コード例 #1
0
        private void resolveUrl()
        {
            var handlers = RequestState.ExecuteWithUserDisabled(
                () => {
                try {
                    return(UrlHandlingStatics.ResolveUrl(RequestState.BaseUrl, GetRequestAppRelativeUrl(Request)));
                }
                catch (UnresolvableUrlException e) {
                    throw new ResourceNotAvailableException("Failed to resolve the URL.", e);
                }
            });

            if (handlers != null)
            {
                // Before URL normalization, multiple copies of the same handler can exist in the list. When a new handler object is created and it matches more than
                // one handler in the list, we want parameters to be taken from the lowest-level segment. That’s why we reverse the handlers here.
                RequestState.SetUrlHandlers(handlers.Reverse().Materialize());

                HttpContext.Current.RemapHandler(new HandlerAdapter(handlers.Last()));
                if (handlers.Last() is PageBase || handlers.Last() is EntitySetupBase || handlers.Last() is PreBuiltResponse)
                {
                    HttpContext.Current.SetSessionStateBehavior(SessionStateBehavior.Required);
                }
                return;
            }

            // ACME challenge response; see https://tools.ietf.org/html/rfc8555#section-8.3
            var absoluteUrl = new Uri(RequestState.Url);

            if (absoluteUrl.Scheme == "http" && absoluteUrl.Port == 80 && absoluteUrl.AbsolutePath.StartsWith("/.well-known/acme-challenge/"))
            {
                var systemManager = ConfigurationStatics.MachineConfiguration?.SystemManager;
                if (systemManager != null)
                {
                    ResourceBase.WriteRedirectResponse(
                        HttpContext.Current,
                        systemManager.HttpBaseUrl.Replace("https://", "http://") +
                        "/Pages/Public/AcmeChallengeResponse.aspx;token={0}".FormatWith(HttpUtility.UrlEncode(absoluteUrl.Segments.Last())),
                        false);
                    CompleteRequest();
                }
            }
        }
コード例 #2
0
        internal sealed override string GetUrl(bool ensureUserCanAccessResource, bool ensureResourceNotDisabled)
        {
            string getCanonicalUrl() => UrlHandlingStatics.GetCanonicalUrl(this, ShouldBeSecureGivenCurrentRequest);

            var url = (EwfApp.Instance != null && EwfApp.Instance.RequestState != null
                                            ? EwfApp.Instance.RequestState.ExecuteWithUserDisabled(getCanonicalUrl)
                                            : getCanonicalUrl()) + uriFragmentIdentifier.PrependDelimiter("#");

            if (ensureUserCanAccessResource && !UserCanAccessResource)
            {
                throw new ApplicationException("GetUrl was called for a resource that the authenticated user cannot access. The URL would have been " + url + ".");
            }
            if (ensureResourceNotDisabled && AlternativeMode is DisabledResourceMode)
            {
                throw new ApplicationException("GetUrl was called for a resource that is disabled. The URL would have been " + url + ".");
            }

            return(url);
        }
コード例 #3
0
        /// <summary>
        /// Call this from Application_Start in your Global.asax.cs file. Besides this call, there should be no other code in the method.
        /// </summary>
        /// <param name="globalInitializer">The system's global initializer. Do not pass null.</param>
        /// <param name="appInitializer">The application initializer, which performs web-site specific initialization and cleanup. If you have one of these you
        /// should name the class AppInitializer.</param>
        public static void InitStatics(SystemInitializer globalInitializer, SystemInitializer appInitializer = null)
        {
            // This is a hack to support data-access state in WCF services.
            var wcfDataAccessState = new ThreadLocal <DataAccessState>(() => new DataAccessState());

            // Initialize system.
            var initTimeDataAccessState = new ThreadLocal <DataAccessState>(() => new DataAccessState());

            try {
                GlobalInitializationOps.InitStatics(
                    globalInitializer,
                    Path.GetFileName(Path.GetDirectoryName(HttpRuntime.AppDomainAppPath)),
                    false,
                    mainDataAccessStateGetter: () => {
                    return(EwfApp.Instance != null ? EwfApp.Instance.RequestState != null ? EwfApp.Instance.RequestState.DataAccessState :
                           initTimeDataAccessState.Value :
                           System.ServiceModel.OperationContext.Current != null ? wcfDataAccessState.Value : null);
                });
            }
            catch {
                // Suppress all exceptions since there is no way to report them.
                return;
            }
            ewlInitialized = true;

