Documentation Coverage Report
Current view: top level - Cqrs.WebApi - CqrsApiController.cs Hit Total Coverage
Version: 4.0 Artefacts: 1 1 100.0 %
Date: 2019-11-24 03:15:41

          Line data    Source code
       1             : #region Copyright
       2             : // // -----------------------------------------------------------------------
       3             : // // <copyright company="Chinchilla Software Limited">
       4             : // //   Copyright Chinchilla Software Limited. All rights reserved.
       5             : // // </copyright>
       6             : // // -----------------------------------------------------------------------
       7             : #endregion
       8             : 
       9             : using System;
      10             : using System.Collections.Generic;
      11             : using System.Linq;
      12             : using System.Net;
      13             : using System.Net.Http;
      14             : using System.Net.Http.Headers;
      15             : using System.Web.Http;
      16             : using Chinchilla.Logging;
      17             : using Cqrs.Authentication;
      18             : using Cqrs.Services;
      19             : using System.Net.Http.Formatting;
      20             : using System.Web;
      21             : using Cqrs.Configuration;
      22             : 
      23             : namespace Cqrs.WebApi
      24             : {
      25             :         /// <summary>
      26             :         /// A <see cref="ApiController"/> that expects the <see cref="ISingleSignOnToken.Token"/> to be sent as a <see cref="HttpHeaders"/> with a key whose name is defined by the <see cref="System.Configuration.ConfigurationManager.AppSettings"/> "Cqrs.Web.AuthenticationTokenName", in accordance with OAuth specifications
      27             :         /// </summary>
      28             :         /// <remarks>
      29             :         /// See https://www.asp.net/web-api/overview/getting-started-with-aspnet-web-api/creating-api-help-pages for details on adding WebApi Help Pages.
      30             :         /// </remarks>
      31             :         public abstract class CqrsApiController
      32             :                 : ApiController
      33           2 :         {
      34             :                 /// <summary>
      35             :                 /// Instantiates a new instance of <see cref="CqrsApiController"/>.
      36             :                 /// </summary>
      37             :                 protected CqrsApiController(ILogger logger, ICorrelationIdHelper correlationIdHelper, IConfigurationManager configurationManager)
      38             :                 {
      39             :                         CorrelationIdHelper = correlationIdHelper;
      40             :                         ConfigurationManager = configurationManager;
      41             :                         Logger = logger;
      42             :                 }
      43             : 
      44             :                 /// <summary>
      45             :                 /// Gets or set the <see cref="ICorrelationIdHelper"/>.
      46             :                 /// </summary>
      47             :                 protected ICorrelationIdHelper CorrelationIdHelper { get; private set; }
      48             : 
      49             :                 /// <summary>
      50             :                 /// Gets or set the <see cref="ILogger"/>.
      51             :                 /// </summary>
      52             :                 protected ILogger Logger { get; private set; }
      53             : 
      54             :                 /// <summary>
      55             :                 /// Gets or set the <see cref="IConfigurationManager"/>.
