protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var response = new HttpResponseMessage(); if (request.RequestUri.AbsoluteUri.StartsWith("https://accounts.google.com/o/oauth2/token")) { var formData = new FormCollection(await FormReader.ReadFormAsync(await request.Content.ReadAsStreamAsync())); if (formData["grant_type"] == "authorization_code") { if (formData["code"] == "ValidCode") { if (formData["redirect_uri"] != null && formData["redirect_uri"].EndsWith("signin-google") && formData["client_id"] == "[ClientId]" && formData["client_secret"] == "[ClientSecret]") { response.Content = new StringContent("{\"access_token\":\"ValidAccessToken\",\"refresh_token\":\"ValidRefreshToken\",\"token_type\":\"Bearer\",\"expires_in\":\"1200\",\"id_token\":\"Token\"}", Encoding.UTF8, "application/json"); } } } } else if (request.RequestUri.AbsoluteUri.StartsWith("https://www.googleapis.com/plus/v1/people/me")) { if (request.Headers.Authorization.Parameter == "ValidAccessToken") { response.Content = new StringContent("{ \"kind\": \"plus#person\",\n \"etag\": \"\\\"YFr-hUROXQN7IOa3dUHg9dQ8eq0/2hY18HdHEP8NLykSTVEiAhkKsBE\\\"\",\n \"gender\": \"male\",\n \"emails\": [\n {\n \"value\": \"[email protected]\",\n \"type\": \"account\"\n }\n ],\n \"objectType\": \"person\",\n \"id\": \"106790274378320830963\",\n \"displayName\": \"AspnetvnextTest AspnetvnextTest\",\n \"name\": {\n \"familyName\": \"AspnetvnextTest\",\n \"givenName\": \"FirstName\"\n },\n \"url\": \"https://plus.google.com/106790274378320830963\",\n \"image\": {\n \"url\": \"https://lh3.googleusercontent.com/-XdUIqdMkCWA/AAAAAAAAAAI/AAAAAAAAAAA/4252rscbv5M/photo.jpg?sz=50\"\n },\n \"isPlusUser\": true,\n \"language\": \"en\",\n \"circledByCount\": 0,\n \"verified\": false\n}\n", Encoding.UTF8, "application/json"); } else { response.Content = new StringContent("{\"error\":{\"message\":\"Invalid OAuth access token.\",\"type\":\"OAuthException\",\"code\":190}}"); } } return(response); }
private async Task AddValueProviderAsync(ValueProviderFactoryContext context) { var request = context.ActionContext.HttpContext.Request; IFormCollection form; try { request.Body.Position = 0; var body = await request.BodyReader.ReadAsync(); var CiphertextArray = MessagePackSerializer.Deserialize <byte[][]>(body.Buffer, MessagePack.Resolvers.ContractlessStandardResolver.Options); var plainText = new StringBuilder(); for (int i = 0; i < CiphertextArray.Length; i++) { plainText.Append(_certificate.DecryptFromUTF8bytes(CiphertextArray[i])); } var formReader = new FormReader(plainText.ToString()); var formFields = await formReader.ReadFormAsync(); form = new FormCollection(formFields); } catch (Exception) { throw; //throw new ValueProviderException(Resources.FormatFailedToReadRequestForm(ex.Message), ex); } var valueProvider = new FormValueProvider( BindingSource.Form, form, CultureInfo.CurrentCulture); context.ValueProviders.Add(valueProvider); }
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var response = new HttpResponseMessage(); if (request.RequestUri.AbsoluteUri.StartsWith("https://login.live.com/oauth20_token.srf")) { var formData = new FormCollection(await FormReader.ReadFormAsync(await request.Content.ReadAsStreamAsync())); if (formData["grant_type"] == "authorization_code") { if (formData["code"] == "ValidCode") { if (formData["redirect_uri"] != null && formData["redirect_uri"].EndsWith("signin-microsoft") && formData["client_id"] == "[ClientId]" && formData["client_secret"] == "[ClientSecret]") { response.Content = new StringContent("{\"token_type\":\"bearer\",\"expires_in\":3600,\"scope\":\"wl.basic\",\"access_token\":\"ValidAccessToken\",\"refresh_token\":\"ValidRefreshToken\",\"authentication_token\":\"ValidAuthenticationToken\"}"); } } } } else