public void MismatchHostRefererTests(bool expected, string referer)
{
var mock = new Mock <HttpRequestBase>();
var headers = new NameValueCollection();
headers.Add("Referer", referer);
mock.Setup(req => req.Headers).Returns(headers);
mock.Setup(req => req.Url).Returns(new Uri("https://tempuri.org/"));
HttpRequestBase request = mock.Object;
Assert.Equal(expected, TraceExtensions.MismatchedHostReferer(request));
}
private static void OnBeginRequest(object sender, EventArgs e)
{
_lastRequestDateTime = DateTime.UtcNow;
var httpContext = ((HttpApplication)sender).Context;
var httpRequest = new HttpRequestWrapper(httpContext.Request);
// HACK: If it's a Razor extension, add a dummy extension to prevent WebPages for blocking it,
// as we need to serve those files via /vfs
// Yes, this is an abuse of the trace module
if (httpRequest.FilePath.IndexOf("vfs/", StringComparison.OrdinalIgnoreCase) >= 0 &&
(httpRequest.FilePath.EndsWith(".cshtml", StringComparison.OrdinalIgnoreCase) ||
httpRequest.FilePath.EndsWith(".vbhtml", StringComparison.OrdinalIgnoreCase)))
{
httpContext.Server.TransferRequest(httpRequest.FilePath + Constants.DummyRazorExtension, preserveForm: true);
return;
}
// Always trace the startup request.
ITracer tracer = TraceStartup(httpContext);
// Skip certain paths
if (TraceExtensions.ShouldSkipRequest(httpRequest))
{
TraceServices.RemoveRequestTracer(httpContext);
return;
}
tracer = tracer ?? TraceServices.CreateRequestTracer(httpContext);
if (tracer == null || tracer.TraceLevel <= TraceLevel.Off)
{
return;
}
var attribs = GetTraceAttributes(httpContext);
AddTraceLevel(httpContext, attribs);
foreach (string key in httpContext.Request.Headers)
{
if (!key.Equals("Authorization", StringComparison.OrdinalIgnoreCase) &&
!key.Equals("X-MS-CLIENT-PRINCIPAL-NAME", StringComparison.OrdinalIgnoreCase))
{
attribs[key] = httpContext.Request.Headers[key];
}
}
httpContext.Items[_stepKey] = tracer.Step("Incoming Request", attribs);
}
private static void Main()
{
var factory = IOCContainer.Factory.Value;
TraceExtensions.WriteInfoLine($"Assembly:{factory.HandlerName}; Version:{factory.HandlerVersion}");
using (var handler = factory.Client)
{
handler.SubscribeProgress((t) => Console.WriteLine(t.Text));
Console.WriteLine(@"Sending request");
var returnValue = handler.Request(new TextRequest("This is a test"));
Console.WriteLine($"Received reply: {returnValue.Text}");
}
}
async Task <int> ICommandAsync.Execute()
{
var returnCode = 1;
var csvUri = new Uri("https://henrybeen.nl/wp-content/uploads/2020/11/003-experts-inputs.csv");
var orderList = await _fileService.DownloadCsv(csvUri).ConfigureAwait(false);
const string CSVFILENAME = "ShippingNotes.csv";
string path = $@"{Directory.GetCurrentDirectory()}/{CSVFILENAME}";
using var textWriter = new StreamWriter(path);
_fileService.OpenCsv(textWriter);
var csvObservable = orderList.ToObservable <CsvOrderLine>()
.GroupBy(ol => ol.CustomerId)
.SelectMany(result =>
{
return(result.Aggregate <CsvOrderLine, CustomerOrder>(null, (order, csvLine) =>
{
return csvLine.ToOrder(order);
}));
})
.Select(o => o.ToShippingAssignment())
.Select(sa => sa.ToShippingConfirmation())
.Subscribe(
sc =>
{
var line = sc.ToCsvLine();
_fileService.SaveCsv(line);
TraceExtensions.DoMessage($"Order {sc.Order.CustomerId} - {sc.Order.Name}: {sc.Shipper}, {sc.ShippingCost}, {sc.Duration}");
},
ex =>
{
TraceExtensions.DoError($"Something fishy happened, {ex.Message}");
returnCode = 1;
},
() =>
{
TraceExtensions.DoMessage("Done processing orders");
returnCode = 0;
}
);
if (System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
Process.Start("notepad.exe", path);
}
return(returnCode);
}
async Task <IEnumerable <Product> > ICsvService.DownloadCsv(Uri csvFileUri)
{