            // Initialize web application.
            if (!GlobalInitializationOps.SecondaryInitFailed)
            {
                EwfApp.ExecuteWithBasicExceptionHandling(
                    () => {
                    EwfConfigurationStatics.Init();

                    GlobalConfiguration.Configure(WebApiStatics.ConfigureWebApi);

                    var miniProfilerOptions = new MiniProfilerOptions();
                    miniProfilerOptions.IgnoredPaths.Clear();
                    MiniProfiler.Configure(miniProfilerOptions);

                    var globalType     = BuildManager.GetGlobalAsaxType().BaseType;
                    var providerGetter = new SystemProviderGetter(
                        globalType.Assembly,
                        globalType.Namespace + ".Providers",
                        providerName =>
                        @"{0} provider not found in application. To implement, create a class named {0} in ""Your Web Site\Providers"" that derives from App{0}Provider."
                        .FormatWith(providerName));

                    if (ExternalFunctionalityStatics.SamlFunctionalityEnabled)
                    {
                        ExternalFunctionalityStatics.ExternalSamlProvider.InitAppStatics(
                            providerGetter,
                            () => AuthenticationStatics.SamlIdentityProviders.Select(
                                identityProvider => {
                            using (var client = new HttpClient()) {
                                client.Timeout = new TimeSpan(0, 0, 10);
                                var metadata   = Task.Run(
                                    async() => {
                                    using (var response = await client.GetAsync(identityProvider.MetadataUrl, HttpCompletionOption.ResponseHeadersRead)) {
                                        response.EnsureSuccessStatusCode();
                                        var document = new XmlDocument();
                                        using (var stream = await response.Content.ReadAsStreamAsync())
                                            using (var reader = XmlReader.Create(stream))
                                                document.Load(reader);
                                        return(document.DocumentElement);
                                    }
                                })
                                                 .Result;
                                return(metadata, identityProvider.EntityId);
                            }
                        })
                            .Materialize());
                    }

                    UrlHandlingStatics.Init(
                        (baseUrlString, appRelativeUrl) =>
                        AppRequestState.ExecuteWithUrlHandlerStateDisabled(() => UrlHandlingStatics.ResolveUrl(baseUrlString, appRelativeUrl)?.Last()));
                    CssPreprocessingStatics.Init(globalInitializer.GetType().Assembly, globalType.Assembly);
                    ResourceBase.Init(
                        (requestTransferred, resource) => {
                        if (requestTransferred)
                        {
                            var urlHandlers       = new List <BasicUrlHandler>();
                            UrlHandler urlHandler = resource;
                            do
                            {
                                urlHandlers.Add(urlHandler);
                            }while((urlHandler = urlHandler.GetParent()) != null);
                            AppRequestState.Instance.SetUrlHandlers(urlHandlers);

                            AppRequestState.Instance.SetNewUrlParameterValuesEffective(false);
                            AppRequestState.Instance.SetResource(resource);
                        }
                        else
                        {
                            AppRequestState.Instance.SetResource(resource);
                        }
                    },
                        () => AppRequestState.Instance.Resource);
                    PageBase.Init(
                        (() => BasePageStatics.AppProvider.GetPageViewDataModificationMethod(), () => BasePageStatics.AppProvider.JavaScriptDocumentReadyFunctionCall),
                        BasicPageContent.GetContent);
                    HyperlinkBehaviorExtensionCreators.Init(ModalBox.GetBrowsingModalBoxOpenStatements);
                    FileUpload.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).FormUsesMultipartEncoding = true);
                    ModalBox.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).BrowsingModalBoxId);
                    CreditCardCollector.Init(() => ((BasicPageContent)PageBase.Current.BasicContent).IncludesStripeCheckout = true);
                    BasePageStatics.Init(providerGetter.GetProvider <AppStandardPageLogicProvider>("StandardPageLogic"));
                    BasicPageContent.Init(
                        contentObjects => {
                        var contentUsesUi = contentObjects.Any(i => i is UiPageContent);

