private void Log(AuditAction auditAction, HttpStatusCode?statusCode, HttpContext httpContext, IClaimsExtractor claimsExtractor) { IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.RequestContext; string auditEventType = fhirRequestContext.AuditEventType; // We are retaining AuditEventType when CustomError occurs. Below check ensures that the audit log is not entered for the custom error request httpContext.Request.RouteValues.TryGetValue("action", out object actionName); if (!string.IsNullOrEmpty(actionName?.ToString()) && KnownRoutes.CustomError.Contains(actionName?.ToString(), StringComparison.OrdinalIgnoreCase)) { return; } // Audit the call if an audit event type is associated with the action. // Since AuditEventType holds value for both AuditEventType and FhirAnonymousOperationType ensure that we only log the AuditEventType if (!string.IsNullOrEmpty(auditEventType) && !FhirAnonymousOperationTypeList.Contains(auditEventType, StringComparer.OrdinalIgnoreCase)) { _auditLogger.LogAudit( auditAction, operation: auditEventType, resourceType: fhirRequestContext.ResourceType, requestUri: fhirRequestContext.Uri, statusCode: statusCode, correlationId: fhirRequestContext.CorrelationId, callerIpAddress: httpContext.Connection?.RemoteIpAddress?.ToString(), callerClaims: claimsExtractor.Extract(), customHeaders: _auditHeaderReader.Read(httpContext)); } }
private void Log(AuditAction auditAction, HttpStatusCode?statusCode, HttpContext httpContext, IClaimsExtractor claimsExtractor) { IRequestContext dicomRequestContext = _dicomRequestContextAccessor.DicomRequestContext; string auditEventType = dicomRequestContext.AuditEventType; // Audit the call if an audit event type is associated with the action. if (!string.IsNullOrEmpty(auditEventType)) { _auditLogger.LogAudit( auditAction, operation: auditEventType, requestUri: dicomRequestContext.Uri, statusCode: statusCode, correlationId: dicomRequestContext.CorrelationId, callerIpAddress: httpContext.Connection?.RemoteIpAddress?.ToString(), callerClaims: claimsExtractor.Extract(), customHeaders: _auditHeaderReader.Read(httpContext)); } }
private void Log(AuditAction auditAction, string controllerName, string actionName, HttpStatusCode?statusCode, string resourceType, HttpContext httpContext, IClaimsExtractor claimsExtractor) { string auditEventType = _auditEventTypeMapping.GetAuditEventType(controllerName, actionName); // Audit the call if an audit event type is associated with the action. if (auditEventType != null) { IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.FhirRequestContext; _auditLogger.LogAudit( auditAction, operation: auditEventType, resourceType: resourceType, requestUri: fhirRequestContext.Uri, statusCode: statusCode, correlationId: fhirRequestContext.CorrelationId, callerIpAddress: httpContext.Connection?.RemoteIpAddress?.ToString(), callerClaims: claimsExtractor.Extract(), customHeaders: _auditHeaderReader.Read(httpContext)); } }
private void Log(AuditAction auditAction, string controllerName, string actionName, HttpStatusCode?statusCode, string resourceType, HttpContext httpContext, IClaimsExtractor claimsExtractor) { IFhirRequestContext fhirRequestContext = _fhirRequestContextAccessor.FhirRequestContext; // fhirRequestContext.AuditEventType will not be set in the case of an unauthorized call because the filter that sets it will not be executed string auditEventType = string.IsNullOrWhiteSpace(fhirRequestContext.AuditEventType) ? _auditEventTypeMapping.GetAuditEventType(controllerName, actionName) : fhirRequestContext.AuditEventType; // Audit the call if an audit event type is associated with the action. if (auditEventType != null) { _auditLogger.LogAudit( auditAction, operation: auditEventType, resourceType: resourceType, requestUri: fhirRequestContext.Uri, statusCode: statusCode, correlationId: fhirRequestContext.CorrelationId, callerIpAddress: httpContext.Connection?.RemoteIpAddress?.ToString(), callerClaims: claimsExtractor.Extract(), customHeaders: _auditHeaderReader.Read(httpContext)); } }