public object Exec(RoutingModel route, ParamContainer helper) { if (route.auth_users.FirstOrDefault(f => f.Trim() == "*") == null) { ISessionProvider sessionProvider = helper.GetKey(CommonConst.CommonValue.PARAM_SESSION_PROVIDER); IHttpContextProxy httpProxy = helper.GetKey(CommonConst.CommonValue.PARAM_HTTPREQUESTPROXY); if (sessionProvider == null || httpProxy == null) { string error = "ActionExecuter.Exec sessionProvider is null or HttpContextProxy is null on ParamContainer"; _logger.Error(error); throw new UnauthorizedAccessException(error); } var authToken = httpProxy.GetHeaders().FirstOrDefault(f => f.Key.ToLower() == ""); var sessionUser = sessionProvider.GetValue <UserModel>(CommonConst.CommonValue.SESSION_USER_KEY); // add auth here. if (sessionUser == null) { throw new UnauthorizedAccessException("No session user found"); } if (!route.auth_users.Where(i => sessionUser.groups.Contains(i)).Any()) { throw new UnauthorizedAccessException("Unauthorized"); } return(Exec(route.ExecultAssembly, route.ExecuteType, route.ExecuteMethod, helper)); } else { return(Exec(route.ExecultAssembly, route.ExecuteType, route.ExecuteMethod, helper)); } }
public static bool IsValidToken(UserModel user, ISessionProvider sessionProvider, ILogger logger, bool isOauthVerification = true) { if (!isOauthVerification) { return(true); } if (user.user_type == UserIDType.Google.ToString()) { var authToken = sessionProvider.GetValue <string>(ModuleAppConsts.Field.AUTH_TOKEN); if (string.IsNullOrEmpty(authToken)) { return(false); } var URL = string.Format("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={0}", authToken); HttpClient client = new HttpClient(); client.BaseAddress = new Uri(URL); HttpResponseMessage response = client.GetAsync("").Result; if (response.IsSuccessStatusCode) { var dataObjects = response.Content.ReadAsStringAsync().Result; JObject responseJson = JObject.Parse(dataObjects); logger.Debug("Data", responseJson); if (responseJson["sub"] != null) { return(true); } } return(false); } return(true); }
public bool MatchesVisitor(string definition) { Mandate.ParameterNotNullOrEmpty(definition, "definition"); SessionSetting sessionSetting; try { sessionSetting = JsonConvert.DeserializeObject <SessionSetting>(definition); } catch (JsonReaderException) { throw new ArgumentException($"Provided definition is not valid JSON: {definition}"); } if (string.IsNullOrEmpty(sessionSetting.Key)) { throw new ArgumentNullException("key", "Session key not set"); } var keyExists = _sessionProvider.KeyExists(sessionSetting.Key); var value = string.Empty; if (keyExists) { value = _sessionProvider.GetValue(sessionSetting.Key); } switch (sessionSetting.Match) { case SessionSettingMatch.Exists: return(keyExists); case SessionSettingMatch.DoesNotExist: return(!keyExists); case SessionSettingMatch.MatchesValue: return(keyExists && MatchesValue(value, sessionSetting.Value)); case SessionSettingMatch.ContainsValue: return(keyExists && ContainsValue(value, sessionSetting.Value)); case SessionSettingMatch.GreaterThanValue: case SessionSettingMatch.GreaterThanOrEqualToValue: case SessionSettingMatch.LessThanValue: case SessionSettingMatch.LessThanOrEqualToValue: return(keyExists && CompareValues(value, sessionSetting.Value, GetComparison(sessionSetting.Match))); case SessionSettingMatch.MatchesRegex: return(keyExists && MatchesRegex(value, sessionSetting.Value)); case SessionSettingMatch.DoesNotMatchRegex: return(keyExists && !MatchesRegex(value, sessionSetting.Value)); default: return(false); } }
private static List <string> GetCurrentAuthGroups(ISessionProvider sessionProvider) { var user = sessionProvider.GetValue <UserModel>(CommonConst.CommonValue.SESSION_USER_KEY); var auth_users = new List <String> { "*" }; if (user != null) { auth_users.Add(user.user_id); auth_users.AddRange(user.groups); } return(auth_users); }
public static JArray GetImageData(IDBService dbProxy, ISessionProvider sessionProvider, string fileHash, List <string> extraFields = null) { JObject filter = new JObject(); filter[ImageProcessor.FILE_HASH] = fileHash; var fields = new List <string> { ImageProcessor.FILE_HASH, ImageProcessor.PHOTO_DATE_TAKEN_TIME_STAMP, ImageProcessor.PHOTO_DATE_TAKEN, ImageProcessor.IMAGE_S_SIZE, ImageProcessor.IMAGE_M_SIZE, ImageProcessor.IMAGE_L_SIZE, ImageProcessor.CHANGESET_NO }; if (extraFields != null) { fields.AddRange(extraFields); } var data = dbProxy.Get(ImageProcessor.MYPHOTO_COLLECTION, filter.ToString(), fields); if (data.Count == 0) { throw new KeyNotFoundException(filter.ToString()); } var user = sessionProvider.GetValue <UserModel>(CommonConst.CommonValue.SESSION_USER_KEY); AddViewsToImageDetails(dbProxy, filter, data); AddLikesToImageDetails(dbProxy, filter, data, user); AddBookmarkToImageDetails(dbProxy, data, fileHash, user); return(data); }
