext context,
            CancellationToken cancellationToken)
        {
            _logger.LogProcessingEvent();

            if (!HttpMethods.IsPost(context.Request.Method))
            {
                _logger.LogMethodNotAllowed(context.Request.Method);
                return(new StatusCodeEndpointResult(
                           StatusCodes
                           .Status405MethodNotAllowed));
            }

            var incomingEvent =
                await context.Request.ReadJsonAsync <Event>() !;

            if (incomingEvent == null)
            {
                _logger.LogJsonDeserializationReturnNull();
                return(new StatusCodeEndpointResult(
                           StatusCodes.Status422UnprocessableEntity));
            }

            _logger.LogProcessingEventOfType(incomingEvent.EventType);

            return(incomingEvent switch
            {
                UrlVerificationEvent @event =>
                await _urlVerificationEventResultGenerator.GenerateResult(
                    @event,
                    cancellationToken),
                AppRateLimitedEvent @event =>
                await _appRateLimitedEventResultGenerator.GenerateResult(
                    @event,
                    cancellationToken),
                EventWrapper @event => await _callbackEventResultGenerator
                .GenerateResult(
                    @event,
                    cancellationToken),
                _ => new StatusCodeEndpointResult(
                    StatusCodes.Status422UnprocessableEntity),
            });
Esempio n. 5
0
        public async Task <IActionResult> AddAddress(AddressEditModel model, AddressType?addressType)
        {
            var customer = await HttpContext.GetMemberAsync();

            if (HttpMethods.IsGet(Request.Method))
            {
                ModelState.Clear();

                if (addressType != null)
                {
                    model.AddressTypes.Add(addressType.Value);
                }

                // Set predefined values when adding a new address.
                model.FirstName    = customer.FirstName;
                model.LastName     = customer.LastName;
                model.Email        = customer.Email;
                model.PhoneNumber  = customer.PhoneNumber;
                model.Organization = customer.StoreName;

                await _appService.PrepareModelAsync(model, null);
            }
            else if (HttpMethods.IsPost(Request.Method))
            {
                if (ModelState.IsValid)
                {
                    var addresses = await _addressService.ListAsync(new AddressFilter { CustomerId = customer.Id });

                    var address = new Address();
                    await _appService.PrepareAddressAsync(address, model);

                    address.CustomerId = customer.Id;
                    await _addressService.CreateAsync(address);

                    await _addressService.ResolveAddressTypesAsync(address, addresses);

                    TempData.AddAlert(AlertMode.Notify, AlertType.Success, "Address was added.");
                }
            }

            return(PartialView("AddressEdit", model));
        }
Esempio n. 6
0
        public async Task <IEndpointResult> ProcessAsync(HttpContext httpContext)
        {
            Logger.LogInformation($"[{nameof(CompleteRegistrationEndpoint)}] Started processing trusted device registration endpoint.");
            var isPostRequest = HttpMethods.IsPost(httpContext.Request.Method);
            var isApplicationFormContentType = httpContext.Request.HasApplicationFormContentType();

            // Validate HTTP request type.
            if (!isPostRequest || !isApplicationFormContentType)
            {
                return(Error(OidcConstants.TokenErrors.InvalidRequest, "Request must be of type 'POST' and have a Content-Type equal to 'application/x-www-form-urlencoded'."));
            }
            // Ensure that a valid 'Authorization' header exists.
            var tokenUsageResult = await Token.Validate(httpContext);

            if (!tokenUsageResult.TokenFound)
            {
                return(Error(OidcConstants.ProtectedResourceErrors.InvalidToken, "No access token is present in the request."));
            }
            // Validate request data and access token.
            var parameters = (await httpContext.Request.ReadFormAsync()).AsNameValueCollection();
            var requestValidationResult = await Request.Validate(parameters, tokenUsageResult.Token);

            if (requestValidationResult.IsError)
            {
                return(Error(requestValidationResult.Error, requestValidationResult.ErrorDescription));
            }
            // Get device that is operating, if any.
            var existingDevice = await UserDeviceStore.GetByDeviceId(requestValidationResult.DeviceId);

