API tools faq
paste
Guest User

CorsActionSelector

a guest
Jun 21st, 2012
480
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C# 4.89 KB | None | 0 0
raw download clone embed print report
  1. public class CorsActionSelector : ApiControllerActionSelector
  2.     {
  3.         private const string origin = "Origin";
  4.         private const string accessControlRequestMethod = "Access-Control-Request-Method";
  5.         private const string accessControlRequestHeaders = "Access-Control-Request-Headers";
  6.         private const string accessControlAllowMethods = "Access-Control-Allow-Methods";
  7.         private const string accessControlAllowHeaders = "Access-Control-Allow-Headers";
  8.  
  9.         public override HttpActionDescriptor SelectAction(HttpControllerContext controllerContext)
  10.         {
  11.             var originalRequest = controllerContext.Request;
  12.             var isCorsRequest = originalRequest.Headers.Contains(origin);
  13.  
  14.             if (originalRequest.Method == HttpMethod.Options && isCorsRequest)
  15.             {
  16.                 var currentAccessControlRequestMethod = originalRequest.Headers.GetValues(accessControlRequestMethod).FirstOrDefault();
  17.  
  18.                 if (!string.IsNullOrEmpty(currentAccessControlRequestMethod))
  19.                 {
  20.                     var modifiedRequest = new HttpRequestMessage(
  21.                         new HttpMethod(currentAccessControlRequestMethod),
  22.                         originalRequest.RequestUri);
  23.                     controllerContext.Request = modifiedRequest;
  24.                     var actualDescriptor = base.SelectAction(controllerContext);
  25.                     controllerContext.Request = originalRequest;
  26.  
  27.                     if (actualDescriptor != null)
  28.                     {
  29.                         if (actualDescriptor.GetFilters().OfType<EnableCorsAttribute>().Any())
  30.                         {
  31.                             var descriptor = new PreflightActionDescriptor(actualDescriptor, accessControlRequestMethod);
  32.                             return descriptor;
  33.                         }
  34.                     }
  35.                 }
  36.             }
  37.  
  38.             return base.SelectAction(controllerContext);
  39.         }
  40.  
  41.         class PreflightActionDescriptor : HttpActionDescriptor
  42.         {
  43.             private readonly HttpActionDescriptor originalAction;
  44.             private readonly string prefilghtAccessControlRequestMethod;
  45.  
  46.             public PreflightActionDescriptor(HttpActionDescriptor originalAction, string accessControlRequestMethod)
  47.             {
  48.                 this.originalAction = originalAction;
  49.                 this.prefilghtAccessControlRequestMethod = accessControlRequestMethod;
  50.             }
  51.  
  52.             public override string ActionName
  53.             {
  54.                 get { return originalAction.ActionName; }
  55.             }
  56.  
  57.             public override Task<object> ExecuteAsync(HttpControllerContext controllerContext, IDictionary<string, object> arguments)
  58.             {
  59.                 var response = new HttpResponseMessage(HttpStatusCode.OK);
  60.                 response.Headers.Add(accessControlAllowMethods, prefilghtAccessControlRequestMethod);
  61.  
  62.                 var requestedHeaders = string.Join(", ", controllerContext.Request.Headers.GetValues(accessControlRequestHeaders));
  63.  
  64.                 if (!string.IsNullOrEmpty(requestedHeaders))
  65.                     response.Headers.Add(accessControlAllowHeaders, requestedHeaders);
  66.  
  67.                 var tcs = new TaskCompletionSource<object>();
  68.                 tcs.SetResult(response);
  69.                 return tcs.Task;
  70.             }
  71.  
  72.             public override Collection<HttpParameterDescriptor> GetParameters()
  73.             {
  74.                 var parameters = originalAction.GetParameters();
  75.                 return parameters;
  76.             }
  77.  
  78.             public override Type ReturnType
  79.             {
  80.                 get { return typeof(HttpResponseMessage); }
  81.             }
  82.  
  83.             public override Collection<FilterInfo> GetFilterPipeline()
  84.             {
  85.                 var pipeline = originalAction.GetFilterPipeline();
  86.                 return pipeline;
  87.             }
  88.  
  89.             public override Collection<IFilter> GetFilters()
  90.             {
  91.                 var filters = originalAction.GetFilters();
  92.                 return filters;
  93.             }
  94.  
  95.             public override Collection<T> GetCustomAttributes<T>()
  96.             {
  97.                 if (typeof(T).IsAssignableFrom(typeof(AllowAnonymousAttribute)))
  98.                 {
  99.                     return new Collection<T>
  100.                     {
  101.                         new AllowAnonymousAttribute() as T
  102.                     };
  103.                 }
  104.  
  105.                 var attributes = originalAction.GetCustomAttributes<T>();
  106.                 return attributes;
  107.             }
  108.  
  109.             public override HttpActionBinding ActionBinding
  110.             {
  111.                 get
  112.                 {
  113.                     return originalAction.ActionBinding;
  114.                 }
  115.                 set
  116.                 {
  117.                     originalAction.ActionBinding = value;
  118.                 }
  119.             }
  120.         }
  121.     }
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!