                        var cssInfos = new List <ResourceInfo>();
                        cssInfos.Add(
                            new ExternalResource(
                                "//fonts.googleapis.com/css2?family=Libre+Franklin:wght@500;600;700&family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400&display=fallback"));
                        cssInfos.Add(new ExternalResource("//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"));
                        cssInfos.Add(new StaticFiles.Versioned.Third_party.Jquery_ui.Jquery_ui_1114custom_v2.Jquery_uiminCss());
                        cssInfos.Add(new StaticFiles.Third_party.Select_cssCss());
                        cssInfos.Add(new StaticFiles.Versioned.Third_party.Chosen.Chosen_v187.ChosenminCss());
                        cssInfos.Add(new StaticFiles.Third_party.Time_picker.StylesCss());
                        cssInfos.Add(new ExternalResource("//cdn.jsdelivr.net/qtip2/2.2.1/jquery.qtip.min.css"));
                        cssInfos.Add(new ExternalResource("//cdnjs.cloudflare.com/ajax/libs/dialog-polyfill/0.4.9/dialog-polyfill.min.css"));
                        cssInfos.Add(new StaticFiles.Styles.BasicCss());
                        if (contentUsesUi)
                        {
                            cssInfos.AddRange(
                                new ResourceInfo[]
                            {
                                new StaticFiles.Styles.Ui.ColorsCss(), new StaticFiles.Styles.Ui.FontsCss(), new StaticFiles.Styles.Ui.LayoutCss(),
                                new StaticFiles.Styles.Ui.TransitionsCss()
                            });
                        }
                        foreach (var resource in BasePageStatics.AppProvider.GetStyleSheets())
                        {
                            assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
                            cssInfos.Add(resource);
                        }
                        if (contentUsesUi)
                        {
                            foreach (var resource in EwfUiStatics.AppProvider.GetStyleSheets())
                            {
                                assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
                                cssInfos.Add(resource);
                            }
                        }
                        else
                        {
                            foreach (var resource in BasePageStatics.AppProvider.GetCustomUiStyleSheets())
                            {
                                assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
                                cssInfos.Add(resource);
                            }
                        }
                        return(cssInfos);
                    },
                        (markup, includeStripeCheckout) => {
                        string getElement(ResourceInfo resource) => "<script src=\"{0}\" defer></script>".FormatWith(resource.GetUrl());

                        var infos = new List <ResourceInfo>();
                        infos.Add(new ExternalResource("//code.jquery.com/jquery-1.12.3.min.js"));
                        infos.Add(new StaticFiles.Versioned.Third_party.Jquery_ui.Jquery_ui_1114custom_v2.Jquery_uiminJs());
                        infos.Add(new StaticFiles.Versioned.Third_party.Chosen.Chosen_v187.ChosenjqueryminJs());
                        infos.Add(new StaticFiles.Third_party.Time_picker.CodeJs());
                        infos.Add(new ExternalResource("//cdn.jsdelivr.net/qtip2/2.2.1/jquery.qtip.min.js"));
                        infos.Add(new ExternalResource("//cdnjs.cloudflare.com/ajax/libs/dialog-polyfill/0.4.9/dialog-polyfill.min.js"));
                        infos.Add(new StaticFiles.Third_party.Spin_js.SpinminJs());
                        infos.Add(new ExternalResource("//cdn.ckeditor.com/4.5.8/full/ckeditor.js"));
                        infos.Add(new ExternalResource("https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.min.js"));
                        infos.Add(new ExternalResource("https://instant.page/5.1.0"));
                        if (includeStripeCheckout)
                        {
                            infos.Add(new ExternalResource("https://checkout.stripe.com/checkout.js"));
                        }
                        infos.Add(new StaticFiles.CodeJs());
                        foreach (var i in infos.Select(getElement))
                        {
                            markup.Append(i);
                        }
                        markup.Append(MiniProfiler.Current.RenderIncludes().ToHtmlString());
                        foreach (var resource in BasePageStatics.AppProvider.GetJavaScriptFiles())
                        {
                            assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(resource);
                            markup.Append(getElement(resource));
                        }
                    },
                        () => {
                        var icons = new List <(ResourceInfo, string, string)>();

