// Actual Responder
public ActionResult Index(string version, string modelname, string parameters)
{
string data = string.Empty;
// Key Api Key First
string key = Request.QueryString["key"];
ApiResponse <object> FailedKeyResponse = new ApiResponse <object>();
if (!AuthenticateKey(key, FailedKeyResponse))
{
data = MerchantTribe.Web.Json.ObjectToJson(FailedKeyResponse);
}
else
{
// Create Handler
IRestHandler handler = RestHandlerFactory.Instantiate(version, modelname, MTApp);
// Read Posted JSON
string postedString = string.Empty;
Stream inputStream = Request.InputStream;
if (inputStream != null)
{
StreamReader rdr = new StreamReader(inputStream);
postedString = rdr.ReadToEnd();
}
switch (Request.HttpMethod.ToUpperInvariant())
{
case "GET":
data = handler.GetAction(parameters, Request.QueryString);
break;
case "POST":
data = handler.PostAction(parameters, Request.QueryString, postedString);
break;
case "PUT":
data = handler.PutAction(parameters, Request.QueryString, postedString);
break;
case "DELETE":
data = handler.DeleteAction(parameters, Request.QueryString, postedString);
break;
}
}
// Return Result (or text formatted result)
if (Request.QueryString["apiformat"] == "text")
{
return(new RawResult(data, "text/html"));
}
return(new PreJsonResult(data));
}
private static bool ShouldSkipAuthorization(HttpContext context)
{
if (context == null || context.Request == null)
{
return(false);
}
string path = context.Request.FilePath;
if (ScriptResourceHandler.IsScriptResourceRequest(path))
{
return(true);
}
// if auth service is disabled, dont bother checking.
// (NOTE: if a custom webservice is used, it will be up to them to enable anon access to it)
// if it isn't a rest request dont bother checking.
if (!ApplicationServiceHelper.AuthenticationServiceEnabled || !RestHandlerFactory.IsRestRequest(context))
{
return(false);
}
if (context.SkipAuthorization)
{
return(true);
}
// it may be a rest request to a webservice. It must end in axd if it is an app service.
if ((path == null) || !path.EndsWith(".axd", StringComparison.OrdinalIgnoreCase))
{
return(false);
}
// WebServiceData caches the object in cache, so this should be a quick lookup.
// If it hasnt been cached yet, this will cause it to be cached, so later in the request
// it will be a cache-hit anyway.
WebServiceData wsd = WebServiceData.GetWebServiceData(context, path, false, false);
if ((wsd != null) && (_authenticationServiceType == wsd.TypeData.Type))
{
return(true);
}
return(false);
}
private static void HttpResponse_Redirecting(object sender, EventArgs e)
{
HttpResponse response = (HttpResponse)sender;
HttpContext context = response.Context;
// Is in async postback, get status code and check for 302
if (PageRequestManager.IsAsyncPostBackRequest(new HttpRequestWrapper(context.Request)))
{
// Save the redirect location and other data before we clear it
string redirectLocation = response.RedirectLocation;
List <HttpCookie> cookies = new List <HttpCookie>(response.Cookies.Count);
for (int i = 0; i < response.Cookies.Count; i++)
{
cookies.Add(response.Cookies[i]);
}
// Clear the entire response and send a custom response that the client script can process
response.ClearContent();
response.ClearHeaders();
for (int i = 0; i < cookies.Count; i++)
{
response.AppendCookie(cookies[i]);
}
response.Cache.SetCacheability(HttpCacheability.NoCache);
response.ContentType = "text/plain";
// DevDiv#961281
// Allow apps to access to the redirect location
context.Items[PageRequestManager.AsyncPostBackRedirectLocationKey] = redirectLocation;
// Preserve redirected state: TFS#882879
response.IsRequestBeingRedirected = true;
PageRequestManager.EncodeString(response.Output, PageRequestManager.UpdatePanelVersionToken, String.Empty, PageRequestManager.UpdatePanelVersionNumber);
// url encode the location in a way that javascript unescape() will be able to reverse
redirectLocation = String.Join(" ", redirectLocation.Split(' ').Select(part => HttpUtility.UrlEncode(part)));
PageRequestManager.EncodeString(response.Output, PageRequestManager.PageRedirectToken, String.Empty, redirectLocation);
}
else if (RestHandlerFactory.IsRestRequest(context))
{
// We need to special case webservice redirects, as we want them to fail (always are auth failures)
RestHandler.WriteExceptionJsonString(context, new InvalidOperationException(AtlasWeb.WebService_RedirectError), (int)HttpStatusCode.Unauthorized);
}
}
private void OnPostAcquireRequestState(object sender, EventArgs eventArgs)
{
HttpApplication app = (HttpApplication)sender;
HttpRequest request = app.Context.Request;
if (app.Context.Handler is Page && RestHandlerFactory.IsRestMethodCall(request))
{
// Get the data about the web service being invoked
WebServiceData webServiceData = WebServiceData.GetWebServiceData(HttpContext.Current, request.FilePath, false, true);
// Get the method name
string methodName = request.PathInfo.Substring(1);
// Get the data about the specific method being called
WebServiceMethodData methodData = webServiceData.GetMethodData(methodName);
RestHandler.ExecuteWebServiceCall(HttpContext.Current, methodData);
// Skip the rest of the page lifecycle
app.CompleteRequest();
}
}
// Actual Responder
public ActionResult Index(string version, string modelname, string parameters)
{
var data = string.Empty;
// Key Api Key First
var key = Request.QueryString["key"];
var FailedKeyResponse = new ApiResponse <object>();
if (!AuthenticateKey(key, FailedKeyResponse))
{
data = Web.Json.ObjectToJson(FailedKeyResponse);
}
else
{
// Create Handler
if (HccApp.CurrentRequestContext.CurrentAccount == null)
{
HccApp.CurrentRequestContext.CurrentAccount = new CustomerAccount {
Bvin = "-1"
};
}
var handler = RestHandlerFactory.Instantiate(version, modelname, HccApp);
// Read Posted JSON
var postedString = string.Empty;
var inputStream = Request.InputStream;
if (inputStream != null)
{
var rdr = new StreamReader(inputStream);
postedString = rdr.ReadToEnd();
}
switch (Request.HttpMethod.ToUpperInvariant())
{
case "GET":
data = handler.GetAction(parameters, Request.QueryString);
break;
case "POST":
data = handler.PostAction(parameters, Request.QueryString, postedString);
break;
case "PUT":
data = handler.PutAction(parameters, Request.QueryString, postedString);
break;
case "DELETE":
data = handler.DeleteAction(parameters, Request.QueryString, postedString);
break;
}
}
// Return Result (or text formatted result)
if (Request.QueryString["apiformat"] == "text")
{
return(new RawResult(data, "text/html"));
}
return(new PreJsonResult(data));
}
