/// <summary> /// Validates the ModelState, apikey and referrer url and adds errors / messages /// to controller.ApiResponse as needed /// </summary> /// <param name="controller"></param> /// <param name="modelState"></param> /// <returns></returns> internal virtual bool ValidateRequest(BaseApiController controller, ModelStateDictionary modelState) { var boolRtn = false; if (!modelState.IsValid) { controller.ApiResponse.AddRangeError(modelState.GetModelStateErrors(), HttpStatusCode.BadRequest); boolRtn = false; } var apiAccount = controller._db.ApiAccounts.FirstOrDefault(a => a.ApiKey.Equals(ApiKey)); var referrerForKey = string.Empty; if (apiAccount != null) { referrerForKey = apiAccount.RequestURL.ToString(); } if (_IsValid && ((referrerForKey == "*" || string.Equals(referrerForKey, controller.ApiRequest.Url.Authority, StringComparison.CurrentCultureIgnoreCase)))) { boolRtn = true; } _IsValid = boolRtn; return(boolRtn); }
public dynamic checkToken(string Token) { LystenEntities _db = new LystenEntities(); var chkToken = _db.AppAccessTokens.AsEnumerable().Where(top => top.AuthToken == Token).FirstOrDefault(); if (chkToken == null) { return(false); } User_Master model = _db.User_Master.Where(x => x.Id == chkToken.UserId).FirstOrDefault(); if (chkToken.ExpiresOn <= DateTime.Now) { //TimeSpan t = new TimeSpan(1, 0, 0, 0, 0); //chkToken.ExpiresOn = DateTime.Now.Add(t); //_db.SaveChanges(); BaseApiController.updatetoken = true; TokenDetails objToken = api.Helpers.AsyncHelpers.RunSync <TokenDetails>(() => BaseApiController.generatToken(model.Email, model.Password, model.DeviceToken)); if (String.IsNullOrEmpty(objToken.error)) { BaseApiController.Add_UpdateToken(model.Id, objToken); BaseApiController.accessToken = objToken.access_token; } return(true); } BaseApiController.updatetoken = false; BaseApiController.accessToken = ""; return(true); }
private bool AuthenticateUser(string credentialValues) { var isValid = false; try { var credentials = Encoding.GetEncoding("iso-8859-1").GetString(Convert.FromBase64String(credentialValues)); var values = credentials.Split(':'); var user = new BaseApiController <SETUP_USER>()._repo.Get().Where(c => c.USER_NAME == values[0]).FirstOrDefault(); if (user != null) { var principal = new ClaimsPrincipal(new GenericIdentity(user.USER_NAME, null)); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } } } catch { isValid = false; } return(isValid); }
/// <summary> /// Validates ModelState, apikey, referrer, pageNumber, and pageSize and adds errors / messages /// to controller.ApiResponse as needed /// </summary> /// <param name="controller"></param> /// <param name="modelState"></param> /// <returns></returns> internal override bool ValidateRequest(BaseApiController controller, ModelStateDictionary modelState) { var boolRtn = base.ValidateRequest(controller, modelState);; // only continue if base request (ModelState, apikey, referrer) is valid if (boolRtn) { // set defaults PageNumber = PageNumber == null ? 1 : PageNumber; PageSize = PageSize == null ? 5 : PageSize; // make sure nothing set to zero (prevent divide by zero errors down the line) if (PageNumber == 0) { controller.ApiResponse.AddError("PageNumber cannot be zero", HttpStatusCode.BadRequest); boolRtn = false; } if (PageSize == 0) { controller.ApiResponse.AddError("PageSize cannot be zero", HttpStatusCode.BadRequest); boolRtn = false; } } _IsValid = boolRtn; return(boolRtn); }
protected virtual void SetupControllerFrorTest(BaseApiController sut) { //Set request context var userMock = new Mock <IOrganizationalUserContext>(); sut.UserContext = userMock.Object; var httpRequestMessage = new HttpRequestMessage(); var httpRequestContext = new HttpRequestContext { Configuration = new HttpConfiguration() }; httpRequestMessage.Properties.Add(HttpPropertyKeys.RequestContextKey, httpRequestContext); sut.RequestContext = httpRequestContext; sut.Request = httpRequestMessage; //Setup authenticated user var identity = new Mock <IIdentity>(); var userId = A <int>(); identity.Setup(x => x.Name).Returns(userId.ToString()); var principal = new Mock <IPrincipal>(); principal.Setup(x => x.Identity).Returns(identity.Object); sut.User = principal.Object; CurrentOrganizationId = A <int>(); KitosUser = new User(); userMock.Setup(x => x.UserId).Returns(KitosUser.Id); }
