/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
actionContext.ArgumentMustNotBeNull("actionContext");
if (actionContext != null)
{
var checkStatisticGate = this.Instance.CheckStatisticGate; // for performance reason only read this once
var checkRequestGate = this.Instance.CheckRequestGate; // for performance reason only read this once
var httpContextBase = actionContext.Request.Properties["MS_HttpContext"] as HttpContextBase;
var requestBase = httpContextBase == null ? null : httpContextBase.Request;
var gateClosed = this.ContextProcessors.Any(processor =>
{
var clientId = processor.IdExtractor.Extract(httpContextBase);
return((checkStatisticGate && !this.Instance.StatisticsGate(clientId, processor.Statistics)) ||
(checkRequestGate && !this.Instance.RequestGate(clientId, requestBase)));
});
if (gateClosed)
{
actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized);
return;
}
}
base.OnActionExecuting(actionContext);
}
/// <summary>
/// Creates an audit writer and logs the exception.
/// </summary>
/// <param name="filterContext">The current filter context to get the user and the action.</param>
/// <param name="exception"> The exception. </param>
protected void AuditFailure(HttpActionContext filterContext, Exception exception)
{
var audit = this.Audit ?? (this.Audit = this.CreateAudit());
if (audit == null)
{
return;
}
filterContext.ArgumentMustNotBeNull("filterContext");
// todo: find the current user name
audit.AuthenticationCheckFailed(new AuditInfo <string>("user not known", exception.Message));
}