8000 Replace UrlOverride with BaseUrlOverride by Swimburger · Pull Request #84 · twilio-labs/twilio-aspnet · GitHub
[go: up one dir, main page]
Skip to content

Replace UrlOverride with BaseUrlOverride #84

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 4, 2022
Merged

Replace UrlOverride with BaseUrlOverride #84

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6bfab11
Replace UrlOverride with BaseUrlOverride
Swimburger Aug 3, 2022
4224048
Test and fix on .NET Framework
Swimburger Aug 3, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions src/Twilio.AspNet.Core.UnitTests/ValidateRequestAttributeTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ public class ValidateRequestAttributeTests
{
AuthToken = "My Twilio:RequestValidation:AuthToken",
AllowLocal = false,
UrlOverride = "MY URL OVERRIDE"
BaseUrlOverride = "MY URL OVERRIDE"
}
};

Expand All @@ -30,7 +30,7 @@ public void AddTwilioRequestValidation_With_Callback_Should_Match_Configuration(
var requestValidation = ValidTwilioOptions.RequestValidation;
options.AuthToken = requestValidation.AuthToken;
options.AllowLocal = requestValidation.AllowLocal;
options.UrlOverride = requestValidation.UrlOverride;
options.BaseUrlOverride = requestValidation.BaseUrlOverride;
});

var serviceProvider = serviceCollection.BuildServiceProvider();
Expand Down Expand Up @@ -71,7 +71,7 @@ public void AddTwilio_Should_Configure_ValidateRequestAttribute()
{
options.AllowLocal = ValidTwilioOptions.RequestValidation.AllowLocal;
options.AuthToken = ValidTwilioOptions.RequestValidation.AuthToken;
options.UrlOverride = ValidTwilioOptions.RequestValidation.UrlOverride;
options.BaseUrlOverride = ValidTwilioOptions.RequestValidation.BaseUrlOverride;
});

var serviceProvider = serviceCollection.BuildServiceProvider();
Expand All @@ -83,7 +83,7 @@ public void AddTwilio_Should_Configure_ValidateRequestAttribute()

Assert.Equal(ValidTwilioOptions.RequestValidation.AllowLocal, attribute.AllowLocal);
Assert.Equal(ValidTwilioOptions.RequestValidation.AuthToken, attribute.AuthToken);
Assert.Equal(ValidTwilioOptions.RequestValidation.UrlOverride, attribute.UrlOverride);
Assert.Equal(ValidTwilioOptions.RequestValidation.BaseUrlOverride, attribute.BaseUrlOverride);
}

[Fact]
Expand Down
2 changes: 1 addition & 1 deletion src/Twilio.AspNet.Core/RequestValidationDependencyInjectionExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ private static void SanitizeTwilioRequestValidationOptions(TwilioRequestValidati
{
// properties can be empty strings, but should be set to null if so
if (options.AuthToken == "") options.AuthToken = null;
if (options.UrlOverride == "") options.UrlOverride = null;
if (options.BaseUrlOverride == "") options.BaseUrlOverride = null;
}
}
}
2 changes: 1 addition & 1 deletion src/Twilio.AspNet.Core/TwilioOptions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ public class TwilioRequestValidationOptions
{
public string AuthToken { get; set; }
public bool? AllowLocal { get; set; }
public string UrlOverride { get; set; }
public string BaseUrlOverride { get; set; }
}

public enum CredentialType
Expand Down
21 changes: 15 additions & 6 deletions src/Twilio.AspNet.Core/ValidateRequestAttribute.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,35 +27,44 @@ public IFilterMetadata CreateInstance(IServiceProvider serviceProvider)

return new InternalValidateRequestAttribute(
authToken: options.AuthToken,
urlOverride: options.UrlOverride,
baseUrlOverride: options.BaseUrlOverride?.TrimEnd('/'),
allowLocal: options.AllowLocal ?? true
);
}

internal class InternalValidateRequestAttribute : ActionFilterAttribute
{
internal string AuthToken { get; set; }
internal string UrlOverride { get; set; }
internal string BaseUrlOverride { get; set; }
internal bool AllowLocal { get; set; }

