/// <summary> /// Enables forms authentication for a module /// </summary> /// <param name="module">Module to add handlers to (usually "this")</param> /// <param name="configuration">Forms authentication configuration</param> public static void Enable(INancyModule module, FormsAuthenticationConfiguration configuration) { if (module == null) { throw new ArgumentNullException("module"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } configuration.EnsureConfigurationIsValid(); module.RequiresAuthentication(); currentConfiguration = configuration; module.Before.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration)); if (!configuration.DisableRedirect) { module.After.AddItemToEndOfPipeline(GetRedirectToLoginHook(configuration)); } }
/// <summary> /// Get the description for a route. /// </summary> /// <param name="module">The module that the route is defined in.</param> /// <param name="path">The path of the route that the description should be retrieved for.</param> /// <returns>A <see cref="string"/> containing the description of the route if it could be found, otherwise <see cref="string.Empty"/>.</returns> public string GetDescription(INancyModule module, string path) { var assembly = module.GetType().Assembly; if (assembly.IsDynamic) { return string.Empty; } var moduleName = string.Concat(module.GetType().FullName, ".resources"); var resourceName = assembly .GetManifestResourceNames() .FirstOrDefault(x => x.Equals(moduleName, StringComparison.OrdinalIgnoreCase)); if (resourceName != null) { var manager = new ResourceManager(resourceName.Replace(".resources", string.Empty), assembly); return manager.GetString(path); } return string.Empty; }
private static void CreateNegotiationContext(INancyModule module, NancyContext context) { // TODO - not sure if this should be here or not, but it'll do for now :) context.NegotiationContext = new NegotiationContext { ModuleName = module.GetModuleName(), ModulePath = module.ModulePath, }; }
/// <summary> /// Builds a fully configured <see cref="INancyModule"/> instance, based upon the provided <paramref name="module"/>. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that should be configured.</param> /// <param name="context">The current request context.</param> /// <returns>A fully configured <see cref="INancyModule"/> instance.</returns> public INancyModule BuildModule(INancyModule module, NancyContext context) { module.Context = context; module.Response = this.responseFormatterFactory.Create(context); module.ViewFactory = this.viewFactory; module.ModelBinderLocator = this.modelBinderLocator; module.ValidatorLocator = this.validatorLocator; return module; }
public MetadataModuleRouteMetadataProviderFixture() { this.resolver = A.Fake<IMetadataModuleResolver>(); this.module = A.Fake<INancyModule>(); this.route = new RouteDescription("NamedDescription", "GET", "/things", ctx => true); this.metadataModule = new FakeNancyMetadataModule(); this.metadataModule.Describe[this.route.Name] = desc => { return Metadata; }; this.provider = new MetadataModuleRouteMetadataProvider(this.resolver); }
public static void Enable(INancyModule module) { if (module == null) { throw new ArgumentNullException("module"); } module.RequiresAuthentication(); module.Before.AddItemToStartOfPipeline(GetCredentialRetrievalHook()); }
private IMetadataModule SafeInvokeConvention(Func<INancyModule, IEnumerable<IMetadataModule>, IMetadataModule> convention, INancyModule module) { try { return convention.Invoke(module, this.metadataModules); } catch { return null; } }
/// <summary> /// Get the currently logged in user /// </summary> private User GetLoggedInUser(INancyModule nancyModule) { var currentUser = nancyModule.GetPrincipal(); if (!currentUser.IsAuthenticated()) return null; if (string.IsNullOrWhiteSpace(currentUser.Email)) return null; User loggedInUser = null;//ReadStore.Users.Get(currentUser.Email).FirstOrDefault(); return loggedInUser; }
/// <summary> /// Builds a fully configured <see cref="INancyModule"/> instance, based upon the provided <paramref name="module"/>. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that should be configured.</param> /// <param name="context">The current request context.</param> /// <returns>A fully configured <see cref="INancyModule"/> instance.</returns> public INancyModule BuildModule(INancyModule module, NancyContext context) { module.Context = context; module.Response = new DefaultResponseFormatter(rootPathProvider, context, this.serializerFactory); module.ModelBinderLocator = this.modelBinderLocator; module.After = new AfterPipeline(); module.Before = new BeforePipeline(); module.OnError = new ErrorPipeline(); return module; }
