/// <summary>
        /// Create session
        /// </summary>
        /// <returns>result of create session operation</returns>
        public async Task <IHttpActionResult> PostSession()
        {
            var postSessionRequest = new PostSessionRequest
            {
                InstanceId = "SessionsControllerTests",
                UserHandle = this.UserHandle,
            };

            return(await this.PostSession(postSessionRequest));
        }
        public PostWebRequest(PostSessionRequest request)
            : this()
        {
            AddCookies(request.RequestCookies);
            if ( request.Form != null )
                Form.ReadHtmlFormTag(request.Form);

            RequestHttpSettings = request.RequestHttpSettings;
            Url = request.Url.ToString();
            ID =  GenerateID;
        }
        public async Task <IHttpActionResult> PostSession([FromBody] PostSessionRequest request)
        {
            string className  = "SessionsController";
            string methodName = "PostSession";
            string logEntry   = $"SessionUserHandle = {request?.UserHandle}";

            this.LogControllerStart(this.log, className, methodName, logEntry);

            // Check whether user handle is null
            if (this.UserHandle == null)
            {
                this.log.LogError("Unauthorized because PostSession called without a user handle");
                return(this.Unauthorized(ResponseStrings.GenericUnauthorizedError));
            }

            // The auth's user principal must have the same user handle as the one in PostSession request
            if (this.UserHandle != request.UserHandle)
            {
                this.log.LogError(string.Format("Unauthorized because one user handle called PostSession on behalf of another user handle. Auth's UserHandle: {0}, Request's UserHandle: {1}", this.User, request.UserHandle));
                return(this.Unauthorized(ResponseStrings.UserUnauthorized));
            }

            // Is user handle registered with this app?
            var userProfileEntity = await this.usersManager.ReadUserProfile(this.UserHandle, this.AppHandle);

            if (userProfileEntity == null)
            {
                this.log.LogError(string.Format("No user profile found for this app. UserHandle: {0}, AppHandle {1}", this.UserHandle, this.AppHandle));
                return(this.NotFound(ResponseStrings.UserNotFound));
            }

            // Generate session token
            string sessionToken = await this.tokenManager.CreateToken(this.AppPrincipal, this.UserPrincipal, this.sessionTokenDuration);

            PostSessionResponse response = new PostSessionResponse()
            {
                UserHandle   = this.UserHandle,
                SessionToken = sessionToken
            };

            // Log user session start to app metrics
            this.applicationMetrics.AddActiveUser();

            this.LogControllerEnd(this.log, className, methodName, logEntry);
            return(this.Created <PostSessionResponse>(this.UserHandle, response));
        }
Пример #4
0
        public async Task CreateDeleteSessionTest()
        {
            SocialPlusClient client           = new SocialPlusClient(TestConstants.ServerApiBaseUrl);
            PostUserResponse postUserResponse = await TestUtilities.DoLogin(client, "Barack", "Obama", "president");

            string auth = AuthHelper.CreateSocialPlusAuth(postUserResponse.SessionToken);

            // Delete session (corresponding to log off)
            await client.Sessions.DeleteSessionAsync(authorization : auth);

            // Create session (corresponding to log on)
            PostSessionRequest postSessionRequest = new PostSessionRequest("E2Etests", postUserResponse.UserHandle);
            var postSessionResponse = await client.Sessions.PostSessionWithHttpMessagesAsync(postSessionRequest, auth);

            // Delete user
            string newAuth = AuthHelper.CreateSocialPlusAuth(postSessionResponse.Body.SessionToken);
            await client.Users.DeleteUserAsync(authorization : newAuth);
        }
Пример #5
0
        /// <summary>
        /// Creates an Embedded Social authorization field
        /// </summary>
        /// <param name="aadAuthorization">AAD authorization field</param>
        /// <param name="userHandle">user handle that corresponds to the AAD authorization field</param>
        /// <returns>authorization value</returns>
        private async Task <string> CreateEmbeddedSocialAuth(string aadAuthorization, string userHandle)
        {
            PostSessionRequest sessionRequest = new PostSessionRequest()
            {
                InstanceId = "OneBusAway Service",
                UserHandle = userHandle
            };
            HttpOperationResponse <PostSessionResponse> response = await this.client.Sessions.PostSessionWithHttpMessagesAsync(request : sessionRequest, authorization : aadAuthorization);