            var isNewDeviceOrOwnedByUser = existingDevice == null || existingDevice.UserId.Equals(requestValidationResult.UserId, StringComparison.OrdinalIgnoreCase);

            if (!isNewDeviceOrOwnedByUser)
            {
                return(Error(OidcConstants.ProtectedResourceErrors.InvalidToken, "Device does not belong to the this user."));
            }
            requestValidationResult.SetDevice(existingDevice);
            // Create endpoint response.
            var response = await Response.Generate(requestValidationResult);

            Logger.LogInformation($"[{nameof(InitRegistrationEndpoint)}] Trusted device authorization endpoint success.");
            return(new CompleteRegistrationResult(response));
        }
Esempio n. 7
0
        /// <summary>
        /// Invokes the agent processing pipeline
        /// </summary>
        /// <param name="aHttpContext"></param>
        /// <param name="aAgentProvider"></param>
        /// <returns></returns>
        public async Task Invoke(HttpContext aHttpContext, IAgentProvider aAgentProvider)
        {
            if
            (
                !HttpMethods.IsPost(aHttpContext.Request.Method) ||
                !(aHttpContext.Request.ContentType?.Equals(DefaultMessageService.AgentWireMessageMimeType) ?? false)
            )
            {
                await NextRequestDelegate(aHttpContext);

                return;
            }

            if (aHttpContext.Request.ContentLength == null)
            {
                throw new Exception("Empty content length");
            }

            using var stream = new StreamReader(aHttpContext.Request.Body);
            string body = await stream.ReadToEndAsync();

            IAgent agent = await aAgentProvider.GetAgentAsync();

            MessageContext response =
                await agent.ProcessAsync
                (
                    context : await aAgentProvider.GetContextAsync(), //TODO assumes all received messages are packed
                    messageContext : new PackedMessageContext(body.GetUTF8Bytes())
                );

            aHttpContext.Response.StatusCode = 200;

            if (response != null)
            {
                aHttpContext.Response.ContentType = DefaultMessageService.AgentWireMessageMimeType;
                await aHttpContext.Response.WriteAsync(response.Payload.GetUTF8String());
            }
            else
            {
                await aHttpContext.Response.WriteAsync(string.Empty);
            }
        }
Esempio n. 8
0
        /// <summary>
        /// Processes the request.
        /// </summary>
        /// <param name="context">The HTTP context.</param>
        /// <returns></returns>
        public async Task <IEndpointResult> ProcessAsync(HttpContext context)
        {
            _logger.LogTrace("Processing revocation request.");

            if (!HttpMethods.IsPost(context.Request.Method))
            {
                _logger.LogWarning("Invalid HTTP method");
                return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
            }

            if (!context.Request.HasFormContentType)
            {
                _logger.LogWarning("Invalid media type");
                return(new StatusCodeResult(HttpStatusCode.UnsupportedMediaType));
            }

            var response = await ProcessRevocationRequestAsync(context);

            return(response);
        }
Esempio n. 9
0
        public async Task Invoke(HttpContext context)
        {
            if (HttpMethods.IsPost(context.Request.Method) && RequestHelper.IsApiCall())
            {
                if (!ValidateCaptcha(context))
                {
                    var dataSerializer = DependencyResolver.Resolve <IDataSerializer>();
                    context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                    await context.Response.WriteAsync(dataSerializer.Serialize(new
                    {
                        success    = false,
                        error      = "Unable to verify the request",
                        error_code = ErrorCodes.CaptchaValidationRequired
                    }));

                    return;
                }
            }
            await _next(context);
        }
Esempio n. 10
0
        public async Task Invoke(HttpContext context)
        {
            if (!HttpMethods.IsPost(context.Request.Method))
            {
                context.Response.StatusCode = StatusCodes.Status405MethodNotAllowed;
                return;
            }

