Esempio n. 1
0
        public /* will not be part of web service itself */ void Handler(WebServiceHandler h)
        {
            //            Content-Length:0
            //Content-Type:text/html
            //Date:Sat, 29 Dec 2012 12:42:05 GMT
            //Server:Google Frontend

            // http://blog.restphone.com/2011/04/app-engine-debug-project-gets.html
            //Caused by: java.lang.NoSuchMethodError: ScriptCoreLibJava.BCLImplementation.System.Web.__HttpRequest.get_Headers()LScriptCoreLib/Shared/BCLImplementation/System/Collections/Specialized/__NameValueCollection;
            //    at PromotionWebApplication1.ApplicationWebService___c__DisplayClass3._Handler_b__0(ApplicationWebService___c__DisplayClass3.java:46)
            //    ... 37 more
            // }

            if (h.Context.Request.Path == "/jsc")
            {
                h.Diagnostics();
                return;
            }

            if (h.Context.Request.Path == "/xxx")
            {
                h.Context.Response.Write("go away!");
                h.CompleteRequest();
                return;
            }

            try
            {
                Action foo = delegate
                {
                    var Referer = h.Context.Request.GetHeader("Referer");
                    if (Referer == null)
                    {
                        Referer = "any";
                    }

                    var HostUri = new
                    {
                        Host = h.Context.Request.GetHeader("Host").TakeUntilIfAny(":"),
                        Port = h.Context.Request.GetHeader("Host").SkipUntilIfAny(":")
                    };

                    var app = new { domain = "www.jsc-solutions.net", local = "127.0.0.1", referer = "", client = h.Applications.FirstOrDefault(k => k.TypeName == "Application") };

                    h.Context.Response.AddHeader("X-Trace", new { Referer, HostUri, app.domain } +"");

                    //var app = apps.FirstOrDefault(
                    //    k =>
                    //    {
                    //        //http://idea-remixer.tumblr.com/

                    //        if (k.referer == Referer)
                    //            return true;


                    //        // GAE has a different value for referer and port
                    //        var r = ("http://" + k.referer + "/");
                    //        if (r == Referer)
                    //            return true;


                    //        if (k.domain == HostUri.Host)
                    //            return true;

                    //        if (k.local == HostUri.Host)
                    //            return true;

                    //        if (h.Context.Request.Path == "/" + k.domain)
                    //            return true;

                    //        if (Referer.EndsWith("/" + k.domain))
                    //            return true;

                    //        // default
                    //        if (k.local == "127.0.0.1")
                    //            return true;

                    //        return false;
                    //    }
                    //);

                    //#region /view-source
                    //            var IsViewSource = h.Context.Request.Path == "/view-source";

                    //            var __explicit = "/" + app.domain + "/view-source";

                    //            if (h.Context.Request.Path == __explicit)
                    //                IsViewSource = true;

                    //            if (IsViewSource)
                    //            {
                    //                h.Context.Response.ContentType = "text/javascript";


                    //                // http://www.webscalingblog.com/performance/caching-http-headers-cache-control-max-age.html
                    //                // this will break if decision was based on referal. should use redirect instead?
                    //                h.Context.Response.AddHeader("Cache-Control", "max-age=2592000");


                    //                // Accept-Encoding: gzip,deflate,sdch
                    //                foreach (var item in app.client.References)
                    //                {
                    //                    h.Context.Response.WriteFile("" + item.AssemblyFile + ".js");
                    //                }

                    //                h.CompleteRequest();
                    //                return;
                    //            }
                    //            #endregion

                    //            if (h.IsDefaultPath)
                    //            {
                    //                h.Context.Response.ContentType = "text/html";

                    //                var xml = XElement.Parse(app.client.PageSource);

                    //                var src = __explicit;

                    //                if (HostUri.Host == app.domain)
                    //                    src = "/view-source";



                    //                xml.Add(
                    //                    new XElement("script",
                    //                        new XAttribute("src", src),

                    //                        // android otherwise closes the tag?
                    //                        " "
                    //                    )
                    //                );



                    //                h.Context.Response.Write(xml.ToString());

                    //                h.CompleteRequest();
                    //            }
                };


                // woraround return support inside try block
                foo();
            }
            catch (Exception ex)
            {
                h.Context.Response.Write("yikes! i did something stupid. " + new { ex.Message, ex.StackTrace });
                h.CompleteRequest();
            }
        }
Esempio n. 2
0
        public void Handler(WebServiceHandler h)
        {
            // SSL certifactes seem way more likely useful.

            var HostUri = new
            {
                Host = h.Context.Request.Headers["Host"].TakeUntilIfAny(":"),
                Port = h.Context.Request.Headers["Host"].SkipUntilIfAny(":")
            };

#if DEBUG
            Console.WriteLine(h.Context.Request.HttpMethod + " " + h.Context.Request.Path);

            h.Context.Request.Headers.AllKeys.WithEach(
                k => Console.WriteLine(k + ": " + h.Context.Request.Headers[k])
                );
#endif