TraceExtensions.DoMessage("Loading Product List in Dollars.");
using (var req = new HttpRequestMessage(HttpMethod.Get, csvFileUri))
{
try
{
var response = await _client.SendAsync(req).ConfigureAwait(false);
response.EnsureSuccessStatusCode();
var responseStream = await response.Content.ReadAsStreamAsync().ConfigureAwait(false);
var textReader = new StreamReader(responseStream);
using (CsvReader csvRdr = new CsvReader(textReader, CultureInfo.InvariantCulture))
{
csvRdr.Configuration.RegisterClassMap <CsvProductMap>();
csvRdr.Configuration.Delimiter = ",";
csvRdr.Configuration.TrimOptions = TrimOptions.Trim;
int rowCount = 0;
var productList = new List <Product>();
while (csvRdr.Read())
{
try
{
rowCount++;
var product = csvRdr.GetRecord <Product>();
productList.Add(product);
TraceExtensions.DoMessage($" row {rowCount}: {product.Name}, {product.Price.Value}");
}
catch (ReaderException ex)
{
TraceExtensions.DoWarn($" Row {rowCount}: Unable to parse: exception - {ex.Message}");
}
}
return(productList);
}
}
catch (Exception ex) when(
ex is HttpRequestException ||
ex is HeaderValidationException
)
{
throw new CsvServiceException($"Cannot Read and Parse the CSV File. Exception: {ex.Message}", ex);
}
}
}
/// <summary>
/// The main entry point for the application.
/// </summary>
private static void Main()
{
if (Factory == null)
{
return;
}
TraceExtensions.WriteInfoLine($"Assembly:{Factory.HandlerName}; Version:{Factory.HandlerVersion}");
var servicesToRun = new ServiceBase[]
{
new MessagingService()
};
ServiceBase.Run(servicesToRun);
}
internal static void CompiledLinqToEntities(IQueryable <Product> source)
{
ParameterExpression productParameter = Expression.Parameter(type: typeof(Product), name: "product");
Expression <Func <Product, bool> > predicateExpression = Expression.Lambda <Func <Product, bool> >(
body: Expression.GreaterThan(
left: Expression.Property(expression: productParameter, propertyName: nameof(Product.ListPrice)),
right: Expression.Constant(value: 0M, type: typeof(decimal))),
productParameter);
IQueryable <Product> query = Queryable.Where(source: source, predicate: predicateExpression); // Define query.
foreach (Product result in query) // Execute query.
{
TraceExtensions.WriteLine(value: result.Name);
}
}
public override object ConvertFromString(string text, IReaderRow row, MemberMapData memberMapData)
{
if (row is null)
{
throw new ArgumentNullException(nameof(row));
}
if (memberMapData is null)
{
throw new ArgumentNullException(nameof(memberMapData));
}
var priceString = row.GetField <string>($"Price");
if (!double.TryParse(priceString, NumberStyles.Float, CultureInfo.InvariantCulture, out double priceValue))
{
priceValue = 0;
TraceExtensions.DoWarn($"Row {memberMapData.Index}: Not a valid price {priceString}");
}
return(priceValue);
}
void ICsvService.SaveCsv(IEnumerable <Product> productList, TextWriter textWriter)
{
using (var csvWrtr = new CsvWriter(textWriter, CultureInfo.InvariantCulture))
{
TraceExtensions.DoMessage("Exporting Product List in Euros.");
csvWrtr.Configuration.RegisterClassMap <CsvProductMap>();
csvWrtr.Configuration.Delimiter = ",";
csvWrtr.Configuration.TrimOptions = TrimOptions.Trim;
csvWrtr.WriteHeader(typeof(Product));
csvWrtr.NextRecord();
int rowNumber = 0;
foreach (var prod in productList)
{
rowNumber++;
csvWrtr.WriteRecord(prod);
csvWrtr.NextRecord();
TraceExtensions.DoMessage($" Row {rowNumber}: {prod.Name}, {prod.Price.Value.ToString(CultureInfo.InvariantCulture)}");
}
}
}
private static void OnBeginRequest(object sender, EventArgs e)
{
_lastRequestDateTime = DateTime.UtcNow;
var httpContext = ((HttpApplication)sender).Context;
var httpRequest = new HttpRequestWrapper(httpContext.Request);
// Always trace the startup request.
