private static async Task <bool> PreRequestHandler(S3Context ctx) { /* * Return true if a response was sent * */ string header = "[" + ctx.Http.Request.Source.IpAddress + ":" + ctx.Http.Request.Source.Port + " " + ctx.Http.Request.Method.ToString() + " " + ctx.Http.Request.Url.RawWithoutQuery + "] "; while (ctx.Http.Request.Url.RawWithoutQuery.Contains("\\\\")) { ctx.Http.Request.Url.RawWithoutQuery.Replace("\\\\", "\\"); } #region Enumerate if (_Settings.Logging.LogHttpRequests) { _Logging.Debug(Environment.NewLine + ctx.Http.Request.ToString()); } #endregion #region Misc-URLs if (ctx.Http.Request.Url.Elements.Length == 1) { if (ctx.Http.Request.Url.Elements[0].Equals("favicon.ico")) { byte[] favicon = Common.ReadBinaryFile("assets/favicon.ico"); ctx.Response.ContentType = "image/x-icon"; ctx.Response.StatusCode = 200; await ctx.Response.Send(favicon); return(true); } else if (ctx.Http.Request.Url.Elements[0].Equals("robots.txt")) { ctx.Response.ContentType = "text/plain"; ctx.Response.StatusCode = 200; await ctx.Response.Send("User-Agent: *\r\nDisallow:\r\n"); return(true); } } #endregion #region Unauthenticated-Requests if (!ctx.Http.Request.Headers.ContainsKey("Authorization")) { if (ctx.Http.Request.Method == WatsonWebserver.HttpMethod.GET) { if (ctx.Http.Request.Url.Elements == null || ctx.Http.Request.Url.Elements.Length < 1) { ctx.Response.StatusCode = 200; ctx.Response.ContentType = "text/html"; await ctx.Response.Send(DefaultPage("https://github.com/jchristn/less3")); return(true); } } } #endregion #region Admin-Requests if (ctx.Http.Request.Url.Elements.Length >= 2 && ctx.Http.Request.Url.Elements[0].Equals("admin")) { if (ctx.Http.Request.Headers.ContainsKey(_Settings.Server.HeaderApiKey)) { if (!ctx.Http.Request.Headers[_Settings.Server.HeaderApiKey].Equals(_Settings.Server.AdminApiKey)) { _Logging.Warn(header + "invalid admin API key supplied: " + ctx.Http.Request.Headers[_Settings.Server.HeaderApiKey]); ctx.Response.StatusCode = 401; ctx.Response.ContentType = "text/plain"; await ctx.Response.Send(); return(true); } switch (ctx.Http.Request.Method) { case HttpMethod.GET: case HttpMethod.PUT: case HttpMethod.POST: case HttpMethod.DELETE: await _AdminApiHandler.Process(ctx); return(true); } } } #endregion #region Authenticate-and-Authorize RequestMetadata md = _Auth.AuthenticateAndBuildMetadata(ctx); switch (ctx.Request.RequestType) { case S3RequestType.ListBuckets: md = _Auth.AuthorizeServiceRequest(ctx, md); break; case S3RequestType.BucketDelete: case S3RequestType.BucketDeleteTags: case S3RequestType.BucketDeleteWebsite: case S3RequestType.BucketExists: case S3RequestType.BucketRead: case S3RequestType.BucketReadAcl: case S3RequestType.BucketReadLocation: case S3RequestType.BucketReadLogging: case S3RequestType.BucketReadTags: case S3RequestType.BucketReadVersioning: case S3RequestType.BucketReadVersions: case S3RequestType.BucketReadWebsite: case S3RequestType.BucketWrite: case S3RequestType.BucketWriteAcl: case S3RequestType.BucketWriteLogging: case S3RequestType.BucketWriteTags: case S3RequestType.BucketWriteVersioning: case S3RequestType.BucketWriteWebsite: md = _Auth.AuthorizeBucketRequest(ctx, md); break; case S3RequestType.ObjectDelete: case S3RequestType.ObjectDeleteMultiple: case S3RequestType.ObjectDeleteTags: case S3RequestType.ObjectExists: case S3RequestType.ObjectRead: case S3RequestType.ObjectReadAcl: case S3RequestType.ObjectReadLegalHold: case S3RequestType.ObjectReadRange: case S3RequestType.ObjectReadRetention: case S3RequestType.ObjectReadTags: case S3RequestType.ObjectWrite: case S3RequestType.ObjectWriteAcl: case S3RequestType.ObjectWriteLegalHold: case S3RequestType.ObjectWriteRetention: case S3RequestType.ObjectWriteTags: md = _Auth.AuthorizeObjectRequest(ctx, md); break; } if (_Settings.Debug.Authentication) { ctx.Response.Headers.Add("X-Request-Type", ctx.Request.RequestType.ToString()); ctx.Response.Headers.Add("X-Authentication-Result", md.Authentication.ToString()); ctx.Response.Headers.Add("X-Authorized-By", md.Authorization.ToString()); _Logging.Info( header + ctx.Request.RequestType.ToString() + " " + "auth result: " + md.Authentication.ToString() + "/" + md.Authorization.ToString()); } ctx.Metadata = md; #endregion if (ctx.Http.Request.Query.Elements != null && ctx.Http.Request.Query.Elements.ContainsKey("metadata")) { ctx.Response.ContentType = "application/json"; await ctx.Response.Send(Common.SerializeJson(md, true)); return(true); } else { return(false); } }