            // http://tools.ietf.org/html/rfc2617#section-3.2.1

            var Authorization = h.Context.Request.Headers["Authorization"];

            var AuthorizationLiteralEncoded = Authorization.SkipUntilOrEmpty("Basic ");
            var AuthorizationLiteral        = Encoding.ASCII.GetString(
                Convert.FromBase64String(AuthorizationLiteralEncoded)
                );

            var AuthorizationLiteralCredentials = new
            {
                user     = AuthorizationLiteral.TakeUntilOrEmpty(":"),
                password = AuthorizationLiteral.SkipUntilOrEmpty(":"),
            };

            Console.WriteLine(new { AuthorizationLiteralCredentials }.ToString());

            Action AlternativeCredentials =
                delegate
            {
                h.Context.Response.Write(
                    new XElement("body",
                                 new XElement("pre",
                                              new { AuthorizationLiteralCredentials }
                                              ),

                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "/login"),
                                              "/login"
                                              ),

                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "/secure"),
                                              "/secure"
                                              ),
                                 new XElement("a", new XAttribute("href",
                                                                  "/secure-foo"),
                                              "/secure-foo"
                                              ),
                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "//xoo:zar@" + HostUri.Host + ":" + HostUri.Port + "/secure"),
                                              "//xoo:zar@" + HostUri.Host + ":" + HostUri.Port + "/secure"
                                              ),
                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "//yoo:yar@" + HostUri.Host + ":" + HostUri.Port + "/secure"),
                                              "//yoo:yar@" + HostUri.Host + ":" + HostUri.Port + "/secure"
                                              ),
                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "//zoo:@" + HostUri.Host + ":" + HostUri.Port + "/secure"),
                                              "//zoo:@" + HostUri.Host + ":" + HostUri.Port + "/secure"
                                              ),
                                 new XElement("hr"),
                                 new XElement("a", new XAttribute("href",
                                                                  "/logout"),
                                              "/logout"
                                              )
                                 )
                    );
            };

            if (h.IsDefaultPath)
            {
                AlternativeCredentials();
                h.CompleteRequest();
                return;
            }

            if (h.Context.Request.Path == "/login")
            {
                h.Context.Response.AddHeader("Refresh", "1;url=/secure");
                h.Context.Response.Write(
                    new XElement("body",
                                 new XElement("h1", "Hey!")
                                 )
                    );

                h.CompleteRequest();

                return;
            }

            if (h.Context.Request.Path == "/logout")
            {
                h.Context.Response.AddHeader("Refresh", "1;url=//logout:@" + HostUri.Host + ":" + HostUri.Port + "/godspeed");
                h.Context.Response.Write(
                    new XElement("body",
                                 new XElement("h1", "Bye!")
                                 )
                    );

                h.CompleteRequest();

                return;
            }

            if (h.Context.Request.Path == "/godspeed")
            {
                h.Context.Response.AddHeader("Refresh", "4;url=/");
                AlternativeCredentials();
                h.Context.Response.Write(
                    new XElement("body",
                                 new XElement("h1", "Godspeed!")
                                 )
                    );

                h.CompleteRequest();

                return;
            }


            if (h.Context.Request.Path == "/jsc")
            {
                h.Diagnostics();
                h.CompleteRequest();

                return;
            }



            if (!string.IsNullOrEmpty(AuthorizationLiteralCredentials.user))
            {
                if (!string.IsNullOrEmpty(AuthorizationLiteralCredentials.password))
                {
                    var xml = XElement.Parse(global::AuthenticationExperiment.HTML.Pages.DefaultPageSource.Text);

#if DEBUG
                    // linq for andoid? when can we have it?

                    xml.Descendants("data-user").ReplaceContentWith(AuthorizationLiteralCredentials.user);
                    xml.Descendants("data-password").ReplaceContentWith(AuthorizationLiteralCredentials.password);
#endif
                    // what are the defalts on different platforms?
                    h.Context.Response.ContentType = "text/html";

                    h.Context.Response.Write(xml.ToString());


                    AlternativeCredentials();


                    h.CompleteRequest();
                    return;
                }
            }

            h.Context.Response.StatusCode = 401;
            h.Context.Response.AddHeader(
                "WWW-Authenticate",
                "Basic realm=\"[email protected]\""
                );

            h.Context.Response.AddHeader("Refresh", "4;url=/");

            //AlternativeCredentials();
            // android flush headers?
            //h.Context.Response.Write("");
            h.Context.Response.Write(
                new XElement("body",
                             new XElement("h1", "Have we met?"),
                             new XElement("hr"),
                             new XElement("a", new XAttribute("href", "/login"), "/login")


                             )
                );

            //h.Context.Response.Write("http://en.wikipedia.org/wiki/Basic_access_authentication");
            h.CompleteRequest();
        }