ITracer tracer = TraceStartup(httpContext);
// Skip certain paths
if (TraceExtensions.ShouldSkipRequest(httpRequest))
{
TraceServices.RemoveRequestTracer(httpContext);
return;
}
tracer = tracer ?? TraceServices.CreateRequestTracer(httpContext);
if (tracer == null || tracer.TraceLevel <= TraceLevel.Off)
{
return;
}
var attribs = GetTraceAttributes(httpContext);
AddTraceLevel(httpContext, attribs);
foreach (string key in httpContext.Request.Headers)
{
if (!key.Equals("Authorization", StringComparison.OrdinalIgnoreCase))
{
attribs[key] = httpContext.Request.Headers[key];
}
}
httpContext.Items[_stepKey] = tracer.Step("Incoming Request", attribs);
}
private static void OnBeginRequest(object sender, EventArgs e)
{
_lastRequestDateTime = DateTime.UtcNow;
var httpContext = ((HttpApplication)sender).Context;
var httpRequest = new HttpRequestWrapper(httpContext.Request);
LogBeginRequest(httpContext);
// HACK: This is abusing the trace module
// Disallow GET requests from CSM extensions bridge
// Except if owner or coadmin (aka legacy or non-rbac) authorization
if (!String.IsNullOrEmpty(httpRequest.Headers["X-MS-VIA-EXTENSIONS-ROUTE"]) &&
httpRequest.HttpMethod.Equals(HttpMethod.Get.Method, StringComparison.OrdinalIgnoreCase) &&
!String.Equals(httpRequest.Headers["X-MS-CLIENT-AUTHORIZATION-SOURCE"], "legacy", StringComparison.OrdinalIgnoreCase) &&
!IsRbacWhiteListPaths(httpRequest.Url.AbsolutePath))
{
httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
httpContext.Response.End();
}
TryConvertSpecialHeadersToEnvironmentVariable(httpRequest);
// HACK: If it's a Razor extension, add a dummy extension to prevent WebPages for blocking it,
// as we need to serve those files via /vfs
// Yes, this is an abuse of the trace module
if (httpRequest.FilePath.IndexOf("vfs/", StringComparison.OrdinalIgnoreCase) >= 0 &&
(httpRequest.FilePath.EndsWith(".cshtml", StringComparison.OrdinalIgnoreCase) ||
httpRequest.FilePath.EndsWith(".vbhtml", StringComparison.OrdinalIgnoreCase)))
{
httpContext.Server.TransferRequest(httpRequest.FilePath + Constants.DummyRazorExtension, preserveForm: true);
return;
}
// Always trace the startup request.
ITracer tracer = TraceStartup(httpContext);
// Skip certain paths
if (TraceExtensions.ShouldSkipRequest(httpRequest))
{
// this is to prevent Kudu being IFrame (typically where host != referer)
// to optimize where we return X-FRAME-OPTIONS DENY header, only return when
// in Azure env, browser non-ajax requests and referer mismatch with host
// since browser uses referer for other scenarios (such as href, redirect), we may return
// this header (benign) in such cases.
