//TODO: this can be used in document store/counter stores/time series store
internal static void InitializeSecurity(ConventionBase conventions, string serverUrl, ICredentials primaryCredentials)
{
/*if (conventions.HandleUnauthorizedResponseAsync != null)
* return; // already setup by the user
*
* var securedAuthenticator = new SecuredAuthenticator();
*
* requestFactory.ConfigureRequest += securedAuthenticator.ConfigureRequest;
*
* conventions.HandleUnauthorizedResponseAsync = (unauthorizedResponse, credentials) =>
* {
* var oauthSource = unauthorizedResponse.Headers.GetFirstValue("OAuth-Source");
*
#if DEBUG && FIDDLER
* // Make sure to avoid a cross DNS security issue, when running with Fiddler
* if (string.IsNullOrEmpty(oauthSource) == false)
* oauthSource = oauthSource.Replace("localhost:", "localhost.fiddler:");
#endif
*
* if (credentials.ApiKey == null)
* {
* return null;
* }
*
* if (string.IsNullOrEmpty(oauthSource))
* oauthSource = serverUrl + "/OAuth/API-Key";
*
* return securedAuthenticator.DoOAuthRequestAsync(oauthSource, credentials.ApiKey);
* };*/
}
//TODO: this can be used in document store/counter stores/time series store
internal static void InitializeSecurity(ConventionBase conventions, HttpJsonRequestFactory requestFactory, string serverUrl, ICredentials primaryCredentials)
{
if (conventions.HandleUnauthorizedResponseAsync != null)
{
return; // already setup by the user
}
var securedAuthenticator = new SecuredAuthenticator();
requestFactory.ConfigureRequest += securedAuthenticator.ConfigureRequest;
conventions.HandleUnauthorizedResponseAsync = (unauthorizedResponse, credentials) =>
{
var oauthSource = unauthorizedResponse.Headers.GetFirstValue("OAuth-Source");
#if DEBUG && FIDDLER
// Make sure to avoid a cross DNS security issue, when running with Fiddler
if (string.IsNullOrEmpty(oauthSource) == false)
{
oauthSource = oauthSource.Replace("localhost:", "localhost.fiddler:");
}
#endif
if (credentials.ApiKey == null)
{
return(null);
}
if (string.IsNullOrEmpty(oauthSource))
{
oauthSource = serverUrl + "/OAuth/API-Key";
}
return(securedAuthenticator.DoOAuthRequestAsync(oauthSource, credentials.ApiKey));
};
}
public SingleAuthTokenRetriever(IHoldProfilingInformation profilingInfo, ConventionBase convention, NameValueCollection operationHeaders, OperationMetadata operationMetadata)
{
this.profilingInfo = profilingInfo;
this.convention = convention;
this.operationHeaders = operationHeaders;
this.operationMetadata = operationMetadata;
}
internal static void InitializeSecurity(ConventionBase conventions, HttpJsonRequestFactory requestFactory, string serverUrl, bool autoRefreshToken = true)
{
if (conventions.HandleUnauthorizedResponseAsync != null)
{
return; // already setup by the user
}
var basicAuthenticator = new BasicAuthenticator(requestFactory.EnableBasicAuthenticationOverUnsecuredHttpEvenThoughPasswordsWouldBeSentOverTheWireInClearTextToBeStolenByHackers);
var securedAuthenticator = new SecuredAuthenticator(autoRefreshToken);
requestFactory.OnDispose += (sender, args) => securedAuthenticator.Dispose();
requestFactory.ConfigureRequest += basicAuthenticator.ConfigureRequest;
requestFactory.ConfigureRequest += securedAuthenticator.ConfigureRequest;
conventions.HandleForbiddenResponseAsync = (forbiddenResponse, credentials) =>
{
if (credentials.ApiKey == null)
{
AssertForbiddenCredentialSupportWindowsAuth(forbiddenResponse, credentials.Credentials);
return(null);
}
return(null);
};
conventions.HandleUnauthorizedResponseAsync = (unauthorizedResponse, credentials) =>
{
var oauthSource = unauthorizedResponse.Headers.GetFirstValue("OAuth-Source");
#if DEBUG && FIDDLER
// Make sure to avoid a cross DNS security issue, when running with Fiddler
if (string.IsNullOrEmpty(oauthSource) == false)
{
oauthSource = oauthSource.Replace("localhost:", "localhost.fiddler:");
}
#endif
// Legacy support
if (string.IsNullOrEmpty(oauthSource) == false &&
oauthSource.EndsWith("/OAuth/API-Key", StringComparison.CurrentCultureIgnoreCase) == false)
{
return(basicAuthenticator.HandleOAuthResponseAsync(oauthSource, credentials.ApiKey));
}
if (credentials.ApiKey == null)
{
AssertUnauthorizedCredentialSupportWindowsAuth(unauthorizedResponse, credentials.Credentials);
return(null);
}
if (string.IsNullOrEmpty(oauthSource))
{
oauthSource = serverUrl + "/OAuth/API-Key";
}
return(securedAuthenticator.DoOAuthRequestAsync(serverUrl, oauthSource, credentials.ApiKey));
