/*
* // not needed anymore, we do the type resolution ourselves now.
*
* private static readonly string[] _hideKnownAssemblies = new[] {
* "ServiceStack", // exclude the service stack assembly
* "ClrPlus",
* "b03f5f7f11d50a3a", // Microsoft
* "b77a5c561934e089", // Microsoft
* "31bf3856ad364e35" // Microsoft
* };
*
* private static IEnumerable<Assembly> GetActiveAssemblies() {
* return AppDomain.CurrentDomain.GetAssemblies().Where(each => !_hideKnownAssemblies.Any(x => each.FullName.IndexOf(x) > -1));
* }
*/
public override void Configure(Container container)
{
_configured = true;
// Feature disableFeatures = Feature.Jsv | Feature.Soap;
SetConfig(new EndpointHostConfig {
// EnableFeatures = Feature.All.Remove(disableFeatures), //all formats except of JSV and SOAP
DebugMode = true, //Show StackTraces in service responses during development
WriteErrorsToResponse = false, //Disable exception handling
DefaultContentType = ContentType.Json, //Change default content type
AllowJsonpRequests = true, //Enable JSONP requests
ServiceName = "RestService",
});
#if DEBUG
LogManager.LogFactory = new DebugLogFactory();
#endif
using (var ps = RunspacePool.Dynamic()) {
foreach (var restCommand in _activeCommands)
{
PSObject command = ps.LookupCommand(restCommand.Name);
if (command != null)
{
var cmdletInfo = (command.ImmediateBaseObject as CmdletInfo);
if (cmdletInfo != null)
{
dynamic d = new AccessPrivateWrapper((ServiceController as ServiceController));
// for each type we're adding, see if it's already been added already.
if (!d.requestExecMap.ContainsKey(cmdletInfo.ImplementingType))
{
(ServiceController as ServiceController).RegisterGService(GetTypeFactory(cmdletInfo.ImplementingType), cmdletInfo.ImplementingType);
(ServiceController as ServiceController).RegisterNService(GetTypeFactory(cmdletInfo.ImplementingType), cmdletInfo.ImplementingType);
}
ReverseLookup.AddOrSet(cmdletInfo.ImplementingType, restCommand);
Routes.Add(cmdletInfo.ImplementingType, "/" + restCommand.PublishAs + "/", "GET");
}
else
{
throw new ClrPlusException("command isn't cmdletinfo: {0}".format(command.GetType()));
}
}
}
}
Plugins.Add(new AuthFeature(() => new AuthUserSession(),
new IAuthProvider[] {
new CustomBasicAuthProvider(),
// new CustomCredentialsAuthProvider(),
}
));
// stick a request filter in to validate that the user has the right to actually
// call this method.
RequestFilters.Add((request, response, requestDto) => {
var restCommand = ReverseLookup[requestDto.GetType()];
// is this one of the restCommands?
// and does it has roles defined?
if (restCommand != null && !restCommand.Roles.IsNullOrEmpty())
{
// ensure we're authenticated if the user passed the right stuff in the request
try {
AuthenticateAttribute.AuthenticateIfBasicAuth(request, response);
} catch (Exception e) {
Console.WriteLine(e.Message);
response.StatusCode = 401;
response.AddHeader("WWW-Authenticate", "Basic realm=\"rest-service\"");
response.StatusDescription = "Unauthorized";
response.EndServiceStackRequest(false);
return;
}
// get the session object.
var session = request.GetSession(false);
// check if we got our authentication.
if (!session.IsAuthenticated)
{
response.StatusCode = 401;
response.AddHeader("WWW-Authenticate", "Basic realm=\"rest-service\"");
response.StatusDescription = "Unauthorized";
response.EndServiceStackRequest(false);
return;
}
// validate the user has the role.
if (!restCommand.Roles.Any(session.HasRole))
{
response.StatusCode = 403;
response.StatusDescription = "Forbidden";
response.EndServiceStackRequest(false);
}
var req = (requestDto as IHasSession);
if (req != null)
{
req.Session = session;
}
}
});
}
