/// <summary> /// This method processes the actual request. /// </summary> /// <param name="context">The active context.</param> public override bool RequestProcess(SiteControllerContext context) { RQRSContract<ResourceManagerRequest, ResourceManagerResponse> Env = null; //Ok, we need to call the Content Compiler to build the output content. try { Env = context.EnvelopeHelper.Get<ResourceManagerRequest, ResourceManagerResponse>(); Env.DestinationAddress = new EnvelopeAddress(mResourceManager, "Receive"); Env.ContractRequest.Data = context.ScriptRequest; Env.ContractRequest.Settings = context.ScriptSettings; context.SenderIdentitySet((IXimuraRQRSEnvelope)Env); context.Job.ProcessRequest(Env); context.ScriptRequest.ResponseStatus = Env.ContractResponse.Status; context.ScriptRequest.ResponseStatusMessage = Env.ContractResponse.Substatus; context.ProtocolResponse.Body = Env.ContractResponse.Body; } catch (Exception ex) { context.ChangeState("Error"); } finally { if (Env != null) Env.ObjectPoolReturn(); } return false; }
/// <summary> /// This method formats the WWW-Authenticate header. /// </summary> /// <param name="context">The current context.</param> /// <returns>The WWW-Authenticate header value.</returns> protected override string WWWAuthString(SiteControllerContext context) { return @"Digest realm=""" + context.ScriptSettings.AuthDomain + @""", qop=""auth"", algorithm=md5, stale=false, nonce=""" + Guid.NewGuid().ToString("N").ToLowerInvariant() + @""", opaque=""" + context.ScriptRequest.SessionID.Value.ToString("N").ToLowerInvariant() + @""""; }
/// <summary> /// This state is used to decode the incoming message, and extract important /// information such as the HTTP cookie value for the HTTP protocol. /// </summary> /// <param name="context">This is the request context</param> public override bool MessageDecode(SiteControllerContext context) { //Set the HTTP response message. context.ProtocolResponse = context.GetObjectPool<InternetMessageResponse>().Get(); context.ProtocolResponse.BeginInit(); InternetInstructionFragmentBase baseFragment = context.ProtocolRequest.Instruction; ControllerRequest contRQ = context.ScriptRequest; HTTPRequestMessage rq = context.RequestMessage as HTTPRequestMessage; contRQ.RequestURI = context.RequestURI; contRQ.RequestAddressLocal = new IPEndPointExtended(context.RequestURILocal); contRQ.RequestAddressRemote = new IPEndPointExtended(context.RequestURIRemote); contRQ.RequestVerb = context.RequestMethod; contRQ.RequestProtocolVersion = baseFragment.Version; contRQ.ResponseProtocolVersion = baseFragment.Version; contRQ.ResponseProtocol = contRQ.RequestURI.Scheme; HeadersProcess(context, contRQ, rq); CookiesProcess(context); return context.ScriptRequestResolved; }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <returns></returns> public override bool RequestResolve(SiteControllerContext context) { string changeState = context.ScriptSettings.MappingState; context.CheckChangeState("RS_" + changeState); return true; }
/// <summary> /// This method should be used to set any auth settings in the script. /// </summary> /// <param name="context">The current context.</param> public override void RequestScriptAuthSet(SiteControllerContext context) { if (context.ScriptSession == null) return; foreach (RealmAuthentication auth in context.ScriptSession.Authentication) { context.ScriptRequest.AuthenticationSet(auth); } }
/// <summary> /// This emthod loads the list to ensure the privacy settings and that /// the correct URI is accessed /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true if the list should be displayed.</returns> public override bool RequestAuthenticate(SiteControllerContext context) { if (context.ScriptRequest.RequestAuthorization != null && context.ScriptRequest.RequestAuthorization != "") if (RequestValidate(context)) return true; if (context.ScriptSettings.AuthDomain != null && context.ScriptSettings.AuthDomain != "") context.ScriptRequest.ResponseHeaderAdd("WWW-Authenticate", WWWAuthString(context)); context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; return false; }
