public System.Net.Http.HttpResponseMessage GetData(string controller, string action, string formToken = "")
{
if (FormTokenUtility.ValidateFormToken(formToken, HttpContext.Current.Session.SessionID))
{
SingleActionSettingDTO setting = new SingleActionSettingDTO(new HttpRequestWrapper(HttpContext.Current.Request), base.PortalSettings.PortalId);
//when calling main bpms api from client application, there is no need to pass formToken to main bpms api.
string url = UrlUtility.GetApiUrl(setting.WebApiAddress, action, controller, "", this.GetParameters().ToArray());
var result = ApiUtility.GetData(url, setting.WebServicePass, base.UserInfo.Username, ApiUtility.GetIPAddress(), HttpContext.Current.Session.SessionID, FormTokenUtility.GetIsEncrypted(formToken, HttpContext.Current.Session.SessionID));
/*
* In ReportEngine.cs response would be flushed and as a result sessionID will be rewrite with server
* session ID which is different with singleAction sessionID because it sends data using api to server
* and therefore it must rewrite sessionid there in case user call report or download a file.
*/
SessionIDManager Manager = new SessionIDManager();
Manager.SaveSessionID(HttpContext.Current, HttpContext.Current.Session.SessionID, out bool redirected, out bool IsAdded);
return(result);
}
else
{
throw new System.Web.Http.HttpResponseException(System.Net.HttpStatusCode.Unauthorized);
}
}
