// Actual Responder public ActionResult Index(string version, string modelname, string parameters) { string data = string.Empty; // Key Api Key First string key = Request.QueryString["key"]; ApiResponse <object> FailedKeyResponse = new ApiResponse <object>(); if (!AuthenticateKey(key, FailedKeyResponse)) { data = MerchantTribe.Web.Json.ObjectToJson(FailedKeyResponse); } else { // Create Handler IRestHandler handler = RestHandlerFactory.Instantiate(version, modelname, MTApp); // Read Posted JSON string postedString = string.Empty; Stream inputStream = Request.InputStream; if (inputStream != null) { StreamReader rdr = new StreamReader(inputStream); postedString = rdr.ReadToEnd(); } switch (Request.HttpMethod.ToUpperInvariant()) { case "GET": data = handler.GetAction(parameters, Request.QueryString); break; case "POST": data = handler.PostAction(parameters, Request.QueryString, postedString); break; case "PUT": data = handler.PutAction(parameters, Request.QueryString, postedString); break; case "DELETE": data = handler.DeleteAction(parameters, Request.QueryString, postedString); break; } } // Return Result (or text formatted result) if (Request.QueryString["apiformat"] == "text") { return(new RawResult(data, "text/html")); } return(new PreJsonResult(data)); }
private static bool ShouldSkipAuthorization(HttpContext context) { if (context == null || context.Request == null) { return(false); } string path = context.Request.FilePath; if (ScriptResourceHandler.IsScriptResourceRequest(path)) { return(true); } // if auth service is disabled, dont bother checking. // (NOTE: if a custom webservice is used, it will be up to them to enable anon access to it) // if it isn't a rest request dont bother checking. if (!ApplicationServiceHelper.AuthenticationServiceEnabled || !RestHandlerFactory.IsRestRequest(context)) { return(false); } if (context.SkipAuthorization) { return(true); } // it may be a rest request to a webservice. It must end in axd if it is an app service. if ((path == null) || !path.EndsWith(".axd", StringComparison.OrdinalIgnoreCase)) { return(false); } // WebServiceData caches the object in cache, so this should be a quick lookup. // If it hasnt been cached yet, this will cause it to be cached, so later in the request // it will be a cache-hit anyway. WebServiceData wsd = WebServiceData.GetWebServiceData(context, path, false, false); if ((wsd != null) && (_authenticationServiceType == wsd.TypeData.Type)) { return(true); } return(false); }
private static void HttpResponse_Redirecting(object sender, EventArgs e) { HttpResponse response = (HttpResponse)sender; HttpContext context = response.Context; // Is in async postback, get status code and check for 302 if (PageRequestManager.IsAsyncPostBackRequest(new HttpRequestWrapper(context.Request))) { // Save the redirect location and other data before we clear it string redirectLocation = response.RedirectLocation; List <HttpCookie> cookies = new List <HttpCookie>(response.Cookies.Count); for (int i = 0; i < response.Cookies.Count; i++) { cookies.Add(response.Cookies[i]); } // Clear the entire response and send a custom response that the client script can process response.ClearContent(); response.ClearHeaders(); for (int i = 0; i < cookies.Count; i++) { response.AppendCookie(cookies[i]); } response.Cache.SetCacheability(HttpCacheability.NoCache); response.ContentType = "text/plain"; // DevDiv#961281 // Allow apps to access to the redirect location context.Items[PageRequestManager.AsyncPostBackRedirectLocationKey] = redirectLocation; // Preserve redirected state: TFS#882879 response.IsRequestBeingRedirected = true; PageRequestManager.EncodeString(response.Output, PageRequestManager.UpdatePanelVersionToken, String.Empty, PageRequestManager.UpdatePanelVersionNumber); // url encode the location in a way that javascript unescape() will be able to reverse redirectLocation = String.Join(" ", redirectLocation.Split(' ').Select(part => HttpUtility.UrlEncode(part))); PageRequestManager.EncodeString(response.Output, PageRequestManager.PageRedirectToken, String.Empty, redirectLocation); } else if (RestHandlerFactory.IsRestRequest(context)) { // We need to special case webservice redirects, as we want them to fail (always are auth failures) RestHandler.WriteExceptionJsonString(context, new InvalidOperationException(AtlasWeb.WebService_RedirectError), (int)HttpStatusCode.Unauthorized); } }
private void OnPostAcquireRequestState(object sender, EventArgs eventArgs) { HttpApplication app = (HttpApplication)sender; HttpRequest request = app.Context.Request; if (app.Context.Handler is Page && RestHandlerFactory.IsRestMethodCall(request)) { // Get the data about the web service being invoked WebServiceData webServiceData = WebServiceData.GetWebServiceData(HttpContext.Current, request.FilePath, false, true); // Get the method name string methodName = request.PathInfo.Substring(1); // Get the data about the specific method being called WebServiceMethodData methodData = webServiceData.GetMethodData(methodName); RestHandler.ExecuteWebServiceCall(HttpContext.Current, methodData); // Skip the rest of the page lifecycle app.CompleteRequest(); } }
// Actual Responder public ActionResult Index(string version, string modelname, string parameters) { var data = string.Empty; // Key Api Key First var key = Request.QueryString["key"]; var FailedKeyResponse = new ApiResponse <object>(); if (!AuthenticateKey(key, FailedKeyResponse)) { data = Web.Json.ObjectToJson(FailedKeyResponse); } else { // Create Handler if (HccApp.CurrentRequestContext.CurrentAccount == null) { HccApp.CurrentRequestContext.CurrentAccount = new CustomerAccount { Bvin = "-1" }; } var handler = RestHandlerFactory.Instantiate(version, modelname, HccApp); // Read Posted JSON var postedString = string.Empty; var inputStream = Request.InputStream; if (inputStream != null) { var rdr = new StreamReader(inputStream); postedString = rdr.ReadToEnd(); } switch (Request.HttpMethod.ToUpperInvariant()) { case "GET": data = handler.GetAction(parameters, Request.QueryString); break; case "POST": data = handler.PostAction(parameters, Request.QueryString, postedString); break; case "PUT": data = handler.PutAction(parameters, Request.QueryString, postedString); break; case "DELETE": data = handler.DeleteAction(parameters, Request.QueryString, postedString); break; } } // Return Result (or text formatted result) if (Request.QueryString["apiformat"] == "text") { return(new RawResult(data, "text/html")); } return(new PreJsonResult(data)); }