public void Validation_procedures_should_pass_on_a_well_formed_https_request()
{
request = new Request(request.Method, new Uri("https://foo/bar"));
RequestValidator.Validate(request).Should().BeEmpty();
RequestValidator.IsValid(request).Should().BeTrue();
}
public void Validation_should_fail_if_request_has_an_url_with_non_http_scheme()
{
request = new Request(request.Method, new Uri("ftp://foo/bar"));
RequestValidator.IsValid(request).Should().BeFalse();
Console.Out.WriteLine(RequestValidator.Validate(request).Single());
}
public void Validation_should_fail_when_supplying_request_body_with_head_method()
{
request = Request.Head(request.Url).WithContent(new Content(new byte[16]));
RequestValidator.IsValid(request).Should().BeFalse();
Console.Out.WriteLine(RequestValidator.Validate(request).Single());
}
public void Validation_should_fail_when_supplying_request_body_stream_with_get_method()
{
request = Request.Get(request.Url).WithContent(new StreamContent(Stream.Null, 123));
RequestValidator.IsValid(request).Should().BeFalse();
Console.Out.WriteLine(RequestValidator.Validate(request).Single());
}
private static void PreSendRequestHeaders(HttpContextBase context)//20
{
if (!RequestValidator.IsValid(context, LifecycleEvent.PreSendRequestHeaders))
{
return;
}
var requestId = context.GetGlimpseRequestId().ToString();
context.Response.AddHeader(GlimpseConstants.HttpHeader, requestId);
}
private static void PostRequestHandlerExecute(HttpContextBase context)//12
{
if (!RequestValidator.IsValid(context, LifecycleEvent.PostRequestHandlerExecute))
{
return;
}
ProcessData(context, true); //Run all plugins that DO need access to Session
Logger.Info("PostRequestHandlerExecute handling complete for requestId " + context.GetGlimpseRequestId() + " (" + context.Request.Path + ")");
}
private static void BeginRequest(HttpContextBase context)//1
{
if (!RequestValidator.IsValid(context, LifecycleEvent.BeginRequest))
{
return;
}
context.InitGlimpseContext();
GlimpseTimer.Moment("Begin Request");
Logger.Info("BeginRequest handling complete for requestId " + context.GetGlimpseRequestId() + " (" + context.Request.Path + ")");
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var req = filterContext.HttpContext.Request;
RequestValidator validator = new RequestValidator();
if (validator.IsValid(request))
{
return;
}
filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", $"Basic realm= {BasicRealm}");
filterContext.Result = new HttpUnauthorizedResult();
}
private static void PostReleaseRequestState(HttpContextBase context)//14
{
if (!RequestValidator.IsValid(context, LifecycleEvent.PostReleaseRequestState))
{
return;
}
if (!context.IsAjax())
{
context.Response.Filter = new GlimpseResponseFilter(context.Response.Filter, context);
}
Logger.Info("PostReleaseRequestState handling complete for requestId " + context.GetGlimpseRequestId() + " (" + context.Request.Path + ")");
}
private static void EndRequest(HttpContextBase context)//19
{
if (!RequestValidator.IsValid(context, LifecycleEvent.EndRequest))
{
return;
}
GlimpseTimer.Moment("End Request");
ProcessData(context, false); //Run all plugins that DO NOT need access to Session
var requestId = context.GetGlimpseRequestId().ToString();
CheckForPRG(context);
var jsonPayload = GenerateGlimpseOutput(context);
Logger.Info("Glimpse output generated for requestId " + requestId + " (" + context.Request.Path + ")");
MetadataStore.Persist(context.GetRequestMetadata(jsonPayload));
Logger.Info("RequestId " + requestId + " (" + context.Request.Path + ")" + " persisted");
Logger.Info("EndRequest handling complete for requestId " + context.GetGlimpseRequestId() + " (" + context.Request.Path + ")");
}
public Task <ClusterResult> ExecuteAsync(IRequestContext context, Func <IRequestContext, Task <ClusterResult> > next)
{
if (!RequestValidator.IsValid(context.Request))
{
return(OnInvalidRequest(context, RequestValidator.Validate(context.Request)));