if (Kudu.Core.Environment.IsAzureEnvironment() && !TraceExtensions.IsAjaxRequest(httpRequest) && TraceExtensions.MismatchedHostReferer(httpRequest))
{
httpContext.Response.Headers.Add("X-FRAME-OPTIONS", "DENY");
}
if (TraceServices.TraceLevel != TraceLevel.Verbose)
{
TraceServices.RemoveRequestTracer(httpContext);
// enable just ETW tracer
tracer = TraceServices.EnsureETWTracer(httpContext);
}
}
tracer = tracer ?? TraceServices.CreateRequestTracer(httpContext);
if (tracer == null || tracer.TraceLevel <= TraceLevel.Off)
{
return;
}
var attribs = GetTraceAttributes(httpContext);
AddTraceLevel(httpContext, attribs);
foreach (string key in httpContext.Request.Headers)
{
if (!key.Equals("Authorization", StringComparison.OrdinalIgnoreCase) &&
!key.Equals("X-MS-CLIENT-PRINCIPAL-NAME", StringComparison.OrdinalIgnoreCase) &&
!key.Equals(Constants.SiteRestrictedJWT, StringComparison.OrdinalIgnoreCase))
{
attribs[key] = httpContext.Request.Headers[key];
}
else
{
// for sensitive header, we only trace first 3 characters following by "..."
var value = httpContext.Request.Headers[key];
attribs[key] = string.IsNullOrEmpty(value) ? value : (value.Substring(0, Math.Min(3, value.Length)) + "...");
}
}
httpContext.Items[_stepKey] = tracer.Step(XmlTracer.IncomingRequestTrace, attribs);
}
private static void OnBeginRequest(object sender, EventArgs e)
{
_lastRequestDateTime = DateTime.UtcNow;
var httpContext = ((HttpApplication)sender).Context;
var httpRequest = new HttpRequestWrapper(httpContext.Request);
// HACK: This is abusing the trace module
// Disallow GET requests from CSM extensions bridge
// Except if owner or coadmin (aka legacy or non-rbac) authorization
if (!String.IsNullOrEmpty(httpRequest.Headers["X-MS-VIA-EXTENSIONS-ROUTE"]) &&
httpRequest.HttpMethod.Equals(HttpMethod.Get.Method, StringComparison.OrdinalIgnoreCase) &&
!String.Equals(httpRequest.Headers["X-MS-CLIENT-AUTHORIZATION-SOURCE"], "legacy", StringComparison.OrdinalIgnoreCase) &&
!IsRbacWhiteListPaths(httpRequest.Url.AbsolutePath))
{
httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
httpContext.Response.End();
}
// HACK: If it's a Razor extension, add a dummy extension to prevent WebPages for blocking it,
// as we need to serve those files via /vfs
// Yes, this is an abuse of the trace module
if (httpRequest.FilePath.IndexOf("vfs/", StringComparison.OrdinalIgnoreCase) >= 0 &&
(httpRequest.FilePath.EndsWith(".cshtml", StringComparison.OrdinalIgnoreCase) ||
httpRequest.FilePath.EndsWith(".vbhtml", StringComparison.OrdinalIgnoreCase)))
{
httpContext.Server.TransferRequest(httpRequest.FilePath + Constants.DummyRazorExtension, preserveForm: true);
return;
}
// Always trace the startup request.
ITracer tracer = TraceStartup(httpContext);
// Skip certain paths
if (TraceExtensions.ShouldSkipRequest(httpRequest))
{
TraceServices.RemoveRequestTracer(httpContext);
return;
}
tracer = tracer ?? TraceServices.CreateRequestTracer(httpContext);
if (tracer == null || tracer.TraceLevel <= TraceLevel.Off)
{
return;
}
var attribs = GetTraceAttributes(httpContext);
AddTraceLevel(httpContext, attribs);
foreach (string key in httpContext.Request.Headers)
{
if (!key.Equals("Authorization", StringComparison.OrdinalIgnoreCase) &&
!key.Equals("X-MS-CLIENT-PRINCIPAL-NAME", StringComparison.OrdinalIgnoreCase))
{
attribs[key] = httpContext.Request.Headers[key];
}
}
httpContext.Items[_stepKey] = tracer.Step(XmlTracer.IncomingRequestTrace, attribs);
}
public void TracingAttributeBlacklistTests(bool expected, string header)
{
Assert.Equal(expected, TraceExtensions.IsNonDisplayableAttribute(header));
}
private void BeginRequest(HttpContext httpContext)
{
var httpRequest = httpContext.Request;
_lastRequestDateTime = DateTime.UtcNow;
/* CORE TODO missing functionality:
* Disallow GET requests from CSM extensions bridge
* Razor dummy extension for vfs
*/
// Always trace the startup request.