      56             :                 /// </summary>
      57             :                 protected IConfigurationManager ConfigurationManager { get; private set; }
      58             : 
      59             :                 /// <summary>
      60             :                 /// Extracts the authentication token looking for a <see cref="KeyValuePair{TKey,TValue}"/> where the key as defined by the <see cref="System.Configuration.ConfigurationManager.AppSettings"/> "Cqrs.Web.AuthenticationTokenName",
      61             :                 /// from the <see cref="HttpRequest.Headers"/>, if one isn't found we then try the <see cref="HttpRequest.Cookies"/>
      62             :                 /// </summary>
      63             :                 protected virtual string GetToken()
      64             :                 {
      65             :                         string authenticationTokenName = ConfigurationManager.GetSetting("Cqrs.Web.AuthenticationTokenName") ?? "X-Token";
      66             : 
      67             :                         string xToken = null;
      68             :                         IEnumerable<string> tokenValue;
      69             :                         if (Request.Headers.TryGetValues(authenticationTokenName, out tokenValue))
      70             :                                 xToken = tokenValue.First();
      71             :                         else
      72             :                         {
      73             :                                 CookieHeaderValue cookie = Request.Headers.GetCookies(authenticationTokenName).FirstOrDefault();
      74             :                                 if (cookie != null)
      75             :                                         xToken = cookie[authenticationTokenName].Value;
      76             :                                 else
      77             :                                 {
      78             :                                         string[] queryStrings = (string.IsNullOrWhiteSpace(Request.RequestUri.Query) ? "?" : Request.RequestUri.Query)
      79             :                                                 .Substring(1)
      80             :                                                 .Split('&');
      81             :                                         foreach(string queryString in queryStrings)
      82             :                                         {
      83             :                                                 string[] queryStringParts = queryString.Split('=');
      84             :                                                 if (queryStringParts.Length != 2)
      85             :                                                         continue;
      86             :                                                 if (queryStringParts[0].ToLowerInvariant() == authenticationTokenName.ToLowerInvariant())
      87             :                                                 {
      88             :                                                         xToken = queryStringParts[1];
      89             :                                                         break;
      90             :                                                 }
      91             :                                         }
      92             :                                 }
      93             :                         }
      94             : 
      95             :                         return xToken;
      96             :                 }
      97             : 
      98             :                 /// <summary>
      99             :                 /// Create a <see cref="IServiceRequest{TAuthenticationToken}"/> setting header information.
     100             :                 /// </summary>
     101             :                 protected virtual IServiceRequest<TSingleSignOnToken> CreateRequest<TSingleSignOnToken>()
     102             :                 {
     103             :                         return new ServiceRequest<TSingleSignOnToken>
     104             :                         {
     105             :                                 AuthenticationToken = CreateAuthenticationToken<TSingleSignOnToken>(),
     106             :                                 CorrelationId = CorrelationIdHelper.GetCorrelationId()
     107             :                         };
     108             :                 }
     109             : 
     110             :                 /// <summary>
     111             :                 /// Create a <see cref="IServiceRequestWithData{TAuthenticationToken,TData}"/> setting header information.
     112             :                 /// If <paramref name="createParameterDelegate"/> is not null, it is used to populate <see cref="IServiceRequestWithData{TAuthenticationToken,TData}.Data"/> otherwise <see cref="CreateParameter{TParameters}"/> is used.
     113             :                 /// </summary>
     114             :                 protected virtual IServiceRequestWithData<TSingleSignOnToken, TParameters> CreateRequestWithData<TSingleSignOnToken, TParameters>(Func<TParameters> createParameterDelegate = null)
     115             :                         where TParameters : new()
     116             :                 {
     117             :                         return new ServiceRequestWithData<TSingleSignOnToken, TParameters>
     118             :                         {
     119             :                                 AuthenticationToken = CreateAuthenticationToken<TSingleSignOnToken>(),
     120             :                                 CorrelationId = CorrelationIdHelper.GetCorrelationId(),
     121             :                                 Data = createParameterDelegate == null ? CreateParameter<TParameters>() : createParameterDelegate()
     122             :                         };
     123             :                 }
     124             : 
     125             :                 /// <summary>
     126             :                 /// Create an <typeparamref name="TSingleSignOnToken"/>.