            if (response == null || response.Response == null)
            {
                throw new Exception("did not get a valid response to POST session");
            }
            else if (!response.Response.IsSuccessStatusCode)
            {
                throw new Exception("POST session failed with HTTP code " + response.Response.StatusCode);
            }
            else if (response.Body == null || string.IsNullOrWhiteSpace(response.Body.SessionToken))
            {
                throw new Exception("POST session resulted in invalid post session response structure");
            }

            return("SocialPlus TK=" + response.Body.SessionToken);
        }
Пример #6
0
 /// <summary>
 /// Create a new session (sign in)
 /// </summary>
 /// <param name='operations'>
 /// The operations group for this extension method.
 /// </param>
 /// <param name='request'>
 /// Post session request
 /// </param>
 /// <param name='authorization'>
 /// Format is: "Scheme CredentialsList". Possible values are:
 ///
 /// - Anon AK=AppKey
 ///
 /// - SocialPlus TK=SessionToken
 ///
 /// - Facebook AK=AppKey|TK=AccessToken
 ///
 /// - Google AK=AppKey|TK=AccessToken
 ///
 /// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
 ///
 /// - Microsoft AK=AppKey|TK=AccessToken
 ///
 /// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
 /// </param>
 /// <param name='cancellationToken'>
 /// The cancellation token.
 /// </param>
 public static async Task <PostSessionResponse> PostSessionAsync(this ISessions operations, PostSessionRequest request, string authorization, CancellationToken cancellationToken = default(CancellationToken))
 {
     using (var _result = await operations.PostSessionWithHttpMessagesAsync(request, authorization, null, cancellationToken).ConfigureAwait(false))
     {
         return(_result.Body);
     }
 }
Пример #7
0
 /// <summary>
 /// Create a new session (sign in)
 /// </summary>
 /// <param name='operations'>
 /// The operations group for this extension method.
 /// </param>
 /// <param name='request'>
 /// Post session request
 /// </param>
 /// <param name='authorization'>
 /// Format is: "Scheme CredentialsList". Possible values are:
 ///
 /// - Anon AK=AppKey
 ///
 /// - SocialPlus TK=SessionToken
 ///
 /// - Facebook AK=AppKey|TK=AccessToken
 ///
 /// - Google AK=AppKey|TK=AccessToken
 ///
 /// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
 ///
 /// - Microsoft AK=AppKey|TK=AccessToken
 ///
 /// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
 /// </param>
 public static PostSessionResponse PostSession(this ISessions operations, PostSessionRequest request, string authorization)
 {
     return(Task.Factory.StartNew(s => ((ISessions)s).PostSessionAsync(request, authorization), operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult());
 }
Пример #8
0
        /// <summary>
        /// Create a new session (sign in)
        /// </summary>
        /// <param name='request'>
        /// Post session request
        /// </param>
        /// <param name='authorization'>
        /// Format is: "Scheme CredentialsList". Possible values are:
        ///
        /// - Anon AK=AppKey
        ///
        /// - SocialPlus TK=SessionToken
        ///
        /// - Facebook AK=AppKey|TK=AccessToken
        ///
        /// - Google AK=AppKey|TK=AccessToken
        ///
        /// - Twitter AK=AppKey|RT=RequestToken|TK=AccessToken
        ///
        /// - Microsoft AK=AppKey|TK=AccessToken
        ///
        /// - AADS2S AK=AppKey|[UH=UserHandle]|TK=AADToken
        /// </param>
        /// <param name='customHeaders'>
        /// Headers that will be added to request.
        /// </param>
        /// <param name='cancellationToken'>
        /// The cancellation token.
        /// </param>
        /// <return>
        /// A response object containing the response body and response headers.
        /// </return>
        public async Task <HttpOperationResponse <PostSessionResponse> > PostSessionWithHttpMessagesAsync(PostSessionRequest request, string authorization, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (request == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "request");
            }
            if (request != null)
            {
                request.Validate();
            }
            if (authorization == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "authorization");
            }
            // Tracing
            bool   _shouldTrace  = ServiceClientTracing.IsEnabled;
            string _invocationId = null;