            var(hasCircuitId, circuitId) = await TryGetCircuitIdAsync(context);

            if (!hasCircuitId)
            {
                context.Response.StatusCode = StatusCodes.Status400BadRequest;
                return;
            }

            await TerminateCircuitGracefully(circuitId);

            context.Response.StatusCode = StatusCodes.Status200OK;
        }
Esempio n. 11
0
        public async static Task <ExecutionResult> ExecuteAsync(this IGraphQLExecuter graphQLExecuter, HttpRequest request)
        {
            string  operationName = null;
            string  query         = null;
            JObject variables     = null;

            if (HttpMethods.IsGet(request.Method) || (HttpMethods.IsPost(request.Method) && request.Query.ContainsKey(QUERY_KEY)))
            {
                (operationName, query, variables) = ExtractGraphQLAttributesFromQueryString(request);
            }
            else if (HttpMethods.IsPost(request.Method))
            {
                if (!MediaTypeHeaderValue.TryParse(request.ContentType, out var mediaTypeHeader))
                {
                    throw new GraphQLBadRequestException($"Could not parse 'Content-Type' header value '{request.ContentType}'.");
                }

                switch (mediaTypeHeader.MediaType)
                {
                case JSON_MEDIA_TYPE:
                    (operationName, query, variables) = await ExtractGraphQLAttributesFromJsonBodyAsync(request);

                    break;

                case GRAPHQL_MEDIA_TYPE:
                    query = await ExtractGraphQLQueryFromGraphQLBodyAsync(request.Body);

                    break;

                case FORM_URLENCODED_MEDIA_TYPE:
                    (operationName, query, variables) = await ExtractGraphQLAttributesFromFormCollectionAsync(request);

                    break;

                default:
                    throw new GraphQLBadRequestException($"Not supported 'Content-Type' header value '{request.ContentType}'.");
                }
            }

            return(await graphQLExecuter.ExecuteAsync(operationName, query, variables?.ToInputs(), null, request.HttpContext.RequestAborted));
        }
Esempio n. 12
0
        public async Task Http2(string requestSuffix, string expectedResponse)
        {
            InitializeArgs();

            var hostBuilder = new HostBuilder()
                              .ConfigureWebHost(webHostBuilder =>
            {
                webHostBuilder
                .UseKestrel(options =>
                {
                    options.Listen(IPAddress.Loopback, 0, listenOptions =>
                    {
                        listenOptions.Protocols = HttpProtocols.Http2;
                        listenOptions.UseHttps(TestResources.GetTestCertificate());
                    });
                })
                .Configure(app => app.Run(async context =>
                {
                    if (HttpMethods.IsPost(context.Request.Query["TestMethod"]))
                    {
                        await context.Response.WriteAsync(_postHtml);
                    }
                    else
                    {
                        await context.Response.WriteAsync($"Interop {context.Request.Protocol} {context.Request.Method}");
                    }
                }));
            })
                              .ConfigureServices(AddTestLogging);

            using (var host = hostBuilder.Build())
            {
                await host.StartAsync();

                var chromeOutput = RunHeadlessChrome($"https://localhost:{host.GetPort()}/{requestSuffix}");

                AssertExpectedResponseOrShowDebugInstructions(expectedResponse, chromeOutput);

                await host.StopAsync();
            }
        }
Esempio n. 13
0
        public async Task ExecuteAsync(HttpContext context, HttpConnectionDispatcherOptions options, ConnectionDelegate connectionDelegate)
        {
            // Create the log scope and attempt to pass the Connection ID to it so as many logs as possible contain
            // the Connection ID metadata. If this is the negotiate request then the Connection ID for the scope will
            // be set a little later.

