/// <summary> /// Occurs after the action method is invoked. /// </summary> public async Task AfterExecutedAsync(HttpActionExecutedContext actionExecutedContext, IContextWrapper contextWrapper, bool includeModelState, bool includeResponseBody) { var auditAction = contextWrapper.Get <AuditApiAction>(AuditApiActionKey); var auditScope = contextWrapper.Get <AuditScope>(AuditApiScopeKey); if (auditAction != null && auditScope != null) { auditAction.Exception = actionExecutedContext.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = includeModelState ? AuditApiHelper.GetModelStateErrors(actionExecutedContext.ActionContext.ModelState) : null; auditAction.ModelStateValid = includeModelState ? actionExecutedContext.ActionContext.ModelState?.IsValid : null; if (actionExecutedContext.Response != null) { auditAction.ResponseStatus = actionExecutedContext.Response.ReasonPhrase; auditAction.ResponseStatusCode = (int)actionExecutedContext.Response.StatusCode; if (includeResponseBody) { var objContent = actionExecutedContext.Response.Content as ObjectContent; auditAction.ResponseBody = new BodyContent { Type = objContent != null ? objContent.ObjectType.Name : actionExecutedContext.Response.Content?.Headers?.ContentType.ToString(), Length = actionExecutedContext.Response.Content?.Headers.ContentLength, Value = objContent != null ? objContent.Value : actionExecutedContext.Response.Content?.ReadAsStringAsync().Result }; } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.SaveAsync(); } }
private async Task AfterInvoke(HttpContext context, bool includeResponseBody, Exception exception) { var auditAction = context.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction; var auditScope = context.Items[AuditApiHelper.AuditApiScopeKey] as AuditScope; if (auditAction != null && auditScope != null) { if (exception != null) { auditAction.Exception = exception.GetExceptionInfo(); auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } else if (context.Response != null) { var statusCode = context.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = AuditApiHelper.GetStatusCodeString(statusCode); if (includeResponseBody && auditAction.ResponseBody == null) { auditAction.ResponseBody = new BodyContent { Type = context.Response.ContentType, Length = context.Response.ContentLength, Value = AuditApiHelper.GetResponseBody(context) }; } } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.SaveAsync(); } }
private IDictionary <string, object> GetActionParameters(IDictionary <string, object> actionArguments) { if (SerializeActionParameters) { return(AuditApiHelper.SerializeParameters(actionArguments)); } return(actionArguments); }
/// <summary> /// Occurs after the action method is invoked. /// </summary> /// <param name="context">The action executed context.</param> private async Task AfterExecutedAsync(ActionExecutedContext context) { var httpContext = context.HttpContext; var auditAction = httpContext.Items[AuditApiActionKey] as AuditApiAction; var auditScope = httpContext.Items[AuditApiScopeKey] as AuditScope; if (auditAction != null && auditScope != null) { auditAction.Exception = context.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = IncludeModelState ? AuditApiHelper.GetModelStateErrors(context.ModelState) : null; auditAction.ModelStateValid = IncludeModelState ? context.ModelState?.IsValid : null; if (context.HttpContext.Response != null && context.Result != null) { var statusCode = context.Result is ObjectResult && (context.Result as ObjectResult).StatusCode.HasValue ? (context.Result as ObjectResult).StatusCode.Value : context.Result is StatusCodeResult ? (context.Result as StatusCodeResult).StatusCode : context.HttpContext.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = GetStatusCodeString(auditAction.ResponseStatusCode); if (IncludeResponseBody) { var bodyType = context.Result?.GetType().GetFullTypeName(); auditAction.ResponseBody = new BodyContent() { Type = bodyType }; switch (context.Result?.GetType().Name) { case nameof(ObjectResult): auditAction.ResponseBody.Value = (context.Result as ObjectResult).Value; break; case nameof(StatusCodeResult): auditAction.ResponseBody.Value = string.Format("StatusCode ({0})", (context.Result as StatusCodeResult).StatusCode); break; case nameof(RedirectResult): auditAction.ResponseBody.Value = string.Format("Redirect to {0}", (context.Result as RedirectResult).Url); break; default: // TODO: Handle other result types auditAction.ResponseBody.Value = string.Format("Result type: {0}", context.Result.GetType().GetFullTypeName()); break; } } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.SaveAsync(); } }
/// <summary> /// Occurs after the action method is invoked. /// </summary> /// <param name="context">The action executed context.</param> private async Task AfterExecutedAsync(ActionExecutedContext context) { var httpContext = context.HttpContext; var auditAction = httpContext.Items[AuditApiActionKey] as AuditApiAction; var auditScope = httpContext.Items[AuditApiScopeKey] as AuditScope; if (auditAction != null && auditScope != null) { auditAction.Exception = context.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = IncludeModelState ? AuditApiHelper.GetModelStateErrors(context.ModelState) : null; auditAction.ModelStateValid = IncludeModelState ? context.ModelState?.IsValid : null; if (context.HttpContext.Response != null && context.Result != null) { var statusCode = context.Result is ObjectResult && (context.Result as ObjectResult).StatusCode.HasValue ? (context.Result as ObjectResult).StatusCode.Value : context.Result is StatusCodeResult ? (context.Result as StatusCodeResult).StatusCode : context.HttpContext.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = GetStatusCodeString(auditAction.ResponseStatusCode); if (IncludeResponseBody) { var bodyType = context.Result?.GetType().GetFullTypeName(); if (bodyType != null) { auditAction.ResponseBody = new BodyContent { Type = bodyType }; if (context.Result is ObjectResult or) { auditAction.ResponseBody.Value = or.Value; } else if (context.Result is StatusCodeResult sr) { auditAction.ResponseBody.Value = string.Format("StatusCode ({0})", sr.StatusCode); } else if (context.Result is RedirectResult rr) { auditAction.ResponseBody.Value = string.Format("Redirect to {0}", rr.Url); } else { auditAction.ResponseBody.Value = context.Result.ToString(); } } } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.SaveAsync(); } }