/// <summary> /// This method initializes the request and resolves the request to the appropriate section. /// </summary> /// <param name="context">The current context.</param> public override void Initialize(SiteControllerContext context) { try { MappingSettings map; IDictionary<string, string> variables; //Resolve the incoming Uri from the scripts. bool resolved = context.ContextSettings.ResolvePath( context.RequestServerType, context.RequestURI, context.RequestUserAgent, context.RequestMethod, out variables, out map); context.ScriptSettings = map; context.ScriptRequestResolved = resolved; context.ScriptRequest.ResponseID = map.MappingID; context.ScriptRequest.ResponseTemplate = map.Template; //Add the variables for the request. foreach (KeyValuePair<string, string> item in variables) { context.ScriptRequest.VariableAdd(item.Key, item.Value); } //Add any Uri or script query parameters if (map.VariableColl != null && map.VariableColl.Count > 0) { foreach (VariableHolder vh in map.VariableColl) { switch (vh.VariableType) { case "parameter": context.ScriptRequest.VariableAdd(vh.VariableID, vh.Variable); break; case "query": context.ScriptRequest.RequestQueryParameterSet(vh.VariableID, vh.Variable); break; } } } context.CheckChangeState("PR_" + map.ProtocolState); } catch (Exception ex) { throw ex; } }
public override bool MessageDecode(SiteControllerContext context) { //Set the HTTP response message. context.ProtocolResponse = context.GetObjectPool<InternetMessageResponse>().Get(); context.ProtocolResponse.BeginInit(); ControllerRequest contRQ = context.ScriptRequest; contRQ.RequestURI = context.RequestURI; contRQ.RequestVerb = context.RequestMethod; return context.ScriptRequestResolved; }
public override void ResponseComplete(SiteControllerContext context) { TranslateResponseCode(context); context.ProtocolResponse.Instruction.Protocol = "EMAIL"; context.ProtocolResponse.Instruction.Version = "1.0"; context.ProtocolResponse.HeaderAdd("Server", context.ContextSettings.ServerID); context.ProtocolResponse.HeaderAdd("Date", DateTime.UtcNow.ToString("ddd, dd MMM yyyy HH:mm:ss") + " GMT"); context.ProtocolResponse.EndInit(); context.Response.Status = context.ScriptRequest.ResponseStatus; }
/// <summary> /// This method resolves the session. /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true if the session can be resolved.</returns> public override bool SessionResolve(SiteControllerContext context) { ControllerSession session; throw new NotImplementedException(); //switch (context.Job.CDSRead<ControllerSession>(context.ScriptRequest.SessionID, null, out session)) //{ // case CDSResponse.OK: // context.ScriptSession = session; // context.ScriptRequest.SessionID = session.IDContent; // ProcessMemberSecurity(context); // return true; //} return false; }
/// <summary> /// This method retrieves the correct user object from the CDS for the specific domain. /// </summary> /// <param name="context">The request context.</param> /// <param name="username">The username containing the userid and the domain.</param> /// <param name="rqUser">An out parameter that contains the user obejct if the request is successful.</param> /// <returns>Returns the HTTP status code for the request. 200 indicated success, everything else indicates a fail.</returns> protected virtual string RetrieveUserSecurity(SiteControllerContext context, MailAddress username, out IAuthUser rqUser) { Content secEnt = null; try { Type userType = context.ContextSettings.ResolveSecurityObjectType(username.Host); throw new NotImplementedException(); string status;;// = context.CDSHelper.Execute(userType, CDSData.Get(CDSAction.Read, "userid", username.Address), out secEnt); rqUser = secEnt as IAuthUser; return status; } catch (Exception ex) { //OK, we have an error. Tidy up any mess and returns any objects to the pool. if (secEnt != null && secEnt.ObjectPoolCanReturn) secEnt.ObjectPoolReturn(); rqUser = null; return CH.HTTPCodes.InternalServerError_500; } }
/// <summary> /// This method sets the session value /// </summary> /// <param name="context">The current context.</param> /// <param name="rqMember">The member account to set.</param> /// <returns>Returns </returns> protected virtual bool SessionSet(SiteControllerContext context, IAuthUser rqUser) { if (context.ScriptSession == null || rqUser == null) return false; return context.ScriptSession.AuthenticationSet(rqUser, false, true); }
