0

I am trying to use DelegatingChannel (MessageHandler) to decrypt the incoming message and encrypt the outgoing message. Code looks like this, but with some placeholder i couldn't figure out how to achieve.

    protected override Task<HttpResponseMessage> SendAsync(
    HttpRequestMessage request, CancellationToken cancellationToken)
{
    var inEncryptedMessage = request.Content.ReadAsOrDefault<EncryptedMessage>();

    Message inMessage = inEncryptedMessage.Decrypt();

    var newContent = new StringContent(inMessage.Data, Encoding.UTF8, "text/json");

    newContent.Headers.ContentType = request.Content.Headers.ContentType;

    request.Content = newContent;            

    return base.SendAsync(request, cancellationToken).ContinueWith(
        task =>
        {
            HttpResponseMessage response = task.Result;

            // need to serialize the data in response.Content as json
            var outMessage = new Message {
                Data = ... // but don't know how
            };

            var outEncryptedMessage = outMessage.Encrypt();

            response.Content = new ObjectContent(outEncryptedMessage);

            return response;
        });
}



public class Message
{
    public string Data { get; set; }
}

public class EncryptedMessage
{
    public byte[] Key { get; set; }
    public byte[] Message { get; set; }
}

I want to pass JSON string in the request to the Operation, and therein deserialise the JSON into object. But failed... But object was created, but all the properties are null.

So which stoped me to think about response aspect. But i still find the difficulties in read object from response.Content.

Please give me some suggestion if you have the answer.

Thanks a lot, M

svick
  • 236,525
  • 50
  • 385
  • 514
misaxi
  • 568
  • 2
  • 10

1 Answers1

0

If I'm not wrong you could try to implement a DecryptOperationHandler : HttpOperationHandler<HttpRequestMessage>, <HttpRequestMessage>

This should decrypt your incoming message before passing it to the resource itself

Encryption could be done using a EncryptOperationHandler : HttpOperationHandler<HttpResponseMessage>, <HttpResponseMessage> which gets executed after your resource method has been executed

Alexander Zeitler
  • 11,919
  • 11
  • 81
  • 124
  • Thanks Alex. I have tried to use generic HttpOperationHandler, but I failed to use base class or interface (imaging i have a bunch of model need to be encrypted and decrypted). And I am not sure how to use a non-generic HttpOperationHandler – misaxi Jul 27 '11 at 23:13
  • [WebInvoke(Method = "POST", UriTemplate = "")]public void UpdateSomthing(Something something){ ... } is what an operation looks like. As described above, before hitting this operation, a decryption should be done, and convert json string stored in Message.Data to Something. But I failed to do thru a message handler. – misaxi Jul 28 '11 at 00:04
  • How does your message handler look like? Please take a look at the JsonpResponseHandler I have written in this post: http://blog.alexonasp.net/post/2011/07/26/Look-Ma-I-can-handle-JSONP-(aka-Cross-Domain-JSON)-with-WCF-Web-API-and-jQuery!.aspx – Alexander Zeitler Jul 29 '11 at 17:50
  • Thanks Alex, finally I got issues fixed. Here's the implementation. http://misaxionsoftware.wordpress.com/2011/07/29/secure-restful-web-service-by-wcf-web-api-no-https-seriously/ – misaxi Sep 01 '11 at 05:03