public override HttpActionDescriptor SelectAction(HttpControllerContext controllerContext) { HttpActionDescriptor decriptor; try { decriptor = base.SelectAction(controllerContext); } catch (HttpResponseException ex) { HttpStatusCode code = ex.Response.StatusCode; if (code != HttpStatusCode.NotFound && code != HttpStatusCode.MethodNotAllowed) { throw; } System.Web.Http.Routing.IHttpRouteData routeData = controllerContext.RouteData; routeData.Values["action"] = "Handle404"; IHttpController httpController = new ApiErrorController(); controllerContext.Controller = httpController; controllerContext.ControllerDescriptor = new HttpControllerDescriptor(controllerContext.Configuration, "Error", httpController.GetType()); decriptor = base.SelectAction(controllerContext); } return(decriptor); }
private void Log(System.Web.Http.Routing.IHttpRouteData httpRouteData) { var controllerName = "controller name"; var actionName = "action name"; var message = String.Format("controller:{0}, action:{1}", controllerName, actionName); Debug.WriteLine(message, "Action Filter Log"); }
private static T GetRouteVariable <T>(System.Web.Http.Routing.IHttpRouteData routeData, string name) { object result = null; if (routeData.Values.TryGetValue(name, out result)) { return((T)result); } return(default(T)); }
public ICorsPolicyProvider GetCorsPolicyProvider( HttpRequestMessage request) { System.Web.Http.Routing.IHttpRouteData route = request.GetRouteData(); string controller = (string)route.Values["controller"]; CorsRequestContext corsRequestContext = request.GetCorsRequestContext(); string originRequested = corsRequestContext.Origin; CorsPolicy policy = GetPolicyForControllerAndOrigin( controller, originRequested); return(new CustomPolicyProvider(policy)); }
public HttpResponseMessage Get() { //Request.DumpToConsole(); System.Web.Http.Routing.IHttpRouteData routeData = Request.GetRouteData(); string path = routeData.Values.ContainsKey("path") ? routeData.Values["path"] as string : null; //Console.WriteLine(String.Format("FILES PATH: {0}", path)); if (String.IsNullOrEmpty(path)) { path = DEFAULT_URL; } return(ServeFile(path)); }
public static void DumpToConsole(this HttpRequestMessage request) { Console.WriteLine("------------- REQUEST --------------"); Console.WriteLine(DateTime.Now.ToString("u")); System.Web.Http.Routing.IHttpRouteData routeData = request.GetRouteData(); Console.WriteLine(String.Format("CONTROLLER: {0}", routeData.Values["controller"])); Console.WriteLine(String.Format("ACTION: {0}", routeData.Values.ContainsKey("action") ? routeData.Values["action"] : "")); Console.WriteLine(String.Format("METHOD: {0}", request.Method)); int contentLength = request.Content.ReadAsStringAsync().Result.Length; Console.WriteLine(String.Format("{0}\n\n{1}\n\nCONTENT LENGTH: {2}", request.RequestUri, request.Headers, contentLength)); if (contentLength <= 50) { Console.WriteLine(String.Format("CONTENT: {0}", request.Content.ReadAsStringAsync().Result)); } Console.WriteLine("------------------------------------"); }
public HttpControllerDescriptor SelectController(System.Net.Http.HttpRequestMessage request) { System.Web.Http.Routing.IHttpRouteData routeData = request.GetRouteData(); if (routeData == null) { throw new HttpResponseException(System.Net.HttpStatusCode.NotFound); } string version = GetRouteVariable <string>(routeData, VersionKey); if (string.IsNullOrEmpty(version)) { version = GetVersionFromHTTPHeaderAndAcceptHeader(request); } string controllerName = GetRouteVariable <string>(routeData, ControllerKey); if (controllerName == null) { throw new HttpResponseException(System.Net.HttpStatusCode.NotFound); } string key = String.Format(CultureInfo.InvariantCulture, "{0}", controllerName); if (!string.IsNullOrEmpty(version)) { key = String.Format(CultureInfo.InvariantCulture, "{0}.