protected internal override string DoInvoke(ServiceProxyInvokeEventArgs args) { string baseAddress = args.BaseAddress; string className = args.ClassName; string methodName = args.MethodName; object[] parameters = args.PostParameters; ServiceProxyInvokeEventArgs secureChannelArgs = new ServiceProxyInvokeEventArgs { Cuid = args.Cuid, BaseAddress = baseAddress, ClassName = typeof(SecureChannel).Name, MethodName = "Invoke", PostParameters = new object[] { className, methodName, ApiParameters.ParametersToJsonParamsObjectString(parameters) } }; try { SecureChannelMessage <string> result = Post(secureChannelArgs).FromJson <SecureChannelMessage <string> >(); if (result.Success) { Decrypted decrypted = new Decrypted(result.Data, SessionKey, SessionIV); return(decrypted.Value); } else { string properties = result.PropertiesToString(); throw new ServiceProxyInvocationFailedException("{0}"._Format(result.Message, properties)); } } catch (Exception ex) { args.Exception = ex; args.Message = ex.Message; OnInvocationException(args); } return(string.Empty); }
public SecureChannelMessage <string> Invoke(string className, string methodName, string jsonParams) { SecureChannelMessage <string> result = new SecureChannelMessage <string>(); HttpArgs args = new HttpArgs(); args.ParseJson(jsonParams); string parameters = args["jsonParams"]; SecureExecutionRequest request = new SecureExecutionRequest(HttpContext, className, methodName, parameters) { ApiKeyResolver = ApiKeyResolver, ServiceProvider = ServiceProvider }; bool success = request.Execute(); string data = request.Result as string; if (string.IsNullOrEmpty(data)) { throw new SecureChannelInvokeException(className, methodName, jsonParams); } result.Data = data; result.Success = success; return(result); }
public SecureChannelMessage SetSessionKey(SetSessionKeyRequest request) { SecureChannelMessage result = new SecureChannelMessage(true); try { SecureSession session = SecureSession.Get(HttpContext); session.SetSymmetricKey(request); } catch (Exception ex) { result = new SecureChannelMessage(ex); } return(result); }
public void StartSession() { if (SessionInfo == null) { lock (_sessionInfoLock) { if (SessionInfo == null) { OnSessionStarting(); try { HttpWebRequest request = GetServiceProxyRequest <SecureChannel>(ServiceProxyVerbs.GET, "InitSession", new Instant()); using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { SessionCookie = response.Cookies[SecureSession.CookieName]; Cookies.Add(SessionCookie); using (StreamReader sr = new StreamReader(response.GetResponseStream())) { SecureChannelMessage <ClientSessionInfo> message = sr.ReadToEnd().FromJson <SecureChannelMessage <ClientSessionInfo> >(); if (!message.Success) { throw new Exception(message.Message); } else { SessionInfo = message.Data; } } SetSessionKeyAndIv(); } } catch (Exception ex) { SessionStartException = ex; OnStartSessionException(ex); return; } OnSessionStarted(); } } } }
protected internal void SetSessionKeyAndIv() { AesKeyVectorPair kvp; SetSessionKeyRequest request; CreateSetSessionKeyRequest(out kvp, out request); SecureChannelMessage response = this.Post <SecureChannelMessage>(typeof(SecureChannel).Name, "SetSessionKey", new object[] { request }); if (!response.Success) { throw new Exception(response.Message); } SessionKey = kvp.Key; SessionIV = kvp.IV; }
public SecureChannelMessage <string> Invoke(string className, string methodName, string jsonParams) { SecureChannelMessage <string> result = new SecureChannelMessage <string>(); HttpArgs args = new HttpArgs(); args.ParseJson(jsonParams); string parameters = args["jsonParams"]; SecureExecutionRequest request = new SecureExecutionRequest(HttpContext, className, methodName, parameters) { ApiKeyResolver = ApiKeyResolver, ServiceProvider = ServiceProvider }; bool success = request.Execute(); if (request.Result is ValidationResult validationResult) { result.Data = "validation failed"; result.Message = validationResult.Message; result.Success = false; Logger.AddEntry("Validation failed for SecureChannel.Invoke for {0}.{1}:\r\n\tMessage={2}\r\n\tFailures: {3}:\r\n *** jsonParams were ***\r\n{4}", LogEventType.Warning, className, methodName, validationResult.Message, string.Join(",", validationResult.ValidationFailures), jsonParams); } else { string data = request.Result as string; if (string.IsNullOrEmpty(data)) { throw new SecureChannelInvokeException(className, methodName, jsonParams); } result.Data = data; result.Success = success; } return(result); }
public SecureChannelMessage <string> Invoke(string className, string methodName, string jsonParams) { SecureChannelMessage <string> result = new SecureChannelMessage <string>(); HttpArgs args = new HttpArgs(); args.ParseJson(jsonParams); string parameters = args["jsonParams"]; SecureExecutionRequest request = new SecureExecutionRequest(HttpContext, className, methodName, parameters); request.ApiKeyResolver = ApiKeyResolver; request.ServiceProvider = ServiceProvider; bool success = request.Execute(); ValidationResult validationResult = request.Result as ValidationResult; if (Debug && validationResult != null) { result.Data = "validation failed"; result.Message = validationResult.Message; result.Success = false; } else { if (validationResult != null) { Logger.AddEntry("Validation failed for SecureChannel.Invoke for {0}.{1}:\r\n *** jsonParams were ***\r\n{2}", LogEventType.Warning, className, methodName, jsonParams); } result.Data = (string)request.Result; //this will throw an exception if validation failed causing 404 not found to be sent back which is what we want for security if debug is off result.Success = success; } return(result); }