/// <summary> /// Builds a fully configured <see cref="INancyModule"/> instance, based upon the provided <paramref name="module"/>. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that shoule be configured.</param> /// <param name="context">The current request context.</param> /// <returns>A fully configured <see cref="INancyModule"/> instance.</returns> public INancyModule BuildModule(INancyModule module, NancyContext context) { CreateNegotiationContext(module, context); module.Context = context; module.Response = this.responseFormatterFactory.Create(context); module.ViewFactory = this.viewFactory; module.ModelBinderLocator = this.modelBinderLocator; module.ValidatorLocator = this.validatorLocator; module.Text = new TextResourceFinder(this.textResource, context); return module; }
/// <summary> /// Builds a fully configured <see cref="INancyModule"/> instance, based upon the provided <paramref name="module"/>. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that should be configured.</param> /// <param name="context">The current request context.</param> /// <returns>A fully configured <see cref="INancyModule"/> instance.</returns> public INancyModule BuildModule(INancyModule module, NancyContext context) { // Currently we don't connect view location, binders etc. module.Context = context; module.Response = new DefaultResponseFormatter(rootPathProvider, context, serializers); module.ModelBinderLocator = this.modelBinderLocator; module.After = new AfterPipeline(); module.Before = new BeforePipeline(); module.OnError = new ErrorPipeline(); return module; }
public static RouteId Create(INancyModule module, Route route) { var routeId = new RouteId { Module = module }; if (!string.IsNullOrEmpty(route.Description.Name)) { routeId.Name = route.Description.Name; } else { routeId.Method = route.Description.Method.ToHttpMethod(); routeId.Path = route.Description.Path.EnsureForwardSlash(); } return routeId; }
public static RouteId Create(INancyModule module, RouteAttribute swaggerRouteAttribute) { var routeId = new RouteId { Module = module }; if (!string.IsNullOrEmpty(swaggerRouteAttribute.Name)) { routeId.Name = swaggerRouteAttribute.Name; } else if (swaggerRouteAttribute.Path != null) { routeId.Method = swaggerRouteAttribute.Method; routeId.Path = module.ModulePath.EnsureForwardSlash() + swaggerRouteAttribute.Path; } return routeId; }
/// <summary> /// Enables basic authentication for a module /// </summary> /// <param name="module">Module to add handlers to (usually "this")</param> /// <param name="configuration">Forms authentication configuration</param> public static void Enable(INancyModule module, BasicAuthenticationConfiguration configuration) { if (module == null) { throw new ArgumentNullException("module"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } module.RequiresAuthentication(); module.Before.AddItemToStartOfPipeline(GetCredentialRetrievalHook(configuration)); module.After.AddItemToEndOfPipeline(GetAuthenticationPromptHook(configuration)); }
/// <summary> /// Gets the <see cref="T:System.Type" /> of the metadata that is created by the provider. /// </summary> /// <param name="module">The <see cref="T:Nancy.INancyModule" /> instance that the route is declared in.</param> /// <param name="routeDescription">A <see cref="T:Nancy.Routing.RouteDescription" /> for the route.</param> /// <returns> /// A <see cref="T:System.Type" /> instance, or <see langword="null" /> if nothing is found. /// </returns> public Type GetMetadataType(INancyModule module, RouteDescription routeDescription) { if (String.IsNullOrWhiteSpace(routeDescription.Name)) return null; // TODO: Yikes, what an ugly hack. We need to figure out a better way to identify routes than their name. [asbjornu] switch (routeDescription.Name) { case JsonSchema: case ClientAssembly: case ClientNugetPackage: case ClientNugetPackageVersioned: return typeof(PomonaRouteMetadata); } return null; }
/// <summary> /// Enables stateless authentication for a module /// </summary> /// <param name="module">Module to add handlers to (usually "this")</param> /// <param name="configuration">Stateless authentication configuration</param> public static void Enable(INancyModule module, StatelessAuthenticationConfiguration configuration) { if (module == null) { throw new ArgumentNullException("module"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } if (!configuration.IsValid) { throw new ArgumentException("Configuration is invalid", "configuration"); } module.Before.AddItemToStartOfPipeline(GetLoadAuthenticationHook(configuration)); }
