public override Task Invoke(IOwinContext context) { var dispatcher = _routes.FindDispatcher(context.Request.Path.Value); if (dispatcher == null) { return(Next.Invoke(context)); } foreach (var filter in _authorizationFilters) { if (!filter.Authorize(context.Environment)) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return(Task.FromResult(false)); } } var dispatcherContext = new RequestDispatcherContext( _storage, context.Environment, dispatcher.Item2); return(dispatcher.Item1.Dispatch(dispatcherContext)); }
public Task Invoke(HttpContext httpContext) { var context = new AspNetCoreDashboardContext(_storage, _options, httpContext); var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value); if (findResult == null) { return(_next.Invoke(httpContext)); } // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in _options.Authorization) { if (!filter.Authorize(context)) { var isAuthenticated = httpContext.User?.Identity?.IsAuthenticated; httpContext.Response.StatusCode = isAuthenticated == true ? (int)HttpStatusCode.Forbidden : (int)HttpStatusCode.Unauthorized; return(Task.FromResult(0)); } } context.UriMatch = findResult.Item2; return(findResult.Item1.Dispatch(context)); }
public Task Invoke(HttpContext httpContext) { var context = new AspNetCoreDashboardContext(_storage, _options, httpContext); var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value); if (findResult == null) { return(_next.Invoke(httpContext)); } // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in _options.Authorization) { if (!filter.Authorize(context)) { // If status code has a non-default value, then it was changed // by one of authorization filters. In this case, we should // leave everything as is. if (!httpContext.Response.HasStarted && httpContext.Response.StatusCode == 200) { httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; return(httpContext.Response.WriteAsync("403 Forbidden")); } } } context.UriMatch = findResult.Item2; return(findResult.Item1.Dispatch(context)); }
public override Task Invoke(IOwinContext owinContext) { var dispatcher = _routes.FindDispatcher(owinContext.Request.Path.Value); if (dispatcher == null) { return(Next.Invoke(owinContext)); } // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in _authorizationFilters) { if (!filter.Authorize(owinContext.Environment)) { owinContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return(owinContext.Response.WriteAsync("401 Unauthorized")); } } var context = new OwinDashboardContext( _storage, new DashboardOptions { AppPath = _appPath, StatsPollingInterval = _statsPollingInterval, AuthorizationFilters = _authorizationFilters }, owinContext.Environment); return(dispatcher.Item1.Dispatch(context)); }
public static MidFunc UseHangfireDashboard( [NotNull] DashboardOptions options, [NotNull] JobStorage storage, [NotNull] RouteCollection routes) { if (options == null) { throw new ArgumentNullException(nameof(options)); } if (storage == null) { throw new ArgumentNullException(nameof(storage)); } if (routes == null) { throw new ArgumentNullException(nameof(routes)); } return (next => env => { var owinContext = new OwinContext(env); var context = new OwinDashboardContext(storage, options, env); #pragma warning disable 618 if (options.AuthorizationFilters != null) { if (options.AuthorizationFilters.Any(filter => !filter.Authorize(owinContext.Environment))) #pragma warning restore 618 { owinContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return owinContext.Response.WriteAsync("401 Unauthorized"); } } else { if (options.Authorization.Any(filter => !filter.Authorize(context))) { owinContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return owinContext.Response.WriteAsync("401 Unauthorized"); } } var findResult = routes.FindDispatcher(owinContext.Request.Path.Value); if (findResult == null) { return next(env); } context.UriMatch = findResult.Item2; return findResult.Item1.Dispatch(context); }); }
public async Task Invoke(HttpContext httpContext) { var context = new AspNetCoreDashboardContext(_storage, _options, httpContext); var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value); if (findResult == null) { await _next.Invoke(httpContext); return; } // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in _options.Authorization) { if (!filter.Authorize(context)) { httpContext.Response.StatusCode = GetUnauthorizedStatusCode(httpContext); return; } } foreach (var filter in _options.AsyncAuthorization) { if (!await filter.AuthorizeAsync(context)) { httpContext.Response.StatusCode = GetUnauthorizedStatusCode(httpContext); return; } } if (!_options.IgnoreAntiforgeryToken) { var antiforgery = httpContext.RequestServices.GetService <IAntiforgery>(); if (antiforgery != null) { var requestValid = await antiforgery.IsRequestValidAsync(httpContext); if (!requestValid) { // Invalid or missing CSRF token httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; return; } } } context.UriMatch = findResult.Item2; await findResult.Item1.Dispatch(context); }