     127             :                 /// </summary>
     128             :                 /// <typeparam name="TSingleSignOnToken">The <see cref="Type"/> of <see cref="ISingleSignOnToken"/>.</typeparam>
     129             :                 protected virtual TSingleSignOnToken CreateAuthenticationToken<TSingleSignOnToken>()
     130             :                 {
     131             :                         if (typeof(TSingleSignOnToken) == typeof(int))
     132             :                                 return (TSingleSignOnToken)(object)int.Parse(GetToken());
     133             :                         if (typeof(TSingleSignOnToken) == typeof(Guid))
     134             :                                 return (TSingleSignOnToken)(object)new Guid(GetToken());
     135             :                         if (typeof(TSingleSignOnToken) == typeof(string))
     136             :                                 return (TSingleSignOnToken)(object)GetToken();
     137             : 
     138             :                         if (typeof(TSingleSignOnToken) == typeof(SingleSignOnToken))
     139             :                                 return (TSingleSignOnToken)(object)new SingleSignOnToken
     140             :                                 {
     141             :                                         DateIssued = GetDateTokenIssued(),
     142             :                                         Token = GetToken(),
     143             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     144             :                                 };
     145             :                         if (typeof(TSingleSignOnToken) == typeof(SingleSignOnTokenWithUserRsn))
     146             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithUserRsn
     147             :                                 {
     148             :                                         DateIssued = GetDateTokenIssued(),
     149             :                                         Token = GetToken(),
     150             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     151             :                                 };
     152             :                         if (typeof(TSingleSignOnToken) == typeof(SingleSignOnTokenWithCompanyRsn))
     153             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithCompanyRsn
     154             :                                 {
     155             :                                         DateIssued = GetDateTokenIssued(),
     156             :                                         Token = GetToken(),
     157             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     158             :                                 };
     159             :                         if (typeof(TSingleSignOnToken) == typeof(SingleSignOnTokenWithUserRsnAndCompanyRsn))
     160             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithUserRsnAndCompanyRsn
     161             :                                 {
     162             :                                         DateIssued = GetDateTokenIssued(),
     163             :                                         Token = GetToken(),
     164             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     165             :                                 };
     166             : 
     167             :                         if (typeof(TSingleSignOnToken) == typeof(ISingleSignOnToken))
     168             :                                 return (TSingleSignOnToken)(object)new SingleSignOnToken
     169             :                                 {
     170             :                                         DateIssued = GetDateTokenIssued(),
     171             :                                         Token = GetToken(),
     172             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     173             :                                 };
     174             :                         if (typeof(TSingleSignOnToken) == typeof(ISingleSignOnTokenWithUserRsn))
     175             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithUserRsn
     176             :                                 {
     177             :                                         DateIssued = GetDateTokenIssued(),
     178             :                                         Token = GetToken(),
     179             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     180             :                                 };
     181             :                         if (typeof(TSingleSignOnToken) == typeof(ISingleSignOnTokenWithCompanyRsn))
     182             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithCompanyRsn
     183             :                                 {
     184             :                                         DateIssued = GetDateTokenIssued(),
     185             :                                         Token = GetToken(),
     186             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     187             :                                 };
     188             :                         if (typeof(TSingleSignOnToken) == typeof(ISingleSignOnTokenWithUserRsnAndCompanyRsn))
     189             :                                 return (TSingleSignOnToken)(object)new SingleSignOnTokenWithUserRsnAndCompanyRsn
     190             :                                 {
     191             :                                         DateIssued = GetDateTokenIssued(),
     192             :                                         Token = GetToken(),
     193             :                                         TimeOfExpiry = GetTokenTimeOfExpiry()
     194             :                                 };
     195             :                         return default(TSingleSignOnToken);
     196             :                 }
     197             : 
     198             :                 /// <summary>
     199             :                 /// Creates a blank <typeparamref name="TParameters"/>
     200             :                 /// </summary>
     201             :                 protected virtual TParameters CreateParameter<TParameters>()
     202             :                         where TParameters : new()
     203             :                 {
     204             :                         return new TParameters();
     205             :                 }
     206             : 
     207             :                 /// <summary>
     208             :                 /// Get the <see cref="DateTime"/> the current authentication token was issued.
     209             :                 /// </summary>
     210             :                 /// <returns>default(DateTime)</returns>
     211             :                 protected virtual DateTime GetDateTokenIssued()
     212             :                 {
     213             :                         return default(DateTime);
     214             :                 }
     215             : 
     216             :                 /// <summary>
     217             :                 /// Get the <see cref="DateTime"/> the current authentication token will expire.
     218             :                 /// </summary>
     219             :                 /// <returns>default(DateTime)</returns>
     220             :                 protected virtual DateTime GetTokenTimeOfExpiry()
     221             :                 {
     222             :                         return default(DateTime);
     223             :                 }
     224             : 
     225             :                 /// <summary>
     226             :                 /// Completes the provided <paramref name="response"/> by setting the appropriate <see cref="HttpResponseMessage.StatusCode"/> and populating <see cref="HttpResponseMessage.Content"/> with <paramref name="serviceResponse"/>.
