/**
* Generate a remote content request based on the parameters
* sent from the client.
* @throws GadgetException
*/
private sRequest buildHttpRequest(HttpRequestWrapper request)
{
Uri url = ValidateUrl(request.getParameter(URL_PARAM));
sRequest req = new sRequest(url)
.setMethod(GetParameter(request, METHOD_PARAM, "GET"))
.setPostBody(request.getRequest().ContentEncoding.GetBytes(GetParameter(request, POST_DATA_PARAM, "")))
.setContainer(getContainer(request));
String headerData = GetParameter(request, HEADERS_PARAM, "");
if (headerData.Length > 0)
{
String[] headerList = headerData.Split('&');
foreach (String header in headerList)
{
String[] parts = header.Split('=');
if (parts.Length != 2)
{
throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR,
"Malformed header specified,");
}
req.addHeader(HttpUtility.UrlDecode(parts[0]), HttpUtility.UrlDecode(parts[1]));
}
}
//removeUnsafeHeaders(req);
req.setIgnoreCache("1".Equals(request.getParameter(NOCACHE_PARAM)));
if (request.getParameter(GADGET_PARAM) != null)
{
req.Gadget = Uri.parse(request.getParameter(GADGET_PARAM));
}
// Allow the rewriter to use an externally forced mime type. This is needed
// allows proper rewriting of <script src="x"/> where x is returned with
// a content type like text/html which unfortunately happens all too often
req.setRewriteMimeType(request.getParameter(REWRITE_MIME_TYPE_PARAM));
// Figure out whether authentication is required
AuthType auth = AuthType.Parse(GetParameter(request, AUTHZ_PARAM, null));
req.AuthType = auth;
if (auth != AuthType.NONE)
{
req.setSecurityToken(extractAndValidateToken(request.getContext()));
req.setOAuthArguments(new OAuthArguments(auth, request.getRequest()));
}
return(req);
}
private sRequest createHttpRequest(sRequest basereq, List <OAuth.Parameter> oauthParams)
{
AccessorInfo.OAuthParamLocation?paramLocation = accessorInfo.getParamLocation();
// paramLocation could be overriden by a run-time parameter to fetchRequest
sRequest result = new sRequest(basereq);
// If someone specifies that OAuth parameters go in the body, but then sends a request for
// data using GET, we've got a choice. We can throw some type of error, since a GET request
// can't have a body, or we can stick the parameters somewhere else, like, say, the header.
// We opt to put them in the header, since that stands some chance of working with some
// OAuth service providers.
if (paramLocation == AccessorInfo.OAuthParamLocation.POST_BODY &&
!result.getMethod().Equals("POST"))
{
paramLocation = AccessorInfo.OAuthParamLocation.AUTH_HEADER;
}
switch (paramLocation)
{
case AccessorInfo.OAuthParamLocation.AUTH_HEADER:
result.addHeader("Authorization", getAuthorizationHeader(oauthParams));
break;
case AccessorInfo.OAuthParamLocation.POST_BODY:
if (!OAuth.isFormEncoded(result.ContentType))
{
throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
"OAuth param location can only be post_body if post body is of " +
"type x-www-form-urlencoded");
}
String oauthData = OAuth.formEncode(oauthParams);
if (result.getPostBodyLength() == 0)
{
result.setPostBody(Encoding.UTF8.GetBytes(oauthData));
}
else
{
result.setPostBody(Encoding.UTF8.GetBytes(result.getPostBodyAsString() + '&' + oauthData));
}
break;
case AccessorInfo.OAuthParamLocation.URI_QUERY:
result.setUri(Uri.parse(OAuth.addParameters(result.getUri().ToString(), oauthParams)));
break;
}
return(result);
}
