/// <summary>
/// Method that process the url
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
/// <returns>true if this module handled the request.</returns>
public override bool Process (IHttpRequest request, IHttpResponse response, IHttpSession session)
{
Uri uri = request.Uri;
if (!uri.AbsolutePath.StartsWith("/FanartService"))
return false;
IFanArtService fanart = ServiceRegistration.Get<IFanArtService>(false);
if (fanart == null)
return false;
FanArtConstants.FanArtMediaType mediaType;
FanArtConstants.FanArtType fanArtType;
int maxWidth;
int maxHeight;
if (uri.Segments.Length < 4)
return false;
if (!Enum.TryParse(GetSegmentWithoutSlash(uri,2), out mediaType))
return false;
if (!Enum.TryParse(GetSegmentWithoutSlash(uri, 3), out fanArtType))
return false;
string name = GetSegmentWithoutSlash(uri, 4);
// Both values are optional
int.TryParse(GetSegmentWithoutSlash(uri, 5), out maxWidth);
int.TryParse(GetSegmentWithoutSlash(uri, 6), out maxHeight);
IList<FanArtImage> files = fanart.GetFanArt(mediaType, fanArtType, name, maxWidth, maxHeight, true);
if (files == null || files.Count == 0)
return false;
using (MemoryStream memoryStream = new MemoryStream(files[0].BinaryData))
SendWholeStream(response, memoryStream, false);
return true;
}
private void ProcessMedia(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession, string url)
{
HttpWebRequest request = WebRequest.CreateHttp(url);
request.CookieContainer = new CookieContainer();
request.Method = aRequest.Method;
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
aResponse.Status = response.StatusCode;
aResponse.ContentType = response.ContentType;
Uri uri = new Uri(url);
CookieCollection cookies = request.CookieContainer.GetCookies(uri);
GetFormValues(aRequest, aResponse);
Stream stream = response.GetResponseStream();
MemoryStream ms = new MemoryStream();
stream.CopyTo(ms);
TryAddCookies(cookies, aResponse);
byte[] decrypedBytes = ms.ToArray();
var writer = new BinaryWriter(aResponse.Body);
writer.Write(decrypedBytes);
writer.Flush();
response.Close();
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
// Check if the user is logged in.
if (aSession["Username"] != null)
{
return(false);
}
if (string.IsNullOrEmpty(Settings["Redirect"]))
{
aSession["Redirect"] = aRequest.Uri.AbsolutePath;
}
switch (aRequest.Method)
{
case Method.Get:
return(Get(aRequest, aResponse, aSession));
case Method.Post:
return(Post(aRequest, aResponse, aSession));
default:
return(false);
}
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriParts.Length > 0)
{
string part = request.UriParts[0].ToLower();
int arg = part.IndexOf("(");
if (arg != -1 && part[part.Length - 1] == ')')
{
part = part.Substring(0, arg);
}
if (part != this.sectionName)
{
return(false);
}
if (this.Connections.ProcessSession(request, session, response) || !MustBeLoggedIn)
{
return(ProcessSection(request, response, session));
}
else
{
return(false);
}
}
return(false);
}
private bool Post(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
//foreach (HttpInputItem item in aRequest.Form)
//{
// Host.Logger.WriteLine("[{0}] := {1}", item.Name, item.Value);
//}
if (aRequest.Form.Contains("Username"))
{
aSession["Username"] = aRequest.Form["Username"].Value;
var redirect = Settings["Redirect"];
if (string.IsNullOrEmpty(redirect))
{
redirect = aSession["Redirect"] as string;
}
if (string.IsNullOrEmpty(redirect))
{
var writer = new StreamWriter(aResponse.Body);
writer.WriteLine("<p>User <strong>{0}</strong> logged on.</p>", aSession["Username"]);
writer.Flush();
}
else
{
aResponse.Redirect(redirect);
}
return(true);
}
Host.Logger.WriteLine("Error: invalid login data.");
return(false);
}
public void Process(RouteValues routeValues, IHttpRequest request, IHttpResponse response, IHttpSession session)
{
string output = _action.Invoke(new ActionParameters(routeValues, request, response, session));
var writer = new StreamWriter(response.Body);
writer.Write(output);
writer.Flush();
}
/// <summary> Invalidate the old session after copying all of its contents to a newly created session with a new session id.
/// Note that this is different from logging out and creating a new session identifier that does not contain the
/// existing session contents. Care should be taken to use this only when the existing session does not contain
/// hazardous contents.
///
/// </summary>
/// <returns> The invaldiated session.