protected void Application_Start() { AreaRegistration.RegisterAllAreas(); FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters); RouteConfig.RegisterRoutes(RouteTable.Routes); BundleConfig.RegisterBundles(BundleTable.Bundles); BaseApiController.HideUnknownException(false); }
private void ListenerCallback(IAsyncResult result) { if (_listener?.IsListening ?? false) { // Call EndGetContext to complete the asynchronous operation... var context = _listener.EndGetContext(result); // Obtain a response object. using var response = context.Response; try { // Construct a response. if (context.Request.Url?.Segments.Length > 1) { // segments: "/" ... var segment = context.Request.Url.Segments[1].TrimEnd('/').ToLower(); if (_listener.IsListening) { switch (segment) { case "data": HandleRequestForClockWebPageTimerData(context.Request, response); break; case "index": HandleRequestForClockWebPage(context.Request, response); break; case "timers": HandleRequestForTimersWebPage(context.Request, response); break; case "api": HandleApiRequest(context.Request, response); break; default: break; } } } } catch (WebServerException ex) { Log.Logger.Error(ex, "Web server error"); response.StatusCode = (int)WebServerErrorCodes.GetHttpErrorCode(ex.Code); BaseApiController.WriteResponse(response, new ApiError(ex.Code)); } catch (Exception ex) { Log.Logger.Error(ex, "Web server error"); response.StatusCode = (int)WebServerErrorCodes.GetHttpErrorCode(WebServerErrorCode.UnknownError); BaseApiController.WriteResponse(response, new ApiError(WebServerErrorCode.UnknownError)); } } }
public override ContainerModel RetrieveRootContainer(BaseApiController controller) { Logger.LogDebug(LogCategory.RestServe, Name, CacheTenantId); var root = base.RetrieveRootContainer(controller); root.Description = "Hijacked description"; return(root); }
internal static List <MethodInfo> GetPublicActions <TReturnType>(BaseApiController baseApiController) { var allMethodInfos = baseApiController.GetType().GetMethods(); var publicActions = allMethodInfos.Where(mi => mi.ReturnType == typeof(TReturnType) && mi.DeclaringType == typeof(BaseApiController) && mi.IsPublic); return(publicActions.ToList()); }
public AppVersionViewModel Get() { log.Info("哈哈,好的。 GetAppVersionCountOld"); AppVersionViewModel model = new AppVersionViewModel(); model.AppVersionCount = _AppVersion.GetAppVersionCountOld(); BaseApiController.AppendHeaderTotal(_accessor, model.AppVersionCount); return(model); }
public void Test_BaseApiController_CheckConnection() { // Setup. BaseApiController controllerUnderTest = new BaseApiController(); // Test the Controller method. Did it resond as we expect. if (!controllerUnderTest.CheckConnection()) { Assert.Fail("Controller failed to respond correctly."); } }
public static void Authorize(string token, BaseApiController controller) { var user = WindsorBootstrapper.Container.Resolve <ISystemUserLogic>().ValidateAuthenticationToken(token); if (controller == null) { return; } controller.CurrentUser = user; }
public static void Authorize(string token, string language, BaseApiController controller) { ExecuteManager.Execute(() => { var systemUser = ValidateToken(token); if (controller == null) { return; } controller.CurrentUser = systemUser; }); }
public void Test_BaseApiController_GetDefault() { // Setup/ BaseApiController controllerUnderTest = new BaseApiController(); // Test the Controller method. string response = controllerUnderTest.Get(); // Is the output as we expected. if (string.IsNullOrEmpty(response)) { Assert.Fail("No response from Controller."); } }