public static MidFunc UseHangfireDashboard( [NotNull] DashboardOptions options, [NotNull] JobStorage storage, [NotNull] RouteCollection routes) { if (options == null) { throw new ArgumentNullException("options"); } if (storage == null) { throw new ArgumentNullException("storage"); } if (routes == null) { throw new ArgumentNullException("routes"); } return (next => env => { var context = new OwinContext(env); var dispatcher = routes.FindDispatcher(context.Request.Path.Value); if (dispatcher == null) { return next(env); } if (options.AuthorizationFilters.Any(filter => !filter.Authorize(context.Environment))) { context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return Task.FromResult(false); } var dispatcherContext = new RequestDispatcherContext( options.AppPath, storage, context.Environment, dispatcher.Item2); return dispatcher.Item1.Dispatch(dispatcherContext); }); }
public Task Invoke(HttpContext httpContext) { var context = new AspNetCoreDashboardContext(_storage, _options, httpContext); var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value); if (findResult == null) { return(_next.Invoke(httpContext)); } // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in _options.Authorization) { if (!filter.Authorize(context)) { httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return(httpContext.Response.WriteAsync("401 Unauthorized")); } } context.UriMatch = findResult.Item2; return(findResult.Item1.Dispatch(context)); }
public static MidFunc UseHangfireDashboard( [NotNull] DashboardOptions options, [NotNull] JobStorage storage, [NotNull] RouteCollection routes, [CanBeNull] IOwinDashboardAntiforgery antiforgery) { if (options == null) { throw new ArgumentNullException(nameof(options)); } if (storage == null) { throw new ArgumentNullException(nameof(storage)); } if (routes == null) { throw new ArgumentNullException(nameof(routes)); } return (next => async env => { var owinContext = new OwinContext(env); var context = new OwinDashboardContext(storage, options, env); if (!options.IgnoreAntiforgeryToken && antiforgery != null) { context.AntiforgeryHeader = antiforgery.HeaderName; context.AntiforgeryToken = antiforgery.GetToken(env); } #pragma warning disable 618 if (options.AuthorizationFilters != null) { if (options.AuthorizationFilters.Any(filter => !filter.Authorize(owinContext.Environment))) #pragma warning restore 618 { owinContext.Response.StatusCode = GetUnauthorizedStatusCode(owinContext); return; } } else { // ReSharper disable once LoopCanBeConvertedToQuery foreach (var filter in options.Authorization) { if (!filter.Authorize(context)) { owinContext.Response.StatusCode = GetUnauthorizedStatusCode(owinContext); return; } } foreach (var filter in options.AsyncAuthorization) { if (!await filter.AuthorizeAsync(context)) { owinContext.Response.StatusCode = GetUnauthorizedStatusCode(owinContext); return; } } } if (!options.IgnoreAntiforgeryToken && antiforgery != null && !antiforgery.ValidateRequest(env)) { owinContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; return; } var findResult = routes.FindDispatcher(owinContext.Request.Path.Value); if (findResult == null) { await next(env); return; } context.UriMatch = findResult.Item2; await findResult.Item1.Dispatch(context); }); }
public static MidFunc UseHangfireDashboard( [NotNull] DashboardOptions options, [NotNull] JobStorage storage, [NotNull] RouteCollection routes, [CanBeNull] IOwinDashboardAntiforgery antiforgery) { if (options == null) { throw new ArgumentNullException(nameof(options)); } if (storage == null) { throw new ArgumentNullException(nameof(storage)); } if (routes == null) { throw new ArgumentNullException(nameof(routes)); } return (next => env => { var owinContext = new OwinContext(env); var context = new OwinDashboardContext(storage, options, env); if (!options.IgnoreAntiforgeryToken && antiforgery != null) { context.AntiforgeryHeader = antiforgery.HeaderName; context.AntiforgeryToken = antiforgery.GetToken(env); } #pragma warning disable 618 if (options.AuthorizationFilters != null) { if (options.AuthorizationFilters.Any(filter => !filter.Authorize(owinContext.Environment))) #pragma warning restore 618 { return Unauthorized(owinContext); } } else { if (options.Authorization.Any(filter => !filter.Authorize(context))) { return Unauthorized(owinContext); } } if (!options.IgnoreAntiforgeryToken && antiforgery != null && !antiforgery.ValidateRequest(env)) { return Unauthorized(owinContext); } var findResult = routes.FindDispatcher(owinContext.Request.Path.Value); if (findResult == null) { return next(env); } context.UriMatch = findResult.Item2; return findResult.Item1.Dispatch(context); }); }