/// <summary>
/// Occurs before the action method is invoked.
/// </summary>
/// <param name="actionContext">The action context.</param>
public async Task BeforeExecutingAsync(HttpActionContext actionContext, IContextWrapper contextWrapper, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
{
var request = actionContext.Request;
var auditAction = new AuditApiAction
{
UserName = actionContext.RequestContext?.Principal?.Identity?.Name,
IpAddress = contextWrapper.GetClientIp(),
RequestUrl = request.RequestUri?.AbsoluteUri,
HttpMethod = actionContext.Request.Method?.Method,
FormVariables = contextWrapper.GetFormVariables(),
Headers = includeHeaders ? ToDictionary(request.Headers) : null,
ActionName = actionContext.ActionDescriptor?.ActionName,
ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
ActionParameters = GetActionParameters(actionContext.ActionArguments, serializeParams),
RequestBody = includeRequestBody ? GetRequestBody(contextWrapper) : null
};
var eventType = (eventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
.Replace("{controller}", auditAction.ControllerName)
.Replace("{action}", auditAction.ActionName);
// Create the audit scope
var auditEventAction = new AuditEventWebApi()
{
Action = auditAction
};
var options = new AuditScopeOptions()
{
EventType = eventType,
AuditEvent = auditEventAction,
CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
};
var auditScope = await AuditScope.CreateAsync(options);
contextWrapper.Set(AuditApiActionKey, auditAction);
contextWrapper.Set(AuditApiScopeKey, auditScope);
}
