Refactoring HTTP APIs (#91)

shibayan · Apr 16, 2020 · 2ff36c7 · 2ff36c7
1 parent 6dc8a9f
commit 2ff36c7
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 20 deletions.
diff --git a/KeyVault.Acmebot/AddCertificateFunctions.cs b/KeyVault.Acmebot/AddCertificateFunctions.cs
@@ -1,5 +1,7 @@
 using System.Threading.Tasks;
 
+using Azure.WebJobs.Extensions.HttpApi;
+
 using KeyVault.Acmebot.Models;
 
 using Microsoft.AspNetCore.Http;
@@ -9,36 +11,37 @@
 using Microsoft.Azure.WebJobs.Extensions.Http;
 using Microsoft.Extensions.Logging;
 
-using Newtonsoft.Json;
-
 namespace KeyVault.Acmebot
 {
-    public class AddCertificateFunctions
+    public class AddCertificateFunctions : HttpFunctionBase
     {
+        public AddCertificateFunctions(IHttpContextAccessor httpContextAccessor)
+            : base(httpContextAccessor)
+        {
+        }
+
         [FunctionName(nameof(AddCertificate_HttpStart))]
         public async Task<IActionResult> AddCertificate_HttpStart(
-            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "add-certificate")] HttpRequest req,
+            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "add-certificate")] AddCertificateRequest request,
             [DurableClient] IDurableClient starter,
             ILogger log)
         {
-            if (!req.HttpContext.User.Identity.IsAuthenticated)
+            if (!User.Identity.IsAuthenticated)
             {
-                return new UnauthorizedResult();
+                return Unauthorized();
             }
 
-            var request = JsonConvert.DeserializeObject<AddCertificateRequest>(await req.ReadAsStringAsync());
-
-            if (request?.Domains == null || request.Domains.Length == 0)
+            if (!TryValidateModel(request))
             {
-                return new BadRequestObjectResult($"{nameof(request.Domains)} is empty.");
+                return BadRequest(ModelState);
             }
 
             // Function input comes from the request content.
             var instanceId = await starter.StartNewAsync(nameof(SharedFunctions.IssueCertificate), request.Domains);
 
             log.LogInformation($"Started orchestration with ID = '{instanceId}'.");
 
-            return starter.CreateCheckStatusResponse(req, instanceId, true);
+            return starter.CreateCheckStatusResponse(Request, instanceId, true);
         }
     }
 }
diff --git a/KeyVault.Acmebot/GetDnsZonesFunctions.cs b/KeyVault.Acmebot/GetDnsZonesFunctions.cs
@@ -3,6 +3,8 @@
 using System.Linq;
 using System.Threading.Tasks;
 
+using Azure.WebJobs.Extensions.HttpApi;
+
 using DurableTask.TypedProxy;
 
 using KeyVault.Acmebot.Contracts;
@@ -16,8 +18,13 @@
 
 namespace KeyVault.Acmebot
 {
-    public class GetDnsZonesFunctions
+    public class GetDnsZonesFunctions : HttpFunctionBase
     {
+        public GetDnsZonesFunctions(IHttpContextAccessor httpContextAccessor)
+            : base(httpContextAccessor)
+        {
+        }
+
         [FunctionName(nameof(GetDnsZones))]
         public async Task<IList<string>> GetDnsZones([OrchestrationTrigger] IDurableOrchestrationContext context)
         {
@@ -34,9 +41,9 @@ public async Task<IActionResult> GetDnsZones_HttpStart(
             [DurableClient] IDurableClient starter,
             ILogger log)
         {
-            if (!req.HttpContext.User.Identity.IsAuthenticated)
+            if (!User.Identity.IsAuthenticated)
             {
-                return new UnauthorizedResult();
+                return Unauthorized();
             }
 
             // Function input comes from the request content.

diff --git a/KeyVault.Acmebot/KeyVault.Acmebot.csproj b/KeyVault.Acmebot/KeyVault.Acmebot.csproj
@@ -11,9 +11,9 @@
     <PackageReference Include="Microsoft.Azure.KeyVault" Version="3.0.5" />
     <PackageReference Include="Microsoft.Azure.Management.Dns" Version="3.0.1" />
     <PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.4.0" />
-    <PackageReference Include="Microsoft.Azure.WebJobs.Extensions.DurableTask" Version="2.2.0" />
+    <PackageReference Include="Microsoft.Azure.WebJobs.Extensions.DurableTask" Version="2.2.1" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="3.1.3" />
-    <PackageReference Include="Microsoft.NET.Sdk.Functions" Version="3.0.5" />
+    <PackageReference Include="Microsoft.NET.Sdk.Functions" Version="3.0.6" />
     <PackageReference Include="WebJobs.Extensions.HttpApi" Version="1.0.2" />
   </ItemGroup>
   <ItemGroup>

diff --git a/KeyVault.Acmebot/Models/AddCertificateRequest.cs b/KeyVault.Acmebot/Models/AddCertificateRequest.cs
@@ -1,7 +1,18 @@
-namespace KeyVault.Acmebot.Models
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+
+namespace KeyVault.Acmebot.Models
 {
-    public class AddCertificateRequest
+    public class AddCertificateRequest : IValidatableObject
     {
         public string[] Domains { get; set; }
+
+        public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
+        {
+            if (Domains == null || Domains.Length == 0)
+            {
+                yield return new ValidationResult($"The {nameof(Domains)} is required.", new[] { nameof(Domains) });
+            }
+        }
     }
 }
diff --git a/KeyVault.Acmebot/StaticPageFunctions.cs b/KeyVault.Acmebot/StaticPageFunctions.cs
@@ -20,6 +20,11 @@ public IActionResult StaticPage(
             [HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = "static-page/index")] HttpRequest req,
             ILogger log)
         {
+            if (!User.Identity.IsAuthenticated)
+            {
+                return Forbid();
+            }
+
             return File("index.html", "text/html");
         }
     }

diff --git a/KeyVault.Acmebot/index.html b/KeyVault.Acmebot/index.html
@@ -145,15 +145,22 @@ <h1 class="title">
           }
 
           this.sending = true;
+          var response;
 
-          var response = await axios.post("/api/add-certificate", { Domains: this.domains });
+          try {
+            response = await axios.post("/api/add-certificate", { Domains: this.domains });
+          } catch (error) {
+            alert("An error has occurred. No certificate was issued.");
+            this.sending = false;
+            return;
+          }
 
           while (true) {
             await delay(5000);
 
             try {
               response = await axios.get(response.headers["location"]);
-            } catch {
+            } catch (error) {
               alert("An error has occurred. No certificate was issued.");
               break;
             }