                        var faviconPng48X48 = BasePageStatics.AppProvider.FaviconPng48X48;
                        if (faviconPng48X48 != null)
                        {
                            assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(faviconPng48X48);
                            icons.Add((faviconPng48X48, "icon", "48x48"));
                        }

                        var favicon = BasePageStatics.AppProvider.Favicon;
                        if (favicon != null)
                        {
                            assertResourceIsIntermediateInstallationPublicResourceWhenNecessary(favicon);
                            icons.Add((favicon, "icon", ""));
                        }

                        return(icons);
                    },
                        hideWarnings => {
                        var url = AppRequestState.Instance.Url;
                        if (AppRequestState.Instance.UserAccessible && AppRequestState.Instance.ImpersonatorExists)
                        {
                            url = new UserManagement.Pages.Impersonate(
                                url,
                                optionalParameterSetter: (specifier, parameters) =>
                                specifier.User = AppTools.User != null ? AppTools.User.Email : UserManagement.Pages.Impersonate.AnonymousUser).GetUrl();
                        }
                        return(new NonLiveLogIn(
                                   url,
                                   optionalParameterSetter: (specifier, parameters) => {
                            specifier.Password = ConfigurationStatics.SystemGeneralProvider.IntermediateLogInPassword;
                            specifier.HideWarnings = hideWarnings;
                        }).GetUrl());
                    },
                        () => {
                        if (!AppRequestState.Instance.UserAccessible || !AppRequestState.Instance.ImpersonatorExists ||
                            (ConfigurationStatics.IsIntermediateInstallation && !AppRequestState.Instance.IntermediateUserExists))
                        {
                            return(null);
                        }
                        return("User impersonation is in effect.",
                               new HyperlinkSetup(new UserManagement.Pages.Impersonate(AppRequestState.Instance.Url), "Change user").Append <ActionComponentSetup>(
                                   new ButtonSetup(
                                       "End impersonation",
                                       behavior: new PostBackBehavior(
                                           postBack: PostBack.CreateFull(
                                               id: "ewfEndImpersonation",
                                               modificationMethod: UserImpersonationStatics.EndImpersonation,
                                               actionGetter: () => new PostBackAction(
                                                   new ExternalResource(
                                                       EwfConfigurationStatics.AppConfiguration.DefaultBaseUrl.GetUrlString(
                                                           EwfConfigurationStatics.AppSupportsSecureConnections)))))))
                               .Materialize());
                    });
                    EwfUiStatics.Init(providerGetter.GetProvider <AppEwfUiProvider>("EwfUi"));
                    AuthenticationStatics.Init(
                        providerGetter.GetProvider <AppAuthenticationProvider>("Authentication"),
                        (user, code) => new UserManagement.Pages.LogIn(
                            "",
                            optionalParameterSetter: (specifier, parameters) => {
                        specifier.User = user;
                        specifier.Code = code;
                    }).GetUrl(),
                        destinationUrl => new UserManagement.Pages.ChangePassword(destinationUrl).GetUrl(disableAuthorizationCheck: true));
                    Admin.EntitySetup.Init(() => RequestDispatchingStatics.AppProvider.GetFrameworkUrlParent());
                    RequestDispatchingStatics.Init(providerGetter.GetProvider <AppRequestDispatchingProvider>("RequestDispatching"));

                    EwfInitializationOps.appInitializer = appInitializer;
                    appInitializer?.InitStatics();

                    executeWithAutomaticDatabaseConnections(AuthenticationStatics.InitAppSpecificLogicDependencies);
                    if (AuthenticationStatics.SamlIdentityProviders.Any() || ExternalFunctionalityStatics.SamlFunctionalityEnabled)
                    {
                        executeWithAutomaticDatabaseConnections(ExternalFunctionalityStatics.ExternalSamlProvider.InitAppSpecificLogicDependencies);
                    }

                    initTimeDataAccessState     = null;
                    EwfApp.FrameworkInitialized = true;
                },