public void To_check_it_is_valid_request_test()
        {
            var requestProperties = new Mock <RequestProperties>("GET", "", "", "");

            var request = new Mock <Request>(requestProperties.Object);

            RequestValidator.IsValidRequest(request.Object).Should().Be(true);
        }
        public void ItShouldReturnTrueWhenTheGeneratedAndExpectedSignaturesMatch()
        {
            RequestValidator validator = new RequestValidator();

            bool isValid = validator.IsValidRequest(
                "sha1=7ef2f3063ac865672e979b42272b8d5c81240190",
                "312725802",
                "some payload"
                );

            Assert.IsTrue(isValid);
        }
        public void ItShouldReturnFalseWhenTheGeneratedAndExpectedSignaturesDoNotMatch()
        {
            RequestValidator validator = new RequestValidator();

            bool isValid = validator.IsValidRequest(
                "sha1=7ef2f3063ac8656segs5e372b8d5c81240190",
                "some-key",
                "some payload"
                );

            Assert.IsFalse(isValid);
        }
Exemplo n.º 4
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var twilioAuthToken = ConfigurationManager.AppSettings[_twilioAuthTokenKey];
            var context         = ((HttpApplication)filterContext.HttpContext.GetService(typeof(HttpApplication))).Context;
            var isValidRequest  = _requestValidator.IsValidRequest(context, twilioAuthToken);

            if (!isValidRequest && !_isTestEnvironment)
            {
                filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
            }

            base.OnActionExecuting(filterContext);
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var validator = new RequestValidator();

            var context = ((HttpApplication)filterContext.HttpContext.GetService(typeof(HttpApplication))).Context;

            if (!validator.IsValidRequest(context, AuthToken, UrlOverride))
            {
                filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                filterContext.HttpContext.Response.SuppressContent = true;
                filterContext.HttpContext.ApplicationInstance.CompleteRequest();
            }

            base.OnActionExecuting(filterContext);
        }
Exemplo n.º 6
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var validator = new RequestValidator();

            var context = ((HttpApplication)filterContext.HttpContext.GetService(typeof(HttpApplication))).Context;

            if (!validator.IsValidRequest(context, AuthToken, UrlOverride))
            {
                filterContext.HttpContext.Response.StatusCode      = (int)HttpStatusCode.Forbidden;
                filterContext.HttpContext.Response.SuppressContent = true;
                filterContext.HttpContext.ApplicationInstance.CompleteRequest();
            }

            base.OnActionExecuting(filterContext);
        }
Exemplo n.º 7
0
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var validator = new RequestValidator();

            var context = ((HttpApplication)filterContext.HttpContext.GetService(typeof(HttpApplication))).Context;

            if (!validator.IsValidRequest(context, AuthToken, UrlOverride))
            {
                //This did not actually stop the Action execution, so its been replaced by the Result below
                //filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                //filterContext.HttpContext.Response.SuppressContent = true;
                //filterContext.HttpContext.ApplicationInstance.CompleteRequest();

                filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
            }

            base.OnActionExecuting(filterContext);
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var validator = new RequestValidator();

            var context = ((HttpApplication)filterContext.HttpContext.GetService(typeof(HttpApplication))).Context;

            if (!validator.IsValidRequest(context, AuthToken, UrlOverride))
            {
                //This did not actually stop the Action execution, so its been replaced by the Result below
                //filterContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
                //filterContext.HttpContext.Response.SuppressContent = true;
                //filterContext.HttpContext.ApplicationInstance.CompleteRequest();

                filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
            }

            base.OnActionExecuting(filterContext);
        }
Exemplo n.º 9
0
        private void ValidateRequest(TwilioNotifier notifier)
        {
            var httpContext = System.Web.HttpContext.Current;

            if (httpContext == null)    // We are not coming via the http stack so don't validate.
            {
                return;
            }

            // To validate a dev request we need to ignore any ADC transformations that may have occurred.
            var  externalAddress = ConfigurationSettings.GetSiteConfigurationSection().SiteSettings.Address;
            var  alternativeUrl  = $"https://{externalAddress}{httpContext.Request.Url.PathAndQuery}";
            bool isValid         = _validator.IsValidRequest(httpContext, notifier.TpAuthToken, alternativeUrl);

            if (!isValid)
            {
                throw new TwilioValidationException();
            }
        }
 public void A_null_request_should_not_be_a_valid_request_test()
 {
     RequestValidator.IsValidRequest(null).Should().Be(false);
 }