private static Dictionary <string, dynamic> SetDefaultModel(IDBService dbProxy, IHttpContextProxy httpProxy, ILogger logger, IViewEngine viewEngine, IActionExecuter actionExecuter, Dictionary <string, dynamic> model, IKeyValueStorage keyValueStorage, ISessionProvider sessionProvider, string folderPath = null) { // ISessionProvider sessionProvider = new SessionProvider(httpProxy, dbProxy, logger); if (model == null) { model = new Dictionary <string, dynamic>(); } model[CommonConst.CommonValue.METHODS] = new Dictionary <string, dynamic>(); Func <string, string, JArray> getData = (string collection, string filter) => { return(dbProxy.Get(collection, new RawQuery(filter))); }; Func <string, string> getAppSetting = (string key) => { //var response = AppSettingService.Instance.GetAppSettingData(key); //if (string.IsNullOrEmpty(response)) //{ // response = ConfigurationManager.AppSettings[key]; //} //return response; return(string.Empty); }; Func <string, JObject> getSessionValue = (string key) => { return(sessionProvider.GetValue <JObject>(key)); }; Func <string, string> includeTemplate = (string templatePath) => { FileInfo fi = new FileInfo(string.Format("c:\\{0}{1}", folderPath, templatePath)); string path = fi.FullName.Replace("c:", ""); model[CommonConst.CommonValue.PAGE_TEMPLATE_PATH] = path; return(string.Empty); }; Func <string, bool> authorized = (string authGroups) => { var sessionUser = sessionProvider.GetValue <UserModel>(CommonConst.CommonValue.SESSION_USER_KEY); if (sessionUser == null) { return(false); } if (!authGroups.Split(',').Where(i => sessionUser.claims.Where(f => f.Value == i).Any()).Any()) { return(false); } else { return(true); } }; Func <string, JObject, JObject> ActionExecute = (string actionPath, JObject data) => { //var param = ActionExecuterHelper.CreateParamContainer(null, httpProxy, logger, actionExecuter); //if (data != null) //{ // foreach (var item in data) // { // Func<dynamic> funcValue = () => { return item.Value; }; // param.AddKey(item.Key, funcValue); // } //} //return actionExecuter.Exec<JObject>(actionPath, dbProxy, param); return(null); }; Func <string, JObject, Dictionary <string, dynamic> > IncludeModel = (string includeModelPath, JObject data) => { try { //var param = ActionExecuterHelper.CreateParamContainer(null, httpProxy, logger, actionExecuter); //Dictionary<string, dynamic> modelData = new Dictionary<string, dynamic>(); //if (data != null) //{ // foreach (var item in data) // { // Func<dynamic> funcValue = () => { return item.Value; }; // param.AddKey(item.Key, funcValue); // } //} //object response = actionExecuter.Exec(includeModelPath, dbProxy, param); //if (response is Dictionary<string, dynamic>) //{ // return response as Dictionary<string, dynamic>; //} //else //{ // throw new InvalidCastException(string.Format("Invalid respone from {0}", includeModelPath)); //} return(null); } catch (UnauthorizedAccessException ex) { logger.Error(string.Format("Error While executing Route : {0}, Error : {1}", includeModelPath, ex.Message), ex); throw; } }; model[CommonConst.CommonValue.METHODS]["IncludeModel"] = IncludeModel; model[CommonConst.CommonValue.METHODS]["ExecuteAction"] = ActionExecute; model[CommonConst.CommonValue.METHODS]["InclueTemplate"] = includeTemplate; model[CommonConst.CommonValue.METHODS]["GetData"] = getData; Func <JObject> requestBody = () => httpProxy.GetRequestBody <JObject>(); model[CommonConst.CommonValue.METHODS]["RequestBody"] = requestBody; Func <string, string> queryString = (string key) => httpProxy.GetQueryString(key); model[CommonConst.CommonValue.METHODS]["QueryString"] = queryString; model[CommonConst.CommonValue.METHODS]["AppSetting"] = getAppSetting; model[CommonConst.CommonValue.METHODS]["GetSessionData"] = getSessionValue; model[CommonConst.CommonValue.METHODS]["Authorized"] = authorized; Func <string, JObject, string> includeBlock = (string blockPath, JObject blockModel) => { var inputBlockModel = new Dictionary <string, dynamic>(); if (blockModel != null) { foreach (var item in blockModel) { inputBlockModel[item.Key] = item.Value; } } if (model != null) { foreach (var item in model) { inputBlockModel[item.Key] = item.Value; } } FileInfo fi = new FileInfo(string.Format("c:\\{0}{1}", folderPath, blockPath)); string path = fi.FullName.Replace("c:", ""); var data = ContentHelper.GetStringContent(dbProxy, logger, path, keyValueStorage); data = viewEngine.Compile(data, path, SetDefaultModel(dbProxy, httpProxy, logger, viewEngine, actionExecuter, inputBlockModel, keyValueStorage, sessionProvider, path.Replace(fi.Name, ""))); return(data); }; model[CommonConst.CommonValue.METHODS]["Include"] = includeBlock; Func <string> randerBody = () => { if (model.ContainsKey(CommonConst.CommonValue.RENDERBODY_DATA)) { return(model[CommonConst.CommonValue.RENDERBODY_DATA]); } else { return(string.Empty); } }; model[CommonConst.CommonValue.METHODS]["RenderBody"] = randerBody; return(model); }