/// </returns>
/// <seealso cref="Owasp.Esapi.Interfaces.IHttpUtilities.ChangeSessionIdentifier()">
/// </seealso>
public IHttpSession ChangeSessionIdentifier()
{
IHttpRequest request = ((Authenticator)Esapi.Authenticator()).CurrentRequest;
IHttpResponse response = ((Authenticator)Esapi.Authenticator()).CurrentResponse;
IHttpSession session = ((Authenticator)Esapi.Authenticator()).CurrentSession;
IDictionary temp = new Hashtable();
// make a copy of the session content
IEnumerator e = session.GetEnumerator();
while (e != null && e.MoveNext())
{
string name = (string)e.Current;
object val = session[name];
temp[name] = val;
}
// invalidate the old session and create a new one
// This hack comes from here: http://support.microsoft.com/?kbid=899918
session.Abandon();
response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
// copy back the session content
IEnumerator i = new ArrayList(temp).GetEnumerator();
while (i.MoveNext())
{
DictionaryEntry entry = (DictionaryEntry)i.Current;
session.Add((string)entry.Key, entry.Value);
}
return(session);
}
public UserProvider(IRepository<Account> accountRepository, IRepository<Player> playerRepository,
IHttpSession httpSession)
{
_accountRepository = accountRepository;
_playerRepository = playerRepository;
_httpSession = httpSession;
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
Server server;
string serverName = aRequest.UriParts[0];
Host.Logger.WriteLine(String.Format("request for: {0} ", serverName));
int index = mRegisteredServices.IndexOf(new Service(serverName, "", 0));
if (index > -1)
{
server = mRegisteredServices [index].getServer();
var redirection = new StringBuilder();
redirection.AppendFormat("http://{0}:{1}", server.IPAdress, server.Port);
redirection.Append(ProcessPath(aRequest.UriParts));
aResponse.Redirect(redirection.ToString());
}
else
{
//no service found
//TODO send 404 page
Host.Logger.WriteLine("no service provider found");
}
return(true);
}
public IHttpResponse AddGame(IHttpSession session, AddGameViewModel model)
{
if (!AdminAccess(session))
{
return(new BadRequestResponse());
}
string error = this.ValidateModel(model);
if (error != null)
{
return(this.ErrorMessageResponse(error, FilePaths.GameAdd));
}
this.GameService.Create(
model.Title,
model.Price,
model.Size,
model.Trailer,
model.ThumbnailUrl,
model.Description,
model.ReleaseDate);
return(new RedirectResponse(UrlPaths.GameAdminList));
}
private SessionList <string> CreateCompareSessionList(IHttpSession session)
{
return(new SessionList <string>(
session,
nameof(ComparePresenter),
nameof(ComparedEmployers)));
}
public ErrorController(
IHttpCache cache,
IHttpSession session,
IDataRepository dataRepository,
IWebTracker webTracker) : base(cache, session, dataRepository, webTracker)
{
}
public IHttpResponse Details(IHttpRequest request)
{
IHttpSession session = request.Session;
if (session.Containts(SessionKeys.CurrentUser))
{
this.ShowUserNavBar(session.GetParameter(SessionKeys.CurrentUser).ToString());
}
else
{
this.ShowGuestNavBar();
}
int gameId = int.Parse(request.UrlParameters["id"]);
GameDetailsViewModel model = this.GameService.Details(gameId);
this.ViewData["gameId"] = gameId.ToString();
this.ViewData["gameTitle"] = model.Title;
this.ViewData["gameTrailer"] = model.Trailer;
this.ViewData["gameDescription"] = model.Description;
this.ViewData["gamePrice"] = model.Price.ToString("F2");
this.ViewData["gameSize"] = model.Size.ToString("F1");
this.ViewData["gameReleaseDate"] = model.ReleaseDate.ToString("dd/MM/yyyy");
return(this.FileViewResponse(@"game\details"));
}
public IHttpResponse All(IHttpSession session)
{
if (!session.IsLoggedIn())
{
return(new RedirectResponse("/"));
}
this.SetLoggedInView();
List <Album> albums = this.albumService.GetAll();
if (albums.Count == 0)
{
this.ViewData["all-albums"] = "There are currently no albums.";
return(this.FileViewResponse("/Albums/all"));
}
StringBuilder sb = new StringBuilder();
foreach (Album album in albums)
{
sb.Append($"<li><a href =\"/Albums/details?albumId={album.Id}\">{album.Name}</a></li>");
}
this.ViewData["all-albums"] = sb.ToString();
return(this.FileViewResponse("/Albums/all"));
}
public bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
bool handled = false;
if (!handled)
{
handled = rpcModule.Process(request, response, session);
}
if (!handled)
{
handled = frontendModule.Process(request, response, session);
}
if (!handled)
{
StreamWriter writer = new StreamWriter(response.Body);
writer.Write("<html>\n<head>\n");
writer.Write("<title>" + "Page not found" + "</title>\n");
writer.Write("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n");
writer.Write("</head>\n");
writer.Write("<body>\n<h2>Page not found</h2>\n");