public static void SetupControllerContext(BaseApiController controller, HttpMethod method) { var request = new HttpRequestMessage(method, "http://localhost/api/Test/Validate"); // controller.Request = new HttpRequestMessage(method, "http://localhost"); //controller.Request.Headers.Add("Accept", "application/json"); //var configuration = new System.Web.Http.HttpConfiguration(new System.Web.Http.HttpRouteCollection()); var configuration = new HttpConfiguration(); var route = configuration.Routes.MapHttpRoute("DefaultApi", "api/{controller}/{action}"); var routeData = new HttpRouteData(route, new HttpRouteValueDictionary(new { controller = "Test", action = "Validate" })); controller.ControllerContext = new HttpControllerContext(configuration, routeData, request); controller.Request = request; controller.Request.Properties[HttpPropertyKeys.HttpConfigurationKey] = configuration; }
public void Test_BaseApiController_GetWithId() { // Setup. int idParameter = 7; BaseApiController controllerUnderTest = new BaseApiController(); // Test the Controller method. string response = controllerUnderTest.Get(idParameter); // Does the output contain what we expected, roughly as text-text doesn't really matter, just that it incorperate the Id back. if (!response.Contains(idParameter.ToString())) { Assert.Fail("Controller failed to incorperate the parameter in the response."); } }
public static BaseApiController SetUserId(this BaseApiController controller, string userId) { var userClaims = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, userId) }, "mock")); if (controller.ControllerContext.HttpContext == null) { controller.ControllerContext.HttpContext = new DefaultHttpContext { User = userClaims }; return(controller); } controller.ControllerContext.HttpContext.User = userClaims; return(controller); }
internal override bool ValidateRequest(BaseApiController controller, ModelStateDictionary modelState) { var boolRtn = base.ValidateRequest(controller, modelState); if (boolRtn) { if (controller._db.Posts.All(p => p.ID != Post.ID)) { controller.ApiResponse.Messages.Add(ErrorMessages.PostNotFound(Post.ID)); controller.ApiResponse.HttpStatusCode = HttpStatusCode.OK; boolRtn = false; } } return(boolRtn); }
public override void OnAuthorization(HttpActionContext actionContext) { // Etikette A ve U atandı. var actionRoles = Roles; var username = HttpContext.Current.User.Identity.Name; // httpcontxt geçerli user alıp rolunu kontrol ediyoruzu .Roles içinde varsa yetkilidir. var user = new BaseApiController <SETUP_USER>()._repo.Get().Where(c => c.USER_NAME == username).FirstOrDefault(); if (user != null && Roles.Contains(user.USER_ROLE)) { } else { actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); } }
/// <summary> /// Validates ModelState, username, apikey, and referrer and adds errors / messages /// to controller.ApiResponse as needed /// </summary> /// <param name="controller"></param> /// <param name="modelState"></param> /// <returns></returns> internal override bool ValidateRequest(BaseApiController controller, ModelStateDictionary modelState) { var boolRtn = base.ValidateRequest(controller, modelState); // only validate the username if base request (apikey and referrer) are valid if (boolRtn) { // make sure username exists if (string.IsNullOrEmpty(Username) || !controller._db.Users.Any(u => u.UserName == Username)) { controller.ApiResponse.AddError(ErrorMessages.UsernameNotFound(Username), HttpStatusCode.OK); boolRtn = false; } } return(boolRtn); }
protected virtual void LoadUser(AuthenticationIdentity user, HttpActionContext actionContext) { if (HttpContext.Current != null) { BaseApiController baseApiController = actionContext.ControllerContext.Controller as BaseApiController; if (baseApiController != null) { // Chave padrão do cache - nome do método + parâmetros. string chave = RetornaChaveCache_LoadUser(user); object cache = HttpContext.Current.Cache[chave]; if (cache == null) { #region Load user values UsuarioWEB userLogged = new UsuarioWEB(); // Carrega usuário na session através do ticket de authenticação userLogged.Usuario = new SYS_Usuario { ent_id = user.Entity , usu_login = user.Login }; SYS_UsuarioBO.GetSelectBy_ent_id_usu_login(userLogged.Usuario); userLogged.Grupo = SYS_GrupoBO.GetEntity(new SYS_Grupo { gru_id = user.Group }); baseApiController.__userLogged = userLogged; #endregion HttpContext.Current.Cache.Insert(chave, userLogged, null, DateTime.Now.AddMinutes(GestaoEscolarUtilBO.MinutosCacheMedio) , System.Web.Caching.Cache.NoSlidingExpiration); } else { baseApiController.__userLogged = cache as UsuarioWEB; } } } }
