02.2025 imports
This commit is contained in:
Michał Zieliński
@@ -1,162 +1,162 @@
|
||||
using System.Data;
|
||||
using System.Text;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Data.SqlClient;
|
||||
using WebAPI.Models;
|
||||
|
||||
namespace WebAPI.Controllers;
|
||||
|
||||
[ApiController]
|
||||
[Route("api/[controller]")]
|
||||
public class DataInboxController : Controller
|
||||
{
|
||||
private readonly AppDbContext _db;
|
||||
private readonly IConfiguration _configuration;
|
||||
private readonly LogsController _logsController;
|
||||
|
||||
public DataInboxController(
|
||||
AppDbContext db,
|
||||
GoogleSheetsHelper googleSheetsHelper,
|
||||
IConfiguration configuration)
|
||||
{
|
||||
_db = db;
|
||||
_configuration = configuration;
|
||||
_logsController = new LogsController(googleSheetsHelper, _configuration);
|
||||
}
|
||||
|
||||
[HttpPut]
|
||||
[Route("Add/{apiKey}")]
|
||||
[AllowAnonymous]
|
||||
public IActionResult Add(string apiKey, [FromBody] DataInbox dataInbox)
|
||||
{
|
||||
if (apiKey != _configuration["apiKey"])
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - wrong apiKey ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (
|
||||
!Request.Headers.TryGetValue("Authorization", out var authHeader))
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - no authorization header ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
var credentialsArr = authHeader.ToString().Split(" ");
|
||||
if (credentialsArr.Length != 2)
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - wrong auth header format ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
var authValue = Encoding.UTF8.GetString(Convert.FromBase64String(credentialsArr[1]));
|
||||
var username = authValue.Split(':')[0];
|
||||
var password = authValue.Split(':')[1];
|
||||
if (username != _configuration["morska-user"] || password != _configuration["morska-pass"])
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - bad credentials ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
// check if datainbox.data is base64 encoded value
|
||||
if (!string.IsNullOrEmpty(dataInbox.Data) && !IsBase64String(dataInbox.Data))
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Invalid data format - not base64 encoded ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return BadRequest("Invalid data format - not base64 encoded");
|
||||
}
|
||||
|
||||
|
||||
dataInbox.Id = Guid.NewGuid();
|
||||
dataInbox.CreatedAt = DateTime.UtcNow;
|
||||
_db.DataInbox.Add(dataInbox);
|
||||
_db.SaveChanges();
|
||||
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Insert success: {dataInbox.Source}, {dataInbox.Name}",
|
||||
Type = LogEntryType.Info,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
|
||||
return Ok();
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Insert error: {dataInbox.Source}, {dataInbox.Name}",
|
||||
Type = LogEntryType.Error,
|
||||
LogType = LogType.DataInbox,
|
||||
Message = e.ToString(),
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return BadRequest(e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
public IActionResult GetAll()
|
||||
{
|
||||
return Ok(_db.DataInbox);
|
||||
}
|
||||
|
||||
// helpers
|
||||
private bool IsBase64String(string data)
|
||||
{
|
||||
if (string.IsNullOrEmpty(data))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
try
|
||||
{
|
||||
var base64Bytes = Convert.FromBase64String(data);
|
||||
|
||||
var utf8String = Encoding.UTF8.GetString(base64Bytes);
|
||||
|
||||
var reEncoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(utf8String));
|
||||
return data.TrimEnd('=') == reEncoded.TrimEnd('=');
|
||||
}
|
||||
catch (FormatException)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
catch (DecoderFallbackException)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
using System.Data;
|
||||
using System.Text;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Data.SqlClient;
|
||||
using WebAPI.Models;
|
||||
|
||||
namespace WebAPI.Controllers;
|
||||
|
||||
[ApiController]
|
||||
[Route("api/[controller]")]
|
||||
public class DataInboxController : Controller
|
||||
{
|
||||
private readonly AppDbContext _db;
|
||||
private readonly IConfiguration _configuration;
|
||||
private readonly LogsController _logsController;
|
||||
|
||||
public DataInboxController(
|
||||
AppDbContext db,
|
||||
GoogleSheetsHelper googleSheetsHelper,
|
||||
IConfiguration configuration)
|
||||
{
|
||||
_db = db;
|
||||
_configuration = configuration;
|
||||
_logsController = new LogsController(googleSheetsHelper, _configuration);
|
||||
}
|
||||
|
||||
[HttpPut]
|
||||
[Route("Add/{apiKey}")]
|
||||
[AllowAnonymous]
|
||||
public IActionResult Add(string apiKey, [FromBody] DataInbox dataInbox)
|
||||
{
|
||||
if (apiKey != _configuration["apiKey"])
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - wrong apiKey ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (
|
||||
!Request.Headers.TryGetValue("Authorization", out var authHeader))
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - no authorization header ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
var credentialsArr = authHeader.ToString().Split(" ");
|
||||
if (credentialsArr.Length != 2)
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - wrong auth header format ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
var authValue = Encoding.UTF8.GetString(Convert.FromBase64String(credentialsArr[1]));
|
||||
var username = authValue.Split(':')[0];
|
||||
var password = authValue.Split(':')[1];
|
||||
if (username != _configuration["morska-user"] || password != _configuration["morska-pass"])
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Unauthorized request - bad credentials ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return Unauthorized();
|
||||
}
|
||||
|
||||
// check if datainbox.data is base64 encoded value
|
||||
if (!string.IsNullOrEmpty(dataInbox.Data) && !IsBase64String(dataInbox.Data))
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Invalid data format - not base64 encoded ({dataInbox.Source})",
|
||||
Type = LogEntryType.Warning,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return BadRequest("Invalid data format - not base64 encoded");
|
||||
}
|
||||
|
||||
|
||||
dataInbox.Id = Guid.NewGuid();
|
||||
dataInbox.CreatedAt = DateTime.UtcNow;
|
||||
_db.DataInbox.Add(dataInbox);
|
||||
_db.SaveChanges();
|
||||
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Insert success: {dataInbox.Source}, {dataInbox.Name}",
|
||||
Type = LogEntryType.Info,
|
||||
LogType = LogType.DataInbox,
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
|
||||
return Ok();
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
_logsController.AddEntry(new LogEntry
|
||||
{
|
||||
Title = $"Insert error: {dataInbox.Source}, {dataInbox.Name}",
|
||||
Type = LogEntryType.Error,
|
||||
LogType = LogType.DataInbox,
|
||||
Message = e.ToString(),
|
||||
CreatedAt = DateTime.UtcNow
|
||||
});
|
||||
return BadRequest(e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
public IActionResult GetAll()
|
||||
{
|
||||
return Ok(_db.DataInbox);
|
||||
}
|
||||
|
||||
// helpers
|
||||
private bool IsBase64String(string data)
|
||||
{
|
||||
if (string.IsNullOrEmpty(data))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
try
|
||||
{
|
||||
var base64Bytes = Convert.FromBase64String(data);
|
||||
|
||||
var utf8String = Encoding.UTF8.GetString(base64Bytes);
|
||||
|
||||
var reEncoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(utf8String));
|
||||
return data.TrimEnd('=') == reEncoded.TrimEnd('=');
|
||||
}
|
||||
catch (FormatException)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
catch (DecoderFallbackException)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user