/// <summary>
/// Initializes a new instance of the ValidateRequestAttribute class.
/// </summary>
/// <param name="authToken">AuthToken for the account used to sign the request</param>
/// <param name="urlOverride">The URL to use for validation, if different from Request.Url (sometimes needed if web site is behind a proxy or load-balancer)</param>
/// <param name="baseUrlOverride">
/// The Base URL (protocol + hostname) to use for validation,
/// if different from Request.Url (sometimes needed if web site is behind a proxy or load-balancer)
/// </param>
/// <param name="allowLocal">Skip validation for local requests</param>
public InternalValidateRequestAttribute(string authToken, string urlOverride, bool allowLocal)
public InternalValidateRequestAttribute(string authToken, string baseUrlOverride, bool allowLocal)
{
AuthToken = authToken;
UrlOverride = urlOverride;
BaseUrlOverride = baseUrlOverride;
AllowLocal = allowLocal;
}

public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string urlOverride = null;
if (BaseUrlOverride != null)
{
urlOverride = $"{BaseUrlOverride}{filterContext.HttpContext.Request.Path}";
}

var validator = new RequestValidationHelper();

if (!validator.IsValidRequest(filterContext.HttpContext, AuthToken, UrlOverride, AllowLocal))
if (!validator.IsValidRequest(filterContext.HttpContext, AuthToken, urlOverride, AllowLocal))
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
}
Expand Down
2 changes: 1 addition & 1 deletion src/Twilio.AspNet.Mvc/Twilio.AspNet.Mvc.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.AspNet.Mvc" Version="5.2.9" />
<PackageReference Include="Microsoft.AspNet.Mvc" Version="5.2.7" />
<PackageReference Include="NuGet.Build.Tasks.Pack" Version="6.1.0">
<PrivateAssets>all</PrivateAssets>
</PackageReference>
Expand Down
8 changes: 4 additions & 4 deletions src/Twilio.AspNet.Mvc/TwilioConfiguration.cs
View file
Op 6D4E en in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,11 @@ public string AuthToken
set => this["authToken"] = value;
}

[ConfigurationProperty("urlOverride")]
public string UrlOverride
[ConfigurationProperty("baseUrlOverride")]
public string BaseUrlOverride
{
get => (string)this["urlOverride"];
set => this["urlOverride"] = value;
get => (string)this["baseUrlOverride"];
set => this["baseUrlOverride"] = value;
}

[ConfigurationProperty("allowLocal")]
Expand Down
30 changes: 19 additions & 11 deletions src/Twilio.AspNet.Mvc/ValidateRequestAttribute.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,16 @@ namespace Twilio.AspNet.Mvc
/// <summary>
/// Represents an attribute that is used to prevent forgery of a request.
/// </summary>
public class ValidateRequestAttribute : ActionFilterAttribute
public class ValidateRequestAttribute : ActionFilterAttribute
{
protected internal string AuthToken { get; set; }
protected internal string UrlOverride { get; set; }
protected internal string BaseUrlOverride { get; set; }
protected internal bool AllowLocal { get; set; }

/// <summary>
/// Initializes a new instance of the ValidateRequestAttribute class.
/// </summary>
public ValidateRequestAttribute()
public ValidateRequestAttribute()
{
ConfigureProperties();
}
Expand All @@ -32,29 +32,37 @@ public ValidateRequestAttribute()
/// <exception cref="Exception"></exception>
protected virtual void ConfigureProperties()
{
var requestValidationConfiguration = ConfigurationManager.GetSection("twilio/requestValidation") as RequestValidationConfigurationSection;
var requestValidationConfiguration =
ConfigurationManager.GetSection("twilio/requestValidation") as RequestValidationConfigurationSection;
var appSettings = ConfigurationManager.AppSettings;