/// <summary> /// This method translates in outgoing error code and sets the reponse instruction /// as well as setting the response message body for error conditions. /// </summary> /// <param name="context">The current context.</param> protected virtual void TranslateResponseCode(SiteControllerContext context) { //If the body has already been set, then there is nothing to do here. string code = context.ScriptRequest.ResponseStatus; context.ProtocolResponse.Instruction.Verb = code; //context.ProtocolResponse.Instruction.Instruction = context.ScriptRequest.ResponseStatusMessage; switch (code) { case "": case "100": context.ProtocolResponse.Instruction.Verb = "404"; context.ProtocolResponse.Instruction.Instruction = "Not found"; SetErrorBody(context, CH.HTTPCodes.NotFound_404); return; case "200": context.ProtocolResponse.Instruction.Instruction = "OK"; return; case "201": context.ProtocolResponse.Instruction.Instruction = "Created"; return; case "202": context.ProtocolResponse.Instruction.Instruction = "Accepted"; return; case "203": context.ProtocolResponse.Instruction.Instruction = "Non-authoritative Information"; return; case "204": context.ProtocolResponse.Instruction.Instruction = "No Content"; return; case "205": context.ProtocolResponse.Instruction.Instruction = "Reset Content"; return; case "206": context.ProtocolResponse.Instruction.Instruction = "Partial Content"; return; case "300": context.ProtocolResponse.Instruction.Instruction = "Multiple Choices"; return; case "301": context.ProtocolResponse.Instruction.Instruction = "Moved Permanently"; return; case "302": context.ProtocolResponse.Instruction.Instruction = "Found"; return; case "303": context.ProtocolResponse.Instruction.Instruction = "See Other"; if (context.ProtocolResponse.Body == null) SetErrorBody(context, "303", "Just for Firefox.", "Oh Firefox, Firefox, why! Why do you taunt me so? Why can't you be nice and behaved like that lovely IE?"); return; case "304": context.ProtocolResponse.Instruction.Instruction = "Not Modified"; return; case "305": context.ProtocolResponse.Instruction.Instruction = "Use Proxy"; return; case "306": context.ProtocolResponse.Instruction.Instruction = "What the F**K?"; return; case "307": context.ProtocolResponse.Instruction.Instruction = "Moved Temporarily"; if (context.ProtocolResponse.Body == null) SetErrorBody(context, "307"); return; } //Ok, we are now in error response codes, so we may need to set an error body. switch (code) { case "400": context.ProtocolResponse.Instruction.Instruction = "Bad Request"; break; case "401": context.ProtocolResponse.Instruction.Instruction = "Unauthorized"; break; case "402": context.ProtocolResponse.Instruction.Instruction = "Payment Required - apparently"; break; case "403": context.ProtocolResponse.Instruction.Instruction = "Forbidden"; break; case "404": context.ProtocolResponse.Instruction.Instruction = "Not Found"; break; case "405": context.ProtocolResponse.Instruction.Instruction = "Method Not Allowed"; break; case "406": context.ProtocolResponse.Instruction.Instruction = "Not Acceptable"; break; case "407": context.ProtocolResponse.Instruction.Instruction = "Proxy Authentication Required"; break; case "408": context.ProtocolResponse.Instruction.Instruction = "Request Time-out"; break; case "409": context.ProtocolResponse.Instruction.Instruction = "Conflict"; break; case "410": context.ProtocolResponse.Instruction.Instruction = "Gone"; break; case "411": context.ProtocolResponse.Instruction.Instruction = "Length Required"; break; case "412": context.ProtocolResponse.Instruction.Instruction = "Precondition Failed"; break; case "413": context.ProtocolResponse.Instruction.Instruction = "Request Entity Too Large"; break; case "414": context.ProtocolResponse.Instruction.Instruction = "Request URL Too Long"; break; case "415": context.ProtocolResponse.Instruction.Instruction = "Unsupported Media Type"; break; case "416": context.ProtocolResponse.Instruction.Instruction = "Request Range Not Satisfiable"; break; case "417": context.ProtocolResponse.Instruction.Instruction = "Expectation