/// <summary> /// Registers the notification. /// </summary> /// <param name="appState">State of the application.</param> /// <exception cref="System.Configuration.ConfigurationErrorsException">AnalyticsNotifications Service URL setting is null or empty</exception> public void RegisterNotification(AppState appState) { try { //Adding to group by projectId Nlog.Log(LogLevel.Trace, "PC Web - Start addining connection into group"); Groups.Add(Context.ConnectionId, appState.ProjectId.ToString(CultureInfo.InvariantCulture)); Nlog.Log(LogLevel.Trace, "PC Web - Connection added to group"); if (BaseApiController.IsMockMode()) { MockWorkflowState.WorkflowStateChanged += OnMockWorkflowStateChanged; } else { Nlog.Log(LogLevel.Trace, "PC Web - Fired RegisterNotification"); var serviceUri = ConfigurationManager.AppSettings.Get(AnalyticsNotifications); if (String.IsNullOrEmpty(serviceUri)) { throw new ConfigurationErrorsException("AnalyticsNotifications Service URL setting is null or empty"); } var hubConnection = new HubConnection(serviceUri); var serviceHubProxy = hubConnection.CreateHubProxy("WorkflowStateServiceHub"); //Handle incoming calls from service //BroadcastWorkflowState for updated project serviceHubProxy.On <long, List <AnalyticsWorkflowState> >("UpdateWorkflowState", BroadcastWorkflowState); //Signalr service connection Nlog.Log(LogLevel.Trace, "PC Web - Starting service signalr connection"); hubConnection.Start().ContinueWith(task => {}).Wait(); Nlog.Log(LogLevel.Trace, "PC Web - Service signalr connection success"); //Register for notifications Nlog.Log(LogLevel.Trace, "PC Web - Invoking service signalr RegisterNotification"); serviceHubProxy.Invoke("RegisterNotification", appState.MatterId, appState.ProjectId) .ContinueWith(task => {}).Wait(); Nlog.Log(LogLevel.Trace, "PC Web - Invoked service signalr RegisterNotification"); } } catch (Exception ex) { Nlog.Log(LogLevel.Error, ex.GetBaseException()); } }
public Identity GetIdentity(string token, HttpActionContext actionContext) { BaseApiController controller = (BaseApiController)actionContext.ControllerContext.Controller; Identity identity; using (var repository = new Repository <Identity>(controller.Context, false)) { identity = repository .All() .Where(e => e.Access == token) .Include(e => e.User.Credential.ApiKey) .Include(e => e.Client.ApiKey) .SingleOrDefault(); } return(identity); }
public override void OnActionExecuting(HttpActionContext actionContext) { string domainName = actionContext.Request.Headers.Referrer.Authority; if (domainName.ToLower().Contains("localhost")) { domainName = string.IsNullOrWhiteSpace(ConfigurationManager.AppSettings["LocalDomainName"]) ? "RVMELB.qaeupgrade.cendyn.com" : ConfigurationManager.AppSettings["LocalDomainName"]; } var domaininfo = DependencyResolver.Current.GetService(typeof(DomainInformationModel)) as DomainInformationModel; domaininfo.DomainName = domainName; domaininfo.IsSecure = true; hotelService = DependencyResolver.Current.GetService(typeof(IHotelService)) as IHotelService; controller = actionContext.ControllerContext.Controller as BaseApiController; controller.HotelInformation = hotelService.GetHotelByDomain("http://" + domainName); }
public User GetUser(HttpActionContext actionContext) { BaseApiController controller = (BaseApiController)actionContext.ControllerContext.Controller; User user; using (var repository = new Repository <User>(controller.Context, false)) { user = repository .All() .Where(e => e.Credential.ApiKey.Key == this.Identity.User.Credential.ApiKey.Key) .Include(e => e.Groups.Select(p => p.Permissions)) .Include(e => e.Permissions) .Single(); } return(user); }