if (request.RequestUri.AbsoluteUri.StartsWith("https://apis.live.net/v5.0/me")) { if (request.Headers.Authorization.Parameter == "ValidAccessToken") { response.Content = new StringContent("{\r \"id\": \"fccf9a24999f4f4f\", \r \"name\": \"AspnetvnextTest AspnetvnextTest\", \r \"first_name\": \"AspnetvnextTest\", \r \"last_name\": \"AspnetvnextTest\", \r \"link\": \"https://profile.live.com/\", \r \"gender\": null, \r \"locale\": \"en_US\", \r \"updated_time\": \"2013-08-27T22:18:14+0000\"\r}"); } else { response.Content = new StringContent("{\r \"error\": {\r \"code\": \"request_token_invalid\", \r \"message\": \"The access token isn't valid.\"\r }\r}", Encoding.UTF8, "text/javascript"); } } return(response); }
public async Task ReadFormAsync_EmptyValuedAtEndAllowed() { // Arrange var formContent = Encoding.UTF8.GetBytes("foo="); var body = new MemoryStream(formContent); var formCollection = await FormReader.ReadFormAsync(body); // Assert Assert.Equal("", formCollection["foo"].FirstOrDefault()); }
public async Task ReadFormAsync_EmptyKeyWithAdditionalEntryAllowed() { // Arrange var formContent = Encoding.UTF8.GetBytes("=bar&baz=2"); var body = new MemoryStream(formContent); var formCollection = await FormReader.ReadFormAsync(body); // Assert Assert.Equal("bar", formCollection[""].FirstOrDefault()); Assert.Equal("2", formCollection["baz"].FirstOrDefault()); }
public async Task ReadSmallFormAsyncStream() { var bytes = Encoding.UTF8.GetBytes("foo=bar&baz=boo"); var stream = new MemoryStream(bytes); for (var i = 0; i < 1000; i++) { var formReader = new FormReader(stream); await formReader.ReadFormAsync(); stream.Position = 0; } }
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var response = new HttpResponseMessage(); if (request.RequestUri.AbsoluteUri.StartsWith("https://api.twitter.com/oauth/access_token")) { var formData = new FormCollection(await FormReader.ReadFormAsync(await request.Content.ReadAsStreamAsync())); if (formData["oauth_verifier"] == "valid_oauth_verifier") { if (_requestTokenEndpointInvoked) { var response_Form_data = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("oauth_token", "valid_oauth_token"), new KeyValuePair <string, string>("oauth_token_secret", "valid_oauth_token_secret"), new KeyValuePair <string, string>("user_id", "valid_user_id"), new KeyValuePair <string, string>("screen_name", "valid_screen_name"), }; response.Content = new FormUrlEncodedContent(response_Form_data); } else { response.StatusCode = HttpStatusCode.InternalServerError; response.Content = new StringContent("RequestTokenEndpoint is not invoked"); } return(response); } response.StatusCode = (HttpStatusCode)400; return(response); } else if (request.RequestUri.AbsoluteUri.StartsWith("https://api.twitter.com/oauth/request_token")) { var response_Form_data = new List <KeyValuePair <string, string> >() { new KeyValuePair <string, string>("oauth_callback_confirmed", "true"), new KeyValuePair <string, string>("oauth_token", "valid_oauth_token"), new KeyValuePair <string, string>("oauth_token_secret", "valid_oauth_token_secret") }; _requestTokenEndpointInvoked = true; response.Content = new FormUrlEncodedContent(response_Form_data); return(response); } throw new NotImplementedException(request.RequestUri.AbsoluteUri); }