            HttpConnectionContext?connectionContext = null;
            var connectionToken = GetConnectionToken(context);

            if (!StringValues.IsNullOrEmpty(connectionToken))
            {
                // Use ToString; IsNullOrEmpty doesn't tell the compiler anything about implicit conversion to string.
                _manager.TryGetConnection(connectionToken.ToString(), out connectionContext);
            }

            var logScope = new ConnectionLogScope(connectionContext?.ConnectionId);

            using (_logger.BeginScope(logScope))
            {
                if (HttpMethods.IsPost(context.Request.Method))
                {
                    // POST /{path}
                    await ProcessSend(context, options);
                }
                else if (HttpMethods.IsGet(context.Request.Method))
                {
                    // GET /{path}
                    await ExecuteAsync(context, connectionDelegate, options, logScope);
                }
                else if (HttpMethods.IsDelete(context.Request.Method))
                {
                    // DELETE /{path}
                    await ProcessDeleteAsync(context);
                }
                else
                {
                    context.Response.ContentType = "text/plain";
                    context.Response.StatusCode  = StatusCodes.Status405MethodNotAllowed;
                }
            }
        }
Esempio n. 14
0
        public override void OnActionExecuted(ActionExecutedContext filterContext)
        {
            if (HttpMethods.IsGet(filterContext.HttpContext.Request.Method))
            {
                var controller           = filterContext.Controller as Controller;
                var serialisedModelState = controller?.HttpContext.Session.GetString(Key);

                if (serialisedModelState != null)
                {
                    //Only Import if we are viewing
                    if (filterContext.Result is ViewResult)
                    {
                        var modelState = ModelStateHelper.DeserialiseModelState(serialisedModelState);
                        filterContext.ModelState.Merge(modelState);
                    }

                    controller.HttpContext.Session.Remove(Key);
                }
            }
            else if (HttpMethods.IsPost(filterContext.HttpContext.Request.Method))
            {
                //Only export when ModelState is not valid
                if (!filterContext.ModelState.IsValid)
                {
                    //Export if we are redirecting
                    if (filterContext.Result is RedirectResult ||
                        filterContext.Result is RedirectToRouteResult ||
                        filterContext.Result is RedirectToActionResult)
                    {
                        var controller = filterContext.Controller as Controller;
                        if (controller != null && filterContext.ModelState != null)
                        {
                            var modelState = ModelStateHelper.SerialiseModelState(filterContext.ModelState);
                            controller.HttpContext.Session.SetString(Key, modelState);
                        }
                    }
                }
            }

            base.OnActionExecuted(filterContext);
        }
Esempio n. 15
0
        public async Task InvokeAsync(HttpContext context, IAcmeRequestProvider requestProvider)
        {
            if (context is null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            if (requestProvider is null)
            {
                throw new ArgumentNullException(nameof(requestProvider));
            }

            if (HttpMethods.IsPost(context.Request.Method))
            {
                var result = await _requestReader.ReadAcmeRequest(context.Request);

                requestProvider.Initialize(result);
            }

            await _next(context);
        }
Esempio n. 16
0
        public async Task Invoke(HttpContext context)
        {
            // if the given request is shutdown message from ANCM and the value of GracefulShutdown environment variable is set,
            // the shutdown message is handled by this middleware instead of IISMiddleware.

            if (HttpMethods.IsPost(context.Request.Method) &&
                context.Request.Path.ToString().EndsWith("/iisintegration") &&
                string.Equals("shutdown", context.Request.Headers["MS-ASPNETCORE-EVENT"], StringComparison.OrdinalIgnoreCase))
            {
                string shutdownMode = Environment.GetEnvironmentVariable("GracefulShutdown");
                if (!string.IsNullOrWhiteSpace(shutdownMode) && shutdownMode.ToLower().StartsWith("disabled"))
                {
                    //ignore shutdown Message returning 200 instead of 202 because the gracefulshutdown is disabled
                    context.Response.StatusCode = StatusCodes.Status200OK;
                    await context.Response.WriteAsync("Called ShutdownMessage with disabled of GracefulShutdown");