AuthToken = appSettings["twilio:requestValidation:authToken"]
?? appSettings["twilio:authToken"]
?? requestValidationConfiguration?.AuthToken
?? throw new Exception("Twilio Auth Token not configured");
?? appSettings["twilio:authToken"]
?? requestValidationConfiguration?.AuthToken
?? throw new Exception("Twilio Auth Token not configured");

UrlOverride = appSettings["twilio:requestValidation:urlOverride"]
?? requestValidationConfiguration?.AuthToken;
BaseUrlOverride = appSettings["twilio:requestValidation:baseUrlOverride"]
?? requestValidationConfiguration?.BaseUrlOverride;
if(BaseUrlOverride != null) BaseUrlOverride = BaseUrlOverride.TrimEnd('/');

var allowLocalAppSetting = appSettings["twilio:requestValidation:allowLocal"];
AllowLocal = allowLocalAppSetting != null
? bool.Parse(allowLocalAppSetting)
: requestValidationConfiguration?.AllowLocal
?? true;
?? true;
}

public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string urlOverride = null;
if (BaseUrlOverride != null)
{
urlOverride = $"{BaseUrlOverride}{filterContext.HttpContext.Request.Path}";
}

var validator = new RequestValidationHelper();

if (!validator.IsValidRequest(filterContext.HttpContext, AuthToken, UrlOverride, AllowLocal))
if (!validator.IsValidRequest(filterContext.HttpContext, AuthToken, urlOverride, AllowLocal))
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Forbidden);
}
Expand Down
124 changes: 62 additions & 62 deletions src/testapps/AspNetFramework/Web.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,67 +4,67 @@
https://go.microsoft.com/fwlink/?LinkId=301880
-->
<configuration>
<configSections>
<sectionGroup name="twilio" type="Twilio.AspNet.Mvc.TwilioSectionGroup,Twilio.AspNet.Mvc">
<section name="requestValidation" type="Twilio.AspNet.Mvc.RequestValidationConfigurationSection,Twilio.AspNet.Mvc"/>
</sectionGroup>
</configSections>
<twilio>
<requestValidation
authToken="your auth token here"
urlOverride="https://??????.ngrok.io/sms"
allowLocal="true"
<configSections>
<sectionGroup name="twilio" type="Twilio.AspNet.Mvc.TwilioSectionGroup,Twilio.AspNet.Mvc">
<section name="requestValidation" type="Twilio.AspNet.Mvc.RequestValidationConfigurationSection,Twilio.AspNet.Mvc"/>
</sectionGroup>
</configSections>
<twilio>
<requestValidation
authToken="your auth token here!"
baseUrlOverride="https://??????.ngrok.io"
allowLocal="true"
/>
</twilio>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="twilio:requestValidation:authToken" value="your auth token here!"/>
<add key="twilio:requestValidation:urlOverride" value="https://??????.ngrok.io/sms"/>
<add key="twilio:requestValidation:allowLocal" value="true"/>
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
</system.web>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
</compilers>
</system.codedom>
</twilio>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="twilio:requestValidation:authToken" value="your auth token here!"/>
<add key="twilio:requestValidation:baseUrlOverride" value="https://??????.ngrok.io"/>
<add key="twilio:requestValidation:allowLocal" value="true"/>
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.7.2" />
<httpRuntime targetFramework="4.7.2" />
</system.web>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="eb42632606e9261f" />
<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" />
<bindingRedirect oldVersion="0.0.0.0-12.0.0.0" newVersion="12.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Optimization" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="0.0.0.0-5.2.7.0" newVersion="5.2.7.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<system.codedom>
<compilers>
<compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:1659;1699;1701" />
<compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=2.0.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:default /nowarn:41008 /define:_MYTYPE=\&quot;Web\&quot; /optionInfer+" />
</compilers>
</system.codedom>
</configuration>
2 changes: 1 addition & 1 deletion src/testapps/dotnet6/appsettings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
"RequestValidation": {
"AuthToken": "MyAuthToken!",
"AllowLocal": true,
"UrlOverride": "https://??????.ngrok.io/sms"
"BaseUrlOverride": "https://??????.ngrok.io"
}
}
}
0