/// <summary> /// Gets the parameter base string. /// </summary> /// <param name="request">The HTTP request to be signed.</param> /// <param name="config">OAuth config information.</param> /// <param name="nonce">The nonce for this request.</param> /// <param name="timestamp">The timestamp for this request.</param> /// <param name="version">The OAuth version.</param> /// <returns>The parameter base string.</returns> public async Task <string> GetParameterBase( HttpRequestMessage request, OAuthConfig config, string nonce, string timestamp, string version) { Dictionary <string, StringValues> parameters = new Dictionary <string, StringValues>(); if (request.Content != null && request.Content.Headers.ContentType.MediaType == "application/x-www-form-urlencoded") { var content = await request.Content.ReadAsStringAsync().ConfigureAwait(false); var fr = new FormReader(content); parameters.Merge(await fr.ReadFormAsync().ConfigureAwait(false)); } var queryParams = QueryHelpers.ParseQuery(request.RequestUri.Query); parameters.Merge(queryParams); parameters.Add("oauth_consumer_key", config.ConsumerKey); parameters.Add("oauth_nonce", nonce); parameters.Add("oauth_signature_method", this.SignatureMethod); parameters.Add("oauth_timestamp", timestamp); parameters.Add("oauth_token", config.AccessToken); parameters.Add("oauth_version", version); string parameterBase = string.Empty; foreach (var param in parameters.OrderBy(pair => pair.Key)) { foreach (var value in param.Value.OrderBy(v => v)) { if (parameterBase.Length > 0) { parameterBase += "&"; } parameterBase += Uri.EscapeDataString(param.Key) + "=" + Uri.EscapeDataString(value); } } return(parameterBase); }
private static bool IsFormWithClientCredentials(HttpContent content, string expectedClientId, string expectedClientSecret) { if (!(content is FormUrlEncodedContent)) { return(false); } var contentStream = content.ReadAsStreamAsync().Result; using (var reader = new FormReader(contentStream)) { var formData = reader.ReadFormAsync().Result; Assert.Equal(expectedClientId, formData["client_id"]); Assert.Equal(expectedClientSecret, formData["client_secret"]); return(true); } }
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var response = new HttpResponseMessage(); if (request.RequestUri.AbsoluteUri.StartsWith("https://graph.facebook.com/v2.5/oauth/access_token")) { var formData = new FormCollection(await FormReader.ReadFormAsync(await request.Content.ReadAsStreamAsync())); if (formData["grant_type"] == "authorization_code") { if (formData["code"] == "ValidCode") { Helpers.ThrowIfConditionFailed(() => ((string)formData["redirect_uri"]).EndsWith("signin-facebook"), "Redirect URI is not ending with /signin-facebook"); Helpers.ThrowIfConditionFailed(() => formData["client_id"] == "[AppId]", "Invalid client Id received"); Helpers.ThrowIfConditionFailed(() => formData["client_secret"] == "[AppSecret]", "Invalid client secret received"); response.Content = new StringContent("{ \"access_token\": \"ValidAccessToken\", \"expires_in\": \"100\" }"); return(response); } response.StatusCode = (HttpStatusCode)400; return(response); } } else if (request.RequestUri.AbsoluteUri.StartsWith("https://graph.facebook.com/v2.5/me")) { var queryParameters = new QueryCollection(QueryHelpers.ParseQuery(request.RequestUri.Query)); Helpers.ThrowIfConditionFailed(() => queryParameters["appsecret_proof"].Count > 0, "appsecret_proof is empty"); if (queryParameters["access_token"] == "ValidAccessToken") { response.Content = new StringContent("{\"id\":\"Id\",\"name\":\"AspnetvnextTest AspnetvnextTest\",\"first_name\":\"AspnetvnextTest\",\"last_name\":\"AspnetvnextTest\",\"link\":\"https:\\/\\/www.facebook.com\\/myLink\",\"username\":\"AspnetvnextTest.AspnetvnextTest.7\",\"gender\":\"male\",\"email\":\"AspnetvnextTest\\u0040test.com\",\"timezone\":-7,\"locale\":\"en_US\",\"verified\":true,\"updated_time\":\"2013-08-06T20:38:48+0000\",\"CertValidatorInvoked\":\"ValidAccessToken\"}"); } else { response.Content = new StringContent("{\"error\":{\"message\":\"Invalid OAuth access token.\",\"type\":\"OAuthException\",\"code\":190}}"); } return(response); } throw new NotImplementedException(request.RequestUri.AbsoluteUri); }
