RequestService

Namespace: ASPSecurityKit.ServiceStack
Assembly: ASPSecurityKit.ServiceStack.dll

Summary

Implements the IServiceStackRequestService for Service Stack.

Constructors

#ctor(request,response,settings,securityUtility,errorResource)

Summary

Initializes a new instance of the RequestService class.

Parameters
Name Type Description
request ServiceStack.Web.IRequest The request.
response ServiceStack.Web.IResponse The response.
settings ASPSecurityKit.ServiceStack.IServiceStackSecuritySettings The security settings.
securityUtility ASPSecurityKit.ISecurityUtility The security utility.
errorResource ASPSecurityKit.IErrorMessageResourceProvider The error resource.

Properties

Dto

Summary

Gets the request DTO representing the requested operation.

Value

The request DTO representing the requested operation.

Verb

Summary

Gets the http verb of the request.

Value

The http verb of the request.

Operation

Summary

Gets the name of the operation (action/endpoint) invoked.

Value

The name of the operation (action/endpoint) invoked.

IsSecureConnection

Summary

Gets a value indicate whether the connection is secure.

Value

true if the connection is secure; otherwise, false.

AbsoluteUri

Summary

Gets the Absolute URL for the request (including scheme, host, pathInfo etc.).

Value

The Absolute URL for the request (including scheme, host, pathInfo etc.).

RawUrl

Summary

Gets the relative URL sent in the request (such as /pathInfo?queryString).

Value

The relative URL sent in the request.

Headers

Summary

Gets the headers sent in the request.

Value

The headers sent in the request.

QueryString

Summary

Gets the queryString sent in the request as key/value pairs.

Value

The queryString sent in the request as key/value pairs.

Cookies

Summary

Gets the cookies sent in the request.

Value

The cookies sent in the request.

UserAgent

Summary

Gets the caller agent information from the request.

Value

The caller agent information from the request.

Methods

GetCallerIp()

Summary

Gets the Remote IP of the caller.

Returns

The Remote IP of the caller.

Parameters

This method has no parameters.

Remarks

The implementers should attempt to return the actual caller IP considering such headers as X-Forwarded-For, X-Real-IP as well.

GetRawBody()

Summary

Gets the body (raw) from the request.

Returns

The body (raw) from the request.

Parameters

This method has no parameters.

IsMarkedWith(feature,verb)

Summary

Determines whether the requested operation is marked with the specified feature.

Returns

true if the requested operation is marked with the specified feature; otherwise, false.

Parameters
Name Type Description
feature ASPSecurityKit.RequestFeature The feature to check.
verb System.String The http verb (method). Null indicates to use the verb associated with the current request.

GetDisabledReason(verb)

Summary

Gets the reason of why action is disabled.

Returns

The reason of why action is disabled.

Parameters
Name Type Description
verb System.String The http verb (method). Null indicates to use the verb associated with the current request.

GetPermissionCode()

Summary

Gets the permissionCode for the requested operation.

Returns

The permissionCode for the requested operation.

Parameters

This method has no parameters.

WriteToResponse(failureReason,failureDescription,errors)

Summary

Writes the security check failure details to the response. See remarks for more details.

Parameters
Name Type Description
failureReason ASPSecurityKit.OpResult The failure reason.
failureDescription System.String The failure description.
errors System.Collections.Generic.List{ASPSecurityKit.AuthError} The detailed/additional error information to aid in troubleshooting.
Remarks

Regarding the information to be written, the default implementations follow the guidelines mentioned for OpException. Briefly speaking, HTTP status code is first determined using OpResultToStatusCode and if it’s 500, InternalServerError is written to the response rather than the provided failure parameters. However, if IsDevelopmentEnvironment is true, the failure parameters are written to the response regardless of the status code. The default implementations write errors in the json format on the API platforms. For mix platforms, the default implementations determine if the call is an API call; if it is so, write in the json format; otherwise, write in the plain text format.

Redirect(url)

Summary

Redirects to the specified URL.

Parameters
Name Type Description
url System.String The URL.

Summary

Adds the specified cookie to the response. If the cookie already exists, it’ll be overridden.

Parameters
Name Type Description
cookie System.Net.Cookie The cookie.

ExpireCookie(name)

Summary

Sets an expired cookie in the response by the specified name if it exists in the request.

Returns

true if a cookie by the specified name was found in the request and set as expired in the response; otherwise, false.

Parameters
Name Type Description
name System.String The cookie name.

GetContainer()

Summary

Gets the DI container for the current request.

Returns

The DI container for the current request.

Parameters

This method has no parameters.

GetPermissionCode(req,dto)

Summary

Gets the permission code for the specified request.

Returns

The permission code for the specified request.

Parameters
Name Type Description
req ServiceStack.Web.IRequest The request.
dto System.Object The request dto.

GetCallerIpAsync()

Summary

Gets the Remote IP of the caller.

Returns

The Remote IP of the caller.

Parameters

This method has no parameters.