                    return;
                }
            }
            await next.Invoke(context);
        }
Esempio n. 17
0
        /// <inheritdoc />
        public override Task <bool> HandleRequestAsync()
        {
            if (Options.LogoutPath == Request.Path)
            {
                //Wurzinger: Seems a bit hacky to me, but it works...
                if (HttpMethods.IsGet(Context.Request.Method) &&
                    Context.Request.Query.ContainsKey(SamlAuthenticationDefaults.SamlRequestKey) ||
                    HttpMethods.IsPost(Context.Request.Method) &&
                    Context.Request.Form.ContainsKey(SamlAuthenticationDefaults.SamlRequestKey))
                {
                    var responseMessage = _idpInitiatedLogoutRequestHandler.Handle(Options, Context);
                    _idpInitiatedLogoutResponseHandler.Handle(Options, Context, responseMessage, Options.IdentityProviderLogOutUrl, Options.LogoutResponseBinding);
                    return(Task.FromResult(true));
                }

                _spInitiatedLogoutResponseHandler.Handle(Options, Context);
                return(Task.FromResult(true));
            }

            return(base.HandleRequestAsync());
        }
Esempio n. 18
0
    /// <summary>
    /// Processes the request.
    /// </summary>
    /// <param name="context">The HTTP context.</param>
    /// <returns></returns>
    public async Task <IEndpointResult> ProcessAsync(HttpContext context)
    {
        using var activity = Tracing.BasicActivitySource.StartActivity(Constants.EndpointNames.Introspection + "Endpoint");

        _logger.LogTrace("Processing introspection request.");

        // validate HTTP
        if (!HttpMethods.IsPost(context.Request.Method))
        {
            _logger.LogWarning("Introspection endpoint only supports POST requests");
            return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
        }

        if (!context.Request.HasApplicationFormContentType())
        {
            _logger.LogWarning("Invalid media type for introspection endpoint");
            return(new StatusCodeResult(HttpStatusCode.UnsupportedMediaType));
        }

        return(await ProcessIntrospectionRequestAsync(context));
    }
Esempio n. 19
0
        private static HttpMethod GetMethod(string method)
        {
            if (HttpMethods.IsDelete(method))
            {
                return(HttpMethod.Delete);
            }
            if (HttpMethods.IsGet(method))
            {
                return(HttpMethod.Get);
            }
            if (HttpMethods.IsPost(method))
            {
                return(HttpMethod.Post);
            }
            if (HttpMethods.IsPut(method))
            {
                return(HttpMethod.Put);
            }

            return(new HttpMethod(method));
            //throw new Exception
        }
Esempio n. 20
0
        public async Task OnResourceExecutionAsync(ResourceExecutingContext context, ResourceExecutionDelegate next)
        {
            if (context == null)
            {
                throw new ArgumentNullException(nameof(context));
            }
            if (next == null)
            {
                throw new ArgumentNullException(nameof(next));
            }

            var routeData = context.RouteData;
            var request   = context.HttpContext.Request;

            if (routeData.TryGetWebHookReceiverName(out var receiverName) &&
                IsApplicable(receiverName) &&
                HttpMethods.IsPost(request.Method))
            {
            }

            await next();
        }
Esempio n. 21
0
 /// <summary>
 /// Executes the middleware.
 /// </summary>
 /// <param name="context">The <see cref="HttpContext"/> for the current request.</param>
 public Task Invoke(HttpContext context)
 {
     if (HttpMethods.IsPost(context.Request.Method))
     {
         if (_options.FormFieldName != null)
         {
             if (context.Request.HasFormContentType)
             {
                 return(InvokeCore(context));
             }
         }
         else
         {
             var xHttpMethodOverrideValue = context.Request.Headers[xHttpMethodOverride];
             if (!string.IsNullOrEmpty(xHttpMethodOverrideValue))
             {
                 context.Request.Method = xHttpMethodOverrideValue;
             }
         }
     }
     return(_next(context));
 }
Esempio n. 22
0
        private static Method GetMethod(string method)
        {
            if (HttpMethods.IsDelete(method))
            {
                return(Method.DELETE);
            }

            if (HttpMethods.IsGet(method))
            {
                return(Method.GET);
            }

