Imports System.Threading.Tasks
Imports System.Web
'''
''' VB.NET Global.asax implementation example for 602TechSec integration
''' This runs early in the application lifecycle for maximum security coverage
'''
Public Class Global_asax
Inherits HttpApplication
Private Shared _techSecClient As TechSec602Client
Sub Application_Start(sender As Object, e As EventArgs)
' Initialize the client once at application startup
_techSecClient = New TechSec602Client()
' Optional: Perform health check at startup
Task.Run(Async Function()
Dim isHealthy = Await _techSecClient.HealthCheckAsync()
If Not isHealthy Then
' Log warning or alert that security service is unavailable
System.Diagnostics.Debug.WriteLine("602TechSec service is not responding")
End If
End Function)
End Sub
'''
''' Early request verification - runs for every request before processing
'''
Sub Application_BeginRequest(sender As Object, e As EventArgs)
' Skip verification for certain paths if needed (e.g., static resources, health checks)
If ShouldSkipVerification(Request.Path) Then
Return
End If
Try
' Perform verification early in the pipeline
Dim result = _techSecClient.VerifyCurrentRequestAsync().Result
If Not result.IsAllowed Then
' Block the request
Response.StatusCode = 403
Response.StatusDescription = "Forbidden"
Response.ContentType = "application/json"
Response.Write($"{{""error"": ""Access denied"", ""reason"": ""{result.Reason}""}}")
Response.End()
ElseIf Not result.Success Then
' Optional: Handle verification service failures (e.g., log or fail open/closed based on policy)
System.Diagnostics.Debug.WriteLine($"Verification service error: {result.Reason}")
' Depending on security policy, you might allow or deny on failure
End If
Catch ex As Exception
' Handle unexpected errors (e.g., network issues, timeouts)
System.Diagnostics.Debug.WriteLine($"Verification error: {ex.Message}")
' Fail closed for security
Response.StatusCode = 403
Response.StatusDescription = "Forbidden"
Response.ContentType = "application/json"
Response.Write($"{{""error"": ""Verification service unavailable""}}")
Response.End()
End Try
End Sub
Private Function ShouldSkipVerification(path As String) As Boolean
' Skip verification for static resources, health checks, etc.
Dim skipPaths() As String = {"/favicon.ico", "/robots.txt", "/health", "/ping"}
Return skipPaths.Any(Function(skip) path.StartsWith(skip, StringComparison.OrdinalIgnoreCase))
End Function
Sub Application_End()
' Clean up resources
_techSecClient?.Dispose()
End Sub
End Class
'''
''' VB.NET HTTP Module implementation for more granular control
''' Add to web.config:
'''
Public Class TechSec602SecurityModule
Implements IHttpModule
Private _techSecClient As TechSec602Client
Public Sub Init(context As HttpApplication) Implements IHttpModule.Init
_techSecClient = New TechSec602Client()
AddHandler context.BeginRequest, AddressOf OnBeginRequest
End Sub
Private Sub OnBeginRequest(sender As Object, e As EventArgs)
Dim context = DirectCast(sender, HttpApplication).Context
' Skip verification for certain paths if needed
If ShouldSkipVerification(context.Request.Path) Then
Return
End If
Try
' Perform async verification
' Note: Using Task.Run with .Wait() can be improved in async-capable environments
' For better performance, consider making the module async if supported
Task.Run(Async Function()
Dim result = Await _techSecClient.VerifyCurrentRequestAsync()
If Not result.IsAllowed Then
context.Response.StatusCode = 403
context.Response.ContentType = "application/json"
context.Response.Write($"{{""error"": ""Access denied"", ""reason"": ""{result.Reason}""}}")
context.Response.End()
ElseIf Not result.Success Then
' Optional: Handle verification service failures
System.Diagnostics.Debug.WriteLine($"Verification service error: {result.Reason}")
End If
End Function).Wait()
Catch ex As Exception
' Handle unexpected errors
System.Diagnostics.Debug.WriteLine($"Verification error: {ex.Message}")
context.Response.StatusCode = 403
context.Response.ContentType = "application/json"
context.Response.Write($"{{""error"": ""Verification service unavailable""}}")
context.Response.End()
End Try
End Sub
Private Function ShouldSkipVerification(path As String) As Boolean
' Skip verification for static resources, health checks, etc.
Dim skipPaths() As String = {"/favicon.ico", "/robots.txt", "/health", "/ping"}
Return skipPaths.Any(Function(skip) path.StartsWith(skip, StringComparison.OrdinalIgnoreCase))
End Function
Public Sub Dispose() Implements IHttpModule.Dispose
_techSecClient?.Dispose()
End Sub
End Class
'''
''' VB.NET Action Filter for controller-level protection
''' Usage: on controllers or actions
'''
Public Class TechSec602AuthorizeAttribute
Inherits ActionFilterAttribute
Private Shared ReadOnly _client As TechSec602Client = New TechSec602Client()
Public Overrides Sub OnActionExecuting(filterContext As ActionExecutingContext)
Try
Dim result = _client.VerifyCurrentRequestAsync().Result
If Not result.IsAllowed Then
filterContext.Result = New HttpStatusCodeResult(403, result.Reason)
ElseIf Not result.Success Then
' Optional: Handle verification service failures (e.g., log)
System.Diagnostics.Debug.WriteLine($"Verification service error: {result.Reason}")
' Depending on policy, set result or allow
End If
Catch ex As Exception
' Handle unexpected errors
System.Diagnostics.Debug.WriteLine($"Verification error: {ex.Message}")
filterContext.Result = New HttpStatusCodeResult(403, "Verification service unavailable")
End Try
MyBase.OnActionExecuting(filterContext)
End Sub
End Class
'''
''' VB.NET Manual verification helper for specific use cases
'''
Public Class TechSec602Helper
Private Shared ReadOnly _client As TechSec602Client = New TechSec602Client()
'''
''' Verify specific URL and IP combination.
''' For proxy scenarios, provide both the direct IP and forwarded IP.
'''
''' The URL to verify
''' The direct connection IP address
''' Optional X-Forwarded-For IP. When provided, BOTH IPs are checked against blocklists.
Public Shared Async Function VerifyAsync(url As String, ipAddress As String, Optional forwardedForIp As String = Nothing) As Task(Of VerificationResult)
Return Await _client.VerifyRequestAsync(url, ipAddress, forwardedForIp)
End Function
'''
''' Verify current request
'''
Public Shared Async Function VerifyCurrentAsync() As Task(Of VerificationResult)
Return Await _client.VerifyCurrentRequestAsync()
End Function
'''
''' Quick synchronous check (use sparingly).
''' For proxy scenarios, provide both the direct IP and forwarded IP.
'''
''' The URL to verify
''' The direct connection IP address
''' Optional X-Forwarded-For IP. When provided, BOTH IPs are checked against blocklists.
Public Shared Function IsRequestAllowed(url As String, ipAddress As String, Optional forwardedForIp As String = Nothing) As Boolean
Try
Dim result = _client.VerifyRequest(url, ipAddress, forwardedForIp)
If Not result.Success Then
' Handle service failure - return false for security
System.Diagnostics.Debug.WriteLine($"Verification service error: {result.Reason}")
Return False
End If
Return result.IsAllowed
Catch ex As Exception
' Handle unexpected errors - fail closed
System.Diagnostics.Debug.WriteLine($"Verification error: {ex.Message}")
Return False
End Try
End Function
End Class