ITracer tracer = TraceStartup(httpContext);
LogBeginRequest(httpContext);
// Trace heartbeat periodically
TraceHeartbeat();
TryConvertSpecialHeadersToEnvironmentVariable(httpRequest);
// Skip certain paths
if (TraceExtensions.ShouldSkipRequest(httpRequest))
{
// this is to prevent Kudu being IFrame (typically where host != referer)
// to optimize where we return X-FRAME-OPTIONS DENY header, only return when
// in Azure env, browser non-ajax requests and referer mismatch with host
// since browser uses referer for other scenarios (such as href, redirect), we may return
// this header (benign) in such cases.
if (Environment.IsAzureEnvironment() && !TraceExtensions.IsAjaxRequest(httpRequest) &&
TraceExtensions.MismatchedHostReferer(httpRequest))
{
httpContext.Response.Headers.Add("X-FRAME-OPTIONS", "DENY");
}
if (TraceServices.TraceLevel != TraceLevel.Verbose)
{
TraceServices.RemoveRequestTracer(httpContext);
// enable just ETW tracer
tracer = TraceServices.EnsureEtwTracer(httpContext);
}
}
tracer = tracer ?? TraceServices.CreateRequestTracer(httpContext);
if (tracer == null || tracer.TraceLevel <= TraceLevel.Off)
{
return;
}
var attribs = GetTraceAttributes(httpContext);
AddTraceLevel(httpContext, attribs);
foreach (string key in httpContext.Request.Headers.Keys)
{
if (key != null)
{
if (!key.Equals("Authorization", StringComparison.OrdinalIgnoreCase) &&
!key.Equals("X-MS-CLIENT-PRINCIPAL-NAME", StringComparison.OrdinalIgnoreCase))
{
attribs[key] = httpContext.Request.Headers[key];
}
else
{
// for sensitive header, we only trace first 3 characters following by "..."
var value = httpContext.Request.Headers[key].ToString();
attribs[key] = string.IsNullOrEmpty(value)
? value
: (value.Substring(0, Math.Min(3, value.Length)) + "...");
}
}
}
httpContext.Items[_stepKey] = tracer.Step(XmlTracer.IncomingRequestTrace, attribs);
AddTrackingHeader(httpContext);
}
static int Main(string[] args)
{
var tw = new TextWriterTraceListener(Console.Out);
tw.TraceOutputOptions |= TraceOptions.None;
Trace.Listeners.Add(tw);
Trace.AutoFlush = true;
Trace.Indent();
var app = new CommandLineApplication
{
Name = "TW ING Coding Challenge",
Description = "The TeamWildenberg console app for the different assignments in the ING Coding Challenge"
};
app.HelpOption("-?|-h|--help");
var versionOption = app.Option("-v|--version", "Check which version we are running", CommandOptionType.NoValue);
app.OnExecute(() =>
{
return(0);
});
app.Execute(args);
if (versionOption.HasValue())
{
var assemblyVersion = Assembly.GetEntryAssembly().GetCustomAttribute <AssemblyInformationalVersionAttribute>().InformationalVersion;
TraceExtensions.DoMessage($"Version: {assemblyVersion}");
return(0);
}
else
{
try
{
// initialize
const int REFRESH_TIME_MS = 500;
var gameService = new TwgeService();
var game = new ResetGameCommand(gameService, null);
game.Execute(char.MinValue);
Console.Clear();
var nextLoopTime = DateTime.UtcNow.AddMilliseconds(REFRESH_TIME_MS);
//Game loop
do
{
if (nextLoopTime < DateTime.UtcNow)
{
gameService.Draw();
nextLoopTime = DateTime.UtcNow.AddMilliseconds(REFRESH_TIME_MS);
var commandList = gameService.GetActionCommands();
gameService.DoAction(commandList);
}
}while (gameService.CanContinue);
return(0);
}
catch (Exception)
{
TraceExtensions.DoError($"Something fishy happened, exiting.");
throw;
}
}
}