writer.Write("\n</body>\n</html>\n");
writer.Flush();
handled = true;
}
return handled;
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
if (aRequest.Uri.AbsolutePath.StartsWith(@"/favicon.ico"))
{
return(false);
}
if (aRequest.Uri.AbsolutePath.StartsWith(@"/footzon/event"))
{
Thread.Sleep(5000);
aResponse.ContentType = @"text/event-stream";
var writer = new StreamWriter(aResponse.Body);
writer.Write("Event : {0}", ++counter);
writer.Flush();
return(true);
}
if (aRequest.Uri.AbsolutePath.StartsWith(@"/footzon"))
{
var writer = new StreamWriter(aResponse.Body);
writer.Write(Resource.index);
writer.Flush();
return(true);
}
return(false);
}
protected sealed override List <CasTransactionOutcome> ExecuteTests(TestCasConnectivity.TestCasConnectivityRunInstance instance)
{
TaskLogger.LogEnter();
try
{
VirtualDirectoryUriScope virtualDirectoryUriScope;
Uri testUri = this.GetTestUri(instance, out virtualDirectoryUriScope);
base.WriteVerbose(Strings.CasHealthWebAppStartTest(testUri));
IRequestAdapter requestAdapter = this.CreateRequestAdapter(virtualDirectoryUriScope);
IExceptionAnalyzer exceptionAnalyzer = this.CreateExceptionAnalyzer(testUri);
IResponseTracker responseTracker = this.CreateResponseTracker();
IHttpSession session = this.CreateHttpSession(requestAdapter, exceptionAnalyzer, responseTracker, instance);
this.HookupEventHandlers(session);
CasTransactionOutcome casTransactionOutcome = this.CreateOutcome(instance, testUri, responseTracker);
string userName;
string domain;
SecureString secureString;
this.GetUserParameters(instance, out userName, out domain, out secureString);
ITestStep testStep = this.CreateScenario(instance, testUri, userName, domain, secureString, virtualDirectoryUriScope, instance.CasFqdn);
testStep.BeginExecute(session, new AsyncCallback(this.ScenarioExecutionFinished), new object[]
{
testStep,
instance,
responseTracker,
casTransactionOutcome,
secureString
});
}
finally
{
TaskLogger.LogExit();
}
return(null);
}
public void Send(MessageBase message, IHttpSession session)
{
lock (connections)
{
connections[session].Receive(message);
}
}
public void SaveSession(IHttpSession session)
{
lock (connections)
{
sessionStore.Save(session);
}
}
protected override void Establish_context()
{
base.Establish_context();
_product1 = new Product {
ProductId = 1, Name = "one", Price = 1.11m
};
_product2 = new Product {
ProductId = 2, Name = "two", Price = 2.22m
};
_mocker = new RhinoAutoMocker <OrderController>();
// stub the Session
_session = new FakeHttpSession();
_mocker.Inject <IHttpSession>(_session);
// available products
_mocker.Get <IGetProductService>().Stub(s => s.GetAvailableProducts())
.Return(new[]
{
_product1,
_product2,
new Product {
ProductId = 3, Name = "three", Price = 3.33m
}
});
}
internal virtual void HookupEventHandlers(IHttpSession session)
{
session.SendingRequest += this.SendingRequest;
session.ResponseReceived += this.ResponseReceived;
session.TestStarted += this.TestStarted;
session.TestFinished += this.TestFinished;
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
if (mServers.Count == 0)
{
return(false);
}
mNextServer = (mNextServer + 1) % mServers.Count;
Host.Logger.WriteLine(String.Format("Dispatching to server on port {0}", mServers[mNextServer]));
var redirection = new StringBuilder();
redirection.AppendFormat("http://{0}:{1}", mServers[mNextServer].Key, mServers[mNextServer].Value);
redirection.Append(aRequest.Uri.AbsolutePath);
int count = aRequest.QueryString.Count();
if (count > 0)
{
redirection.Append('?');
foreach (HttpInputItem item in aRequest.QueryString)
{
redirection.Append(String.Format("{0}={1}", item.Name, item.Value));
if (--count > 0)
{
redirection.Append('&');
}
}
}
aResponse.Redirect(redirection.ToString());
return(true);
}
private void ProcessHtml(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession, string url)
{
HttpWebRequest request = WebRequest.CreateHttp(url);
request.Method = aRequest.Method;
request.CookieContainer = new CookieContainer();
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
aResponse.Status = response.StatusCode;
aResponse.ContentType = response.ContentType;
Uri uri = new Uri(url);
CookieCollection cookies = request.CookieContainer.GetCookies(uri);
GetFormValues(aRequest, aResponse);
Stream stream = response.GetResponseStream();
StreamReader reader = new StreamReader(stream);
string responseFromServer = reader.ReadToEnd();
TryAddCookies(cookies, aResponse);
StandardWriter(responseFromServer, aResponse.Body);
response.Close();
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriParts.Length == 0)
{
return(false);
}
string file = request.UriParts[request.UriParts.Length - 1];
if (file.Contains("."))
