public void OnCacheAuthorizationReturnsIgnoreRequestIfUserIsUnauthorized()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
mockHelper
.Setup(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>()))
.Returns(false);
AuthorizeAttributeHelper helper = mockHelper.Object;
Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();
mockHttpContext.Setup(c => c.User).Returns(new Mock <IPrincipal>().Object);
// Act
HttpValidationStatus validationStatus = helper.PublicOnCacheAuthorization(
mockHttpContext.Object
);
// Assert
Assert.Equal(HttpValidationStatus.IgnoreThisRequest, validationStatus);
}
public static void ValidateCachedOutput(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
var status = context.Request.QueryString["status"];
if (!string.IsNullOrWhiteSpace(status))
{
switch (status)
{
case "valid":
validationStatus = HttpValidationStatus.Valid;
break;
case "invalid":
validationStatus = HttpValidationStatus.Invalid;
break;
case "ignore":
validationStatus = HttpValidationStatus.IgnoreThisRequest;
break;
default:
throw new ArgumentException("status");
}
}
else
{
validationStatus = HttpValidationStatus.Valid;
}
}
private static void ValidateCacheItem(HttpContext context, object data, ref HttpValidationStatus status)
{
if (context.Kentico().Preview().Enabled)
{
status = HttpValidationStatus.IgnoreThisRequest;
}
}
private static void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (((context.Request.Headers["Range"] != null) || context.Request.RequestType.Equals("(GETSOURCE)")) || context.Request.RequestType.Equals("(HEADSOURCE)"))
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
/// <summary>
/// Cached result is not used to ensure campaign cookies in case of presence of UTM campaign in the query string.
/// </summary>
private void CheckUTMParams(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (!string.IsNullOrEmpty(context.Request.QueryString[UTM_CAMPAIGN_PARAMETER_NAME]))
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
public virtual void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (domainShouldBeCached)
status = HttpValidationStatus.Valid;
else
status = HttpValidationStatus.IgnoreThisRequest;
}
public void CheckCachedItem(HttpContext ctx, object data,
ref HttpValidationStatus status) {
status = data.ToString() == ctx.Request.UserAgent ?
HttpValidationStatus.Valid : HttpValidationStatus.Invalid;
Debug.WriteLine("Cache Status: " + status);
}
/// <summary>
/// Checks if the output cache is still valid.
/// </summary>
/// <param name="context">The context.</param>
/// <param name="data">The data, which is an instance of <see cref="State"/>.</param>
/// <param name="validationStatus">The validation status.</param>
public static void ValidateOutputCache(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
HttpContextWrapper httpContext = new HttpContextWrapper(context);
KeepUserLoggedOn(httpContext);
var state = (State)data;
if (UseOutputCache(context.User, httpContext, state.Config.HttpCacheExpiration))
{
var currentVersion = DataFactoryCache.Version;
if ((state.VersionInCache == currentVersion) && (state.RefreshAfter > DateTime.Now))
{
// Valid version with remaining time before refresh
return;
}
if (Interlocked.Exchange(ref state.VersionRendering, currentVersion) == currentVersion)
{
// Someone else have already received "IgnoreThisRequest" from this method for this state object.
// This time, serve a cached (though stale) response again.
return;
}
// This cache needs to be updated, and this request is the first one to ask for it.
