fix content type and accept header checking

jaredcnance · jaredcnance · commit bf7f76b958ed · 2016-09-01T15:15:30.000-05:00
diff --git a/JsonApiDotNetCore/Middleware/JsonApiMiddleware.cs b/JsonApiDotNetCore/Middleware/JsonApiMiddleware.cs
@@ -3,6 +3,7 @@
 using JsonApiDotNetCore.Routing;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Primitives;
 
 namespace JsonApiDotNetCore.Middleware
 {
@@ -28,21 +29,39 @@ public async Task Invoke(HttpContext context)
       {
         _logger.LogInformation("Passing request to JsonApiService: " + context.Request.Path);
 
-        if(context.Request.ContentType == "application/vnd.api+json") {
+        if(IsJsonApiRequest(context)) {
           var routeWasHandled = _router.HandleJsonApiRoute(context, _serviceProvider);
           if(!routeWasHandled)
             RespondNotFound(context);
         }
         else
         {
-          _logger.LogInformation("Content-Type invalid for JsonAPI");
-
           await _next.Invoke(context);
 
           RespondUnsupportedMediaType(context);
         }
       }
 
+      private bool IsJsonApiRequest(HttpContext context)
+      {
+        StringValues acceptHeader;
+        if(context.Request.Headers.TryGetValue("Accept", out acceptHeader) && acceptHeader == "application/vnd.api+json")
+        {
+          if(context.Request.ContentLength > 0) {
+            if(context.Request.ContentType == "application/vnd.api+json") {
+              return true;
+            }
+            _logger.LogInformation("Content-Type invalid for JsonAPI");
+            return false;
+          }
+          return true;
+        }
+
+        _logger.LogInformation("Accept header invalid for JsonAPI");
+
+        return false;
+      }
+
       private void RespondUnsupportedMediaType(HttpContext context)
       {
         context.Response.StatusCode = 415;
diff --git a/JsonApiDotNetCoreTests/Middleware/UnitTests/JsonApiMiddlewareTests.cs b/JsonApiDotNetCoreTests/Middleware/UnitTests/JsonApiMiddlewareTests.cs
@@ -17,6 +17,10 @@ public async void Invoke_CallsHandleJsonApiRequest_OnRouter()
             var httpRequestMock = new Mock<HttpRequest>();
             httpRequestMock.Setup(r => r.Path).Returns(new PathString(""));
             httpRequestMock.Setup(r => r.ContentType).Returns("application/vnd.api+json");
+            httpRequestMock.Setup(r => r.ContentLength).Returns(0);
+            var headers = new HeaderDictionary();
+            headers.Add("Accept","application/vnd.api+json");
+            httpRequestMock.Setup(r => r.Headers).Returns(headers);
 
             var httpContextMock = new Mock<HttpContext>();
             httpContextMock.Setup(c => c.Request).Returns(httpRequestMock.Object);
@@ -32,13 +36,50 @@ public async void Invoke_CallsHandleJsonApiRequest_OnRouter()
             Assert.True(router.DidHandleRoute);
         }
 
+        [Fact]
+        public async void Invoke_SetsStatusCode_To415_ForInvalidAcceptType()
+        {
+            // arrange
+            var httpRequestMock = new Mock<HttpRequest>();
+            httpRequestMock.Setup(r => r.Path).Returns(new PathString(""));
+            httpRequestMock.Setup(r => r.ContentType).Returns("application/vnd.api+json");
+            httpRequestMock.Setup(r => r.ContentLength).Returns(0);
+            var headers = new HeaderDictionary();
+            headers.Add("Accept","");
+            httpRequestMock.Setup(r => r.Headers).Returns(headers);
+
+            var httpResponsMock = new Mock<HttpResponse>();
+            httpResponsMock.SetupAllProperties();
+            httpResponsMock.Setup(r => r.Body).Returns(new MemoryStream());
+
+            var httpContextMock = new Mock<HttpContext>();
+            httpContextMock.Setup(c => c.Request).Returns(httpRequestMock.Object);
+            httpContextMock.Setup(c => c.Response).Returns(httpResponsMock.Object);
+
+            var requestDelegateMock = new Mock<RequestDelegate>();
+
+            var router = new TestRouter();
+            var loggerMock = new Mock<ILogger<JsonApiMiddleware>>();
+            var middleware = new JsonApiMiddleware(requestDelegateMock.Object, loggerMock.Object, router, null);
+
+            // act
+            await middleware.Invoke(httpContextMock.Object);
+
+            // assert
+            Assert.Equal(415, httpResponsMock.Object.StatusCode);
+        }
+
         [Fact]
         public async void Invoke_SetsStatusCode_To415_ForInvalidContentType()
         {
             // arrange
             var httpRequestMock = new Mock<HttpRequest>();
             httpRequestMock.Setup(r => r.Path).Returns(new PathString(""));
             httpRequestMock.Setup(r => r.ContentType).Returns("");
+            httpRequestMock.Setup(r => r.ContentLength).Returns(1);
+            var headers = new HeaderDictionary();
+            headers.Add("Accept","application/vnd.api+json");
+            httpRequestMock.Setup(r => r.Headers).Returns(headers);
 
             var httpResponsMock = new Mock<HttpResponse>();
             httpResponsMock.SetupAllProperties();