};
}
public bool RateSurpassed(ConventionBase conventions)
{
var local = current;
if (local == null)
{
return(false);
}
return(local.RateSurpassed(conventions));
}
public bool RateSurpassed(ConventionBase conventions)
{
var requestTimeSlaThresholdInMilliseconds = conventions.RequestTimeSlaThresholdInMilliseconds;
var rate = Rate();
if (surpassed)
{
return(surpassed = rate >= SwitchBackRatio * requestTimeSlaThresholdInMilliseconds);
}
return(surpassed = rate >= requestTimeSlaThresholdInMilliseconds);
}
public CreateHttpJsonRequestParams(IHoldProfilingInformation self, string url, HttpMethod method, OperationCredentials credentials, ConventionBase convention, IRequestTimeMetric requestTimeMetric = null, TimeSpan?timeout = null, long?etag = null)
{
Etag = etag;
Owner = self;
Url = url;
Method = method;
Credentials = credentials;
Convention = convention;
RequestTimeMetric = requestTimeMetric;
Timeout = timeout;
operationsHeadersCollection = new NameValueCollection();
ShouldCacheRequest = convention != null ? convention.ShouldCacheRequest : urlParam => false;
}
public static void ApplySettingsToConventions(ConventionBase conventions)
{
var settings = ClientSettings;
if (settings.Count == 0)
{
return;
}
var type = conventions.GetType();
foreach (var setting in settings)
{
Console.WriteLine("Applying external client setting: " + setting.Key);
var property = type.GetProperty(setting.Key, BindingFlags.Public | BindingFlags.Instance);
if (property == null)
{
continue;
}
property.SetValue(conventions, setting.Value);
}
}
public bool RateSurpassed(ConventionBase conventions)
{
throw new NotSupportedException();
}
internal HttpJsonRequest(
CreateHttpJsonRequestParams requestParams,
HttpJsonRequestFactory factory)
{
_credentials = requestParams.DisableAuthentication == false ? requestParams.Credentials : null;
disabledAuthRetries = requestParams.DisableAuthentication;
Url = requestParams.Url;
Method = requestParams.Method;
if (requestParams.Timeout.HasValue)
{
Timeout = requestParams.Timeout.Value;
}
else
{
Timeout = DefaultHttpClientTimeout;
#if DEBUG
if (Debugger.IsAttached)
{
Timeout = TimeSpan.FromMinutes(5);
}
#endif
}
this.factory = factory;
owner = requestParams.Owner;
conventions = requestParams.Convention;
requestTimeMetric = requestParams.RequestTimeMetric;
recreateHandler = factory.httpMessageHandler ?? (
() =>
{
var useDefaultCredentials = _credentials != null && _credentials.HasCredentials() == false;
ICredentials credentialsToUse = null;
if (_credentials != null)
{
var networkCredentials = _credentials.Credentials as NetworkCredential;
if (networkCredentials != null && factory.authenticationScheme != null)
{
var credentialCache = new CredentialCache();
var uri = new Uri(requestParams.Url);
credentialCache.Add(new Uri(string.Format("{0}://{1}:{2}/", uri.Scheme, uri.Host, uri.Port)), factory.authenticationScheme, networkCredentials);
credentialsToUse = credentialCache;
}
else
{
credentialsToUse = _credentials.Credentials;
}
}
var handler = new HttpClientHandler
{
};
return(handler);
}
);
httpClient = factory.httpClientCache.GetClient(Timeout, _credentials, recreateHandler);
var isNotGet = Method == HttpMethods.Post || Method == HttpMethods.Put || Method == HttpMethods.Patch || Method == HttpMethods.Eval;
if (factory.DisableRequestCompression == false && requestParams.DisableRequestCompression == false)
{
if (isNotGet)
{
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("Content-Encoding", "gzip");
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("Content-Type", "application/json; charset=utf-8");
}
if (factory.acceptGzipContent)
{
httpClient.DefaultRequestHeaders.AcceptEncoding.Add(new StringWithQualityHeaderValue("gzip"));
}
}
if (requestParams.Etag.HasValue)
{
var etag = requestParams.Etag.Value.ToString();
if (isNotGet)
{
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("If-Match", etag);
}
else
{
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("If-None-Match", etag);
}
}
headers.Add("Raven-Client-Version", ClientVersion);
requestParams.UpdateHeaders(headers);
}
public CreateHttpJsonRequestParams(IHoldProfilingInformation self, string url, HttpMethod method, OperationCredentials credentials, ConventionBase convention, IRequestTimeMetric requestTimeMetric = null, TimeSpan?timeout = null)
: this(self, url, method, new RavenJObject(), credentials, convention, requestTimeMetric, timeout)
{
}