public async Task Register(ModificationContext modificationContext, IJSEngine engine) { FormCollection formFields = null; MediaTypeHeaderValue contentType; MediaTypeHeaderValue.TryParse(modificationContext.ContentType, out contentType); _originalEncoding = contentType?.Encoding ?? Encoding.UTF8; if (HasApplicationFormContentType(contentType)) { var encoding = FilterEncoding(contentType.Encoding); using (var formReader = new FormReader(modificationContext.ContentStream, encoding) { ValueCountLimit = _options.Value.FormOptions.ValueCountLimit, KeyLengthLimit = _options.Value.FormOptions.KeyLengthLimit, ValueLengthLimit = _options.Value.FormOptions.ValueLengthLimit, }) { formFields = new FormCollection(await formReader.ReadFormAsync()); } } else if (HasMultipartFormContentType(contentType)) { _isMultiPart = true; _originalBoundary = GetBoundary(contentType, _options.Value.FormOptions.MultipartBoundaryLengthLimit); formFields = await GetMultipartFormCollection(modificationContext); } _internalForm = formFields ?? FormCollection.Empty; if (modificationContext.ContentStream.CanSeek) { modificationContext.ContentStream.Seek(0, SeekOrigin.Begin); } _formFieldContainer = new Dictionary <string, List <string> >(); foreach (var field in _internalForm) { foreach (var value in field.Value) { if (_formFieldContainer.ContainsKey(field.Key)) { _formFieldContainer[field.Key].Add(value); } else { _formFieldContainer.Add(field.Key, new List <string> { value }); } } } engine.InitializeFormApi(_formFieldContainer, _formFiles); }
private async Task <IFormCollection> InnerReadFormAsync(CancellationToken cancellationToken) { if (!HasFormContentType) { throw new InvalidOperationException("Incorrect Content-Type: " + _request.ContentType); } cancellationToken.ThrowIfCancellationRequested(); //if (_options.BufferBody) //{ // _request.EnableRewind(_options.MemoryBufferThreshold, _options.BufferBodyLengthLimit); //} FormCollection formFields = null; FormFileCollection files = null; // Some of these code paths use StreamReader which does not support cancellation tokens. using (cancellationToken.Register((state) => ((HttpContext)state).Abort(), _request.HttpContext)) { var contentType = ContentType; // Check the content-type if (HasApplicationFormContentType(contentType)) { var encoding = FilterEncoding(contentType.Encoding); using (var formReader = new FormReader(_request.Body, encoding) { ValueCountLimit = _options.ValueCountLimit, KeyLengthLimit = _options.KeyLengthLimit, ValueLengthLimit = _options.ValueLengthLimit, }) { formFields = new FormCollection(await formReader.ReadFormAsync(cancellationToken)); } } else if (HasMultipartFormContentType(contentType)) { var formAccumulator = new KeyValueAccumulator(); var boundary = GetBoundary(contentType, _options.MultipartBoundaryLengthLimit); var multipartReader = new MultipartReader(boundary, _request.Body) { HeadersCountLimit = _options.MultipartHeadersCountLimit, HeadersLengthLimit = _options.MultipartHeadersLengthLimit, BodyLengthLimit = _options.MultipartBodyLengthLimit, }; var section = await multipartReader.ReadNextSectionAsync(cancellationToken); while (section != null) { // Parse the content disposition here and pass it further to avoid reparsings ContentDispositionHeaderValue contentDisposition; ContentDispositionHeaderValue.TryParse(section.ContentDisposition, out contentDisposition); if (contentDisposition.IsFileDisposition()) { var fileSection = new FileMultipartSection(section, contentDisposition); FormFile file; if (section.Body.CanSeek) { // Find the end await section.Body.ConsumeAsync(cancellationToken); var name = fileSection.Name; var fileName = fileSection.FileName; if (section.BaseStreamOffset.HasValue) { // Relative reference to buffered request body file = new StreamFormFile(_request.Body, section.BaseStreamOffset.Value, section.Body.Length, name, fileName); } else { // Individually buffered file body file = new StreamFormFile(section.Body, 0, section.Body.Length, name, fileName); } file.Headers = new HeaderDictionary(section.Headers); } else { //// Enable buffering for the file if not already done for the full body //section.EnableRewind( // _request.HttpContext.Response.RegisterForDispose, // _options.MemoryBufferThreshold, _options.MultipartBodyLengthLimit); //read all bytes. var bytes = await section.Body.ReadAllBytesAsync(cancellationToken); var name = fileSection.Name; var fileName = fileSection.FileName; if (section.BaseStreamOffset.HasValue) { // Relative reference to buffered request body file = new BufferedFormFile(new ArraySegment <byte>(bytes, (int)section.BaseStreamOffset.Value, (int)section.Body.Length), name, fileName); } else { // Individually buffered file body file = new BufferedFormFile(new ArraySegment <byte>(bytes, 0, (int)section.Body.Length), name, fileName); } file.Headers = new HeaderDictionary(section.Headers); } if (files == null) { files = new FormFileCollection(); } if (files.Count >= _options.ValueCountLimit) { throw new InvalidDataException($"Form value count limit {_options.ValueCountLimit} exceeded."); } files.Add(file); } else if (contentDisposition.IsFormDisposition()) { var formDataSection = new FormMultipartSection(section, contentDisposition); // Content-Disposition: form-data; name="key" // // value // Do not limit the key name length here because the mulipart headers length limit is already in effect. var key = formDataSection.Name; var value = await formDataSection.GetValueAsync(); formAccumulator.Append(key, value); if (formAccumulator.ValueCount > _options.ValueCountLimit) { throw new InvalidDataException($"Form value count limit {_options.ValueCountLimit} exceeded."); } } else { System.Diagnostics.Debug.Assert(false, "Unrecognized content-disposition for this section: " + section.ContentDisposition); } section = await multipartReader.ReadNextSectionAsync(cancellationToken); } if (formAccumulator.HasValues) { formFields = new FormCollection(formAccumulator.GetResults(), files); } } } // Rewind so later readers don't have to. if (_request.Body.CanSeek) { _request.Body.Seek(0, SeekOrigin.Begin); } if (formFields != null) { Form = formFields; } else if (files != null) { Form = new FormCollection(null, files); } else { Form = FormCollection.Empty; } return(Form); }
protected override async Task <Dictionary <string, StringValues> > ReadFormAsync(FormReader reader) { return(await reader.ReadFormAsync()); }
public async Task <IActionResult> AuthorizePost(string transactionId) { var result = await connector.ExecuteTransaction(transactionId, async payload => { var formReader = new FormReader(payload); var values = await formReader.ReadFormAsync().ConfigureAwait(false); var formCollection = new FormCollection(values); var amount = decimal.Parse(formCollection["Amount"].Single()); var customerId = formCollection["CustomerId"].Single(); return(new AuthorizeRequest { CustomerId = customerId, TransactionId = transactionId, Amount = amount }, customerId.Substring(0, 2)); }, async session => { Account account; try { account = await session.TransactionContext.Batch() .ReadItemAsync <Account>(session.Payload.CustomerId); } catch (CosmosException e) { if (e.StatusCode == HttpStatusCode.NotFound) { account = new Account { Number = session.Payload.CustomerId, Partition = session.Payload.CustomerId.Substring(0, 2), Balance = 0, Transactions = new List <Transaction>() }; } else { throw new Exception("Error while loading account data", e); } } account.Balance -= session.Payload.Amount; session.TransactionContext.Batch().UpsertItem(account); await session.Send(new SettleTransaction { AccountNumber = account.Number, Amount = session.Payload.Amount, TransactionId = transactionId }); return(new StoredResponse(200, null)); }); if (result.Body != null) { Response.Body = result.Body; } return(StatusCode(result.Code)); }