private SwaggerRouteData CreateSwaggerRouteData(INancyModule module, Route route, Dictionary<RouteId, MethodInfo> routeHandlers) { var data = new SwaggerRouteData(route.Description.Path, new PathItem()); var routeId = RouteId.Create(module, route); var handler = routeHandlers.ContainsKey(routeId) ? routeHandlers[routeId] : null; var operation = new AnnotatedOperation(route.Description.Name, handler, _modelCatalog); var method = route.Description.Method.ToHttpMethod(); switch (route.Description.Method.ToLowerInvariant()) { case "get": data.PathItem.Get = operation; break; case "post": data.PathItem.Post = operation; break; case "patch": data.PathItem.Patch = operation; break; case "delete": data.PathItem.Delete = operation; break; case "put": data.PathItem.Put = operation; break; case "head": data.PathItem.Head = operation; break; case "options": data.PathItem.Options = operation; break; } if (operation.ResponseType != null) { data.Types.Add(method, operation.ResponseType); } return data; }
public object GetMetadata(INancyModule module, RouteDescription routeDescription) { var type = GetModuleMetadataType(module); if (type == null) { return(null); } ModuleMetadata metadata; if (MetadataItems.TryGetValue(type, out metadata)) { return(metadata[routeDescription.Method, routeDescription.Path]); } metadata = (ModuleMetadata)(_container.Resolve(type)); MetadataItems.Add(type, metadata); return(metadata?[routeDescription.Method, routeDescription.Path]); }
public static Response AddUser(this INancyModule module, UserIdentity userIdentity, IUserRepository userRepository, IViewRenderer viewRenderer) { try { var allUsers = userRepository.GetAllUsers(); if (allUsers.Any(user => string.Equals(user.UserName, userIdentity.UserName, StringComparison.OrdinalIgnoreCase))) { module.Context.ViewBag.AuthenticationError = Constants.AdminUserAlreadyExistsError; return(viewRenderer.RenderView(module.Context, AdminModule.AdminUserAddRoute)); } userRepository.AddUser(userIdentity); module.Context.ViewBag.AuthenticationError = Constants.AdminUserAdded; return(module.Response.AsRedirect($"~/{AdminModule.AdminDashboardRoute}")); } catch (Exception e) { module.Context.ViewBag.AuthenticationError = e.Message; return(viewRenderer.RenderView(module.Context, AdminModule.AdminUserAddRoute)); } }
/// <summary> /// Performs validation on the specified <paramref name="instance"/>. /// </summary> /// <typeparam name="T">The type of the <paramref name="instance"/> that is being validated.</typeparam> /// <param name="module">The module that the validation is performed from.</param> /// <param name="instance">The instance that is being validated.</param> /// <returns>A <see cref="ModelValidationResult"/> instance.</returns> public static ModelValidationResult Validate <T>(this INancyModule module, T instance) { var validator = module.ValidatorLocator.GetValidatorForType(typeof(T)); var result = (validator == null) ? ModelValidationResult.Valid : validator.Validate(instance, module.Context); if (module.ModelValidationResult.Errors.Any()) { module.ModelValidationResult.Errors = module.ModelValidationResult.Errors.Concat(result.Errors).ToDictionary(key => key.Key, val => val.Value); } module.ModelValidationResult = module.ModelValidationResult.Errors.Any() ? module.ModelValidationResult : result; return(module.ModelValidationResult); }
public dynamic Execute(dynamic parameters, INancyModule module) { string feedName = parameters.feed; var feed = GetFeedModel(feedName); if (feed == null) { var response = module.Response.AsText("Feed does not exist."); response.StatusCode = HttpStatusCode.BadRequest; return(response); } using (var dbContext = new DatabaseContext(Store)) { IQueryable <IInternalPackage> ds = dbContext.Packages.AsNoTracking().AsQueryable(); ds = ds.Where(pk => pk.FeedId == feed.Id); ds = ds.Where(pk => pk.Listed); string packageId = parameters.PackageId; string packageVersion = parameters.PackageVersion; if (!string.IsNullOrWhiteSpace(packageId) && !string.IsNullOrWhiteSpace(packageVersion)) { ds = ds.Where(pk => pk.PackageId == packageId && pk.Version == packageVersion); } var package = ds.FirstOrDefault(); if (package == null) { return(new Response() { StatusCode = HttpStatusCode.NotFound }); } return(ProcessResponse(module, feed, package)); } }
public UserIdentity CurrentUser(INancyModule module) { try { var user = this.GetCurrentUser(module); if (user == null) { Logging.Log().Error("Unknown user. Throwing AuthenticationException..."); throw new AuthenticationException("Cannot authenticate user."); } Logging.Log().Information("User claims he is {0}", user.Id); if (module != null && ForwardedFor.Exist(module.Request.Headers)) { ForwardedFor header = ForwardedFor.Create(module.Request.Headers); if (this.UserIsTrustedServiceAccount(user)) { Logging.Log().Information("User {0} is on the list of trusted service accounts. User {0} acts on behalf of the following user: id={1}, pid={2}, name={3}.", user.Id, header.User.Id, header.User.Pid, header.User.Name); return(header.User); } else { Logging.Log().Warning("User {0} is NOT on the list of trusted service accounts, but sent Forwarded header.", user.Id); } } return(user); } catch (Exception exception) { Logging.Log().Error("Unknown user. Throwing AuthenticationException..."); throw new AuthenticationException("Cannot authenticate user.", exception); } }