     227             :                 /// </summary>
     228             :                 protected virtual HttpResponseMessage CompleteResponse<TServiceResponse>(HttpResponseMessage response, TServiceResponse serviceResponse)
     229             :                         where TServiceResponse : IServiceResponse
     230             :                 {
     231             :                         serviceResponse.CorrelationId = CorrelationIdHelper.GetCorrelationId();
     232             : 
     233             :                         HttpConfiguration configuration = Request.GetConfiguration();
     234             :                         var contentNegotiator = configuration.Services.GetContentNegotiator();
     235             :                         ContentNegotiationResult negotiationResult = contentNegotiator.Negotiate(typeof(IServiceResponse), Request, configuration.Formatters);
     236             : 
     237             :                         response.Content = new ObjectContent<IServiceResponse>(serviceResponse, negotiationResult.Formatter, negotiationResult.MediaType);
     238             : 
     239             :                         switch (serviceResponse.State)
     240             :                         {
     241             :                                 case ServiceResponseStateType.Succeeded:
     242             :                                         response.StatusCode = HttpStatusCode.Accepted;
     243             :                                         break;
     244             :                                 case ServiceResponseStateType.FailedAuthentication:
     245             :                                         response.StatusCode = HttpStatusCode.Forbidden;
     246             :                                         break;
     247             :                                 case ServiceResponseStateType.FailedAuthorisation:
     248             :                                         response.StatusCode = HttpStatusCode.Unauthorized;
     249             :                                         break;
     250             :                                 case ServiceResponseStateType.FailedValidation:
     251             :                                         response.StatusCode = HttpStatusCode.PreconditionFailed;
     252             :                                         break;
     253             :                                 case ServiceResponseStateType.FailedWithAFatalException:
     254             :                                         response.StatusCode = HttpStatusCode.InternalServerError;
     255             :                                         break;
     256             :                                 case ServiceResponseStateType.FailedWithAnUnexpectedException:
     257             :                                         response.StatusCode = HttpStatusCode.InternalServerError;
     258             :                                         break;
     259             :                                 case ServiceResponseStateType.Unknown:
     260             :                                         response.StatusCode = HttpStatusCode.BadRequest;
     261             :                                         break;
     262             :                                 default:
     263             :                                         response.StatusCode = HttpStatusCode.Ambiguous;
     264             :                                         break;
     265             :                         }
     266             : 
     267             :                         return response;
     268             :                 }
     269             : 
     270             :                 /// <summary>
     271             :                 /// Creates a new <see cref="HttpResponseMessage"/> and completes the response by setting the appropriate <see cref="HttpResponseMessage.StatusCode"/> and populating <see cref="HttpResponseMessage.Content"/> with <paramref name="serviceResponse"/>.
     272             :                 /// </summary>
     273             :                 protected virtual HttpResponseMessage CompleteResponse<TServiceResponse>(TServiceResponse serviceResponse)
     274             :                         where TServiceResponse : IServiceResponse
     275             :                 {
     276             :                         var response = new HttpResponseMessage();
     277             : 
     278             :                         return CompleteResponse(response, serviceResponse);
     279             :                 }
     280             : 
     281             :                 /// <summary>
     282             :                 /// Creates a new <see cref="HttpResponseMessage"/> and completes the response by setting the appropriate <see cref="HttpResponseMessage.StatusCode"/> and populating <see cref="HttpResponseMessage.Content"/> with <paramref name="serviceResponse"/>.
