/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(HttpActionContext actionContext) { var request = actionContext.Request; var httpContext = GetHttpContext(request); var auditAction = new AuditApiAction { UserName = actionContext.RequestContext?.Principal?.Identity?.Name, IpAddress = GetClientIp(request), RequestUrl = request.RequestUri?.AbsoluteUri, HttpMethod = actionContext.Request.Method?.Method, FormVariables = ToDictionary(httpContext.Request?.Form), Headers = IncludeHeaders ? ToDictionary(request.Headers) : null, ActionName = actionContext.ActionDescriptor?.ActionName, ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName, ActionParameters = actionContext.ActionArguments }; var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod) .Replace("{controller}", auditAction.ControllerName) .Replace("{action}", auditAction.ActionName); // Create the audit scope var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual); httpContext.Items[AuditApiActionKey] = auditAction; httpContext.Items[AuditApiScopeKey] = auditScope; }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> private async Task BeforeExecutingAsync(ActionExecutingContext actionContext) { var httpContext = actionContext.HttpContext; var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor; var auditAction = new AuditApiAction { UserName = httpContext.User?.Identity.Name, IpAddress = httpContext.Connection?.RemoteIpAddress.ToString(), RequestUrl = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path), HttpMethod = actionContext.HttpContext.Request.Method, FormVariables = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null, Headers = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null, ActionName = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName, ControllerName = actionDescriptior != null ? actionDescriptior.ControllerName : null, ActionParameters = GetActionParameters(actionContext.ActionArguments), RequestBody = new BodyContent { Type = httpContext.Request.ContentType, Length = httpContext.Request.ContentLength, Value = IncludeRequestBody ? GetRequestBody(actionContext) : null } }; var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod) .Replace("{controller}", auditAction.ControllerName) .Replace("{action}", auditAction.ActionName); // Create the audit scope var auditEventAction = new AuditEventWebApi() { Action = auditAction }; var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions() { EventType = eventType, AuditEvent = auditEventAction, CallingMethod = actionDescriptior.MethodInfo }); httpContext.Items[AuditApiActionKey] = auditAction; httpContext.Items[AuditApiScopeKey] = auditScope; }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(HttpActionContext actionContext) { var request = actionContext.Request; var contextWrapper = new ContextWrapper(request); var auditAction = new AuditApiAction { UserName = actionContext.RequestContext?.Principal?.Identity?.Name, IpAddress = contextWrapper.GetClientIp(), RequestUrl = request.RequestUri?.AbsoluteUri, HttpMethod = actionContext.Request.Method?.Method, FormVariables = contextWrapper.GetFormVariables(), Headers = IncludeHeaders ? ToDictionary(request.Headers) : null, ActionName = actionContext.ActionDescriptor?.ActionName, ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName, ActionParameters = actionContext.ActionArguments }; var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod) .Replace("{controller}", auditAction.ControllerName) .Replace("{action}", auditAction.ActionName); // Create the audit scope var auditEventAction = new AuditEventWebApi() { Action = auditAction }; var options = new AuditScopeOptions() { EventType = eventType, AuditEvent = auditEventAction, CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo }; var auditScope = AuditScope.Create(options); contextWrapper.Set(AuditApiActionKey, auditAction); contextWrapper.Set(AuditApiScopeKey, auditScope); }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public override void OnActionExecuting(ActionExecutingContext actionContext) { var httpContext = actionContext.HttpContext; var actionDescriptior = actionContext.ActionDescriptor as ControllerActionDescriptor; var auditAction = new AuditApiAction { UserName = httpContext.User?.Identity.Name, IpAddress = httpContext.Connection?.RemoteIpAddress.ToString(), RequestUrl = string.Format("{0}://{1}{2}", httpContext.Request.Scheme, httpContext.Request.Host, httpContext.Request.Path), HttpMethod = actionContext.HttpContext.Request.Method, FormVariables = httpContext.Request.HasFormContentType ? ToDictionary(httpContext.Request.Form) : null, Headers = IncludeHeaders ? ToDictionary(httpContext.Request.Headers) : null, ActionName = actionDescriptior != null ? actionDescriptior.ActionName : actionContext.ActionDescriptor.DisplayName, ControllerName = actionDescriptior != null ? actionDescriptior.ControllerName : null, ActionParameters = actionContext.ActionArguments }; var eventType = (EventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod) .Replace("{controller}", auditAction.ControllerName) .Replace("{action}", auditAction.ActionName); // Create the audit scope var auditScope = AuditScope.Create(eventType, null, new { Action = auditAction }, EventCreationPolicy.Manual); httpContext.Items[AuditApiActionKey] = auditAction; httpContext.Items[AuditApiScopeKey] = auditScope; }
