protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { // Para obtener la API Key IEnumerable <string> listaCabeceras; var existeCabeceraApiKey = request.Headers.TryGetValues(API_KEY, out listaCabeceras); if (existeCabeceraApiKey && listaCabeceras.Any()) { // El descriptor aquí contendrá información sobre el controlador al que se enrutará la solicitud. // Si es nulo (es decir, no se encontró el controlador), se lanzará una excepción var config = GlobalConfiguration.Configuration; var controllerSelector = new DefaultHttpControllerSelector(config); var controller = controllerSelector.SelectController(request); if (controller != null && ApiKeys.ContainsKey(controller.ControllerName)) { // Recupera el Guid de la API para comprobar su autenticación Guid apiKey = ApiKeys[controller.ControllerName]; if (listaCabeceras.First().Equals(apiKey.ToString())) { // Valida el acceso a la API var principal = new GenericPrincipal(new GenericIdentity("Auth_" + controller.ControllerName), null); AutorizarAccesoApi(principal); } } } return(base.SendAsync(request, cancellationToken)); }
public RouteContext(HttpConfiguration config, HttpRequestMessage request) { var routeData = config.Routes.GetRouteData(request); request.SetRouteData(routeData); var controllerSelector = new DefaultHttpControllerSelector(config); var descriptor = controllerSelector.SelectController(request); ControllerType = descriptor.ControllerType; var actionSelector = new ApiControllerActionSelector(); _actionMappings = actionSelector.GetActionMapping(descriptor).SelectMany(x => x).Where(x => x.SupportedHttpMethods.Contains(request.Method)); }
public RouteContext(HttpConfiguration config, HttpRequestMessage request) { var routeData = config.Routes.GetRouteData(request); request.SetRouteData(routeData); var controllerSelector = new DefaultHttpControllerSelector(config); var descriptor = controllerSelector.SelectController(request); ControllerType = descriptor.ControllerType; var actionSelector = new ApiControllerActionSelector(); _actionMappings = actionSelector.GetActionMapping(descriptor)[request.Method.ToString()]; }
private HttpResponseMessage ProcessTokenCheck(HttpRequestMessage request) { var config = GlobalConfiguration.Configuration; var controllerSelector = new DefaultHttpControllerSelector(config); var descriptor = controllerSelector.SelectController(request); if (System.Attribute.GetCustomAttributes(descriptor.ControllerType) .FirstOrDefault(attr => attr.TypeId.ToString().Contains(RegistrationRequiredAttribute.Name)) != null) { IEnumerable <string> values; if (!request.Headers.TryGetValues("token", out values) || values.Count() == 0 || string.IsNullOrEmpty(values.ToList()[0])) { return(ToolsBoxResponse.OK(new BasicResponseModel { Message = "Token required", Status = HttpStatusCode.Forbidden })); } var result = TokenProvider.CheckToken(values.ToList()[0]); switch (result) { case TokenProvider.TokenStatus.WrongToken: return(ToolsBoxResponse.OK(new BasicResponseModel { Message = "Wrong token", Status = HttpStatusCode.Forbidden })); case TokenProvider.TokenStatus.Expired: return(ToolsBoxResponse.OK(new BasicResponseModel { Message = "Token expired", Status = HttpStatusCode.Forbidden })); } } return(null); }
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { try { var controllerSelector = new DefaultHttpControllerSelector(request.GetConfiguration()); var descriptor = controllerSelector.SelectController(request); if (descriptor.ControllerType.IsDefined(typeof(SinchCallbackAttribute), false)) { _callbackValidator.Validate(request.RequestUri.AbsolutePath, GetHeaders(request), await request.Content.ReadAsByteArrayAsync()); } (await request.Content.ReadAsStreamAsync()).Seek(0, SeekOrigin.Begin); return(await base.SendAsync(request, cancellationToken)); } catch (InvalidCallbackException) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } catch (Exception) { throw new HttpResponseException(HttpStatusCode.InternalServerError); } }
private async Task <Tuple <HttpResponseMessage, List <Action <StringBuilder> > > > HandleActualRequestAsync(GetRequest request) { var query = ""; if (request.Query != null) { query = request.Query.TrimStart('?').Replace("+", "%2B"); } string indexQuery = null; string modifiedQuery; // to avoid UriFormatException: Invalid URI: The Uri string is too long. [see RavenDB-1517] if (query.Length > 32760 && TryExtractIndexQuery(query, out modifiedQuery, out indexQuery)) { query = modifiedQuery; } HttpRequestMessage msg; if (request.Method == "POST") { msg = new HttpRequestMessage(HttpMethod.Post, new UriBuilder { Host = "multi.get", Path = request.Url }.Uri); msg.Content = new StringContent(request.Content); msg.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json") { CharSet = "utf-8" }; } else { msg = new HttpRequestMessage(HttpMethod.Get, new UriBuilder { Host = "multi.get", Query = query, Path = request.Url }.Uri); } IncrementInnerRequestsCount(); msg.SetConfiguration(Configuration); var route = Configuration.Routes.GetRouteData(msg); msg.SetRouteData(route); var controllerSelector = new DefaultHttpControllerSelector(Configuration); var descriptor = controllerSelector.SelectController(msg); foreach (var header in request.Headers) { msg.Headers.TryAddWithoutValidation(header.Key, header.Value); } msg.Headers.TryAddWithoutValidation("Raven-internal-request", "true"); var controller = (RavenBaseApiController)descriptor.CreateController(msg); controller.Configuration = Configuration; var controllerContext = new HttpControllerContext(Configuration, route, msg) { ControllerDescriptor = descriptor, Controller = controller, RequestContext = new HttpRequestContext(), RouteData = route }; controller.SkipAuthorizationSinceThisIsMultiGetRequestAlreadyAuthorized = true; controller.ControllerContext = controllerContext; controllerContext.Request = msg; controller.RequestContext = controllerContext.RequestContext; controller.Configuration = Configuration; if (string.IsNullOrEmpty(indexQuery) == false && (controller as RavenDbApiController) != null) { ((RavenDbApiController)controller).SetPostRequestQuery(indexQuery); } var httpResponseMessage = await controller.ExecuteAsync(controllerContext, CancellationToken.None); return(Tuple.Create(httpResponseMessage, controller.CustomRequestTraceInfo)); }