}
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
public virtual void ValidateCacheRequest(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (context.User != null && context.User.Identity.IsAuthenticated)
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
private static void ValidateCacheItem(HttpContext context, object data, ref HttpValidationStatus status)
{
if (context.Kentico().Preview().Enabled)
{
status = HttpValidationStatus.IgnoreThisRequest;
}
}
public void CheckCachedItem(HttpContext ctx, object data, ref HttpValidationStatus status)
{
status = data.ToString() == ctx.Request.UserAgent
? HttpValidationStatus.Valid
: HttpValidationStatus.Invalid;
Debug.WriteLine("Cache Status: " + status);
}
private static ResponseContext ValidationError(HttpValidationStatus httpValidationStatus) =>
new ResponseContext
{
BreakPipeline = true,
StatusCode = HttpStatusCode.BadRequest,
ContentType = "application/json",
Body = JsonConvert.SerializeObject(httpValidationStatus, JsonSettings.Value)
};
private void CacheValidateHandler(
HttpContext context,
object data,
ref HttpValidationStatus validationStatus
)
{
validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
}
private static void CacheValidationCallback(HttpContext context, object data, ref HttpValidationStatus status)
{
if (!string.IsNullOrEmpty(context.Request.QueryString["ignore"]))
{
status = HttpValidationStatus.IgnoreThisRequest;
}
}
/// <summary>
/// Filter method for detecting anonymous users.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
/// <param name="data">The data.</param>
/// <param name="status">The status.</param>
public void OnlyIfAnonymous(HttpContext httpContext,
object data, ref HttpValidationStatus status)
{
if (httpContext.User.Identity.IsAuthenticated)
status = HttpValidationStatus.IgnoreThisRequest;
else
status = HttpValidationStatus.Valid;
}
private static void ShouldBypassCacheValidator(
HttpContext context, object data,
ref HttpValidationStatus validationstatus)
{
validationstatus = ShouldAuthenticate(context)
? HttpValidationStatus.IgnoreThisRequest // Bypass cache => authenticate
: HttpValidationStatus.Valid;
}
public void CanValidateRequestWithRequiredQueryParameter()
{
var spec = TestData.Petstore.Get("/pets").ConfiugureParameter("tags", x => x.Required = true);
var ctx = RouteContextBuilder.FromUrl("/pets?tags=test").WithSpec(spec).Build();
var actual = Sut.Validate(ctx);
var expected = HttpValidationStatus.Success();
Assert.Equal(expected, actual);
}
public void CacheValidate1(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (context.Request.QueryString["Valid"] == "false")
{
status = HttpValidationStatus.Invalid;
}
else
{
status = HttpValidationStatus.Valid;
}
}
private void IgnoreUnAuthenticated(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (context.User.Identity.IsAuthenticated)
{
validationStatus = HttpValidationStatus.Valid;
}
else
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
public void CanValidateRequestWithBody()
{
var body = "{\"name\": \"name\", \"tag\": \"tag\"}";
var spec = TestData.Petstore.Post("/pets");
var ctx = RouteContextBuilder.FromUrl("/pets").WithBody(body).WithSpec(spec).Build();
var actual = Sut.Validate(ctx);
var expected = HttpValidationStatus.Success();
Assert.Equal(expected, actual);
}
public virtual void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (domainShouldBeCached)
{
status = HttpValidationStatus.Valid;
}
else
{
status = HttpValidationStatus.IgnoreThisRequest;
}
}
private void IgnoreUnAuthenticated(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (context.User.Identity.IsAuthenticated)
{
validationStatus = HttpValidationStatus.Valid;
}
else
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
public static void ValidateCacheOutput(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (context.Request.QueryString["id"] != null && context.Request.QueryString["id"].ToString() == "2")
{
status = HttpValidationStatus.IgnoreThisRequest;
}
else
{
status = HttpValidationStatus.Valid;
}
}
static void SetAnonymousCaching(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (context.User.Identity.IsAuthenticated)
{
status = HttpValidationStatus.IgnoreThisRequest;
}
else
{
status = HttpValidationStatus.Valid;
}
}
void CacheValidationCallback(HttpContext context, object state, ref HttpValidationStatus result)
{
if (((DateTime)state) == this.startupTime)
{
result = HttpValidationStatus.Valid;
}
else
{
result = HttpValidationStatus.Invalid;
}
}
/// <summary>
/// Filter method for detecting anonymous users.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
/// <param name="data">The data.</param>
/// <param name="status">The status.</param>
public void OnlyIfAnonymous(HttpContext httpContext,
object data, ref HttpValidationStatus status)
{
if (httpContext.User.Identity.IsAuthenticated)
{
status = HttpValidationStatus.IgnoreThisRequest;
}
else
{
status = HttpValidationStatus.Valid;
}
}
public void CanValidateRequest()
{
var ctx = RouteContextBuilder
.FromUrl("/pets")
.WithSpec(TestData.Petstore.Get("/pets"))
.Build();
var actual = Sut.Validate(ctx);
var expected = HttpValidationStatus.Success();