}
if (HasStreamUnsupportedByTransport(context))
{
return(OnInvalidRequest(context, "Request has a body stream, which is not supported by transport implementation."));
}
if (HasCompositeContentUnsupportedByTransport(context))
{
return(OnInvalidRequest(context, "Request has a composite body content, which is not supported by transport implementation."));
}
if (HasStreamWithParallelStrategy(context))
{
return(OnInvalidRequest(context, "Request has a body stream, which can't be used concurrently, and uses a parallel execution strategy."));
}
return(next(context));
}
public void Validation_should_not_fail_when_supplying_request_body_with_any_method(string method)
{
request = new Request(method, request.Url).WithContent(new Content(new byte[16]));
RequestValidator.IsValid(request).Should().BeTrue();
}
public void Validation_procedures_should_pass_on_a_well_formed_http_request()
{
RequestValidator.Validate(request).Should().BeEmpty();
RequestValidator.IsValid(request).Should().BeTrue();
}
public static bool IsUserAuthenticated(this HttpRequest request)
{
RequestValidator validator = new RequestValidator();
return(validator.IsValid(request));
}
public virtual async Task <IActionResult> Index()
{
CancellationToken cancellationToken = HttpContext?.RequestAborted ?? CancellationToken.None;
var dumpFileBasePath = HostingEnvironment.ContentRootPath
+ ApiOptions.AppRootDumpFolderVPath.Replace('/', Path.DirectorySeparatorChar);
XDocument postedXml = null;
XDocument resultXml;
MetaWeblogResult outCome;
FaultStruct faultStruct;
try
{
using (HttpContext.Request.Body)
{
string tmp;
using (StreamReader reader = new StreamReader(Request.Body, Encoding.UTF8))
{
tmp = await reader.ReadToEndAsync();
}
postedXml = XDocument.Parse(tmp, LoadOptions.None);
}
}
catch (Exception ex)
{
Log.LogError(ex.Message, ex);
if (ApiOptions.DumpRequestXmlToDisk)
{
var requestFileName = dumpFileBasePath + "request-with-error" + Utils.GetDateTimeStringForFileName(true) + ".txt";
using (StreamWriter s = System.IO.File.CreateText(requestFileName))
{
//postedXml.Save(s, SaveOptions.None);
await HttpContext.Request.Body.CopyToAsync(s.BaseStream);
}
}
outCome = new MetaWeblogResult();
faultStruct = new FaultStruct();
faultStruct.faultCode = "802"; // invalid access
faultStruct.faultString = "invalid access";
outCome.Fault = faultStruct;
resultXml = ResultFormatter.Format(outCome);
return(new XmlResult(resultXml));
}
var metaWeblogRequest = RequestParser.ParseRequest(postedXml);
if (ApiOptions.DumpRequestXmlToDisk)
{
var requestFileName = dumpFileBasePath + "request-"
+ Utils.GetDateTimeStringForFileName(true) + "-"
+ metaWeblogRequest.MethodName.Replace(".", "-")
+ ".xml";
using (StreamWriter s = System.IO.File.CreateText(requestFileName))
{
postedXml.Save(s, SaveOptions.None);
}
}
var permissions = await Security.ValiatePermissions(metaWeblogRequest, cancellationToken);
if (string.IsNullOrEmpty(metaWeblogRequest.BlogId))
{
metaWeblogRequest.BlogId = permissions.BlogId;
}
if ((!permissions.CanEditPosts) && (!permissions.CanEditPages))
{
outCome = new MetaWeblogResult();
resultXml = ResultFormatter.Format(outCome);
return(new XmlResult(resultXml));
}
var isValid = await RequestValidator.IsValid(metaWeblogRequest, cancellationToken);
if (!isValid)
{
outCome = new MetaWeblogResult();
outCome.AddValidatonFault();
resultXml = ResultFormatter.Format(outCome);
return(new XmlResult(resultXml));
}
outCome = await RequestProcessor.ProcessRequest(
metaWeblogRequest,
permissions,
cancellationToken);
resultXml = ResultFormatter.Format(outCome);
if (ApiOptions.DumpResponseXmlToDisk)
{
var reseponseFileName = dumpFileBasePath + "response-"
+ Utils.GetDateTimeStringForFileName(true) + "-"
+ outCome.Method.Replace(".", "-")
+ ".xml";
using (StreamWriter s = System.IO.File.CreateText(reseponseFileName))
{
resultXml.Save(s, SaveOptions.None);
}
}
return(new XmlResult(resultXml));
}