            if (HttpMethods.IsHead(method))
            {
                return(Method.HEAD);
            }

            if (HttpMethods.IsOptions(method))
            {
                return(Method.OPTIONS);
            }

            if (HttpMethods.IsPatch(method))
            {
                return(Method.PATCH);
            }

            if (HttpMethods.IsPost(method))
            {
                return(Method.POST);
            }

            if (HttpMethods.IsPut(method))
            {
                return(Method.PUT);
            }

            throw new NotSupportedException($"Http Method {method} is not supported in {typeof(Method)}.");
        }
Esempio n. 23
0
    /// <summary>
    /// Processes the request.
    /// </summary>
    /// <param name="context">The HTTP context.</param>
    /// <returns></returns>
    public async Task <IEndpointResult> ProcessAsync(HttpContext context)
    {
        using var activity = Tracing.BasicActivitySource.StartActivity(Constants.EndpointNames.Revocation + "Endpoint");

        _logger.LogTrace("Processing revocation request.");

        if (!HttpMethods.IsPost(context.Request.Method))
        {
            _logger.LogWarning("Invalid HTTP method");
            return(new StatusCodeResult(HttpStatusCode.MethodNotAllowed));
        }

        if (!context.Request.HasApplicationFormContentType())
        {
            _logger.LogWarning("Invalid media type");
            return(new StatusCodeResult(HttpStatusCode.UnsupportedMediaType));
        }

        var response = await ProcessRevocationRequestAsync(context);

        return(response);
    }
Esempio n. 24
0
            public bool Match(HttpContext httpContext, IRouter route, string routeKey, RouteValueDictionary values, RouteDirection routeDirection)
            {
                if (httpContext == null)
                {
                    return(false);
                }

                // Constraint needs to be valid when a CORS preflight request is received so that CORS middleware will run
                if (GrpcProtocolHelpers.IsCorsPreflightRequest(httpContext))
                {
                    return(true);
                }

                if (!HttpMethods.IsPost(httpContext.Request.Method))
                {
                    return(false);
                }

                return(CommonGrpcProtocolHelpers.IsContentType(GrpcProtocolConstants.GrpcContentType, httpContext.Request.ContentType) ||
                       CommonGrpcProtocolHelpers.IsContentType(GrpcProtocolConstants.GrpcWebContentType, httpContext.Request.ContentType) ||
                       CommonGrpcProtocolHelpers.IsContentType(GrpcProtocolConstants.GrpcWebTextContentType, httpContext.Request.ContentType));
            }
Esempio n. 25
0
        public async Task <HttpResponseData> Run(
            [HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = "graphql/bcp/{*path}")] HttpRequestData req,
            FunctionContext executionContext
            )
        {
            var logger = executionContext.GetLogger <GraphQLBananaCakePopEndpoint>();

            logger.LogInformation("C# GraphQL Request processing via Serverless AzureFunctions (Isolated Process)...");

            //SECURE this endpoint against actual Data Queries
            //  This is useful for exposing the GraphQL IDE (Banana Cake Pop) anonymously, but keeping the actual GraphQL data endpoint
            //  secured with AzureFunction token security and/or other authorization approach.

            if (HttpMethods.IsPost(req.Method) || (HttpMethods.IsGet(req.Method) && !string.IsNullOrWhiteSpace(req.GetQueryStringParam("query"))))
            {
                return(req.CreateBadRequestErrorMessageResponse("POST or GET GraphQL queries are invalid for the GraphQL IDE endpoint."));
            }

            var response = await _graphqlExecutorProxy.ExecuteFunctionsQueryAsync(req, logger).ConfigureAwait(false);

            return(response);
        }
Esempio n. 26
0
    public async Task AcceptsRequestWithChunkedEncodingAndUpgrade()
    {
        await using (var server = new TestServer(async context =>
        {
            var feature = context.Features.Get <IHttpUpgradeFeature>();