/// <summary> /// Occurs before the action method is invoked. /// </summary> /// <param name="actionContext">The action context.</param> public async Task BeforeExecutingAsync(HttpActionContext actionContext, IContextWrapper contextWrapper, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName) { var request = actionContext.Request; var auditAction = new AuditApiAction { UserName = actionContext.RequestContext?.Principal?.Identity?.Name, IpAddress = contextWrapper.GetClientIp(), RequestUrl = request.RequestUri?.AbsoluteUri, HttpMethod = actionContext.Request.Method?.Method, FormVariables = contextWrapper.GetFormVariables(), Headers = includeHeaders ? ToDictionary(request.Headers) : null, ActionName = actionContext.ActionDescriptor?.ActionName, ControllerName = actionContext.ActionDescriptor?.ControllerDescriptor?.ControllerName, ActionParameters = GetActionParameters(actionContext.ActionArguments, serializeParams), RequestBody = includeRequestBody ? GetRequestBody(contextWrapper) : null }; var eventType = (eventTypeName ?? "{verb} {controller}/{action}").Replace("{verb}", auditAction.HttpMethod) .Replace("{controller}", auditAction.ControllerName) .Replace("{action}", auditAction.ActionName); // Create the audit scope var auditEventAction = new AuditEventWebApi() { Action = auditAction }; var options = new AuditScopeOptions() { EventType = eventType, AuditEvent = auditEventAction, CallingMethod = (actionContext.ActionDescriptor as ReflectedHttpActionDescriptor)?.MethodInfo }; var auditScope = await AuditScope.CreateAsync(options); contextWrapper.Set(AuditApiActionKey, auditAction); contextWrapper.Set(AuditApiScopeKey, auditScope); }
private async Task <AuditApiAction> CreateOrUpdateAction(ActionExecutingContext actionContext, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName) { var httpContext = actionContext.HttpContext; var actionDescriptor = actionContext.ActionDescriptor as ControllerActionDescriptor; AuditApiAction action = null; if (httpContext.Items.ContainsKey(AuditApiHelper.AuditApiActionKey)) { action = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction; } if (action == null) { action = new AuditApiAction { UserName = httpContext.User?.Identity.Name, IpAddress = httpContext.Connection?.RemoteIpAddress?.ToString(), HttpMethod = httpContext.Request.Method, FormVariables = AuditApiHelper.GetFormVariables(httpContext), TraceId = httpContext.TraceIdentifier, ActionExecutingContext = actionContext }; } action.RequestUrl = httpContext.Request.GetDisplayUrl(); action.ActionName = actionDescriptor != null ? actionDescriptor.ActionName : actionContext.ActionDescriptor.DisplayName; action.ControllerName = actionDescriptor?.ControllerName; action.ActionParameters = GetActionParameters(actionDescriptor, actionContext.ActionArguments, serializeParams); if (includeHeaders) { action.Headers = AuditApiHelper.ToDictionary(httpContext.Request.Headers); } if (includeRequestBody && action.RequestBody == null) { action.RequestBody = new BodyContent { Type = httpContext.Request.ContentType, Length = httpContext.Request.ContentLength, Value = await AuditApiHelper.GetRequestBody(httpContext) }; } return(action); }
private async Task BeforeInvoke(HttpContext context, bool includeHeaders, bool includeRequestBody, string eventTypeName) { var auditAction = new AuditApiAction { IsMiddleware = true, UserName = context.User?.Identity.Name, IpAddress = context.Connection?.RemoteIpAddress?.ToString(), RequestUrl = context.Request.GetDisplayUrl(), HttpMethod = context.Request.Method, FormVariables = AuditApiHelper.GetFormVariables(context), Headers = includeHeaders ? AuditApiHelper.ToDictionary(context.Request.Headers) : null, ActionName = null, ControllerName = null, ActionParameters = null, RequestBody = new BodyContent { Type = context.Request.ContentType, Length = context.Request.ContentLength, Value = includeRequestBody ? AuditApiHelper.GetRequestBody(context) : null }, TraceId = context.TraceIdentifier }; var eventType = (eventTypeName ?? "{verb} {url}").Replace("{verb}", auditAction.HttpMethod) .Replace("{url}", auditAction.RequestUrl); // Create the audit scope var auditEventAction = new AuditEventWebApi() { Action = auditAction }; var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions() { EventType = eventType, AuditEvent = auditEventAction }); context.Items[AuditApiHelper.AuditApiActionKey] = auditAction; context.Items[AuditApiHelper.AuditApiScopeKey] = auditScope; }