/// <summary> /// If there is a stream handler registered that can handle the /// request, then fine. If the request is not matched, do /// nothing. /// Note: The selection is case-insensitive /// </summary> private bool FindStreamHandler(OSHttpRequest request, OSHttpResponse response) { RequestData rdata = new RequestData(request, response, String.Empty); string bestMatch = String.Empty; string path = String.Format("{0}:{1}", rdata.method, rdata.path).ToLower(); Rest.Log.DebugFormat("{0} Checking for stream handler for <{1}>", MsgId, path); if (!IsEnabled) { return false; } foreach (string pattern in streamHandlers.Keys) { if (path.StartsWith(pattern)) { if (pattern.Length > bestMatch.Length) { bestMatch = pattern; } } } // Handle using the best match available if (bestMatch.Length > 0) { Rest.Log.DebugFormat("{0} Stream-based handler matched with <{1}>", MsgId, bestMatch); RestStreamHandler handler = streamHandlers[bestMatch]; rdata.buffer = handler.Handle(rdata.path, rdata.request.InputStream, rdata.request, rdata.response); rdata.AddHeader(rdata.response.ContentType,handler.ContentType); rdata.Respond("FindStreamHandler Completion"); } return rdata.handled; }
// Inventory Handler private void DoTests(RequestData rdata) { if (!enabled) return; // Now that we know this is a serious attempt to // access inventory data, we should find out who // is asking, and make sure they are authorized // to do so. We need to validate the caller's // identity before revealing anything about the // status quo. Authenticate throws an exception // via Fail if no identity information is present. // // With the present HTTP server we can't use the // builtin authentication mechanisms because they // would be enforced for all in-bound requests. // Instead we look at the headers ourselves and // handle authentication directly. try { if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized, String.Format("user \"{0}\" could not be authenticated", rdata.userName)); } } catch (RestException e) { if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) { Rest.Log.WarnFormat("{0} User not authenticated", MsgId); Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); } else { Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); } throw (e); } // Check that a test was specified if (rdata.Parameters.Length < 1) { Rest.Log.DebugFormat("{0} Insufficient parameters", MsgId); rdata.Fail(Rest.HttpStatusCodeBadRequest, "not enough parameters"); } // Select the test foreach (ITest test in tests) { if (!rdata.handled) test.Execute(rdata); } }