            if (_shouldTrace)
            {
                _invocationId = ServiceClientTracing.NextInvocationId.ToString();
                Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
                tracingParameters.Add("request", request);
                tracingParameters.Add("authorization", authorization);
                tracingParameters.Add("cancellationToken", cancellationToken);
                ServiceClientTracing.Enter(_invocationId, this, "PostSession", tracingParameters);
            }
            // Construct URL
            var _baseUrl = this.Client.BaseUri.AbsoluteUri;
            var _url     = new Uri(new Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "v0.7/sessions").ToString();
            // Create HTTP transport objects
            HttpRequestMessage  _httpRequest  = new HttpRequestMessage();
            HttpResponseMessage _httpResponse = null;

            _httpRequest.Method     = new HttpMethod("POST");
            _httpRequest.RequestUri = new Uri(_url);
            // Set Headers
            if (authorization != null)
            {
                if (_httpRequest.Headers.Contains("Authorization"))
                {
                    _httpRequest.Headers.Remove("Authorization");
                }
                _httpRequest.Headers.TryAddWithoutValidation("Authorization", authorization);
            }
            if (customHeaders != null)
            {
                foreach (var _header in customHeaders)
                {
                    if (_httpRequest.Headers.Contains(_header.Key))
                    {
                        _httpRequest.Headers.Remove(_header.Key);
                    }
                    _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value);
                }
            }

            // Serialize Request
            string _requestContent = null;

            if (request != null)
            {
                _requestContent      = SafeJsonConvert.SerializeObject(request, this.Client.SerializationSettings);
                _httpRequest.Content = new StringContent(_requestContent, Encoding.UTF8);
                _httpRequest.Content.Headers.ContentType = MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
            }
            // Send Request
            if (_shouldTrace)
            {
                ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
            }
            cancellationToken.ThrowIfCancellationRequested();
            _httpResponse = await this.Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);

            if (_shouldTrace)
            {
                ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse);
            }
            HttpStatusCode _statusCode = _httpResponse.StatusCode;

            cancellationToken.ThrowIfCancellationRequested();
            string _responseContent = null;

            if ((int)_statusCode != 201 && (int)_statusCode != 401 && (int)_statusCode != 404 && (int)_statusCode != 500)
            {
                var ex = new HttpOperationException(string.Format("Operation returned an invalid status code '{0}'", _statusCode));
                _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);

                ex.Request  = new HttpRequestMessageWrapper(_httpRequest, _requestContent);
                ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent);
                if (_shouldTrace)
                {
                    ServiceClientTracing.Error(_invocationId, ex);
                }
                _httpRequest.Dispose();
                if (_httpResponse != null)
                {
                    _httpResponse.Dispose();
                }
                throw ex;
            }
            // Create Result
            var _result = new HttpOperationResponse <PostSessionResponse>();

            _result.Request  = _httpRequest;
            _result.Response = _httpResponse;
            // Deserialize Response
            if ((int)_statusCode == 201)
            {
                _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);

                try
                {
                    _result.Body = SafeJsonConvert.DeserializeObject <PostSessionResponse>(_responseContent, this.Client.DeserializationSettings);
                }
                catch (JsonException ex)
                {
                    _httpRequest.Dispose();
                    if (_httpResponse != null)
                    {
                        _httpResponse.Dispose();
                    }
                    throw new SerializationException("Unable to deserialize the response.", _responseContent, ex);
                }
            }
            if (_shouldTrace)
            {
                ServiceClientTracing.Exit(_invocationId, _result);
            }
            return(_result);
        }