Failed"; break; case "500": context.ProtocolResponse.Instruction.Instruction = "Internal Server Error"; break; case "501": context.ProtocolResponse.Instruction.Instruction = "Not Implemented"; break; case "502": context.ProtocolResponse.Instruction.Instruction = "Bad Gateway"; break; case "503": context.ProtocolResponse.Instruction.Instruction = "Service Unavailable"; break; case "504": context.ProtocolResponse.Instruction.Instruction = "Gateway Time-out"; break; case "505": context.ProtocolResponse.Instruction.Instruction = "HTTP Version Not Supported"; break; default: throw new NotSupportedException(); } if (context.ProtocolResponse.Body == null) SetErrorBody(context, code); }
/// <summary> /// This method formats the WWW-Authenticate header. /// </summary> /// <param name="context">The current context.</param> /// <returns>The WWW-Authenticate header value.</returns> protected virtual string WWWAuthString(SiteControllerContext context) { throw new NotImplementedException("AuthManager->WWWAuthString is not implemented."); }
/// <summary> /// This method validates the digest authentication. /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true of the response has been validated.</returns> protected virtual bool RequestValidate(SiteControllerContext context) { throw new NotImplementedException("AuthManager->RequestValidate is not implemented."); }
/// <summary> /// This method validates the incoming request authentication. /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true if the state is successfully authenticated.</returns> public virtual bool RequestAuthenticate(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> Authenticate is not implemented."); }
public override void Log(SiteControllerContext context) { }
/// <summary> /// This method validates the digest authentication. /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true of the response has been validated.</returns> protected override bool RequestValidate(SiteControllerContext context) { string authHeader = context.ScriptRequest.RequestAuthorization; //if (!authHeader.StartsWith("Digest ")) return false; //IAuthUser rqUser = null; //try //{ // Dictionary<string, string> AuthParams = CH.SplitOnCharsUnique<string, string>(authHeader.Substring(7), // CH.ConvPassthruLowerCase, CH.ConvStripSpeechMarks, new char[] { ',' }, new char[] { '=' }); // string username = AuthParams["username"] + "@" + AuthParams["realm"]; // //Ok, get the user object // string status = RetrieveUserSecurity(context, new MailAddress(username), out rqUser); // if (status != CH.HTTPCodes.OK_200) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } // //Adjust the HA1 if we are using MD5-Sess, if not the value will be passed through. // string HA1 = CH.HA1CalculateMD5Sess( // AuthParams.ContainsKey("algorithm") ? AuthParams["algorithm"] : null, // CH.GetHexDecString(rqUser.TypeID, rqUser.UserName, rqUser.RealmDomain, rqUser.SecurityInfo).ToLowerInvariant(), // AuthParams.ContainsKey("nonce") ? AuthParams["nonce"] : null, // AuthParams.ContainsKey("cnonce") ? AuthParams["cnonce"] : null); // string HA2 = CH.HA2Calculate( // AuthParams.ContainsKey("algorithm") ? AuthParams["algorithm"] : null, // context.ScriptRequest.RequestVerb, // AuthParams.ContainsKey("uri") ? AuthParams["uri"] : null); // string res = CH.DigestResponseCalculate( // AuthParams.ContainsKey("algorithm") ? AuthParams["algorithm"] : null, HA1, HA2, // AuthParams.ContainsKey("nonce") ? AuthParams["nonce"] : null, // AuthParams.ContainsKey("qop") ? AuthParams["qop"] : null, // AuthParams.ContainsKey("nc") ? AuthParams["nc"] : null, // AuthParams.ContainsKey("cnonce") ? AuthParams["cnonce"] : null); // if (res != AuthParams["response"]) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } // if (!SessionSet(context, rqUser)) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } //} //finally //{ // if (rqUser != null && rqUser.ObjectPoolCanReturn) // rqUser.ObjectPoolReturn(); //} //return true; }
/// <summary> /// This method initializes the request. /// </summary> /// <param name="context">The active context</param> public virtual void Initialize(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> Initialize is not implemented."); }
