/// <summary> /// Just after the request has arrives on the server /// </summary> /// <param name="request"></param> /// <param name="channel"></param> /// <param name="instanceContext"></param> /// <returns></returns> public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext) { if (IsNeedToAppendHeader(request)) { // Read the custom context data from the headers ServiceHeader header = CustomHeader.ReadHeader(request); if (header == null) { throw new FaultException("The request is invalid. Authorization header could not be found."); } if (string.IsNullOrWhiteSpace(header.UserToken)) { throw new FaultException("Authorization token value could not be found in service header."); } //check if supplied header and current service session ID matches //if not then throw the exception if (!OperationContext.Current.SessionId.Equals(header.UserToken, StringComparison.OrdinalIgnoreCase)) { throw new FaultException("Invalid User token."); } } return(null); }
/// <summary> /// Just before the response leaves the server /// </summary> /// <param name="request"></param> /// <param name="channel"></param> /// <returns></returns> public object BeforeSendRequest(ref Message request, IClientChannel channel) { var actionName = request.Headers.Action.Substring(request.Headers.Action.LastIndexOf("/", StringComparison.OrdinalIgnoreCase) + 1); //if action name is login then allow the request to the service if (actionName.Equals("validatelogin", StringComparison.OrdinalIgnoreCase)) { return(null); } ServiceHeader customData = new ServiceHeader(); customData.UserToken = ClientContext.UserToken; CustomHeader header = new CustomHeader(customData); request.Headers.Add(header); return(request); }