public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
EnsureArg.IsNotNull(context, nameof(context));
HttpContext contextHttpContext = context.HttpContext;
await _contentTypeService.CheckRequestedContentTypeAsync(contextHttpContext);
// If the request is a put or post and has a content-type, check that it's supported
if (contextHttpContext.Request.Method.Equals(HttpMethod.Post.Method, StringComparison.InvariantCultureIgnoreCase) ||
contextHttpContext.Request.Method.Equals(HttpMethod.Put.Method, StringComparison.InvariantCultureIgnoreCase))
{
if (contextHttpContext.Request.Headers.TryGetValue(HeaderNames.ContentType, out StringValues headerValue))
{
if (!await _contentTypeService.IsFormatSupportedAsync(headerValue[0]))
{
throw new UnsupportedMediaTypeException(string.Format(Resources.UnsupportedHeaderValue, HeaderNames.ContentType));
}
}
else
{
// If no content type is supplied, then the server should respond with an unsupported media type exception.
throw new UnsupportedMediaTypeException(Resources.ContentTypeHeaderRequired);
}
}
await base.OnActionExecutionAsync(context, next);
}
public async Task Invoke(HttpContext context)
{
try
{
await _next(context);
}
catch (Exception exception)
{
if (context.Response.HasStarted)
{
_logger.LogWarning("The response has already started, the base exception middleware will not be executed.");
throw;
}
var localCorrelationId = _fhirRequestContextAccessor.FhirRequestContext?.CorrelationId;
Debug.Assert(!string.IsNullOrWhiteSpace(localCorrelationId), "The correlation id should have been generated.");
context.Response.Clear();
var diagnostics = Api.Resources.GeneralInternalError;
// If any of these exceptions are encountered, show a more specific diagnostic message
if (exception.Message.StartsWith("IDX10803: Unable to obtain configuration from:", StringComparison.OrdinalIgnoreCase))
{
diagnostics = Api.Resources.UnableToObtainOpenIdConfiguration;
}
else if (exception.Message.StartsWith("The MetadataAddress or Authority must use HTTPS", StringComparison.OrdinalIgnoreCase))
{
diagnostics = Api.Resources.RequireHttpsMetadataError;
}
var operationOutcome = new OperationOutcome
{
Id = localCorrelationId,
Issue = new List <OperationOutcome.IssueComponent>
{
new OperationOutcome.IssueComponent
{
Severity = OperationOutcome.IssueSeverity.Fatal,
Code = OperationOutcome.IssueType.Exception,
Diagnostics = diagnostics,
},
},
};
try
{
await _contentTypeService.CheckRequestedContentTypeAsync(context);
}
catch (UnsupportedMediaTypeException)
{
context.Response.ContentType = KnownContentTypes.JsonContentType;
}
var result = new OperationOutcomeResult(operationOutcome, HttpStatusCode.InternalServerError);
await ExecuteResultAsync(context, result);
}
}
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
EnsureArg.IsNotNull(context, nameof(context));
HttpContext contextHttpContext = context.HttpContext;
await _contentTypeService.CheckRequestedContentTypeAsync(contextHttpContext);
// If the request is a put or post and has a content-type, check that it's supported
if (contextHttpContext.Request.Method.Equals(HttpMethod.Post.Method, StringComparison.InvariantCultureIgnoreCase) ||
contextHttpContext.Request.Method.Equals(HttpMethod.Put.Method, StringComparison.InvariantCultureIgnoreCase))
{
if (contextHttpContext.Request.Headers.TryGetValue(HeaderNames.ContentType, out StringValues headerValue))
{
var resourceFormat = ContentType.GetResourceFormatFromContentType(headerValue[0]);
if (!await _contentTypeService.IsFormatSupportedAsync(resourceFormat))
{
string routeName = context.ActionDescriptor?.AttributeRouteInfo?.Name;
switch (routeName)
{
case RouteNames.SearchResourcesPost:
case RouteNames.SearchAllResourcesPost:
break;
default:
throw new UnsupportedMediaTypeException(Resources.UnsupportedContentTypeHeader);
}
}
}
else
{
// If no content type is supplied, then the server should respond with an unsupported media type exception.
throw new UnsupportedMediaTypeException(Resources.ContentTypeHeaderRequired);
}
}
await base.OnActionExecutionAsync(context, next);
}