public async Task <IFormCollection> ReadFormAsync(CancellationToken cancellationToken) { if (Form != null) { return(Form); } if (!HasFormContentType) { throw new InvalidOperationException("Incorrect Content-Type: " + _request.ContentType); } cancellationToken.ThrowIfCancellationRequested(); _request.EnableRewind(); IDictionary <string, string[]> formFields = null; var files = new FormFileCollection(); // Some of these code paths use StreamReader which does not support cancellation tokens. using (cancellationToken.Register(_request.HttpContext.Abort)) { var contentType = ContentType; // Check the content-type if (HasApplicationFormContentType(contentType)) { var encoding = FilterEncoding(contentType.Encoding); formFields = await FormReader.ReadFormAsync(_request.Body, encoding, cancellationToken); } else if (HasMultipartFormContentType(contentType)) { var formAccumulator = new KeyValueAccumulator <string, string>(StringComparer.OrdinalIgnoreCase); var boundary = GetBoundary(contentType); var multipartReader = new MultipartReader(boundary, _request.Body); var section = await multipartReader.ReadNextSectionAsync(cancellationToken); while (section != null) { var headers = new HeaderDictionary(section.Headers); ContentDispositionHeaderValue contentDisposition; ContentDispositionHeaderValue.TryParse(headers.Get(HeaderNames.ContentDisposition), out contentDisposition); if (HasFileContentDisposition(contentDisposition)) { // Find the end await section.Body.DrainAsync(cancellationToken); var file = new FormFile(_request.Body, section.BaseStreamOffset.Value, section.Body.Length) { Headers = headers, }; files.Add(file); } else if (HasFormDataContentDisposition(contentDisposition)) { // Content-Disposition: form-data; name="key" // // value var key = HeaderUtilities.RemoveQuotes(contentDisposition.Name); MediaTypeHeaderValue mediaType; MediaTypeHeaderValue.TryParse(headers.Get(HeaderNames.ContentType), out mediaType); var encoding = FilterEncoding(mediaType?.Encoding); using (var reader = new StreamReader(section.Body, encoding, detectEncodingFromByteOrderMarks: true, bufferSize: 1024, leaveOpen: true)) { var value = await reader.ReadToEndAsync(); formAccumulator.Append(key, value); } } else { System.Diagnostics.Debug.Assert(false, "Unrecognized content-disposition for this section: " + headers.Get(HeaderNames.ContentDisposition)); } section = await multipartReader.ReadNextSectionAsync(cancellationToken); } formFields = formAccumulator.GetResults(); } } Form = new FormCollection(formFields, files); return(Form); }
public static IEndpointConventionBuilder UseFilteredAutoForeignKeys(this IEndpointRouteBuilder builder, string explicitTenantParam, bool forAreas, bool withAuthorization = true) { bool forExplicitTenants = !string.IsNullOrEmpty(explicitTenantParam); ContextExtensions.Init(); RequestDelegate dlg = async context => { //{{connection:regex(^[\\w_]+$)}}/{{table:regex(^[\\w_]+$)}} RouteData routeData = context.GetRouteData(); ActionDescriptor actionDescriptor = new ActionDescriptor(); ActionContext actionContext = new ActionContext(context, routeData, actionDescriptor); var ok = !withAuthorization || context.RequestServices.VerifyCurrentUser(); if (ok) { if (context.Request.RouteValues.ContainsKey("dataResolveHint")) { var baseHint = ((string)context.Request.RouteValues["dataResolveHint"])?.Split("/") .Select(n => HttpUtility.UrlDecode(n)).ToArray(); if (baseHint is { Length : 2 }) { string area = null; if (context.Request.RouteValues.ContainsKey("area")) { area = (string)context.Request.RouteValues["area"]; } var connection = RegexValidate(baseHint[0], "^[\\w_]+$") ? baseHint[0] : null; //(string) context.Request.RouteValues["connection"]; var dbContext = context.RequestServices.ContextForFkQuery(connection, area); if (dbContext != null) { var table = RegexValidate(baseHint[1], dbContext.CustomFkSettings?.CustomTableValidation ?? "^[\\w_]+$") ? baseHint[1] : null; //(string) context.Request.RouteValues["table"]; FormReader former = new FormReader(context.Request.Body); var formsDictionary = await former.ReadFormAsync(); //LogEnvironment.LogEvent(Stringify(formsDictionary), LogSeverity.Report); var newDic = TranslateForm(formsDictionary, true); JsonResult result = null; bool authorized = true; try { result = new JsonResult(dbContext.ReadForeignKey(table, postedFilter: newDic) .ToDummyDataSourceResult()); } catch (SecurityException) { authorized = false; } if (authorized) { await result.ExecuteResultAsync(actionContext); return; } UnauthorizedResult ill = new UnauthorizedResult(); await ill.ExecuteResultAsync(actionContext); return; } } }
public void Configure(IApplicationBuilder app) { app.Run(async context => { if (context.Request.Path.Value != "/debit") { context.Response.StatusCode = 404; return; } var connector = context.RequestServices.GetRequiredService <IMachineInterfaceConnector <string> >(); if (string.Equals(context.Request.Method, "PUT", StringComparison.OrdinalIgnoreCase)) { var requestId = context.Request.Query["rid"]; await connector.StoreRequest(requestId, context.Request.Body); context.Response.StatusCode = 200; } else if (string.Equals(context.Request.Method, "POST", StringComparison.OrdinalIgnoreCase)) { var requestId = context.Request.Query["rid"]; var accountId = context.Request.Query["account"]; var response = await connector.ExecuteTransaction(requestId, accountId, async session => { var formReader = new FormReader(session.PutRequestBody); var values = await formReader.ReadFormAsync().ConfigureAwait(false); var formCollection = new FormCollection(values); var debit = int.Parse(formCollection["debit-value"].Single()); Account account; try { account = await session.TransactionContext.Batch().ReadItemAsync <Account>(accountId); } catch (CosmosException e) { if (e.StatusCode == HttpStatusCode.NotFound) { account = new Account { Id = accountId, AccountNumber = accountId }; } else { throw; } } account.Value -= debit; if (account.Value < 0) { return(new StoredResponse(499, null)); } session.TransactionContext.Batch().UpsertItem(account); return(new StoredResponse(200, null)); }); context.Response.StatusCode = response.Code; } else if (string.Equals(context.Request.Method, "DELETE", StringComparison.OrdinalIgnoreCase)) { var requestId = context.Request.Query["rid"]; await connector.DeleteResponse(requestId); context.Response.StatusCode = 200; } else { context.Response.StatusCode = 404; } }); }
private async Task <IFormCollection> InnerReadFormAsync(CancellationToken cancellationToken) { if (!HasFormContentType) { throw new InvalidOperationException("Incorrect Content-Type: " + _request.ContentType); } cancellationToken.ThrowIfCancellationRequested(); if (_options.BufferBody) { _request.EnableRewind(_options.MemoryBufferThreshold, _options.BufferBodyLengthLimit); } FormCollection formFields = null; FormFileCollection files = null; // Some of these code paths use StreamReader which does not support cancellation tokens. using (cancellationToken.Register((state) => ((HttpContext)state).Abort(), _request.HttpContext)) { var