/// <summary>
/// Occurs after the action method is invoked.
/// </summary>
internal async Task AfterExecutedAsync(ActionExecutedContext context, bool includeModelState, bool includeResponseBody, bool includeResponseHeaders)
{
var httpContext = context.HttpContext;
var auditAction = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction;
var auditScope = httpContext.Items[AuditApiHelper.AuditApiScopeKey] as AuditScope;
if (auditAction != null && auditScope != null)
{
auditAction.Exception = context.Exception.GetExceptionInfo();
auditAction.ModelStateErrors = includeModelState ? AuditApiHelper.GetModelStateErrors(context.ModelState) : null;
auditAction.ModelStateValid = includeModelState ? context.ModelState?.IsValid : null;
if (context.HttpContext.Response != null && context.Result != null)
{
var statusCode = context.Result is ObjectResult && (context.Result as ObjectResult).StatusCode.HasValue ? (context.Result as ObjectResult).StatusCode.Value
: context.Result is StatusCodeResult ? (context.Result as StatusCodeResult).StatusCode : context.HttpContext.Response.StatusCode;
auditAction.ResponseStatusCode = statusCode;
auditAction.ResponseStatus = AuditApiHelper.GetStatusCodeString(auditAction.ResponseStatusCode);
if (includeResponseBody)
{
var bodyType = context.Result.GetType().GetFullTypeName();
auditAction.ResponseBody = new BodyContent {
Type = bodyType, Value = GetResponseBody(context.ActionDescriptor, context.Result)
};
}
if (includeResponseHeaders)
{
auditAction.ResponseHeaders = AuditApiHelper.ToDictionary(httpContext.Response.Headers);
}
}
else
{
auditAction.ResponseStatusCode = 500;
auditAction.ResponseStatus = "Internal Server Error";
}
// Replace the Action field
(auditScope.Event as AuditEventWebApi).Action = auditAction;
// Save, if action was not created by middleware
if (!auditAction.IsMiddleware)
{
await auditScope.DisposeAsync();
}
}
}
private async Task <AuditApiAction> CreateOrUpdateAction(ActionExecutingContext actionContext,
bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
{
var httpContext = actionContext.HttpContext;
var actionDescriptor = actionContext.ActionDescriptor as ControllerActionDescriptor;
AuditApiAction action = null;
if (httpContext.Items.ContainsKey(AuditApiHelper.AuditApiActionKey))
{
action = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction;
}
if (action == null)
{
action = new AuditApiAction
{
UserName = httpContext.User?.Identity.Name,
IpAddress = httpContext.Connection?.RemoteIpAddress?.ToString(),
HttpMethod = httpContext.Request.Method,
FormVariables = AuditApiHelper.GetFormVariables(httpContext),
TraceId = httpContext.TraceIdentifier,
ActionExecutingContext = actionContext
};
}
action.RequestUrl = httpContext.Request.GetDisplayUrl();
action.ActionName = actionDescriptor != null ? actionDescriptor.ActionName : actionContext.ActionDescriptor.DisplayName;
action.ControllerName = actionDescriptor?.ControllerName;
action.ActionParameters = GetActionParameters(actionDescriptor, actionContext.ActionArguments, serializeParams);
if (includeHeaders)
{
action.Headers = AuditApiHelper.ToDictionary(httpContext.Request.Headers);
}
if (includeRequestBody && action.RequestBody == null)
{
action.RequestBody = new BodyContent
{
Type = httpContext.Request.ContentType,
Length = httpContext.Request.ContentLength,
Value = await AuditApiHelper.GetRequestBody(httpContext)
};
}
return(action);
}
private async Task AfterInvoke(HttpContext context, bool includeResponseBody, bool includeResponseHeaders, Exception exception)
{
#pragma warning disable IDE0019 // Use pattern matching
var auditAction = context.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction;
var auditScope = context.Items[AuditApiHelper.AuditApiScopeKey] as AuditScope;
#pragma warning restore IDE0019 // Use pattern matching
if (auditAction != null && auditScope != null)
{
if (exception != null)
{
auditAction.Exception = exception.GetExceptionInfo();
auditAction.ResponseStatusCode = 500;
auditAction.ResponseStatus = "Internal Server Error";
}
else if (context.Response != null)
{
var statusCode = context.Response.StatusCode;
auditAction.ResponseStatusCode = statusCode;
auditAction.ResponseStatus = AuditApiHelper.GetStatusCodeString(statusCode);
if (includeResponseBody && auditAction.ResponseBody == null)
{
auditAction.ResponseBody = new BodyContent
{
Type = context.Response.ContentType,
Length = context.Response.ContentLength,
Value = AuditApiHelper.GetResponseBody(context)
};
}
}
if (includeResponseHeaders)
{
auditAction.ResponseHeaders = AuditApiHelper.ToDictionary(context.Response.Headers);
}
// Replace the Action field and save
(auditScope.Event as AuditEventWebApi).Action = auditAction;
await auditScope.SaveAsync();
}
}
private async Task BeforeInvoke(HttpContext context, bool includeHeaders, bool includeRequestBody, string eventTypeName)
{
var auditAction = new AuditApiAction
{
IsMiddleware = true,
UserName = context.User?.Identity.Name,
IpAddress = context.Connection?.RemoteIpAddress?.ToString(),
RequestUrl = context.Request.GetDisplayUrl(),
HttpMethod = context.Request.Method,
FormVariables = AuditApiHelper.GetFormVariables(context),
Headers = includeHeaders ? AuditApiHelper.ToDictionary(context.Request.Headers) : null,
ActionName = null,
ControllerName = null,
ActionParameters = null,
RequestBody = new BodyContent
{
Type = context.Request.ContentType,
Length = context.Request.ContentLength,
Value = includeRequestBody ? AuditApiHelper.GetRequestBody(context) : null
},
TraceId = context.TraceIdentifier
};
var eventType = (eventTypeName ?? "{verb} {url}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{url}", auditAction.RequestUrl);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions()
{
EventType = eventType, AuditEvent = auditEventAction
});
context.Items[AuditApiHelper.AuditApiActionKey] = auditAction;
context.Items[AuditApiHelper.AuditApiScopeKey] = auditScope;
}