public static void RequiresAnyRole(this INancyModule module, Role[] requiredRoles, string[] except = null) { module.AddBeforeHookOrExecute((ctx => { if (except != null && except.Contains(ctx.ResolvedRoute.Description.Name)) { return(null); } return(SecurityHooks.RequiresAuthentication(ctx)); }), "Requires Authentication"); module.AddBeforeHookOrExecute((ctx => { if (except != null && except.Contains(ctx.ResolvedRoute.Description.Name)) { return(null); } return(SecurityHooks.RequiresAnyRole(ctx, requiredRoles)); }), "Requires Claims"); }
/// <summary> /// Deal with an unknown social identity /// </summary> private dynamic HandleUnknownIdentity(INancyModule nancyModule) { // Get the currently logged in user var loggedInUser = GetLoggedInUser(nancyModule); // If we come in with an unknown identity, but are logged in, it means we want to link it if (loggedInUser != null) { // Link to the logged in user // TODO: Implement //LinkIdentity(userInfo, providerName, loggedInUser); // If a user is already logged in, then we know they could only have gotten here via the account page, // so we will redirect them there //nancyModule.AddAlertMessage("success", string.Format("Successfully linked {0} account.", providerName)); return nancyModule.Response.AsRedirect("~/account/identity"); } // User is unknown, nobody is logged in, send to register/link page // TODO: Prefill model with email if we have it, and a flag saying it comes from a social identity return nancyModule.Response.AsRedirect("~/account/register"); }
/// <summary> /// Deal with an unknown social identity /// </summary> private dynamic HandleUnknownIdentity(INancyModule nancyModule) { // Get the currently logged in user var loggedInUser = GetLoggedInUser(nancyModule); // If we come in with an unknown identity, but are logged in, it means we want to link it if (loggedInUser != null) { // Link to the logged in user // TODO: Implement //LinkIdentity(userInfo, providerName, loggedInUser); // If a user is already logged in, then we know they could only have gotten here via the account page, // so we will redirect them there //nancyModule.AddAlertMessage("success", string.Format("Successfully linked {0} account.", providerName)); return(nancyModule.Response.AsRedirect("~/account/identity")); } // User is unknown, nobody is logged in, send to register/link page // TODO: Prefill model with email if we have it, and a flag saying it comes from a social identity return(nancyModule.Response.AsRedirect("~/account/register")); }
/// <summary> /// Get the description for a route. /// </summary> /// <param name="module">The module that the route is defined in.</param> /// <param name="path">The path of the route that the description should be retrieved for.</param> /// <returns>A <see cref="string"/> containing the description of the route if it could be found, otherwise <see cref="string.Empty"/>.</returns> public string GetDescription(INancyModule module, string path) { var assembly = module.GetType().Assembly; var moduleName = string.Concat(module.GetType().FullName, ".resources"); var resourceName = assembly .GetManifestResourceNames() .FirstOrDefault(x => x.Equals(moduleName, StringComparison.OrdinalIgnoreCase)); if (resourceName != null) { var manager = new ResourceManager(resourceName.Replace(".resources", string.Empty), assembly); return(manager.GetString(path)); } return(string.Empty); }
public static void RequiresAuthentication(this INancyModule module, string[] excludes) { module.AddBeforeHookOrExecute(p => { Response response = null; if (excludes.Contains(p.ResolvedRoute.Description.Name)) { return(response); } if (p.CurrentUser == null || string.IsNullOrWhiteSpace(p.CurrentUser.UserName)) { response = new Response { StatusCode = HttpStatusCode.Unauthorized }; } return(response); }, "Requires Authentication"); }
/// <summary> /// Gets the metadata for the provided route. /// </summary> /// <param name="module">The <see cref="T:Nancy.INancyModule" /> instance that the route is declared in.</param> /// <param name="routeDescription">A <see cref="T:Nancy.Routing.RouteDescription" /> for the route.</param> /// <returns> /// An object representing the metadata for the given route, or <see langword="null" /> if nothing is found. /// </returns> public object GetMetadata(INancyModule module, RouteDescription routeDescription) { if (String.IsNullOrWhiteSpace(routeDescription.Name)) { return(null); } // TODO: Yikes, what an ugly hack. We need to figure out a better way to identify routes than their name. [asbjornu] switch (routeDescription.Name) { case JsonSchema: return(new PomonaRouteMetadata { ContentType = "application/json", Method = HttpMethod.Get, Relation = "json-schema", }); case ClientAssembly: return(new PomonaRouteMetadata { ContentType = "binary/octet-stream", Method = HttpMethod.Get, Relation = "client-assembly", }); case ClientNugetPackage: case ClientNugetPackageVersioned: return(new PomonaRouteMetadata { ContentType = "application/zip", Method = HttpMethod.Get, Relation = "nuget-package", }); } return(null); }