{
response.ContentType = GetMimeType(file);
byte[] fileContents = GetFile(file);
if (fileContents == null)
{
response.Status = HttpStatusCode.NotFound;
return(true);
}
response.Body.Write(fileContents, 0, fileContents.Length);
response.Body.Flush();
response.Send();
return(true);
}
return(false);
}
public override bool Process(
IHttpRequest request,
IHttpResponse response,
IHttpSession session)
{
var urlAbsolute = request.Uri.AbsolutePath;
if (urlAbsolute.StartsWith(@"/texts"))
{
var text = _owner.getDictionary(cleanUriEnd(removeUriStart(@"/texts/", urlAbsolute)));
checkSendText(request, response, text == null ? null : text.Html);
return(true);
}
else
{
// Ignore several known URLs.
if (urlAbsolute.StartsWith(@"/favicon.ico"))
{
return(false);
}
else
{
throw new Exception(string.Format(Resources.MyModule_Process_Unexpected_path___0___, urlAbsolute));
}
}
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (_ignoredPaths.Contains(request.Uri.AbsolutePath))
return true;
TextWriter writer = new StreamWriter(response.Body);
try
{
string fileContents = File.ReadAllText("resources" + request.Uri.AbsolutePath);
writer.Write(fileContents);
}
catch (Exception ex)
{
response.ContentType = "text/plain; charset=UTF-8";
writer.WriteLine(ex.Message);
writer.WriteLine(ex.StackTrace);
}
finally
{
writer.Flush();
}
return true;
}
public static void write_page(IHttpRequest request, IHttpResponse response, IHttpSession session, string page_content)
{
StreamWriter writer = new StreamWriter(response.Body);
writer.WriteLine(page_content);
writer.Flush();
}
public override Boolean Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriPath.StartsWith("/!") || request.UriPath.StartsWith("/$"))
{
StreamWriter writer = new StreamWriter(response.Body, Encoding.UTF8);
String ret;
try
{
Object obj = this.Servant.Host.RequestManager.Execute(Request.Parse(request.UriPath.UriDecode()));
ret = obj != null ? obj.ToString() : "(No return data)";
response.ContentType = ret.StartsWith("<")
? "application/xml"
: ret.StartsWith("{") || ret.StartsWith("[")
? "application/json"
: "text/plain";
writer.Write(ret);
}
catch (Exception ex)
{
response.Status = HttpStatusCode.InternalServerError;
response.ContentType = "text/plain";
writer.WriteLine("ERROR: " + ex);
}
finally
{
writer.Flush();
}
return true;
}
else
{
return false;
}
}
public ComparePresenter(IOptionsSnapshot <ViewingOptions> options, IHttpContextAccessor httpContext,
IHttpSession session)
{
Options = options;
HttpContext = httpContext.HttpContext;
Session = session;
ComparedEmployers = new Lazy <SessionList <string> >(CreateCompareSessionList(Session));
}
public IHttpResponse ProfileGet(IHttpSession session)
{
string nameOfCurrentUser = session.Get <string>(SessionStore.CurrentUserKey);
var currentUser = userRepository.GetUserByUsername(nameOfCurrentUser);
return(new ViewResponse(HttpStatusCode.OK, new ProfileView(currentUser.Username, currentUser.RegistrationDate, currentUser.Orders.Count)));
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
Byte[] image = (byte[])ResourceManager.GetObject(ImageGallery.homenuance);
aResponse.Body = new MemoryStream(image);
aResponse.AddHeader("Content-type", "image/jpg");
aResponse.Send();
return(true);
}
public IHttpResponse Register(IHttpSession session)
{
if (session.IsAuthenticated())
{
return(new RedirectResponse("/"));
}
return(this.FileViewResponse("Account/register"));
}
/// <summary>
/// Sends a chat message to the server
/// </summary>
/// <param name="request">web request</param>
/// <param name="session">web session</param>
private void SendCommand(IHttpRequest request, IHttpSession session)
{
if (request.Param["command"].Value != null)
{
string cmd = request.Param["command"].Value;
plugin.Server.SendServerMessage("Web: " + cmd);
}
}
/// <summary>
/// Method that processes the Uri.
/// </summary>
/// <param name="request">Information sent by the browser about the request.</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session object used during the client connection.</param>
/// <returns><c>true</c> if this module is able to handle the request, else <c>false</c>.</returns>
/// <exception cref="InternalServerException">If an exception occured in the server.</exception>
/// <exception cref="ForbiddenException">If the file path is forbidden.</exception>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
ResourcePath resourcePath;
Uri uri = request.Uri;
if (!uri.AbsolutePath.StartsWith(ResourceHttpAccessUrlUtils.RESOURCE_ACCESS_PATH))
{
return(false);
}
if (!ResourceHttpAccessUrlUtils.ParseResourceURI(uri, out resourcePath))
{
throw new BadRequestException(string.Format("Illegal request syntax. Correct syntax is '{0}'", ResourceHttpAccessUrlUtils.SYNTAX));
}
if (!IsAllowedToAccess(resourcePath))
{
ServiceRegistration.Get <ILogger>().Warn("ResourceAccessModule: Client tries to access forbidden resource '{0}'", resourcePath);
throw new ForbiddenException(string.Format("Access of resource '{0}' not allowed", resourcePath));
}
try
{
IFileSystemResourceAccessor fsra = GetResourceAccessor(resourcePath);
using (Stream resourceStream = fsra.OpenRead())
{
response.ContentType = GuessMimeType(resourceStream, resourcePath.FileName);
if (!string.IsNullOrEmpty(request.Headers["If-Modified-Since"]))
{
DateTime lastRequest = DateTime.Parse(request.Headers["If-Modified-Since"]);
if (lastRequest.CompareTo(fsra.LastChanged) <= 0)
{
response.Status = HttpStatusCode.NotModified;
}
}
response.AddHeader("Last-Modified", fsra.LastChanged.ToUniversalTime().ToString("r"));
string byteRangesSpecifier = request.Headers["Range"];
IList <Range> ranges = ParseRanges(byteRangesSpecifier, resourceStream.Length);
bool onlyHeaders = request.Method == "Headers" || response.Status == HttpStatusCode.NotModified;
if (ranges != null && ranges.Count == 1)
{
// We only support one range
SendRange(response, resourceStream, ranges[0], onlyHeaders);
}
else
{
SendWholeFile(response, resourceStream, onlyHeaders);
}
}
}
catch (FileNotFoundException ex)
{
throw new InternalServerException(string.Format("Failed to proccess resource '{0}'", resourcePath), ex);
}
return(true);
}
/// <summary>
/// Authenticates the user with a given password.