{1}", version, controllerName); } HttpControllerDescriptor controllerDescriptor; if (_controllers.Value.TryGetValue(key, out controllerDescriptor)) { return(controllerDescriptor); } else if (_duplicates.Contains(key)) { throw new HttpResponseException( request.CreateErrorResponse(HttpStatusCode.InternalServerError, "Multiple controllers were found that match this request.")); } else { throw new HttpResponseException(HttpStatusCode.NotFound); } }
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext) { var IResourceServiceFactory = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IResourceServiceFactory)) as IResourceServiceFactory; var IUnitOfWork = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IUnitOfWork)) as IUnitOfWork; var IRequestMetaFactory = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IRequestMetaFactory)) as IRequestMetaFactory; var IResourceServices = IResourceServiceFactory.Create <IResourceServices>(); var ICommonFactory = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(ICommonFactory)) as ICommonFactory; var IPyroRequestUriFactory = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IPyroRequestUriFactory)) as IPyroRequestUriFactory; var IGlobalProperties = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(IGlobalProperties)) as IGlobalProperties; //var ILog = actionExecutedContext.ActionContext.ControllerContext.Configuration.DependencyResolver.GetService(typeof(ILog)) as ILog; using (DbContextTransaction Transaction = IUnitOfWork.BeginTransaction()) { try { DateTime dtStart = (DateTime)actionExecutedContext.Request.Properties[DateTimeKey]; System.Diagnostics.Stopwatch stopwatch = (System.Diagnostics.Stopwatch)actionExecutedContext.Request.Properties[StopwatchKey]; stopwatch.Stop(); TimeSpan duration = stopwatch.Elapsed; IPyroRequestUri DtoRequestUri = IPyroRequestUriFactory.CreateFhirRequestUri(); DtoRequestUri.FhirRequestUri.Parse(actionExecutedContext.Request.RequestUri.OriginalString); // use owin context so we can self host (i.e. avoid System.Web.HttpContext.Current) var owinContext = actionExecutedContext.Request.GetOwinContext(); string machineName = System.Environment.MachineName; string httpVerb = actionExecutedContext.Request.Method.ToString(); string ipAddress = owinContext.Request.RemoteIpAddress; string controllerName = actionExecutedContext.ActionContext.ControllerContext.ControllerDescriptor.ControllerName; string actionName = actionExecutedContext.ActionContext.ActionDescriptor.ActionName; bool successfulRequest = (actionExecutedContext.Exception == null); System.Web.Http.Routing.IHttpRouteData route = actionExecutedContext.ActionContext.ControllerContext.RouteData; // Get the resource base string baseUri = DtoRequestUri.FhirRequestUri.UriPrimaryServiceRoot.OriginalString; // Create the Security Event Object AuditEvent Audit = new AuditEvent(); if (actionExecutedContext.Request.Method == HttpMethod.Put) { Audit.Action = AuditEvent.AuditEventAction.U; } else if (actionExecutedContext.Request.Method == HttpMethod.Post) { Audit.Action = AuditEvent.AuditEventAction.C; } else if (actionExecutedContext.Request.Method == HttpMethod.Delete) { Audit.Action = AuditEvent.AuditEventAction.D; } else { Audit.Action = AuditEvent.AuditEventAction.R; } Audit.Recorded = DateTimeOffset.Now; Audit.Outcome = AuditEvent.AuditEventOutcome.N0; if (!successfulRequest) { // log error if (actionExecutedContext.Exception is PyroException) { var fse = actionExecutedContext.Exception as PyroException; if ((int)fse.HttpStatusCode >= 500) { Audit.Outcome = AuditEvent.AuditEventOutcome.N8; } else if ((int)fse.HttpStatusCode >= 400) { Audit.Outcome = AuditEvent.AuditEventOutcome.N4; } } else { Audit.Outcome = AuditEvent.AuditEventOutcome.N8; } } Audit.Type = new Coding() { System = "http://hl7.org/fhir/security-event-type", Code = "rest", Display = "Restful Operation" }; Audit.Subtype = new List <Coding>(); if (actionExecutedContext.Request.Method == HttpMethod.Put) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "update", Display = "update" }); } else if (actionExecutedContext.Request.Method == HttpMethod.Post) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "create", Display = "create" }); } else if (actionExecutedContext.Request.Method == HttpMethod.Delete) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "delete", Display = "delete" }); } else if (actionExecutedContext.Request.Method == HttpMethod.Options) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "read", Display = "read" }); } else if (route.Values.ContainsKey("ResourceName") && route.Values.ContainsKey("id") && route.Values.ContainsKey("vid")) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "vread", Display = "vread" }); } else if (route.Values.ContainsKey("ResourceName") && route.Values.ContainsKey("id")) { if (owinContext.Request.Uri.OriginalString.Contains("_history")) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "history-instance", Display = "history-instance" }); } else { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "read", Display = "read" }); } } else if (route.Values.ContainsKey("ResourceName")) { if (owinContext.Request.Uri.OriginalString.Contains("_history")) { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "history-type", Display = "history-type" }); } else { Audit.Subtype.Add(new Coding() { System = "http://hl7.org/fhir/restful-interaction", Code = "search-type", Display = "search-type" }); } } Audit.Agent.Add(new AuditEvent.AgentComponent()); // se.Participant[0].UserId = ""; // se.Participant[0].AltId = owinContext.Authentication.; if (owinContext.Authentication.User != null && owinContext.Authentication.User.Identity.IsAuthenticated) { Audit.Agent[0].Name = owinContext.Authentication.User.Identity.Name; // read additional details from the identity claims if (owinContext.Authentication.User.Identity is System.Security.Claims.ClaimsIdentity ci) { var claim = ci.Claims.Where(c => c.Type == "name").FirstOrDefault(); if (claim != null) { Audit.Agent[0].Name = claim.Value; } claim = ci.Claims.Where(c => c.Type == "sub").FirstOrDefault(); if (claim != null) { Audit.Agent[0].AltId = claim.Value; } if (ci.Claims.Any(c => c.Type == "author_only_access" && c.Value == "true")) { Audit.Agent[0].Role = new List <CodeableConcept> { new CodeableConcept(null, "author_only_access") }; } } } Audit.Agent[0].Requestor = true; Audit.Agent[0].Network = new AuditEvent.NetworkComponent() { Address = ipAddress, Type = AuditEvent.AuditEventAgentNetworkType.N2 }; Audit.Source = new AuditEvent.SourceComponent { Site = "Cloud", Identifier = new Identifier(null, actionExecutedContext.Request.RequestUri.GetLeftPart(UriPartial.Authority)) }; Audit.Source.Type.Add(new Coding() { System = "http://hl7.org/fhir/ValueSet/audit-source-type", Code = "3", Display = "Web Server" }); if (route.Values.ContainsKey("ResourceName") && route.Values.ContainsKey("id")) { string relativeUri = String.Format("{0}/{1}", route.Values["ResourceName"] as string, route.Values["id"] as string); if (route.Values.ContainsKey("vid")) { relativeUri += "/_history/" + route.Values["vid"] as string; } Audit.Entity = new List <AuditEvent.EntityComponent> { new