public dynamic Execute(dynamic parameters, INancyModule module) { module.RequiresAuthentication(); IFeedConfiguration feedConfig; try { int feedId = int.Parse(parameters.id); feedConfig = module.Bind <FeedConfiguration>(); if (feedId != feedConfig.FeedId) { return(HttpStatusCode.BadRequest); } ITransaction transaction = _store.BeginTransaction(); var existingFeedExists = transaction.Query <IFeedConfiguration>().Where("FeedId = @feedId").Parameter("feedId", feedId).Count() > 0; if (!existingFeedExists) { return(HttpStatusCode.NotFound); } transaction.Update(feedConfig); transaction.Commit(); transaction.Dispose(); } catch (Exception ex) { return(HttpStatusCode.InternalServerError); } return(feedConfig); }
/// <summary>Enables forms authentication for a module</summary> /// <param name="module">Module to add handlers to (usually "this")</param> /// <param name="configuration">Forms authentication configuration</param> public static void Enable(INancyModule module, CustomAuthenticationConfiguration configuration) { if (module == null) { throw new ArgumentNullException("module"); } if (configuration == null) { throw new ArgumentNullException("configuration"); } if (!configuration.IsValid) { throw new ArgumentException("Configuration is invalid", "configuration"); } module.RequiresAuthentication(); CustomAuthenticationProvider.currentConfiguration = configuration; module.Before.AddItemToStartOfPipeline(CustomAuthenticationProvider.GetLoadAuthenticationHook(configuration)); if (configuration.DisableRedirect) { return; } module.After.AddItemToEndOfPipeline(CustomAuthenticationProvider.GetRedirectToLoginHook(configuration)); }
public dynamic Execute(dynamic parameters, INancyModule module) { module.RequiresAuthentication(); using (ITransaction transaction = _store.BeginTransaction()) { int feedId = int.Parse(parameters.id); var feed = transaction.Query <IFeed>().Where("Id = @feedId").Parameter("feedId", feedId).First(); if (feed != null) { //Temporary until the API Key table is used if (!string.IsNullOrWhiteSpace(feed.ApiKeyHashed)) { feed.HasApiKey = true; } feed.ApiKeyHashed = null; //We don't want to expose this to the front end feed.ApiKeySalt = null; //We don't want to expose this to the front end } return(feed); } }
public static void MetricForRequestTime(this INancyModule module, string metricName, Predicate <RouteDescription> routePredicate) { var timer = NancyGlobalMetrics.NancyGlobalMetricsContext.Timer(metricName, Unit.Requests, SamplingType.FavourRecent, TimeUnit.Seconds, TimeUnit.Milliseconds); var key = "Metrics.Nancy.Request.Timer." + metricName; module.Before.AddItemToStartOfPipeline(ctx => { if (routePredicate(ctx.ResolvedRoute.Description)) { ctx.Items[key] = timer.NewContext(); } return(null); }); module.After.AddItemToEndOfPipeline(ctx => { if (routePredicate(ctx.ResolvedRoute.Description)) { using (ctx.Items[key] as IDisposable) { } ctx.Items.Remove(key); } }); }
public override Response Authenticate( INancyModule nancyModule, IUserMapper userMapper, IConfiguration configuration, IUserRepository userRepository, UserCredentials userCredentials, IViewRenderer viewRenderer, IModuleStaticWrappers moduleStaticWrappers) { var validUser = userRepository.Authenticate(userCredentials.User, userCredentials.Password); if (validUser == null) { nancyModule.Context.ViewBag.AuthenticationError = Constants.AuthenticationError; return(viewRenderer.RenderView(nancyModule.Context, AuthenticationRedirectUrl.Url)); } var guid = userMapper.AddUser(userCredentials.User, validUser.FirstName, validUser.LastName, validUser.Claims); validUser.LastLogin = DateTime.UtcNow; userRepository.UpdateUser(validUser); return(moduleStaticWrappers.LoginAndRedirect(nancyModule, guid, null, ModuleStaticWrappers.DefaultFallbackRedirectUrl)); }