/// </summary>
/// <param name="password">The password to use for authentication.</param>
/// <seealso cref="Owasp.Esapi.Interfaces.IUser.LoginWithPassword(string)">
/// </seealso>
public void LoginWithPassword(string password)
{
if (password == null || password.Equals(""))
{
SetLastFailedLoginTime(DateTime.Now);
throw new AuthenticationLoginException("Login failed", "Missing password: "******"Login failed", "Disabled user attempt to login: "******"Login failed", "Locked user attempt to login: "******"Login failed", "Expired user attempt to login: "******"User logged in: " + accountName);
}
else
{
throw new AuthenticationLoginException("Login failed", "Login attempt as " + AccountName + " failed");
}
}
catch (EncryptionException ee)
{
throw new AuthenticationException("Internal error", "Error verifying password for " + accountName, ee);
}
}
public ActionParameters(RouteValues routeValues, IHttpRequest request, IHttpResponse response,
IHttpSession session)
{
RouteValues = routeValues;
Request = request;
Response = response;
Session = session;
Store = _theStore;
}
public bool Process(IHttpRequest aRequest, IHttpResponse aResponse, IHttpSession aSession)
{
if (Host != null)
{
this.Count++;
Host.Logger.WriteLine("Request number: {0}", Count);
}
return(false);
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
Console.WriteLine(request.QueryString["id"].Value + " got request");
response.Status = HttpStatusCode.OK;
byte[] buffer = Encoding.ASCII.GetBytes(request.QueryString["id"].Value);
response.Body.Write(buffer, 0, buffer.Length);
return true;
}
public WebServerConnection(IHttpSession session, IPAddress ipAddress)
{
if (session == null)
throw new ArgumentNullException ("session");
if (ipAddress == null)
throw new ArgumentNullException ("ipAddress");
IPAddress = ipAddress;
this.IsConnected = true;
this.session = session;
}
public OrderController(IGetProductService getProductService,
IHttpSession session, IOrderProcessor orderProcessor,
IGetObjectService<Order> getOrderService,
ISaveObjectService<Order> saveOrderService)
{
_session = session;
_orderProcessor = orderProcessor;
_getOrderService = getOrderService;
_saveOrderService = saveOrderService;
_getProductService = getProductService;
}
protected override bool ProcessSection(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriParts.Length == 1)
{
PermissionDeniedMessage pmsg;
var listmsg = Connections.SendAndReceive<UserListMessage> (new RequestUserListMessage(UserListMode.All), session, out pmsg);
if (pmsg != null)
{
WriteAndFlush (response, "{ \"error\": \"Permission denied\" }");
return true;
}
WriteAndFlush (response, JsonConvert.SerializeObject (listmsg.Users.RunQuery (request.QueryString)));
return true;
}
else if (request.UriParts.Length == 2)
{
int userId;
if (!request.TryGetItemId (out userId))
{
WriteAndFlush (response, "{ \"error\": \"Invalid request\" }");
return true;
}
switch (request.UriParts[1].Trim().ToLower())
{
//case "delete":
case "edit":
{
IHttpInput input = (request.Method.ToLower() == "post") ? request.Form : request.QueryString;
if (!input.ContainsAndNotNull ("SessionId", "Permissions") || session.Id != input["SessionId"].Value)
{
WriteAndFlush (response, "{ \"error\": \"Invalid request\" }");
return true;
}
var permissions = JsonConvert.DeserializeObject<IEnumerable<Permission>> (input["Permissions"].Value).ToList();
if (permissions.Count == 0)
return true;
Connections.Send (new SetPermissionsMessage (userId, permissions), session);
return true;
}
}
}
WriteAndFlush (response, "{ \"error\": \"Invalid request\" }");
return true;
}
/// <summary>
/// Method that process the URL
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
/// <returns>true if this module handled the request.</returns>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (session["times"] == null)
session["times"] = 1;
else
session["times"] = ((int) session["times"]) + 1;
StreamWriter writer = new StreamWriter(response.Body);
writer.WriteLine("Hello dude, you have been here " + session["times"] + " times.");
writer.Flush();
// return true to tell webserver that we've handled the url
return true;
}
protected override bool ProcessSection(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriParts.Length == 1)
{
PermissionDeniedMessage denied;
