private BodyContent GetRequestBody(ContextWrapper contextWrapper)
{
var context = contextWrapper.GetHttpContext();
if (context?.Request?.InputStream != null)
{
using (var stream = new MemoryStream())
{
context.Request.InputStream.Seek(0, SeekOrigin.Begin);
context.Request.InputStream.CopyTo(stream);
var body = Encoding.UTF8.GetString(stream.ToArray());
return(new BodyContent
{
Type = context.Request.ContentType,
Length = context.Request.ContentLength,
Value = body
});
}
}
return(null);
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var request = actionContext.Request;
var contextWrapper = new ContextWrapper(request);
var auditAction = new AuditApiAction
{
UserName = actionContext.RequestContext?.Principal?.Identity?.Name,
IpAddress = contextWrapper.GetClientIp(),
RequestUrl = request.RequestUri?.AbsoluteUri,
HttpMethod = actionContext.Request.Method?.Method,
FormVariables = contextWrapper.GetFormVariables(),
Headers = IncludeHeaders ? ToDictionary(request.Headers) : null,
ActionName = actionContext.ActionDescriptor?.ActionName,
ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
ActionParameters = actionContext.ActionArguments,
RequestBody = IncludeRequestBody ? GetRequestBody(contextWrapper) : null
};
var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var options = new AuditScopeOptions()
{
EventType = eventType,
AuditEvent = auditEventAction,
CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
};
var auditScope = AuditScope.Create(options);
contextWrapper.Set(AuditApiActionKey, auditAction);
contextWrapper.Set(AuditApiScopeKey, auditScope);
}
/// <summary>
/// Occurs after the action method is invoked.
/// </summary>
/// <param name="actionExecutedContext">The action executed context.</param>
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
var contextWrapper = new ContextWrapper(actionExecutedContext.Request);
var auditAction = contextWrapper.Get <AuditApiAction>(AuditApiActionKey);
var auditScope = contextWrapper.Get <AuditScope>(AuditApiScopeKey);
if (auditAction != null && auditScope != null)
{
auditAction.Exception = actionExecutedContext.Exception.GetExceptionInfo();
auditAction.ModelStateErrors = IncludeModelState ? GetModelStateErrors(actionExecutedContext.ActionContext.ModelState) : null;
auditAction.ModelStateValid = IncludeModelState ? actionExecutedContext.ActionContext.ModelState?.IsValid : null;
if (actionExecutedContext.Response != null)
{
auditAction.ResponseStatus = actionExecutedContext.Response.ReasonPhrase;
auditAction.ResponseStatusCode = (int)actionExecutedContext.Response.StatusCode;
if (IncludeResponseBody)
{
var objContent = actionExecutedContext.Response.Content as ObjectContent;
auditAction.ResponseBody = new BodyContent
{
Type = objContent != null ? objContent.ObjectType.Name : actionExecutedContext.Response.Content?.Headers?.ContentType.ToString(),
Length = actionExecutedContext.Response.Content?.Headers.ContentLength,
Value = objContent != null ? objContent.Value : actionExecutedContext.Response.Content?.ReadAsStringAsync().Result
};
}
}
else
{
auditAction.ResponseStatusCode = 500;
auditAction.ResponseStatus = "Internal Server Error";
}
// Replace the Action field and save
(auditScope.Event as AuditEventWebApi).Action = auditAction;
auditScope.Save();
}
}
internal static AuditScope GetCurrentScope(HttpRequestMessage request)
{
var contextWrapper = new ContextWrapper(request);
return(contextWrapper.Get <AuditScope>(AuditApiScopeKey));
}
