/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var request = actionContext.Request;
var httpContext = GetHttpContext(request);
var auditAction = new AuditApiAction
{
UserName = actionContext.RequestContext?.Principal?.Identity?.Name,
IpAddress = GetClientIp(request),
RequestUrl = request.RequestUri?.AbsoluteUri,
HttpMethod = actionContext.Request.Method?.Method,
FormVariables = ToDictionary(httpContext.Request?.Form),
Headers = IncludeHeaders ? ToDictionary(request.Headers) : null,
ActionName = actionContext.ActionDescriptor?.ActionName,
ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
ActionParameters = actionContext.ActionArguments
};
var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual);
httpContext.Items[AuditApiActionKey] = auditAction;
httpContext.Items[AuditApiScopeKey] = auditScope;
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
private async Task BeforeExecutingAsync(ActionExecutingContext actionContext)
{
var httpContext = actionContext.HttpContext;
var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor;
var auditAction = new AuditApiAction
{
UserName = httpContext.User?.Identity.Name,
IpAddress = httpContext.Connection?.RemoteIpAddress.ToString(),
RequestUrl = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path),
HttpMethod = actionContext.HttpContext.Request.Method,
FormVariables = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null,
Headers = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null,
ActionName = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName,
ControllerName = actionDescriptior != null ? actionDescriptior.ControllerName : null,
ActionParameters = GetActionParameters(actionContext.ActionArguments),
RequestBody = new BodyContent {
Type = httpContext.Request.ContentType, Length = httpContext.Request.ContentLength, Value = IncludeRequestBody ? GetRequestBody(actionContext) : null
}
};
var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions()
{
EventType = eventType, AuditEvent = auditEventAction, CallingMethod = actionDescriptior.MethodInfo
});
httpContext.Items[AuditApiActionKey] = auditAction;
httpContext.Items[AuditApiScopeKey] = auditScope;
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
var request = actionContext.Request;
var contextWrapper = new ContextWrapper(request);
var auditAction = new AuditApiAction
{
UserName = actionContext.RequestContext?.Principal?.Identity?.Name,
IpAddress = contextWrapper.GetClientIp(),
RequestUrl = request.RequestUri?.AbsoluteUri,
HttpMethod = actionContext.Request.Method?.Method,
FormVariables = contextWrapper.GetFormVariables(),
Headers = IncludeHeaders ? ToDictionary(request.Headers) : null,
ActionName = actionContext.ActionDescriptor?.ActionName,
ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
ActionParameters = actionContext.ActionArguments
};
var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var options = new AuditScopeOptions()
{
EventType = eventType,
AuditEvent = auditEventAction,
CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
};
var auditScope = AuditScope.Create(options);
contextWrapper.Set(AuditApiActionKey, auditAction);
contextWrapper.Set(AuditApiScopeKey, auditScope);
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public override void OnActionExecuting(ActionExecutingContext actionContext)
{
var httpContext = actionContext.HttpContext;
var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor;
var auditAction = new AuditApiAction
{
UserName = httpContext.User?.Identity.Name,
IpAddress = httpContext.Connection?.RemoteIpAddress.ToString(),
RequestUrl = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path),
HttpMethod = actionContext.HttpContext.Request.Method,
FormVariables = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null,
Headers = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null,
ActionName = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName,
ControllerName = actionDescriptior != null ? actionDescriptior.ControllerName : null,
ActionParameters = actionContext.ActionArguments
};
var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual);
httpContext.Items[AuditApiActionKey] = auditAction;
httpContext.Items[AuditApiScopeKey] = auditScope;
}
/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public async Task BeforeExecutingAsync(HttpActionContext actionContext, IContextWrapper contextWrapper, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
{
var request = actionContext.Request;
var auditAction = new AuditApiAction
{
UserName = actionContext.RequestContext?.Principal?.Identity?.Name,
IpAddress = contextWrapper.GetClientIp(),
RequestUrl = request.RequestUri?.AbsoluteUri,
HttpMethod = actionContext.Request.Method?.Method,
FormVariables = contextWrapper.GetFormVariables(),
Headers = includeHeaders ? ToDictionary(request.Headers) : null,
ActionName = actionContext.ActionDescriptor?.ActionName,
ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
ActionParameters = GetActionParameters(actionContext.ActionArguments, serializeParams),
RequestBody = includeRequestBody ? GetRequestBody(contextWrapper) : null
};
var eventType = (eventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var options = new AuditScopeOptions()
{
EventType = eventType,
AuditEvent = auditEventAction,
CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
};
var auditScope = await AuditScope.CreateAsync(options);
contextWrapper.Set(AuditApiActionKey, auditAction);
contextWrapper.Set(AuditApiScopeKey, auditScope);
}
private async Task <AuditApiAction> CreateOrUpdateAction(ActionExecutingContext actionContext,
bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
{
var httpContext = actionContext.HttpContext;
var actionDescriptor = actionContext.ActionDescriptor as ControllerActionDescriptor;
AuditApiAction action = null;
if (httpContext.Items.ContainsKey(AuditApiHelper.AuditApiActionKey))
{
action = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction;
}
if (action == null)
{
action = new AuditApiAction
{
UserName = httpContext.User?.Identity.Name,
IpAddress = httpContext.Connection?.RemoteIpAddress?.ToString(),
HttpMethod = httpContext.Request.Method,
FormVariables = AuditApiHelper.GetFormVariables(httpContext),
TraceId = httpContext.TraceIdentifier,
ActionExecutingContext = actionContext
};
}
action.RequestUrl = httpContext.Request.GetDisplayUrl();
action.ActionName = actionDescriptor != null ? actionDescriptor.ActionName : actionContext.ActionDescriptor.DisplayName;
action.ControllerName = actionDescriptor?.ControllerName;
action.ActionParameters = GetActionParameters(actionDescriptor, actionContext.ActionArguments, serializeParams);
if (includeHeaders)
{
action.Headers = AuditApiHelper.ToDictionary(httpContext.Request.Headers);
}
if (includeRequestBody && action.RequestBody == null)
{
action.RequestBody = new BodyContent
{
Type = httpContext.Request.ContentType,
Length = httpContext.Request.ContentLength,
Value = await AuditApiHelper.GetRequestBody(httpContext)
};
}
return(action);
}
private async Task BeforeInvoke(HttpContext context, bool includeHeaders, bool includeRequestBody, string eventTypeName)
{
var auditAction = new AuditApiAction
{
IsMiddleware = true,
UserName = context.User?.Identity.Name,
IpAddress = context.Connection?.RemoteIpAddress?.ToString(),
RequestUrl = context.Request.GetDisplayUrl(),
HttpMethod = context.Request.Method,
FormVariables = AuditApiHelper.GetFormVariables(context),
Headers = includeHeaders ? AuditApiHelper.ToDictionary(context.Request.Headers) : null,
ActionName = null,
ControllerName = null,
ActionParameters = null,
RequestBody = new BodyContent
{
Type = context.Request.ContentType,
Length = context.Request.ContentLength,
Value = includeRequestBody ? AuditApiHelper.GetRequestBody(context) : null
},
TraceId = context.TraceIdentifier
};
var eventType = (eventTypeName ?? "{verb} {url}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{url}", auditAction.RequestUrl);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions()
{
EventType = eventType, AuditEvent = auditEventAction
});
context.Items[AuditApiHelper.AuditApiActionKey] = auditAction;
context.Items[AuditApiHelper.AuditApiScopeKey] = auditScope;
}