AuditEvent.EntityComponent() { Name = actionExecutedContext.Request.RequestUri.ToString(), Reference = new ResourceReference() { Url = new Uri(relativeUri, UriKind.Relative) }, Type = new Coding() { System = "http://hl7.org/fhir/object-type", Code = "1", Display = "Person" } } }; if (actionExecutedContext.Request.Properties.ContainsKey(Attributes.ActionLogAttribute.ResourceIdentityKey)) { string reference = actionExecutedContext.Request.Properties[Attributes.ActionLogAttribute.ResourceIdentityKey] as string; if (!string.IsNullOrEmpty(reference)) { Audit.Entity[0].Reference.Reference = reference; } } } else { Audit.Entity = new List <AuditEvent.EntityComponent> { new AuditEvent.EntityComponent() { Name = actionExecutedContext.Request.RequestUri.ToString(), Description = baseUri == null ? owinContext.Request.Uri.OriginalString : owinContext.Request.Uri.OriginalString.Replace(baseUri, ""), Type = new Coding() { System = "http://hl7.org/fhir/object-type", Code = "1", Display = "Person" } } }; if (actionExecutedContext.Request.Properties.ContainsKey(Attributes.ActionLogAttribute.ResourceIdentityKey)) { string reference = actionExecutedContext.Request.Properties[Attributes.ActionLogAttribute.ResourceIdentityKey] as string; if (!string.IsNullOrEmpty(reference)) { Audit.Entity[0].Reference = new ResourceReference() { Reference = reference } } ; } } IHtmlGenerationSupport Narative = ICommonFactory.CreateFhirNarativeGenerationSupport(); Narative.NewValuePairList("Time", string.Format("{0} ({1:f3} sec)", dtStart, duration.TotalSeconds)); Narative.AppendValuePairList(actionExecutedContext.Request.Method.ToString(), string.Format("{0}", HttpUtility.HtmlEncode(baseUri == null ? owinContext.Request.Uri.OriginalString : owinContext.Request.Uri.OriginalString.Replace(baseUri, "")))); Narative.AppendValuePairList("BaseUri", baseUri); Narative.AppendValuePairList("From", ipAddress); if (owinContext.Authentication.User != null && owinContext.Authentication.User.Identity.IsAuthenticated) { Narative.AppendValuePairList("User", owinContext.Authentication.User.ToString()); } else { Narative.AppendValuePairList("User", "(anonymous)"); } if (Audit.Outcome != AuditEvent.AuditEventOutcome.N0) { Audit.OutcomeDesc = actionExecutedContext.Exception.Message; Narative.AppendValuePairList("Error", actionExecutedContext.Exception.Message); } Audit.Text = new Narrative { Div = Narative.Generate() }; // Add custom PyroHealth event data Audit.AddExtension("http://pyrohealth.net/extention/AuditEvent/TimeTaken", new FhirDecimal((decimal)duration.TotalMilliseconds)); if (IGlobalProperties.FhirAuditEventLogRequestData) { var requestDataObj = new AuditEvent.EntityComponent { Identifier = new Identifier(null, "RequestData"), Name = actionExecutedContext.Request.RequestUri.ToString(), Description = "Orginial Request Data", Type = new Coding() { System = "http://hl7.org/fhir/object-type", Code = "4", Display = "RequestData" }, Detail = new List <AuditEvent.DetailComponent>() }; var DetailComponent = new AuditEvent.DetailComponent(); requestDataObj.Detail.Add(DetailComponent); string RequestData = GetRequestData(actionExecutedContext); if (!string.IsNullOrWhiteSpace(RequestData)) { DetailComponent.Value = Encoding.UTF8.GetBytes(RequestData); Audit.Entity.Add(requestDataObj); } } if (IGlobalProperties.FhirAuditEventLogResponseData) { var responseDataObj = new AuditEvent.EntityComponent { Identifier = new Identifier(null, "ResponseData"), Name = actionExecutedContext.Request.RequestUri.ToString(), Description = "Orginial Response Data", Type = new Coding() { System = "http://hl7.org/fhir/object-type", Code = "4", Display = "ResponseData" }, Detail = new List <AuditEvent.DetailComponent>() }; var DetailComponent = new AuditEvent.DetailComponent(); responseDataObj.Detail.Add(DetailComponent); string ResponseData = GetResponseData(actionExecutedContext); if (!string.IsNullOrWhiteSpace(ResponseData)) { DetailComponent.Value = Encoding.UTF8.GetBytes(ResponseData); Audit.Entity.Add(responseDataObj); } } //Will only log if Debug logging is enabled. DebugLogRequestResource(actionExecutedContext); //Commit to Database Pyro.Common.RequestMetadata.IRequestMeta IRequestMeta = IRequestMetaFactory.CreateRequestMeta().Set($"{ResourceType.AuditEvent}"); IResourceServiceOutcome ResourceServiceOutcome = IResourceServices.Post(Audit, IRequestMeta); //IResourceServiceOutcome ResourceServiceOutcome = IResourceServices.SetResource(Audit, DtoRequestUri, RestEnum.CrudOperationType.Create); Transaction.Commit(); } catch (Exception Exec) { Logger.Log.Error(Exec, "ActionLogAttribute"); Transaction.Rollback(); } base.OnActionExecuted(actionExecutedContext); } }
public HttpResponseMessage Get() { System.Web.Http.Routing.IHttpRouteData routeData = Request.GetRouteData(); //var req = HttpUtility.ParseQueryString(Request.RequestUri.Query); var reqOptions = Request.GetQueryNameValuePairs(); var controllerName = (string)routeData.Values["controller_name"]; var controllers = ApiRepository.GetViews(); if (!controllers.Contains(controllerName.ToUpper())) { var message = $"'{controllerName}' not found"; var err = new HttpError(message); return(Request.CreateResponse(HttpStatusCode.NotFound, err)); } var colList = ApiRepository.GetColumns(controllerName); var colsStr = string.Join(", ", colList.ToArray()); var parmCount = routeData.Route.Defaults.Keys.Count(p => p.Contains("parm")); var condition = ""; if (routeData.Values.Count > 2) { for (var i = 0; i <= parmCount - 1; i++) { if (colList.Count < i + 1) { continue; } var col = colList[i]; var parm = "parm" + (i).ToString(); if (!routeData.Values.ContainsKey(parm)) { continue; } var val = (string)routeData.Values["parm" + (i).ToString()]; val = val.Replace("'", "''"); if (string.IsNullOrEmpty(val) || val.ToUpper().Trim() == "ANY") { continue; } var sign = "="; val = string.Join(",", val.Split(',').Select(v => $"'{v}'")); if (val.Contains(",")) { sign = " in "; val = $"({val})"; } condition += $" and {col}{sign}{val}"; } } if (colList.Contains("[PRICE]")) { int val; string sVal; if (routeData.Values.ContainsKey("min_price")) { sVal = (string)routeData.Values["min_price"]; if (!string.IsNullOrEmpty(sVal) && sVal.ToUpper().Trim() != "ANY") { if (int.TryParse(sVal, out val)) { condition += $" and price>={val.ToString()}"; } } } if (routeData.Values.ContainsKey("max_price")) { sVal = (string)routeData.Values["max_price"]; if (!string.IsNullOrEmpty(sVal) && sVal.ToUpper().Trim() != "ANY") { if (int.TryParse(sVal, out val)) { condition += $" and price<={val}"; } } } } foreach (var reqParm in reqOptions) { var col = "[" + reqParm.Key.ToUpper() + "]"; var val = reqParm.Value.Replace("'", "''"); var sign = "="; if (col.Contains("MIN_")) { col = col.Replace("MIN_", ""); sign = ">="; } if (col.Contains("MAX_")) { col = col.Replace("MAX_", ""); sign = "<="; } val = string.Join(",", val.Split(',').Select(v => $"'{v}'")); if (val.Contains(",")) { sign = " in "; val = $"({val})"; } if (colList.Contains(col)) { condition += $" and {col}{sign}{val}"; } } var q = $"select {colsStr} from v_api_{controllerName.Trim()} where 1=1 {condition}"; var dynamicContext = ApiRepository.GetDynData(q).Cast <DynamicContext>().ToArray(); var response = Request.CreateResponse(HttpStatusCode.OK, dynamicContext); return(response); }