var msg = Connections.SendAndReceive<ChannelListMessage> (
new RequestChannelListMessage(), session, out denied);
if (denied != null)
{
WriteAndFlush (response, "{ \"error\": \"Permission denied\" }");
return true;
}
WriteAndFlush (response, JsonConvert.SerializeObject (new { DefaultChannel = msg.DefaultChannelId, Channels = msg.Channels.RunQuery (request.QueryString) }));
}
else if (request.UriParts.Length == 2)
{
/*if (request.Method.ToLower() != "post")
return false;*/
IHttpInput input = (request.Method.ToLower() == "post") ? request.Form : request.QueryString;
int channelId;
switch (request.UriParts[1])
{
case "delete":
case "edit":
{
if (!request.TryGetItemId (out channelId))
{
WriteAndFlush (response, "{ \"error\": \"Invalid channel ID\" }");
return true;
}
return SaveOrUpdateChannel (session, response, input, channelId, (request.UriParts[1] == "delete"));
}
case "new":
return SaveOrUpdateChannel (session, response, input, 0, false);
}
}
else
{
return false;
}
return true;
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
foreach (Route route in _routes)
{
if (request.Method != route.Method.ToString()) continue;
RouteValues routeValues = route.Matches(request);
if (routeValues == null) continue;
route.RouteHandler.Process(routeValues, request, response, session);
return true;
}
return false;
}
/// <summary>
/// Method that process the url
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (!CanHandle(request.Uri))
return false;
bool handled = false;
foreach (HttpModule module in _modules)
{
if (module.Process(request, response, session))
handled = true;
}
if (!handled)
response.Status = HttpStatusCode.NotFound;
return true;
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriPath == "/createjob")
{
var reader = new StreamReader(request.Body);
string posttext = reader.ReadToEnd();
var jobid = _worker.JobController.CreateJob(posttext);
Console.WriteLine("Worker: Created job #" + jobid + ": Posted text: " + posttext);
response.Encoding = Encoding.UTF8;
response.Body = new MemoryStream(response.Encoding.GetBytes(jobid));
return true;
}
var m1 = Regex.Match(request.UriPath, "/job/([0-9a-z-]+)/assemblies");
if (m1.Success)
{
var jobid = m1.Groups[1].Value;
var bytes = Utilities.ReadAllBytes(request.Body);
var filename = request.QueryString["name"].Value;
_worker.JobController.AddAssembly(jobid,filename,bytes);
response.Body = new MemoryStream(response.Encoding.GetBytes("OK"));
return true;
}
var m2 = Regex.Match(request.UriPath, "/job/([0-9a-z-]+)/start");
if (m2.Success)
{
var jobid = m2.Groups[1].Value;
var reader = new StreamReader(request.Body);
_worker.JobController.Start(jobid);
response.Body = new MemoryStream(response.Encoding.GetBytes("OK"));
return true;
}
Console.WriteLine("Unhandled worker request: " + request.UriPath);
/*
Console.WriteLine("Worker request: "+request.UriPath);
response.Encoding = Encoding.UTF8;
string body = "Hej från worker; localpath=" + request.UriPath + ", querystring=" + request.QueryString+", method="+request.Method;
response.Body = new MemoryStream(response.Encoding.GetBytes(body));
return true;*/
return false;
}
/// <summary>
/// Checks authentication with ZMA
/// </summary>
/// <param name="request"></param>
/// <param name="session"></param>
private void Authenticate(IHttpRequest request, IHttpSession session)
{
if (request.Param["login"].Value != null)
{
if (!webLogin.ContainsKey(session.Id))
webLogin.Add(session.Id, false);
String username = request.Param["username"].Value;
String password = request.Param["password"].Value;
var userlist = UserCollectionSingletone.GetInstance();
var user = userlist.GetUserByLogin(username);
// First check if we have access and the if we can login :-)
// I use SHA256 with salt so avoid using other authentications
if (!user.Generated && user.HasWebAccess && HashProvider.GetHash(password, HashProvider.SHA256) == user.PasswordHash)
{
webLogin[session.Id] = true;
}
}
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
_log.Write(this, LogPrio.Trace, String.Format("Begin handling Rack request for {0}", request.Uri));
var rackRequest = request.ToRackRequest();
var rackResponse = new RackResponse(response.Body);
//this will write to the body. We may want to set headers first, so may need some thought.