contentType = ContentType; // Check the content-type if (HasApplicationFormContentType(contentType)) { var encoding = FilterEncoding(contentType.Encoding); using (var formReader = new FormReader(_request.Body, encoding) { ValueCountLimit = _options.ValueCountLimit, KeyLengthLimit = _options.KeyLengthLimit, ValueLengthLimit = _options.ValueLengthLimit, }) { formFields = new FormCollection(await formReader.ReadFormAsync(cancellationToken)); } } else if (HasMultipartFormContentType(contentType)) { var formAccumulator = new KeyValueAccumulator(); var boundary = GetBoundary(contentType, _options.MultipartBoundaryLengthLimit); var multipartReader = new MultipartReader(boundary, _request.Body) { HeadersCountLimit = _options.MultipartHeadersCountLimit, HeadersLengthLimit = _options.MultipartHeadersLengthLimit, BodyLengthLimit = _options.MultipartBodyLengthLimit, }; var section = await multipartReader.ReadNextSectionAsync(cancellationToken); while (section != null) { ContentDispositionHeaderValue contentDisposition; ContentDispositionHeaderValue.TryParse(section.ContentDisposition, out contentDisposition); if (HasFileContentDisposition(contentDisposition)) { // Enable buffering for the file if not already done for the full body section.EnableRewind(_request.HttpContext.Response.RegisterForDispose, _options.MemoryBufferThreshold, _options.MultipartBodyLengthLimit); // Find the end await section.Body.DrainAsync(cancellationToken); var name = HeaderUtilities.RemoveQuotes(contentDisposition.Name) ?? string.Empty; var fileName = HeaderUtilities.RemoveQuotes(contentDisposition.FileName) ?? string.Empty; FormFile file; if (section.BaseStreamOffset.HasValue) { // Relative reference to buffered request body file = new FormFile(_request.Body, section.BaseStreamOffset.Value, section.Body.Length, name, fileName); } else { // Individually buffered file body file = new FormFile(section.Body, 0, section.Body.Length, name, fileName); } file.Headers = new HeaderDictionary(section.Headers); if (files == null) { files = new FormFileCollection(); } if (files.Count >= _options.ValueCountLimit) { throw new InvalidDataException($"Form value count limit {_options.ValueCountLimit} exceeded."); } files.Add(file); } else if (HasFormDataContentDisposition(contentDisposition)) { // Content-Disposition: form-data; name="key" // // value // Do not limit the key name length here because the mulipart headers length limit is already in effect. var key = HeaderUtilities.RemoveQuotes(contentDisposition.Name); MediaTypeHeaderValue mediaType; MediaTypeHeaderValue.TryParse(section.ContentType, out mediaType); var encoding = FilterEncoding(mediaType?.Encoding); using (var reader = new StreamReader(section.Body, encoding, detectEncodingFromByteOrderMarks: true, bufferSize: 1024, leaveOpen: true)) { // The value length limit is enforced by MultipartBodyLengthLimit var value = await reader.ReadToEndAsync(); formAccumulator.Append(key, value); if (formAccumulator.ValueCount > _options.ValueCountLimit) { throw new InvalidDataException($"Form value count limit {_options.ValueCountLimit} exceeded."); } } } else { System.Diagnostics.Debug.Assert(false, "Unrecognized content-disposition for this section: " + section.ContentDisposition); } section = await multipartReader.ReadNextSectionAsync(cancellationToken); } if (formAccumulator.HasValues) { formFields = new FormCollection(formAccumulator.GetResults(), files); } } } // Rewind so later readers don't have to. if (_request.Body.CanSeek) { _request.Body.Seek(0, SeekOrigin.Begin); } if (formFields != null) { Form = formFields; } else if (files != null) { Form = new FormCollection(null, files); } else { Form = FormCollection.Empty; } return(Form); }