public ActionResult CardForm(Models.CardResponse cardResponse) { if (ModelState.IsValid) { return(View("Sent", cardResponse)); } else { return(View()); } }
/// <summary> /// The POST method for the ticket controller. /// </summary> /// <param name="cardResponse">Value from the POST request body.</param> /// <returns>The asynchronous task.</returns> // POST api/ticket public async Task <HttpResponseMessage> Post(Models.CardResponse cardResponse) { HttpRequestMessage request = this.ActionContext.Request; // Validate that we have a bearer token. if (request.Headers.Authorization == null || !string.Equals(request.Headers.Authorization.Scheme, BearerTokenType, StringComparison.OrdinalIgnoreCase) || string.IsNullOrEmpty(request.Headers.Authorization.Parameter)) { return(request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError())); } string bearerToken = request.Headers.Authorization.Parameter; ActionableMessageTokenValidator validator = new ActionableMessageTokenValidator(); // ValidateTokenAsync will verify the following // 1. The token is issued by Microsoft and its digital signature is valid. // 2. The token has not expired. // 3. The audience claim matches the service domain URL. ActionableMessageTokenValidationResult result = await validator.ValidateTokenAsync(bearerToken, WebServiceHost); if (!result.ValidationSucceeded) { if (result.Exception != null) { Trace.TraceError(result.Exception.ToString()); } return(request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError())); } // We have a valid token. Your application should verify the sender and/or the ActionPerformer // // You should also return the CARD-ACTION-STATUS header in the response. // The value of the header will be displayed to the user. if (!result.Sender.ToLower().EndsWith(SenderEmailDomain)) { HttpResponseMessage errorResponse = request.CreateErrorResponse(HttpStatusCode.Forbidden, new HttpError()); errorResponse.Headers.Add("CARD-ACTION-STATUS", "Invalid sender or the action performer is not allowed."); return(errorResponse); } // prepare the response HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK); response.Headers.Add("CARD-ACTION-STATUS", "Comment recorded..."); // Further business logic code here to process the support ticket. #region Business logic code here to process the support ticket. List <Models.Comment> comments = new List <Models.Comment>(); string newComment = cardResponse.Comment; if (cardResponse.CachedComments != null) { JArray cachedComments = (JArray)cardResponse.CachedComments; comments.AddRange(cachedComments.ToObject <List <Models.Comment> >()); } // add this comment comments.Add(new Models.Comment() { ActionPerformer = result.ActionPerformer, CommentDate = DateTime.Now, CommentText = newComment }); // create the card AdaptiveCards.AdaptiveCard refreshCard = CreateRefreshCard(comments); if (refreshCard != null) { // add the Action.Http block to the card. refreshCard.Actions.Add(CreateHttpAction(comments)); response.Headers.Add("CARD-UPDATE-IN-BODY", "true"); response.Content = new StringContent(refreshCard.ToJson()); } #endregion return(response); }