private static void ValidateRecaptcha(ProxyAuthRequestResult par, GuestChallengeModel model, HttpRequestBase request)
{
var recapResponse = request.Form["g-recaptcha-response"];
JObject args = null;
if (!String.IsNullOrEmpty(par.Arguments))
{
args = (JObject)JsonConvert.DeserializeObject(par.Arguments);
}
var useRecaptcha = false;
if (args != null && args["UseRecaptcha"] != null && bool.TryParse(args["UseRecaptcha"].Value <string>(), out useRecaptcha) && useRecaptcha)
{
if (String.IsNullOrWhiteSpace(recapResponse))
{
model.ShowRecaptcha = GoogleReCaptcha.CanAccess();
}
else
{
var gr = new GoogleReCaptcha();
if (!gr.IsValid(recapResponse, request.UserHostAddress))
{
model.ErrorMessages.Add(Constants.i18n("invalidRecaptcha"));
model.ShowRecaptcha = GoogleReCaptcha.CanAccess();
}
}
}
}
internal static GuestChallengeModel GetOrValidate(Guid reqId, Guid instanceId, HttpRequestBase request, ServiceBuilder svcBldr)
{
var model = new GuestChallengeModel();
var client = svcBldr.SecurityV2();
var sr = client.GetProxyRequest(new GetProxyRequestArgs {
DontGetToken = true, Id = reqId, InstanceId = instanceId
});
ExceptionsML.Check(sr.Error);
var par = sr.Result;
model.SubmitMessage = GetSubmitMessage(par.RequestType);
//Temporary: Bug 13104 - Update Guest Downloads so they follow the same model as Form Links and Guest viewer links
if (par.RequestType == ProxyAuthRequestType.DownloadFiles)
{
model.ProxyRequest = par;
return(model);
}
ValidateRecaptcha(par, model, request);
ValidatePasswordFillModelProxyRequest(par, model, request, svcBldr);
return(model);
}
private static void ValidatePasswordFillModelProxyRequest(ProxyAuthRequestResult par, GuestChallengeModel model, HttpRequestBase request, ServiceBuilder svcBldr)
{
var pass = request.Form["password"];
var svc = svcBldr.SecurityV2();
if (par.HasPassword && !String.IsNullOrWhiteSpace(pass)) //Has a password and one has been provided by the user
{
var pwSR = svc.GetProxyRequest(new GetProxyRequestArgs {
Id = par.Id, InstanceId = par.InstanceId, Password = pass
});
if (pwSR.Error != null)
{
model.ErrorMessages.Add(pwSR.Error.Message);
model.ShowPassword = true;
}
else
{
model.ProxyRequest = pwSR.Result;
}
}
else if (!par.HasPassword && !model.ShowRecaptcha) //Does not have a password and is not showing the recaptcha, get the full ProxyAuthRequest (decrements counts, returns a restricted token).
{
var prSR = svc.GetProxyRequest(new GetProxyRequestArgs {
Id = par.Id, InstanceId = par.InstanceId, Password = pass
});
if (prSR.Error != null)
{
if (prSR.Error.Type == typeof(ProxyAuthRequestExpiredException).ToString())
{
switch (par.RequestType)
{
case ProxyAuthRequestType.DownloadFiles:
throw new Exception(Constants.i18n("downloadFilesProxyRequestExpired"));
case ProxyAuthRequestType.AccessViewer:
throw new Exception(Constants.i18n("accessViewerProxyRequestExpired"));
case ProxyAuthRequestType.CreateForm:
throw new Exception(Constants.i18n("createFormProxyRequestExpired"));
default:
ExceptionsML.Check(prSR.Error);
break;
}
}
ExceptionsML.Check(prSR.Error);
}
model.ProxyRequest = prSR.Result;
}
else //Has a password and it has not been filled out yet or is showing recaptcha
{
model.ProxyRequest = par;
model.ShowPassword = par.HasPassword;
}
}