_rack.HandleRequest(rackRequest, rackResponse);
response.Status = (HttpStatusCode)rackResponse.Status;
foreach (var header in rackResponse.Headers)
if (header.Key.ToLower() != "content-length")
response.AddHeader(header.Key, header.Value);
_log.Write(this, LogPrio.Trace, String.Format("Finished handling Rack request for {0}", request.Uri));
return true;
}
/// <summary>
/// Method that process the url
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
/// <returns>true if this module handled the request.</returns>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
Uri uri = request.Uri;
if (!uri.AbsolutePath.StartsWith("/FanartService"))
return false;
IFanArtService fanart = ServiceRegistration.Get<IFanArtService>(false);
if (fanart == null)
return false;
FanArtConstants.FanArtMediaType mediaType;
FanArtConstants.FanArtType fanArtType;
int maxWidth;
int maxHeight;
if (!Enum.TryParse(request.Param["mediatype"].Value, out mediaType))
return false;
if (!Enum.TryParse(request.Param["fanarttype"].Value, out fanArtType))
return false;
string name = request.Param["name"].Value;
if (string.IsNullOrWhiteSpace(name))
return false;
name = name.Decode(); // For safe handling of "&" character in name
// Both values are optional
int.TryParse(request.Param["width"].Value, out maxWidth);
int.TryParse(request.Param["height"].Value, out maxHeight);
IList<FanArtImage> files = fanart.GetFanArt(mediaType, fanArtType, name, maxWidth, maxHeight, true);
if (files == null || files.Count == 0)
{
#if DEBUG
ServiceRegistration.Get<ILogger>().Debug("No FanArt for {0} '{1}' of type '{2}'", name, fanArtType, mediaType);
#endif
return false;
}
using (MemoryStream memoryStream = new MemoryStream(files[0].BinaryData))
SendWholeStream(response, memoryStream, false);
return true;
}
/// <summary>
/// Method that process the URL
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
/// <returns>true if this module handled the request.</returns>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
Authenticate(request, session);
if (IsAuthenticated(session))
{
SendCommand(request, session);
StreamWriter writer = new StreamWriter(response.Body);
writer.Write(LoadFile("management.html"));
writer.Flush();
}
else
{
StreamWriter writer = new StreamWriter(response.Body);
writer.Write(LoadFile("index.html"));
writer.Flush();
}
// return true to tell webserver that we've handled the url
return true;
}
protected override void Establish_context()
{
base.Establish_context();
_product1 = new Product { ProductId = 1, Name = "one", Price = 1.11m };
_product2 = new Product { ProductId = 2, Name = "two", Price = 2.22m };
_mocker = new RhinoAutoMocker<OrderController>();
// stub the Session
_session = new FakeHttpSession();
_mocker.Inject<IHttpSession>(_session);
// available products
_mocker.Get<IGetProductService>().Stub(s => s.GetAvailableProducts())
.Return(new[]
{
_product1,
_product2,
new Product {ProductId = 3, Name = "three", Price = 3.33m}
});
}
public override Boolean Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriPath == "/")
{
ShowMainPage(request, response, session);
return true;
}
else if (request.UriPath.StartsWith("/category/"))
{
var match = Regex.Match(request.UriPath, @"/category/(\d+)/(\d+)");
ShowCategory(
Client.Instance.Groups[Int32.Parse(match.Groups[1].Value)][Int32.Parse(match.Groups[2].Value)],
request,
response,
session
);
return true;
}
else
{
return false;
}
}
protected override bool ProcessSection(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
IHttpInput input = (request.Method.ToLower() == "post") ? request.Form : request.QueryString;
/*if (request.Method.ToLower() != "post")
return false;*/
if (!input.Contains ("username") || !input.Contains ("password"))
{
WriteAndFlush (response, "{ \"error\": \"Invalid request\" }");
return true;
}
var result = Connections.SendAndReceive<LoginResultMessage> (
new LoginMessage { Username = input["username"].Value, Password = input["password"].Value }, session);
if (!result.Result.Succeeded)
WriteAndFlush (response, JsonConvert.SerializeObject (new { result.Result, SessionId = session.Id }));
else
{
var pmsg = Connections.Receive<PermissionsMessage> (session);
if (pmsg.Permissions.CheckPermission (PermissionName.AdminPanel))
{
session["loggedIn"] = true;
Connections.SaveSession (session);
WriteAndFlush (response, JsonConvert.SerializeObject (new { result.Result, SessionId = session.Id, pmsg.Permissions }));
}
else
{
WriteAndFlush (response, "{ \"error\": \"Insufficient permissions\" }");
}
}
return true;
}
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (request.UriParts.Length > 0 && request.UriParts[0] == "query")
{
cmanager.ProcessSession (request, session, response);
var bodyWriter = new StreamWriter (response.Body);
try
{
var result = cmanager.SendAndReceive<QueryServerResultMessage> (new QueryServerMessage(), session);
JsonTextWriter writer = new JsonTextWriter (bodyWriter);
serializer.Serialize (writer, result);
#if !DEBUG
response.ContentType = "application/json";
#endif
response.AddHeader ("X-JSON", "true");
}
catch (Exception ex)
{
bodyWriter.Write ("<pre>");
bodyWriter.Write (ex);
bodyWriter.Write ("</pre>");
}
bodyWriter.Flush();
response.Send();
return true;
}
return false;
}
/// <summary>
/// Method that process the Uri
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
