Esempio n. 1
0
        /// <summary>
        /// Occurs before the action method is invoked.
        /// </summary>
        /// <param name="actionContext">The action context.</param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            var request     = actionContext.Request;
            var httpContext = GetHttpContext(request);

            var auditAction = new AuditApiAction
            {
                UserName         = actionContext.RequestContext?.Principal?.Identity?.Name,
                IpAddress        = GetClientIp(request),
                RequestUrl       = request.RequestUri?.AbsoluteUri,
                HttpMethod       = actionContext.Request.Method?.Method,
                FormVariables    = ToDictionary(httpContext.Request?.Form),
                Headers          = IncludeHeaders ? ToDictionary(request.Headers) : null,
                ActionName       = actionContext.ActionDescriptor?.ActionName,
                ControllerName   = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
                ActionParameters = actionContext.ActionArguments
            };
            var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{controller}", auditAction.ControllerName)
                            .Replace("{action}", auditAction.ActionName);
            // Create the audit scope
            var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual);

            httpContext.Items[AuditApiActionKey] = auditAction;
            httpContext.Items[AuditApiScopeKey]  = auditScope;
        }
        /// <summary>
        /// Occurs before the action method is invoked.
        /// </summary>
        /// <param name="actionContext">The action context.</param>
        private async Task BeforeExecutingAsync(ActionExecutingContext actionContext)
        {
            var httpContext       = actionContext.HttpContext;
            var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor;
            var auditAction       = new AuditApiAction
            {
                UserName         = httpContext.User?.Identity.Name,
                IpAddress        = httpContext.Connection?.RemoteIpAddress.ToString(),
                RequestUrl       = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path),
                HttpMethod       = actionContext.HttpContext.Request.Method,
                FormVariables    = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null,
                Headers          = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null,
                ActionName       = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName,
                ControllerName   = actionDescriptior != null ? actionDescriptior.ControllerName : null,
                ActionParameters = GetActionParameters(actionContext.ActionArguments),
                RequestBody      = new BodyContent {
                    Type = httpContext.Request.ContentType, Length = httpContext.Request.ContentLength, Value = IncludeRequestBody ? GetRequestBody(actionContext) : null
                }
            };
            var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{controller}", auditAction.ControllerName)
                            .Replace("{action}", auditAction.ActionName);
            // Create the audit scope
            var auditEventAction = new AuditEventWebApi()
            {
                Action = auditAction
            };
            var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions()
            {
                EventType = eventType, AuditEvent = auditEventAction, CallingMethod = actionDescriptior.MethodInfo
            });

            httpContext.Items[AuditApiActionKey] = auditAction;
            httpContext.Items[AuditApiScopeKey]  = auditScope;
        }
Esempio n. 3
0
        /// <summary>
        /// Occurs before the action method is invoked.
        /// </summary>
        /// <param name="actionContext">The action context.</param>
        public override void OnActionExecuting(HttpActionContext actionContext)
        {
            var request        = actionContext.Request;
            var contextWrapper = new ContextWrapper(request);
            var auditAction    = new AuditApiAction
            {
                UserName         = actionContext.RequestContext?.Principal?.Identity?.Name,
                IpAddress        = contextWrapper.GetClientIp(),
                RequestUrl       = request.RequestUri?.AbsoluteUri,
                HttpMethod       = actionContext.Request.Method?.Method,
                FormVariables    = contextWrapper.GetFormVariables(),
                Headers          = IncludeHeaders ? ToDictionary(request.Headers) : null,
                ActionName       = actionContext.ActionDescriptor?.ActionName,
                ControllerName   = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
                ActionParameters = actionContext.ActionArguments
            };
            var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{controller}", auditAction.ControllerName)
                            .Replace("{action}", auditAction.ActionName);
            // Create the audit scope
            var auditEventAction = new AuditEventWebApi()
            {
                Action = auditAction
            };
            var options = new AuditScopeOptions()
            {
                EventType     = eventType,
                AuditEvent    = auditEventAction,
                CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
            };
            var auditScope = AuditScope.Create(options);

            contextWrapper.Set(AuditApiActionKey, auditAction);
            contextWrapper.Set(AuditApiScopeKey, auditScope);
        }
Esempio n. 4
0
        /// <summary>
        /// Occurs before the action method is invoked.
        /// </summary>
        /// <param name="actionContext">The action context.</param>
        public override void OnActionExecuting(ActionExecutingContext actionContext)
        {
            var httpContext       = actionContext.HttpContext;
            var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor;
            var auditAction       = new AuditApiAction
            {
                UserName         = httpContext.User?.Identity.Name,
                IpAddress        = httpContext.Connection?.RemoteIpAddress.ToString(),
                RequestUrl       = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path),
                HttpMethod       = actionContext.HttpContext.Request.Method,
                FormVariables    = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null,
                Headers          = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null,
                ActionName       = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName,
                ControllerName   = actionDescriptior != null ? actionDescriptior.ControllerName : null,
                ActionParameters = actionContext.ActionArguments
            };
            var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{controller}", auditAction.ControllerName)
                            .Replace("{action}", auditAction.ActionName);
            // Create the audit scope
            var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual);