Assert.Equal(expected, actual);
}
public static void ValidateCache(HttpContext context, Object data,
ref HttpValidationStatus status)
{
HttpCookie cookie = context.Request.Cookies["admin"];
if (cookie != null)
{
status = HttpValidationStatus.Invalid;
}
else
{
status = HttpValidationStatus.Valid;
}
}
public void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
// var request = HttpContext.Current.Request;
var request = context.Request;
if (request.QueryString["JJ"] == null)
{
status = HttpValidationStatus.Invalid;
}
else if (request.QueryString["JJ"] == "" || request.QueryString["JJ"] == "0")
{
status = HttpValidationStatus.IgnoreThisRequest;
}
else
{
status = HttpValidationStatus.Valid;
}
}
public void OnAuthorization_should_return_cache_validation_status_as_valid()
{
var httpContext = new Mock <HttpContextBase>();
var requestContext = new RequestContext(httpContext.Object, new RouteData());
var controllerContext = new ControllerContext(requestContext, new Mock <ControllerBase>().Object);
var filterContext = new AuthorizationContext(controllerContext, new Mock <ActionDescriptor>().Object);
HttpValidationStatus cacheValidation = HttpValidationStatus.IgnoreThisRequest;
httpContext.Setup(c => c.Response.Cache.AddValidationCallback(It.IsAny <HttpCacheValidateHandler>(), It.IsAny <object>())).Callback((HttpCacheValidateHandler handler, object data) => handler(null, data, ref cacheValidation));
var attribute = new ExtendedAuthorizeAttributeTestDouble(true);
attribute.OnAuthorization(filterContext);
Assert.Equal(HttpValidationStatus.Valid, cacheValidation);
}
public static void ValidateOutputCache(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
var httpContextBase = new HttpContextWrapper(context);
var state = data as ValidationState;
if (state.UsesPersonalizationOrQuery || context.Cache[context.Request.RawUrl] == null)
{
validationStatus = HttpValidationStatus.Invalid;
}
else if (!OutputCacheHandler.UseOutputCache(context.User, httpContextBase, state.Settings.HttpCacheExpiration))
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
else
{
validationStatus = HttpValidationStatus.Valid;
}
}
// CacheAuthorizationHandler is only attached to the CachePolicy after first time success authorization
/// <summary>
/// When output is cached, the OnAuthorization will be skipped
/// </summary>
/// <param name="context">The context</param>
/// <param name="data">The data</param>
/// <param name="validationStatus">The validation status</param>
private void CacheAuthorizationHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
// when output is cached, the cachePolicy will trigger the CacheValidateHandler to authorize user
if (data == null)
{
throw new ArgumentNullException(nameof(data), "data should be AuthorizationContext");
}
AuthorizationContext filterContext = (AuthorizationContext)data;
if (filterContext == null)
{
throw new InvalidCastException("data should be AuthorizationContext");
}
AuthorizeResultEnum authorizeResult = AuthorizeUser(filterContext);
// HttpValidationStatus.Valid => return cache data
validationStatus = authorizeResult == AuthorizeResultEnum.Success ? HttpValidationStatus.Valid : HttpValidationStatus.IgnoreThisRequest;
}
/// <summary>
/// Cache validator routine.
/// </summary>
/// <param name="context"></param>
/// <param name="data"></param>
/// <param name="status"></param>
public void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
// get flag
Hashtable cacheFlags = ApplicationAdapter.GetCacheFlags();
bool isValid = true;
if (cacheFlags.ContainsKey(_forum.ForumID))
{
isValid = (bool)cacheFlags[_forum.ForumID];
}
if (isValid)
{
status = HttpValidationStatus.Valid;
}
else
{
status = HttpValidationStatus.Invalid;
}
}
public void OnCacheAuthorizationReturnsValidIfUserIsAuthorized()
{
// Arrange
Mock <AuthorizeAttributeHelper> mockHelper = new Mock <AuthorizeAttributeHelper>()
{
CallBase = true
};
mockHelper.Expect(h => h.PublicAuthorizeCore(It.IsAny <HttpContextBase>())).Returns(true);
AuthorizeAttributeHelper helper = mockHelper.Object;
Mock <HttpContextBase> mockHttpContext = new Mock <HttpContextBase>();
mockHttpContext.Expect(c => c.User).Returns(new Mock <IPrincipal>().Object);
// Act
HttpValidationStatus validationStatus = helper.PublicOnCacheAuthorization(mockHttpContext.Object);
// Assert
Assert.AreEqual(HttpValidationStatus.Valid, validationStatus);
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = OnCacheAuthorization((AuthorizationContext)data);
}
private void CacheValidateHandler(HttpContext context, [NotNull] object data, ref HttpValidationStatus validationStatus)
{
validationStatus = OnCacheAuthorization((AuthorizationContext)data);
}
private void CheckCachedItem(HttpContext context, object data, ref HttpValidationStatus validationStatus) {
validationStatus = data.ToString() == context.Request.UserAgent
? HttpValidationStatus.Valid
: HttpValidationStatus.Invalid;
Debug.WriteLine("Cache Status: " + validationStatus);
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
IFunction function = data as IFunction;
validationStatus = OnCacheAuthorization(new HttpContextWrapper(context), function);
}
/// <summary>
/// Cache validator routine.