private async Task <HttpResponseMessage> HandleActualRequestAsync(GetRequest request) { var query = ""; if (request.Query != null) { query = request.Query.TrimStart('?').Replace("+", "%2B"); } string indexQuery = null; string modifiedQuery; // to avoid UriFormatException: Invalid URI: The Uri string is too long. [see RavenDB-1517] if (query.Length > 32760 && TryExtractIndexQuery(query, out modifiedQuery, out indexQuery)) { query = modifiedQuery; } var msg = new HttpRequestMessage(HttpMethod.Get, new UriBuilder { Host = "multi.get", Query = query, Path = request.Url }.Uri); msg.SetConfiguration(Configuration); var route = Configuration.Routes.GetRouteData(msg); msg.SetRouteData(route); var controllerSelector = new DefaultHttpControllerSelector(Configuration); var descriptor = controllerSelector.SelectController(msg); foreach (var header in request.Headers) { msg.Headers.TryAddWithoutValidation(header.Key, header.Value); } msg.Headers.TryAddWithoutValidation("Raven-internal-request", "true"); var controller = (ApiController)descriptor.CreateController(msg); controller.Configuration = Configuration; var controllerContext = new HttpControllerContext(Configuration, route, msg) { ControllerDescriptor = descriptor, Controller = controller, RequestContext = new HttpRequestContext(), RouteData = route }; controller.ControllerContext = controllerContext; controllerContext.Request = msg; controller.RequestContext = controllerContext.RequestContext; controller.Configuration = Configuration; if (string.IsNullOrEmpty(indexQuery) == false && (controller as RavenDbApiController) != null) { ((RavenDbApiController)controller).SetPostRequestQuery(indexQuery); } return(await controller.ExecuteAsync(controllerContext, CancellationToken.None)); }
//<summary>Recibe la peticion del servidor antes de que llegue al controlador para realzar el log de la peticion.</summary> /// <param name="cancellationToken"></param> /// <param name="request">Objeto que contiene informacion de las peticiones.</param> /// <returns>Respuesta del servidor</returns> protected override async System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { using (IUnitOfWork unitOfWork = new UnitOfWork()) { IRepository <ApiLog> repository = new Repository <ApiLog>(unitOfWork); IRepository <User> repositoryUser = new Repository <User>(unitOfWork); apiLogService = new ApiLogService(repository); userService = new UserService(repositoryUser); StringBuilder content = new StringBuilder(); string requestUuid = request.GetCorrelationId().ToString(); HttpConfiguration config = GlobalConfiguration.Configuration; IHttpRouteData routeData = config.Routes.GetRouteData(request); HttpControllerContext controllerContext = new HttpControllerContext(config, routeData, request); DefaultHttpControllerSelector controllerSelector = new DefaultHttpControllerSelector(config); HttpControllerDescriptor controllerDescriptor = controllerSelector.SelectController(request); ApiControllerActionSelector apiControllerSelection = new ApiControllerActionSelector(); controllerContext.ControllerDescriptor = controllerDescriptor; HttpActionDescriptor actionDescriptor = apiControllerSelection.SelectAction(controllerContext); ApiLog requestLog = new ApiLog(); requestLog.Uuid = requestUuid; requestLog.Controller = controllerDescriptor.ControllerName; requestLog.Action = actionDescriptor.ActionName; //Obtiene y decodifica el post para que se muestre la informacion de la manera adecuada string data = HttpUtility.UrlDecode(request.Content.ReadAsStringAsync().Result); requestLog.Data = data; requestLog.CreatedAt = DateTime.Now; requestLog.Url = request.RequestUri.AbsoluteUri;//request.RequestUri.Host + HttpUtility.UrlDecode(request.RequestUri.PathAndQuery); requestLog.Method = request.Method.Method; requestLog.Status = "Started"; object headers = request.Headers.ToDictionary(x => x.Key, y => y.Value); requestLog.Headers = JsonConvert.SerializeObject(headers); //unitOfWork.BeginTransaction(); try { apiLogService.Create(requestLog); //unitOfWork.Commit(); } catch (Exception e) { //unitOfWork.Rollback(); } //Se espera la respuesta del controlador var response = await base.SendAsync(request, cancellationToken); requestUuid = request.GetCorrelationId().ToString(); //unitOfWork.BeginTransaction(); try { requestLog = apiLogService.FindBy(x => x.Uuid == requestUuid).FirstOrDefault(); User user = null; int? userId = UserApiAuthenticated.GetUserAuthenticatedId(request.GetRequestContext()); if (userId.HasValue) { user = userService.GetById(userId.Value); } if (user != null) { requestLog.CreatedBy = user; } if (requestLog != null) { if (response.RequestMessage != null && response.Content != null) { var responseContent = await response.Content.ReadAsStringAsync(); if (requestLog.Exception != null) { requestLog.Status = "HasException"; } else { requestLog.Status = "Completed"; } requestLog.Result = responseContent.ToString(); apiLogService.Update(requestLog); } } //unitOfWork.Commit(); }catch (Exception e) { //unitOfWork.Rollback(); } return(response); } }