/// <summary> /// This method processes the actual request. /// </summary> /// <param name="context">The active context</param> public virtual bool RequestProcess(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> RequestProcess is not implemented."); }
/// <summary> /// This method decodes the incoming message. /// </summary> /// <param name="context">The active context</param> public virtual bool MessageDecode(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> CookiePrepare is not implemented."); }
/// <summary> /// This method formats the WWW-Authenticate header. /// </summary> /// <param name="context">The current context.</param> /// <returns>The WWW-Authenticate header value.</returns> protected override string WWWAuthString(SiteControllerContext context) { return @"Basic realm=""" + context.ScriptRequest.ResponseStateAuthDomain + @""""; }
/// <summary> /// This method logs the current request. /// </summary> /// <param name="context">The active context</param> public virtual void Log(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> RequestValidate is not implemented."); }
/// <summary> /// This method should be used to set any auth settings in the script. /// </summary> /// <param name="context">The current context.</param> public virtual void RequestScriptAuthSet(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> RequestScriptAuthSet is not implemented."); }
/// <summary> /// This method processes any security parameters retrieved from the Member Session. /// </summary> /// <param name="context">The current context.</param> protected virtual void ProcessMemberSecurity(SiteControllerContext context) { }
protected override void SetErrorBody(SiteControllerContext context, string errorCode, string errorMessage, string errorDescription) { //We don't care. }
public override void ResponsePrepare(SiteControllerContext context) { }
/// <summary> /// This method resolves the session. /// </summary> /// <param name="context">The active context</param> public virtual bool SessionResolve(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> SessionResolve is not implemented."); }
/// <summary> /// This method validates the digest authentication. /// </summary> /// <param name="context">The current context.</param> /// <returns>Returns true of the response has been validated.</returns> protected override bool RequestValidate(SiteControllerContext context) { //string authHeader = context.ScriptRequest.RequestAuthorization; //if (!authHeader.StartsWith("Basic ")) return false; //IAuthUser rqUser = null; //try //{ // byte[] bsecData = Convert.FromBase64String(authHeader.Substring(6)); // string secData = Encoding.UTF8.GetString(bsecData); // int pointer = secData.IndexOf(':'); // if (pointer == -1) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } // string userID = secData.Substring(0, pointer - 1); // string userPassword = secData.Substring(pointer); // string userDomain = context.ScriptRequest.ResponseStateAuthDomain; // string username = userID + "@" + userDomain; // string status = RetrieveUserSecurity(context, new MailAddress(username), out rqUser); // if (status != CH.HTTPCodes.OK_200) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } // string HA1Member = CH.GetHexDecString(rqUser.TypeID, rqUser.UserName, rqUser.Realm, rqUser.SecurityInfo).ToLowerInvariant(); // //Adjust the HA1 if we are using MD5-Sess, if not the value will be passed through. // string HA1Request = CH.HA1Calculate("md5", rqUser.UserName, rqUser.Realm, userPassword); // if (HA1Member != HA1Request) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } // if (!SessionSet(context, rqUser)) // { // context.ScriptRequest.ResponseStatus = CH.HTTPCodes.Unauthorized_401; // return false; // } //} //finally //{ // if (rqUser != null && rqUser.ObjectPoolCanReturn) // rqUser.ObjectPoolReturn(); //} //return true; }
/// <summary> /// This method prepares the output for returning to the protocol. /// </summary> /// <param name="context">The active context</param> public virtual void ResponseComplete(SiteControllerContext context) { throw new NotImplementedException(this.Identifier + " -> ResponseComplete is not implemented."); }