/// </summary>
/// <param name="context"></param>
/// <param name="data"></param>
/// <param name="status"></param>
public void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
// get flag
Hashtable cacheFlags = ApplicationAdapter.GetCacheFlags();
bool isValid = true;
if(cacheFlags.ContainsKey(_forum.ForumID))
{
isValid = (bool)cacheFlags[_forum.ForumID];
}
if(isValid)
{
status = HttpValidationStatus.Valid;
}
else
{
status = HttpValidationStatus.Invalid;
}
}
void CacheValidationCallback(HttpContext context, object state, ref HttpValidationStatus result)
{
if (((DateTime)state) == this.startupTime)
{
result = HttpValidationStatus.Valid;
}
else
{
result = HttpValidationStatus.Invalid;
}
}
private void HttpCacheValidateHandler1(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = HttpValidationStatus.Valid;
if (!this.AuthorizeCore(new HttpContextWrapper(context)))
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
}
/*
public void ReWritePath(HttpContext context, string filepath) {
if (!File.Exists(filepath)) {
CmsFile f = CmsHttpContext.Current.CmsFile;
if (f != null) {
if (f is CmsPage) { //TODO: Extend for all file types
CmsPage p = (CmsPage)f;
context.RewritePath(ResolveTemplate(p.Template.Url), false);
}
}
}
}
public void PreventCachingInAuthoringMode(HttpContext context) {
if (context.User.Identity.IsAuthenticated) {
context.Response.Cache.SetCacheability(HttpCacheability.NoCache);
}
}
public string ResolveTemplate(string url) {
if (url.StartsWith("/")) {
url = url.Replace(CmsContext.Current.Site.RootDirectory.FullPath, "~");
}
return url;
}
*/
/// <summary>
/// This method supports the Xenosynth CMS Module and is not intended to be used directly from your code.
/// </summary>
/// <param name="context">
/// A <see cref="HttpContext"/>
/// </param>
/// <param name="data">
/// A <see cref="Object"/>
/// </param>
/// <param name="status">
/// A <see cref="HttpValidationStatus"/>
/// </param>
public void Validate(HttpContext context, Object data, ref HttpValidationStatus status)
{
if (context.User != null && context.User.Identity.IsAuthenticated) {
status = HttpValidationStatus.IgnoreThisRequest;
} else {
status = HttpValidationStatus.Valid;
}
}
/// <summary>
/// 缓存验证的结果
/// </summary>
/// <param name="context"></param>
/// <param name="data"></param>
/// <param name="validationStatus"></param>
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = this.OnCacheAuthorization(context, data);
}
private void CacheValidateHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
validationStatus = OnCacheAuthorization(new HttpContextWrapper(context));
}
public virtual void ValidateCacheRequest(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
if (context.User != null && context.User.Identity.IsAuthenticated)
validationStatus = HttpValidationStatus.IgnoreThisRequest;
}
private void CacheValidationHandler(HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
var handlerData = data as CacheValidationHandlerData;
if (handlerData == null)
{
validationStatus = HttpValidationStatus.Invalid;
return;
}
if (OnMethodAuthorizing(handlerData.ServiceContext, handlerData.BehaviorContext) == BehaviorMethodAction.Stop)
{
validationStatus = HttpValidationStatus.IgnoreThisRequest;
return;
}
validationStatus = HttpValidationStatus.Valid;
}
private void Validate (HttpContext context, object data, ref HttpValidationStatus validationStatus)
{
}