protected override UserIdentity GetCurrentUser(INancyModule module) { var env = module.Context.GetOwinEnvironment(); // server.User will be set only if certificate validation will succeed if (!env.ContainsKey("server.User") || env["server.User"] == null || !env.ContainsKey("ssl.ClientCertificate") || env["ssl.ClientCertificate"] == null) { return(null); } var clientCertificate = env["ssl.ClientCertificate"] as X509Certificate2; var identity = (ClaimsPrincipal)env["server.User"]; Logging.Log().Information("Using the following client certificate to authenticate: {0}", clientCertificate); var disinguishedNameClaim = identity.Claims.First( claim => claim.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/x500distinguishedname"); var subjectName = disinguishedNameClaim.Value; var subject = subjectName.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Select(i => i.Trim()); var cn = subject.Where(i => i.StartsWith("CN=", StringComparison.InvariantCultureIgnoreCase)).Select(i => i.Remove(0, 3)).First(); string pattern = @"^(.*)\s\((.*)\)$"; var result = Regex.Match(cn, pattern); var userIdentity = new UserIdentity { Id = cn, Name = result.Groups[1].Value, Pid = result.Groups[2].Value }; return(userIdentity); }
/// <summary> /// Gets the metadata for the provided route. /// </summary> /// <param name="module">The <see cref="T:Nancy.INancyModule" /> instance that the route is declared in.</param> /// <param name="routeDescription">A <see cref="T:Nancy.Routing.RouteDescription" /> for the route.</param> /// <returns> /// An object representing the metadata for the given route, or <see langword="null" /> if nothing is found. /// </returns> public object GetMetadata(INancyModule module, RouteDescription routeDescription) { if (String.IsNullOrWhiteSpace(routeDescription.Name)) return null; // TODO: Yikes, what an ugly hack. We need to figure out a better way to identify routes than their name. [asbjornu] switch (routeDescription.Name) { case JsonSchema: return new PomonaRouteMetadata { ContentType = "application/json", Method = HttpMethod.Get, Relation = "json-schema", }; case ClientAssembly: return new PomonaRouteMetadata { ContentType = "binary/octet-stream", Method = HttpMethod.Get, Relation = "client-assembly", }; case ClientNugetPackage: case ClientNugetPackageVersioned: return new PomonaRouteMetadata { ContentType = "application/zip", Method = HttpMethod.Get, Relation = "nuget-package", }; } return null; }
/// <summary> /// This module requires authentication and any one of certain claims to be present. /// </summary> /// <param name="module">Module to enable</param> /// <param name="requiredClaims">Claim(s) required</param> public static void RequiresAnyClaim(this INancyModule module, params Predicate <Claim>[] requiredClaims) { module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication"); module.AddBeforeHookOrExecute(SecurityHooks.RequiresAnyClaim(requiredClaims), "Requires Any Claim"); }
private SwaggerRouteData CreateSwaggerRouteData(INancyModule module, Route route, Dictionary<RouteId, MethodInfo> routeHandlers) { var data = new SwaggerRouteData { ApiPath = route.Description.Path, ResourcePath = module.ModulePath.EnsureForwardSlash(), OperationMethod = route.Description.Method.ToHttpMethod(), OperationNickname = route.Description.Name }; var routeId = RouteId.Create(module, route); var handler = routeHandlers.ContainsKey(routeId) ? routeHandlers[routeId] : null; if (handler == null) { data.OperationNotes = "[example]"; // TODO: Insert example how to annotate a route data.OperationSummary = "Warning: no annotated method found for this route"; return data; } foreach (var attr in handler.GetCustomAttributes<RouteAttribute>()) { data.OperationSummary = attr.Summary ?? data.OperationSummary; data.OperationNotes = attr.Notes ?? data.OperationNotes; data.OperationModel = attr.Response ?? data.OperationModel; data.OperationConsumes = attr.Consumes ?? data.OperationConsumes; data.OperationProduces = attr.Produces ?? data.OperationProduces; } data.OperationResponseMessages = handler.GetCustomAttributes<SwaggerResponseAttribute>() .Select(attr => { var msg = new ResponseMessage { Code = (int)attr.Code, Message = attr.Message }; if (attr.Model != null) { msg.ResponseModel = Primitive.IsPrimitive(attr.Model) ? Primitive.FromType(attr.Model).Type : SwaggerConfig.ModelIdConvention(attr.Model); } return msg; }) .ToList(); data.OperationParameters = handler.GetParameters() .Select(CreateSwaggerParameterData) .ToList(); return data; }
/// <summary> /// This module requires https. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that requires HTTPS.</param> public static void RequiresHttps(this INancyModule module) { module.RequiresHttps(true); }
/// <summary> /// This module requires authentication and any one of certain claims to be present. /// </summary> /// <param name="module">Module to enable</param> /// <param name="requiredClaims">Claim(s) required</param> public static void RequiresAnyClaim(this INancyModule module, IEnumerable <string> requiredClaims) { module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication"); module.AddBeforeHookOrExecute(SecurityHooks.RequiresAnyClaim(requiredClaims), "Requires Any Claim"); }