Remarks

The implementers should attempt to return the actual caller IP considering such headers as X-Forwarded-For, X-Real-IP as well.

GetCallerIpAsync(cancellationToken)

Summary

Gets the Remote IP of the caller.

Returns

The Remote IP of the caller.

Parameters
Name Type Description
cancellationToken System.Threading.CancellationToken The cancellation token.
Remarks

The implementers should attempt to return the actual caller IP considering such headers as X-Forwarded-For, X-Real-IP as well.

GetRawBodyAsync()

Summary

Gets the body (raw) from the request.

Returns

The body (raw) from the request.

Parameters

This method has no parameters.

GetRawBodyAsync(cancellationToken)

Summary

Gets the body (raw) from the request.

Returns

The body (raw) from the request.

Parameters
Name Type Description
cancellationToken System.Threading.CancellationToken The cancellation token.

IsMarkedWithAsync(feature,verb)

Summary

Determines whether the requested operation is marked with the specified feature.

Returns

true if the requested operation is marked with the specified feature; otherwise, false.

Parameters
Name Type Description
feature ASPSecurityKit.RequestFeature The feature to check.
verb System.String The http verb (method). Null indicates to use the verb associated with the current request.

IsMarkedWithAsync(feature,cancellationToken,verb)

Summary

Determines whether the requested operation is marked with the specified feature.

Returns

true if the requested operation is marked with the specified feature; otherwise, false.

Parameters
Name Type Description
feature ASPSecurityKit.RequestFeature The feature to check.
cancellationToken System.Threading.CancellationToken The cancellation token.
verb System.String The http verb (method). Null indicates to use the verb associated with the current request.

GetDisabledReasonAsync(verb)

Summary

Gets the reason of why action is disabled.

Returns

The reason of why action is disabled.

Parameters
Name Type Description
verb System.String The http verb (method). Null indicates to use the verb associated with the current request.

GetDisabledReasonAsync(verb,cancellationToken)

Summary

Gets the reason of why action is disabled.

Returns

The reason of why action is disabled.

Parameters
Name Type Description
verb System.Threading.CancellationToken The http verb (method). Null indicates to use the verb associated with the current request.
cancellationToken System.String The cancellation token.

GetPermissionCodeAsync()

Summary

Gets the permissionCode for the requested operation.

Returns

The permissionCode for the requested operation.

Parameters

This method has no parameters.

GetPermissionCodeAsync(cancellationToken)

Summary

Gets the permissionCode for the requested operation.

Returns

The permissionCode for the requested operation.

Parameters
Name Type Description
cancellationToken System.Threading.CancellationToken The cancellation token.

WriteToResponseAsync(failureReason,failureDescription,errors)

Summary

Writes the security check failure details to the response. See remarks for more details.

Parameters
Name Type Description
failureReason ASPSecurityKit.OpResult The failure reason.
failureDescription System.String The failure description.
errors System.Collections.Generic.List{ASPSecurityKit.AuthError} The detailed/additional error information to aid in troubleshooting.
Remarks

Regarding the information to be written, the default implementations follow the guidelines mentioned for OpException. Briefly speaking, HTTP status code is first determined using OpResultToStatusCode and if it’s 500, InternalServerError is written to the response rather than the provided failure parameters. However, if IsDevelopmentEnvironment is true, the failure parameters are written to the response regardless of the status code. The default implementations write errors in the json format on the API platforms. For mix platforms, the default implementations determine if the call is an API call; if it is so, write in the json format; otherwise, write in the plain text format.

WriteToResponseAsync(failureReason,failureDescription,cancellationToken,errors)

Summary

Writes the security check failure details to the response. See remarks for more details.

Parameters
Name Type Description
failureReason ASPSecurityKit.OpResult The failure reason.
failureDescription System.String The failure description.
cancellationToken System.Threading.CancellationToken The cancellation token.
errors System.Collections.Generic.List{ASPSecurityKit.AuthError} The detailed/additional error information to aid in troubleshooting.
Remarks

Regarding the information to be written, the default implementations follow the guidelines mentioned for OpException. Briefly speaking, HTTP status code is first determined using OpResultToStatusCode and if it’s 500, InternalServerError is written to the response rather than the provided failure parameters. However, if IsDevelopmentEnvironment is true, the failure parameters are written to the response regardless of the status code. The default implementations write errors in the json format on the API platforms. For mix platforms, the default implementations determine if the call is an API call; if it is so, write in the json format; otherwise, write in the plain text format.

GetPermissionCodeAsync(req,dto)

Summary

Gets the permission code for the specified request.

Returns

The permission code for the specified request.

Parameters
Name Type Description
req ServiceStack.Web.IRequest The request.
dto System.Object The request dto.

GetPermissionCodeAsync(req,dto,cancellationToken)

Summary

Gets the permission code for the specified request.

Returns

The permission code for the specified request.

Parameters
Name Type Description
req ServiceStack.Web.IRequest The request.
dto System.Object The request dto.
cancellationToken System.Threading.CancellationToken The cancellation token.