     283             :                 /// </summary>
     284             :                 protected virtual HttpResponseMessage<TServiceResponse> CompleteResponseWithData<TServiceResponse>(TServiceResponse serviceResponse)
     285             :                         where TServiceResponse : IServiceResponse
     286             :                 {
     287             :                         var response = new HttpResponseMessage<TServiceResponse>();
     288             : 
     289             :                         CompleteResponse(response, serviceResponse);
     290             : 
     291             :                         return response;
     292             :                 }
     293             :         }
     294             : 
     295             :         /// <summary>
     296             :         /// A <see cref="ApiController"/> that expects the <see cref="ISingleSignOnToken.Token"/> to be sent as a <see cref="HttpHeaders"/> with a key of "X-Token", in accordance with OAuth specifications
     297             :         /// </summary>
     298             :         /// <remarks>
     299             :         /// See https://www.asp.net/web-api/overview/getting-started-with-aspnet-web-api/creating-api-help-pages for details on adding WebApi Help Pages.
     300             :         /// </remarks>
     301             :         public abstract class CqrsApiController<TAuthenticationToken>
     302             :                 : CqrsApiController
     303             :         {
     304             :                 /// <summary>
     305             :                 /// Instantiates a new instance of <see cref="CqrsApiController"/>.
     306             :                 /// </summary>
     307             :                 protected CqrsApiController(ILogger logger, ICorrelationIdHelper correlationIdHelper, IConfigurationManager configurationManager, IAuthenticationTokenHelper<TAuthenticationToken> authenticationTokenHelper)
     308             :                         : base(logger, correlationIdHelper, configurationManager)
     309             :                 {
     310             :                         AuthenticationTokenHelper = authenticationTokenHelper;
     311             :                 }
     312             : 
     313             :                 /// <summary>
     314             :                 /// Gets or set the <see cref="IAuthenticationTokenHelper{TAuthenticationToken}"/>.
     315             :                 /// </summary>
     316             :                 protected IAuthenticationTokenHelper<TAuthenticationToken> AuthenticationTokenHelper { get; private set; }
     317             : 
     318             :                 /// <summary>
     319             :                 /// Reads the current authentication token for the request from <see cref="AuthenticationTokenHelper"/>.
     320             :                 /// </summary>
     321             :                 protected override string GetToken()
     322             :                 {
     323             :                         TAuthenticationToken token = AuthenticationTokenHelper.GetAuthenticationToken();
     324             :                         if (token != null)
     325             :                                 return token.ToString();
     326             :                         return null;
     327             :                 }
     328             : 
     329             :                 /// <summary>
     330             :                 /// Create a <see cref="IServiceRequest{TAuthenticationToken}"/> setting header information.
     331             :                 /// </summary>
     332             :                 protected virtual IServiceRequest<TAuthenticationToken> CreateRequest()
     333             :                 {
     334             :                         TAuthenticationToken token = AuthenticationTokenHelper.GetAuthenticationToken();
     335             :                         return new ServiceRequest<TAuthenticationToken>
     336             :                         {
     337             :                                 AuthenticationToken = token,
     338             :                                 CorrelationId = CorrelationIdHelper.GetCorrelationId()
     339             :                         };
     340             :                 }
     341             : 
     342             :                 /// <summary>
     343             :                 /// Create a <see cref="IServiceRequestWithData{TAuthenticationToken,TData}"/> setting header information.
     344             :                 /// If <paramref name="createParameterDelegate"/> is not null, it is used to populate <see cref="IServiceRequestWithData{TAuthenticationToken,TData}.Data"/> otherwise <see cref="CqrsApiController.CreateParameter{TParameters}"/> is used.
     345             :                 /// </summary>
     346             :                 protected virtual IServiceRequestWithData<TAuthenticationToken, TParameters> CreateRequestWithData<TParameters>(Func<TParameters> createParameterDelegate = null)
     347             :                         where TParameters : new()
     348             :                 {
     349             :                         TAuthenticationToken token = AuthenticationTokenHelper.GetAuthenticationToken();
     350             :                         return new ServiceRequestWithData<TAuthenticationToken, TParameters>
     351             :                         {
     352             :                                 AuthenticationToken = token,
     353             :                                 CorrelationId = CorrelationIdHelper.GetCorrelationId(),
     354             :                                 Data = createParameterDelegate == null ? CreateParameter<TParameters>() : createParameterDelegate()
     355             :                         };
     356             :                 }
     357             :         }
     358             : }

Generated by: LCOV version 1.13