/// <summary>Logs the user out and redirects</summary> /// <param name="module">Nancy module</param> /// <param name="redirectUrl">URL to redirect to</param> /// <returns>Nancy response instance</returns> public static Response LogoutAndRedirect(this INancyModule module, string redirectUrl) { return(CustomAuthenticationProvider.LogOutAndRedirectResponse(module.Context, redirectUrl)); }
/// <summary> /// Logs the user in with the given user guid and redirects. /// </summary> /// <param name="module">Nancy module</param> /// <param name="userIdentifier">User identifier guid</param> /// <param name="cookieExpiry">Optional expiry date for the cookie (for 'Remember me')</param> /// <param name="fallbackRedirectUrl">Url to redirect to if none in the querystring</param> /// <returns>Nancy response instance</returns> public static Response LoginAndRedirect(this INancyModule module, Guid userIdentifier, DateTime?cookieExpiry = null, string fallbackRedirectUrl = "/") { return(CustomAuthenticationProvider.UserLoggedInRedirectResponse(module.Context, userIdentifier, cookieExpiry, fallbackRedirectUrl)); }
public string GetDescription(INancyModule module, string path) { return string.Empty; }
/// <summary> /// This module requires https. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that requires HTTPS.</param> /// <param name="redirect"><see langword="true"/> if the user should be redirected to HTTPS (no port number) if the incoming request was made using HTTP, otherwise <see langword="false"/> if <see cref="HttpStatusCode.Forbidden"/> should be returned.</param> public static void RequiresHttps(this INancyModule module, bool redirect) { module.Before.AddItemToEndOfPipeline(SecurityHooks.RequiresHttps(redirect, null)); }
public string GetDescription(INancyModule module, string path) { var moduleMethod = _moduleDescriptions.FirstOrDefault(x => x.Item1 == module.ToString() && x.Item2 == path); return moduleMethod != null ? moduleMethod.Item3 : ""; }
/// <summary> /// Gets the <see cref="Type"/> of the metadata that is created by the provider. /// </summary> /// <param name="module">The <see cref="INancyModule"/> instance that the route is declared in.</param> /// <param name="routeDescription">A <see cref="RouteDescription"/> for the route.</param> /// <returns>A <see cref="Type"/> instance, or null if none are found.</returns> public Type GetMetadataType(INancyModule module, RouteDescription routeDescription) { var metadataModule = this.resolver.GetMetadataModule(module); return metadataModule != null ? metadataModule.MetadataType : null; }
/// <summary> /// Gets the metadata for the provided route by obtaining it from an associated <see cref="IMetadataModule"/>. /// </summary> /// <param name="module">The <see cref="INancyModule"/> instance that the route is declared in.</param> /// <param name="routeDescription">A <see cref="RouteDescription"/> for the route.</param> /// <returns>An object representing the metadata for the given route, or null if none are found.</returns> public object GetMetadata(INancyModule module, RouteDescription routeDescription) { var metadataModule = this.resolver.GetMetadataModule(module); return metadataModule != null ? metadataModule.GetMetadata(routeDescription) : null; }
public object GetMetadata(INancyModule module, RouteDescription routeDescription) { var description = _routeDescriptionProvider.GetDescription(module, routeDescription.Path); return new DefaultRouteMetadata(routeDescription.Method, routeDescription.Path, description); }
public void SetModule(INancyModule module) { if (module == null) { throw new ArgumentNullException("module"); } this.ModuleName = module.GetModuleName(); this.ModulePath = module.ModulePath; }
/// <summary>Logs the user out without a redirect</summary> /// <param name="module">Nancy module</param> /// <returns>Nancy response instance</returns> public static Response LogoutWithoutRedirect(this INancyModule module) { return(CustomAuthenticationProvider.LogOutResponse()); }
public Response LogoutAndRedirect(INancyModule module, string redirectUrl) { return(module.LogoutAndRedirect(redirectUrl)); }
/// <summary> /// Logs the user in with the given user guid and returns ok response. /// </summary> /// <param name="module">Nancy module</param> /// <param name="userIdentifier">User identifier guid</param> /// <param name="cookieExpiry">Optional expiry date for the cookie (for 'Remember me')</param> /// <returns>Nancy response instance</returns> public static Response LoginWithoutRedirect(this INancyModule module, Guid userIdentifier, DateTime?cookieExpiry = null) { return(CustomAuthenticationProvider.UserLoggedInResponse(userIdentifier, cookieExpiry)); }
