public override async Task <HttpResponseMessage> Invoke()
{
var authenticators = _actionDescriptor.Authenticators.ThatApply(_authenticators).ToList();
if (!authenticators.Any())
{
if (_configuration.FailIfNoAuthenticatorsApplyToAction)
{
throw new GraphiteException("No authenticators registered.");
}
return(await BehaviorChain.InvokeNext());
}
var authorization = _requestMessage.Headers.Authorization;
if (authorization == null)
{
return(GetUnauthorizedResponse(authenticators));
}
var authenticator = authenticators.FirstOrDefault(x =>
x.Scheme.EqualsUncase(authorization.Scheme));
if (authenticator == null)
{
return(GetUnauthorizedResponse(authenticators));
}
return(authenticator.Authenticate(authorization.Parameter)
? await BehaviorChain.InvokeNext()
: GetUnauthorizedResponse(authenticators, authenticator));
}
private async Task <HttpResponseMessage> FailRequest(GraphiteCorsPolicy corsPolicy,
bool preflight, string message = null)
{
if (!preflight && corsPolicy.AllowRequestsThatFailCors)
{
return(await BehaviorChain.InvokeNext());
}
if (preflight && corsPolicy.AllowOptionRequestsToPassThrough)
{
return(BadRequest(await BehaviorChain.InvokeNext(), message));
}
return(BadRequest(message: message));
}
public async Task Should_invoke_behavior_instance()
{
_configuration.DefaultBehavior = typeof(TestDefaultBehavior);
var response = new HttpResponseMessage();
_behaviors.Configure(x => x
.Append <TestBehavior1>()
.Append(new BehaviorInstance(response, _logger)));
var behaviorChain = new BehaviorChain(_configuration, _actionDescriptor, _container);
var result = await behaviorChain.InvokeNext();
result.ShouldEqual(response);
_logger.ShouldOnlyContain(typeof(TestBehavior1), typeof(BehaviorInstance));
}
public async Task Should_invoke_behaviors_in_order()
{
_configuration.DefaultBehavior = typeof(TestDefaultBehavior);
_behaviors.Configure(x => x
.Append <TestBehavior1>()
.Append <TestBehavior2>());
var behaviorChain = new BehaviorChain(_configuration, _actionDescriptor, _container);
var result = await behaviorChain.InvokeNext();
result.ShouldNotBeNull();
result.StatusCode.ShouldEqual(HttpStatusCode.Accepted);
_logger.ShouldOnlyContain(
typeof(TestBehavior1),
typeof(TestBehavior2),
typeof(TestDefaultBehavior));
}
public override async Task <HttpResponseMessage> Invoke()
{
var corsRequestContext = _requestMessage.GetCorsRequestContext();
var corsPolicy = _policySources.ThatApplies(_corsConfiguration,
_actionDescriptor, _configuration, _httpConfiguration)?.CreatePolicy();
if (corsPolicy == null)
{
return(await BehaviorChain.InvokeNext());
}
var preflight = corsRequestContext.IsPreflight;
if (!preflight && corsRequestContext.Origin.IsNullOrEmpty())
{
return(corsPolicy.AllowRequestsWithoutOriginHeader
? await BehaviorChain.InvokeNext()
: _requestMessage.CreateResponse(HttpStatusCode.BadRequest));
}
return(await HandleRequest(preflight, corsRequestContext, corsPolicy));
}
private async Task <HttpResponseMessage> HandleRequest(bool preflight,
CorsRequestContext requestContext, GraphiteCorsPolicy corsPolicy)
{
if (preflight && !_configuration.SupportedHttpMethods.Contains(
requestContext.AccessControlRequestMethod))
{
return(await FailRequest(corsPolicy, true));
}
var result = _corsEngine.EvaluatePolicy(requestContext, corsPolicy);
if (result == null || !result.IsValid)
{
return(await FailRequest(corsPolicy, preflight,
result?.ErrorMessages.Join(" ")));
}
var response = !preflight || corsPolicy.AllowOptionRequestsToPassThrough
? await BehaviorChain.InvokeNext()
: _requestMessage.CreateResponse();
response.WriteCorsHeaders(result);
return(response);
}
public override Task <HttpResponseMessage> Invoke()
{
return(BehaviorChain.InvokeNext());
}