            Assert.Null(context.Request.ContentLength);

            if (HttpMethods.IsPost(context.Request.Method))
            {
                Assert.False(feature.IsUpgradableRequest);
                Assert.Equal("chunked", context.Request.Headers.TransferEncoding);

                var length = await context.Request.Body.FillBufferUntilEndAsync(new byte[100]);
                Assert.Equal(11, length);
            }
            else
            {
                Assert.True(feature.IsUpgradableRequest);
            }
        },
                                                 new TestServiceContext(LoggerFactory)))
        {
            using (var connection = server.CreateConnection())
            {
                await connection.Send("POST / HTTP/1.1",
                                      "Host:",
                                      "Transfer-Encoding: chunked",
                                      "Connection: Upgrade",
                                      "",
                                      "B", "Hello World",
                                      "0",
                                      "",
                                      "");

                await connection.Receive("HTTP/1.1 200 OK");
            }
        }
    }
Esempio n. 27
0
        public async Task Invoke(HttpContext ctx)
        {
            // Setup an AuthContext for the duration of the request
            AuthContext.BuildFrom(ctx, true);

            var cLen   = ctx.Request.ContentLength;
            var cType  = ctx.Request.ContentType;
            var method = ctx.Request.Method;

            if (HttpMethods.IsPut(method) || HttpMethods.IsPost(method))
            {
                if (string.IsNullOrEmpty(cType))
                {
                    if (cLen.HasValue)
                    {
                        ctx.Request.ContentType = "application/json";
                    }
                }
            }

            await _next(ctx);
        }
Esempio n. 28
0
    public virtual async Task InvokeAsync(HttpContext context)
    {
        if (HttpMethods.IsPost(context.Request.Method) &&
            ParseContentType(context) is AllowedContentType.Json)
        {
            if (!IsDefaultSchema)
            {
                context.Items[WellKnownContextData.SchemaName] = SchemaName.Value;
            }

            using (DiagnosticEvents.ExecuteHttpRequest(context, HttpRequestKind.HttpPost))
            {
                await HandleRequestAsync(context, AllowedContentType.Json);
            }
        }
        else
        {
            // if the request is not a post request we will just invoke the next
            // middleware and do nothing:
            await NextAsync(context);
        }
    }
Esempio n. 29
0
        public async Task <IActionResult> SalvarTermo(
            [HttpTrigger(AuthorizationLevel.Anonymous, "post", "put", Route = "termo/{id?}")]
            HttpRequest req, ILogger log, string id)
        {
            var content = await new StreamReader(req.Body).ReadToEndAsync();

            try
            {
                var post      = HttpMethods.IsPost(req.Method);
                var resultado = await SalvarAsync(content, post, id);

                return(RetornarSucesso <TermoDTO>(resultado));
            }
            catch (ValidacaoExcecao e)
            {
                return(RetornaFalha(log, JsonConvert.SerializeObject(e.Erros)));
            }
            catch (Exception e)
            {
                return(RetornaFalha(log, e.GetBaseException().Message));
            }
        }
Esempio n. 30
0
        public async Task <IActionResult> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = "graphql/playground/{*path}")] HttpRequest req,
            ILogger logger,
            CancellationToken cancellationToken
            )
        {
            logger.LogInformation("C# GraphQL Request processing via Serverless AzureFunctions...");

            //SECURE this endpoint against actual Data Queries
            //  This is useful for exposing the playground anonymously, but keeping the actual GraphQL data endpoint
            //  secured with AzureFunction token security and/or other authorization approach.
            if (HttpMethods.IsPost(req.Method) || (HttpMethods.IsGet(req.Method) && !string.IsNullOrWhiteSpace(req.Query["query"])))
            {
                return(new BadRequestErrorMessageResult("POST or GET GraphQL queries are invalid for the Playground endpoint."));
            }

            return(await _graphqlExecutorProxy.ExecuteFunctionsQueryAsync(
                       req.HttpContext,
                       logger,
                       cancellationToken
                       ).ConfigureAwait(false));
        }