private void InitializeApiController(BaseApiController baseApiController) { HttpConfiguration httpConfig = new HttpConfiguration(); HttpRequestMessage httpRequest = new HttpRequestMessage(); httpRequest.Headers.Add("account", "1"); httpRequest.Headers.Add("token", "abcde"); httpRequest.Headers.Add("ip", "127.0.0.1"); var routeData = new HttpRouteData(new HttpRoute("")); baseApiController.ControllerContext = new HttpControllerContext(httpConfig, routeData, httpRequest) { Configuration = httpConfig }; HttpContext.Current = new HttpContext(new HttpRequest(null, "http://localhost:52552", null), new HttpResponse(null)); }
private static void AddSupportCode(HttpActionContext actionContext, BaseApiController baseController) { try { string supportCode; if (TryGetSupportCode(baseController.Runtime, out supportCode)) { actionContext.Response.Headers.Add("X-Error", supportCode); } else { actionContext.Response.Headers.Add("X-Error", baseController.Runtime.InstanceId.ToString()); } } catch (Exception ex) { ex.Log(); } }
public override void OnAuthorization(HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); /* * if (actionContext.Response.StatusCode == HttpStatusCode.Unauthorized && !actionContext.Response.Headers.Contains("WWW-Authenticate")) * { * actionContext.Response.Headers.Add("WWW-Authenticate", "Basic"); * } */ } else { string authenticationToken = actionContext.Request.Headers.Authorization.Parameter; string decodeauthenticationToken = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationToken)); // var values = decodeauthenticationToken.Split(':'); string[] values = decodeauthenticationToken.Split(':'); string username = values[0]; string password = values[1]; var user = new BaseApiController <SETUP_USER>()._repo.Get().Where(c => c.USER_NAME == username && c.USER_PASSWORD == password); if (user != null) { var principal = new GenericPrincipal(new GenericIdentity(username), null); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } } else { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); } } base.OnAuthorization(actionContext); }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { var principal = context.HttpContext.User; var user = WebApiHelper.GetUser(principal, _config); var idParam = context.ActionDescriptor.Parameters.OfType <ControllerParameterDescriptor>().SingleOrDefault(x => x.ParameterInfo.GetCustomAttributes(typeof(PlayerIdAttribute), false).SingleOrDefault() != null); var idParamName = idParam?.Name; var idObj = (object)null; if (idParamName != null) { context.RouteData.Values?.TryGetValue(idParamName, out idObj); } var hasAccess = BaseApiController.HasFeatureAccess(_config, principal, _requirement.FeatureGroup, _requirement.FeatureName, idParamName != null ? idObj?.ToString() : user?.SteamId); if (!hasAccess) { context.Result = new ChallengeResult(); } }
public override void OnAuthorization(HttpActionContext actionContext) { string authorizationToken = BaseApiController.GetAuthorizationToken(actionContext.Request.Headers); bool authorized = AppBusiness.Security.IsTokenActive(authorizationToken); if (!authorized) { BaseApiResult response = new BaseApiResult(); response.Error = true; response.Code = 401; response.Message = "Authorization token invalid."; string json = JsonConvert.SerializeObject(response); actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized) { Content = new StringContent(json, Encoding.UTF8, "application/json") }; } }
public QuickNoteService(BaseApiController controller) : base(controller) { }
public AttributeProviderService(BaseApiController controller) : base(controller) { }
public void TestSetupController(BaseApiController controller) { controller.Request = new HttpRequestMessage(); controller.Request.Properties.Add(HttpPropertyKeys.HttpConfigurationKey, new HttpConfiguration()); }