            httpContext.Items[AuditApiActionKey] = auditAction;
            httpContext.Items[AuditApiScopeKey]  = auditScope;
        }
Esempio n. 5
0
        /// <summary>
        /// Occurs before the action method is invoked.
        /// </summary>
        /// <param name="actionContext">The action context.</param>
        public async Task BeforeExecutingAsync(HttpActionContext actionContext, IContextWrapper contextWrapper, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
        {
            var request     = actionContext.Request;
            var auditAction = new AuditApiAction
            {
                UserName         = actionContext.RequestContext?.Principal?.Identity?.Name,
                IpAddress        = contextWrapper.GetClientIp(),
                RequestUrl       = request.RequestUri?.AbsoluteUri,
                HttpMethod       = actionContext.Request.Method?.Method,
                FormVariables    = contextWrapper.GetFormVariables(),
                Headers          = includeHeaders ? ToDictionary(request.Headers) : null,
                ActionName       = actionContext.ActionDescriptor?.ActionName,
                ControllerName   = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName,
                ActionParameters = GetActionParameters(actionContext.ActionArguments, serializeParams),
                RequestBody      = includeRequestBody ? GetRequestBody(contextWrapper) : null
            };
            var eventType = (eventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{controller}", auditAction.ControllerName)
                            .Replace("{action}", auditAction.ActionName);
            // Create the audit scope
            var auditEventAction = new AuditEventWebApi()
            {
                Action = auditAction
            };
            var options = new AuditScopeOptions()
            {
                EventType     = eventType,
                AuditEvent    = auditEventAction,
                CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo
            };
            var auditScope = await AuditScope.CreateAsync(options);

            contextWrapper.Set(AuditApiActionKey, auditAction);
            contextWrapper.Set(AuditApiScopeKey, auditScope);
        }
Esempio n. 6
0
        private async Task <AuditApiAction> CreateOrUpdateAction(ActionExecutingContext actionContext,
                                                                 bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName)
        {
            var            httpContext      = actionContext.HttpContext;
            var            actionDescriptor = actionContext.ActionDescriptor as ControllerActionDescriptor;
            AuditApiAction action           = null;

            if (httpContext.Items.ContainsKey(AuditApiHelper.AuditApiActionKey))
            {
                action = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction;
            }
            if (action == null)
            {
                action = new AuditApiAction
                {
                    UserName               = httpContext.User?.Identity.Name,
                    IpAddress              = httpContext.Connection?.RemoteIpAddress?.ToString(),
                    HttpMethod             = httpContext.Request.Method,
                    FormVariables          = AuditApiHelper.GetFormVariables(httpContext),
                    TraceId                = httpContext.TraceIdentifier,
                    ActionExecutingContext = actionContext
                };
            }
            action.RequestUrl       = httpContext.Request.GetDisplayUrl();
            action.ActionName       = actionDescriptor != null ? actionDescriptor.ActionName : actionContext.ActionDescriptor.DisplayName;
            action.ControllerName   = actionDescriptor?.ControllerName;
            action.ActionParameters = GetActionParameters(actionDescriptor, actionContext.ActionArguments, serializeParams);
            if (includeHeaders)
            {
                action.Headers = AuditApiHelper.ToDictionary(httpContext.Request.Headers);
            }
            if (includeRequestBody && action.RequestBody == null)
            {
                action.RequestBody = new BodyContent
                {
                    Type   = httpContext.Request.ContentType,
                    Length = httpContext.Request.ContentLength,
                    Value  = await AuditApiHelper.GetRequestBody(httpContext)
                };
            }
            return(action);
        }
Esempio n. 7
0
        private async Task BeforeInvoke(HttpContext context, bool includeHeaders, bool includeRequestBody, string eventTypeName)
        {
            var auditAction = new AuditApiAction
            {
                IsMiddleware     = true,
                UserName         = context.User?.Identity.Name,
                IpAddress        = context.Connection?.RemoteIpAddress?.ToString(),
                RequestUrl       = context.Request.GetDisplayUrl(),
                HttpMethod       = context.Request.Method,
                FormVariables    = AuditApiHelper.GetFormVariables(context),
                Headers          = includeHeaders ? AuditApiHelper.ToDictionary(context.Request.Headers) : null,
                ActionName       = null,
                ControllerName   = null,
                ActionParameters = null,
                RequestBody      = new BodyContent
                {
                    Type   = context.Request.ContentType,
                    Length = context.Request.ContentLength,
                    Value  = includeRequestBody ? AuditApiHelper.GetRequestBody(context) : null
                },
                TraceId = context.TraceIdentifier
            };
            var eventType = (eventTypeName ?? "{verb} {url}").Replace("{verb}", auditAction.HttpMethod)
                            .Replace("{url}", auditAction.RequestUrl);
            // Create the audit scope
            var auditEventAction = new AuditEventWebApi()
            {
                Action = auditAction
            };
            var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions()
            {
                EventType = eventType, AuditEvent = auditEventAction
            });

            context.Items[AuditApiHelper.AuditApiActionKey] = auditAction;
            context.Items[AuditApiHelper.AuditApiScopeKey]  = auditScope;
        }