/// <returns>true if this module handled the request.</returns>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
return false;
}
/// <summary>
/// Method that process the url
/// </summary>
/// <param name="request">Information sent by the browser about the request</param>
/// <param name="response">Information that is being sent back to the client.</param>
/// <param name="session">Session used to </param>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (!CanHandle(request.Uri))
return false;
try
{
string path = GetPath(request.Uri);
string extension = GetFileExtension(path);
if (extension == null)
throw new InternalServerException("Failed to find file extension");
if (MimeTypes.ContainsKey(extension))
response.ContentType = MimeTypes[extension];
else
throw new ForbiddenException("Forbidden file type: " + extension);
using (FileStream stream = new FileStream(path, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
{
if (!string.IsNullOrEmpty(request.Headers["if-Modified-Since"]))
{
DateTime lastRequest = DateTime.Parse(request.Headers["if-Modified-Since"]);
if (lastRequest.CompareTo(File.GetLastWriteTime(path)) <= 0)
response.Status = HttpStatusCode.NotModified;
}
if (_useLastModifiedHeader)
response.AddHeader("Last-modified", File.GetLastWriteTime(path).ToString("r"));
response.ContentLength = stream.Length;
response.SendHeaders();
if (request.Method != "Headers" && response.Status != HttpStatusCode.NotModified)
{
byte[] buffer = new byte[8192];
int bytesRead = stream.Read(buffer, 0, 8192);
while (bytesRead > 0)
{
response.SendBody(buffer, 0, bytesRead);
bytesRead = stream.Read(buffer, 0, 8192);
}
}
}
}
catch (FileNotFoundException err)
{
throw new InternalServerException("Failed to proccess file.", err);
}
return true;
}
/// <summary>
/// Will assign all variables that are unique for each session
/// </summary>
/// <param name="request"></param>
/// <param name="response"></param>
/// <param name="session"></param>
/// <exception cref="NotFoundException">No default method is specified.</exception>
protected virtual void SetupRequest(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
RequestedExtension = Html;
// extract id
if (request.Uri.Segments.Length > 3)
{
_id = request.Uri.Segments[3];
if (_id.EndsWith("/"))
_id = _id.Substring(0, _id.Length - 1);
else
{
int pos = _id.LastIndexOf('.');
if (pos != -1)
{
RequestedExtension = _id.Substring(pos + 1);
_id = _id.Substring(0, pos);
}
}
_id = HttpUtility.UrlDecode(_id);
}
else if (request.QueryString["id"] != HttpInputItem.Empty)
_id = HttpUtility.UrlDecode(request.QueryString["id"].Value);
else
_id = string.Empty;
Request = request;
Response = response;
Session = session;
if (request.Uri.Segments.Length == 2 && _defaultMethod == null)
throw new NotFoundException("No default method is specified.");
_method = GetMethod(request);
if (_method == null)
throw new NotFoundException("Requested action could not be found.");
MethodName = _method.Name.ToLower();
}
/// <summary>
/// Method that process the Uri
/// </summary>
/// <param name="request">Uses Uri and QueryString to determine method.</param>
/// <param name="response">Relays response object to invoked method.</param>
/// <param name="session">Relays session object to invoked method. </param>
public override bool Process(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (!CanHandle(request))
return false;
SetupRequest(request, response, session);
if (InvokeBeforeFilters())
return true;
InvokeMethod();
return true;
}
public LoginController(IHttpSession session)
{
_session = session;
}
/// <summary>
/// Handle authentication
/// </summary>
/// <param name="request"></param>
/// <param name="response"></param>
/// <param name="session"></param>
/// <returns>true if request can be handled; false if not.</returns>
/// <exception cref="BadRequestException">Invalid authorization header</exception>
protected virtual bool ProcessAuthentication(IHttpRequest request, IHttpResponse response, IHttpSession session)
{
if (_authModules.Count > 0)
{
bool authenticate = false;
object authTag = null;
if (request.Headers["authorization"] != null)
{
authenticate = true;
string authHeader = request.Headers["authorization"];
int pos = authHeader.IndexOf(' ');
if (pos == -1)
throw new BadRequestException("Invalid authorization header");
// first word identifies the type of authentication to use.
string word = authHeader.Substring(0, pos).ToLower();
// find the mod to use.
AuthenticationModule mod = null;
lock (_authModules)
{
foreach (AuthenticationModule aModule in _authModules)
{
if (aModule.Name != word)
continue;
mod = aModule;
break;
}
}
if (mod != null)
{
authTag = mod.Authenticate(authHeader, GetRealm(request), request.Method);
session[AuthenticationModule.AuthenticationTag] = authTag;
}
}
// Check if auth is needed.
if (authTag == null)
{
lock (_authModules)
{
foreach (AuthenticationModule module in _authModules)
{
if (!module.AuthenticationRequired(request))
continue;
RequestAuthentication(module, request, response);
return false;
}
// modules can have inited the authentication
// and then the module.AuthenticationRequired method will not have been used.
if (authenticate && _authModules.Count > 0)
{
RequestAuthentication(_authModules[0], request, response);
return false;
}
}
}
}
return true;
}