/// <summary> /// Creates a new csrf token for this response with an optional salt. /// Only necessary if a particular route requires a new token for each request. /// </summary> /// <param name="module">Nancy module</param> /// <returns></returns> public static void CreateNewCsrfToken(this INancyModule module, CryptographyConfiguration cryptographyConfiguration = null) { var tokenString = GenerateTokenString(cryptographyConfiguration); module.Context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString; }
/// <summary> /// This module requires authentication /// </summary> /// <param name="module">Module to enable</param> public static void RequiresAuthentication(this INancyModule module) { module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication"); }
/// <summary> /// Initializes a new instance of the <see cref="ViewRenderer"/> class. /// </summary> /// <param name="module">The <see cref="INancyModule"/> instance that is rendering the view.</param> public ViewRenderer(INancyModule module) { this.module = module; }
/// <summary> /// This module requires claims to be validated /// </summary> /// <param name="module">Module to enable</param> /// <param name="isValid">Claims validator</param> public static void RequiresValidatedClaims(this INancyModule module, Func <IEnumerable <string>, bool> isValid) { module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication"); module.AddBeforeHookOrExecute(SecurityHooks.RequiresValidatedClaims(isValid), "Requires Validated Claim"); }
public OmletSchemaBuilder(INancyModule module, Func<dynamic, dynamic> callback) { this.module = module; this.callback = callback; this.onResponse = new Dictionary<HttpStatusCode, JsonSchema>(); }
/// <summary> /// This module requires https. /// </summary> /// <param name="module">The <see cref="INancyModule"/> that requires HTTPS.</param> /// <param name="redirect"><see langword="true"/> if the user should be redirected to HTTPS if the incoming request was made using HTTP, otherwise <see langword="false"/> if <see cref="HttpStatusCode.Forbidden"/> should be returned.</param> /// <param name="httpsPort">The HTTPS port number to use</param> public static void RequiresHttps(this INancyModule module, bool redirect, int httpsPort) { module.Before.AddItemToEndOfPipeline(RequiresHttps(redirect, httpsPort)); }
/// <summary> /// Deal with an already known social identity /// </summary> private dynamic HandleKnownIdentity(UserIdentity userIdentity, INancyModule nancyModule, string returnUrl) { // Get the currently logged in user var loggedInUser = GetLoggedInUser(nancyModule); // If we aren't logged in, log ourselves in if (loggedInUser == null) { User user = null;//ReadStore.Users.FindAllByUserId(userIdentity.UserId).FirstOrDefault(); if (user == null) { // Something went wrong //nancyModule.AddAlertMessage(); return nancyModule.AsRedirectQueryStringOrDefault("~/dashboard"); } nancyModule.SignIn(user); return string.IsNullOrWhiteSpace(returnUrl) ? nancyModule.AsRedirectQueryStringOrDefault("~/dashboard") : nancyModule.Response.AsRedirect(returnUrl); } // If we are logged in, we are trying to link ourselves, check if we are allowed //if (loggedInUser.UserId != userIdentity.UserId) //{ // // You can't link an account that's already attached to another user // // TODO: Implement // //nancyModule.AddAlertMessage("error", string.Format("This {0} account has already been linked to another user.", providerName)); //} // We are logged in, and are trying to link ourselves to something that has already been linked, just redirect // TODO: Perhaps we should update the returned data at this time return nancyModule.Response.AsRedirect("~/account/identity"); }
/// <summary> /// Module requires JwtBearer authentication /// </summary> /// <param name="module">Module to enable</param> /// <param name="configuration">JwtBearer authentication configuration</param> public static void EnableJwtBearerAuthentication(this INancyModule module, JwtBearerAuthenticationConfiguration configuration) { JwtBearerAuthentication.Enable(module, configuration); }
private IEnumerable<SwaggerRouteData> ToSwaggerRouteData(INancyModule module) { Func<IEnumerable<RouteAttribute>, RouteId> getRouteId = (attrs) => { return attrs.Select(attr => RouteId.Create(module, attr)) .FirstOrDefault(routeId => routeId.IsValid); }; // Discover route handlers and put them in a Dictionary<RouteId, MethodInfo> var routeHandlers = module.GetType().GetMethods(BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.Static) .Select(methodInfo => new { RouteId = getRouteId(methodInfo.GetCustomAttributes<RouteAttribute>()), MethodInfo = methodInfo }) .Where(x => x.RouteId.IsValid) .ToDictionary( x => x.RouteId, x => x.MethodInfo ); return module.Routes .Select(route => CreateSwaggerRouteData(module, route, routeHandlers)); }