public async Task <Permissions> GetPermissions(HttpResponseMessage response) { string json = string.Empty; Permissions permissions = Permissions.NONE; try { json = await response.Content.ReadAsStringAsync().ConfigureAwait(false); _logger?.LogDebug("GetPermisions returned json: {0}", SecurityUtilities.SanitizeInput(json)); var result = JsonConvert.DeserializeObject <Dictionary <string, object> >(json); if (result.TryGetValue(READ_SENSITIVE_DATA, out object perm)) { bool boolResult = (bool)perm; permissions = boolResult ? Permissions.FULL : Permissions.RESTRICTED; } } catch (Exception e) { _logger?.LogError("Exception {0} extracting permissions from {1}", e, SecurityUtilities.SanitizeInput(json)); throw; } _logger?.LogDebug("GetPermisions returning: {0}", permissions); return(permissions); }
public async Task <SecurityResult> GetPermissionsAsync(string token) { if (string.IsNullOrEmpty(token)) { return(new SecurityResult(HttpStatusCode.Unauthorized, AUTHORIZATION_HEADER_INVALID)); } string checkPermissionsUri = _options.CloudFoundryApi + "/v2/apps/" + _options.ApplicationId + "/permissions"; var request = new HttpRequestMessage(HttpMethod.Get, checkPermissionsUri); AuthenticationHeaderValue auth = new AuthenticationHeaderValue("bearer", token); request.Headers.Authorization = auth; // If certificate validation is disabled, inject a callback to handle properly HttpClientHelper.ConfigureCertificateValidation( _options.ValidateCertificates, out SecurityProtocolType prevProtocols, out RemoteCertificateValidationCallback prevValidator); try { _logger?.LogDebug("GetPermissions({0}, {1})", checkPermissionsUri, SecurityUtilities.SanitizeInput(token)); // If certificate validation is disabled, inject a callback to handle properly HttpClientHelper.ConfigureCertificateValidation( _options.ValidateCertificates, out prevProtocols, out prevValidator); using (var client = HttpClientHelper.GetHttpClient(_options.ValidateCertificates, DEFAULT_GETPERMISSIONS_TIMEOUT)) { using (HttpResponseMessage response = await client.SendAsync(request).ConfigureAwait(false)) { if (response.StatusCode != HttpStatusCode.OK) { _logger?.LogInformation( "Cloud Foundry returned status: {HttpStatus} while obtaining permissions from: {PermissionsUri}", response.StatusCode, checkPermissionsUri); return(response.StatusCode == HttpStatusCode.Forbidden ? new SecurityResult(HttpStatusCode.Forbidden, ACCESS_DENIED_MESSAGE) : new SecurityResult(HttpStatusCode.ServiceUnavailable, CLOUDFOUNDRY_NOT_REACHABLE_MESSAGE)); } return(new SecurityResult(await GetPermissions(response).ConfigureAwait(false))); } } } catch (Exception e) { _logger?.LogError("Cloud Foundry returned exception: {SecurityException} while obtaining permissions from: {PermissionsUri}", e, checkPermissionsUri); return(new SecurityResult(HttpStatusCode.ServiceUnavailable, CLOUDFOUNDRY_NOT_REACHABLE_MESSAGE)); } finally { HttpClientHelper.RestoreCertificateValidation(_options.ValidateCertificates, prevProtocols, prevValidator); } }
protected internal void HandleStopEvent(Activity current, HttpRequestMessage request, HttpResponseMessage response, TaskStatus taskStatus) { if (ShouldIgnoreRequest(request.RequestUri.AbsolutePath)) { Logger?.LogDebug("HandleStopEvent: Ignoring path: {path}", SecurityUtilities.SanitizeInput(request.RequestUri.AbsolutePath)); return; } if (current.Duration.TotalMilliseconds > 0) { var labels = GetLabels(request, response, taskStatus); _clientTimeMeasure.Record(default(SpanContext), current.Duration.TotalMilliseconds, labels); _clientCountMeasure.Record(default(SpanContext), 1, labels); } }
protected internal void HandleStopEvent(Activity current, HttpWebRequest request, HttpStatusCode statusCode) { if (ShouldIgnoreRequest(request.RequestUri.AbsolutePath)) { Logger?.LogDebug("HandleStopEvent: Ignoring path: {path}", SecurityUtilities.SanitizeInput(request.RequestUri.AbsolutePath)); return; } if (current.Duration.TotalMilliseconds > 0) { ITagContext tagContext = GetTagContext(request, statusCode); StatsRecorder .NewMeasureMap() .Put(clientTimeMeasure, current.Duration.TotalMilliseconds) .Put(clientCountMeasure, 1) .Record(tagContext); } }
public void SanitizeInput_RemovesCrlf() { Assert.DoesNotContain("\r", SecurityUtilities.SanitizeInput("some\rparagraph\rwith\rcarriage\rreturns")); Assert.DoesNotContain("\n", SecurityUtilities.SanitizeInput("some\nparagraph\nwith\nline\nendings")); }
public void SanitizeInput_EncodesHtml() { Assert.Equal(">some string<", SecurityUtilities.SanitizeInput(">some string<")); }
public void SanitizeInput_ReturnsNullAndEmptyUnchanged() { Assert.Null(SecurityUtilities.SanitizeInput(null)); Assert.Equal(string.Empty, SecurityUtilities.SanitizeInput(string.Empty)); }
public override Dictionary <string, object> Invoke(LoggersChangeRequest request) { _logger?.LogDebug("Invoke({0})", SecurityUtilities.SanitizeInput(request?.ToString())); return(DoInvoke(_cloudFoundryLoggerProvider, request)); }