private IDictionary <string, object> GetActionParameters(ControllerActionDescriptor actionDescriptor, IDictionary <string, object> actionArguments, bool serializeParams) { var args = actionArguments.ToDictionary(k => k.Key, v => v.Value); foreach (var param in actionDescriptor.Parameters) { if ((param as ControllerParameterDescriptor)?.ParameterInfo.GetCustomAttribute <AuditIgnoreAttribute>(true) != null) { args.Remove(param.Name); } } if (serializeParams) { return(AuditApiHelper.SerializeParameters(args)); } return(args); }
/// <summary> /// Occurs after the action method is invoked. /// </summary> internal async Task AfterExecutedAsync(ActionExecutedContext context, bool includeModelState, bool includeResponseBody, bool includeResponseHeaders) { var httpContext = context.HttpContext; var auditAction = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction; var auditScope = httpContext.Items[AuditApiHelper.AuditApiScopeKey] as AuditScope; if (auditAction != null && auditScope != null) { auditAction.Exception = context.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = includeModelState ? AuditApiHelper.GetModelStateErrors(context.ModelState) : null; auditAction.ModelStateValid = includeModelState ? context.ModelState?.IsValid : null; if (context.HttpContext.Response != null && context.Result != null) { var statusCode = context.Result is ObjectResult && (context.Result as ObjectResult).StatusCode.HasValue ? (context.Result as ObjectResult).StatusCode.Value : context.Result is StatusCodeResult ? (context.Result as StatusCodeResult).StatusCode : context.HttpContext.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = AuditApiHelper.GetStatusCodeString(auditAction.ResponseStatusCode); if (includeResponseBody) { var bodyType = context.Result.GetType().GetFullTypeName(); auditAction.ResponseBody = new BodyContent { Type = bodyType, Value = GetResponseBody(context.ActionDescriptor, context.Result) }; } if (includeResponseHeaders) { auditAction.ResponseHeaders = AuditApiHelper.ToDictionary(httpContext.Response.Headers); } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field (auditScope.Event as AuditEventWebApi).Action = auditAction; // Save, if action was not created by middleware if (!auditAction.IsMiddleware) { await auditScope.DisposeAsync(); } } }
private async Task <AuditApiAction> CreateOrUpdateAction(ActionExecutingContext actionContext, bool includeHeaders, bool includeRequestBody, bool serializeParams, string eventTypeName) { var httpContext = actionContext.HttpContext; var actionDescriptor = actionContext.ActionDescriptor as ControllerActionDescriptor; AuditApiAction action = null; if (httpContext.Items.ContainsKey(AuditApiHelper.AuditApiActionKey)) { action = httpContext.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction; } if (action == null) { action = new AuditApiAction { UserName = httpContext.User?.Identity.Name, IpAddress = httpContext.Connection?.RemoteIpAddress?.ToString(), HttpMethod = httpContext.Request.Method, FormVariables = AuditApiHelper.GetFormVariables(httpContext), TraceId = httpContext.TraceIdentifier, ActionExecutingContext = actionContext }; } action.RequestUrl = httpContext.Request.GetDisplayUrl(); action.ActionName = actionDescriptor != null ? actionDescriptor.ActionName : actionContext.ActionDescriptor.DisplayName; action.ControllerName = actionDescriptor?.ControllerName; action.ActionParameters = GetActionParameters(actionDescriptor, actionContext.ActionArguments, serializeParams); if (includeHeaders) { action.Headers = AuditApiHelper.ToDictionary(httpContext.Request.Headers); } if (includeRequestBody && action.RequestBody == null) { action.RequestBody = new BodyContent { Type = httpContext.Request.ContentType, Length = httpContext.Request.ContentLength, Value = await AuditApiHelper.GetRequestBody(httpContext) }; } return(action); }
private IDictionary <string, object> GetActionParameters(ReflectedHttpActionDescriptor actionDescriptor, IDictionary <string, object> actionArguments, bool serializeParams) { var args = actionArguments.ToDictionary(k => k.Key, v => v.Value); if (actionDescriptor.ActionBinding?.ParameterBindings != null) { foreach (var param in actionDescriptor.ActionBinding.ParameterBindings) { var paramDescriptor = param.Descriptor as ReflectedHttpParameterDescriptor; if (paramDescriptor?.ParameterInfo.GetCustomAttribute <AuditIgnoreAttribute>(true) != null) { args.Remove(paramDescriptor.ParameterName); } } } if (serializeParams) { return(AuditApiHelper.SerializeParameters(args)); } return(args); }
private IDictionary <string, object> GetActionParameters(HttpActionDescriptor actionDescriptor, IDictionary <string, object> actionArguments, bool serializeParams) { var args = actionArguments.ToDictionary(k => k.Key, v => v.Value); var parameters = actionDescriptor.GetParameters(); if (parameters != null) { foreach (var param in parameters) { if (param.GetCustomAttributes <AuditIgnoreAttribute>().Any()) { args.Remove(param.ParameterName); } } } if (serializeParams) { return(AuditApiHelper.SerializeParameters(args)); } return(args); }
private async Task AfterInvoke(HttpContext context, bool includeResponseBody, bool includeResponseHeaders, Exception exception) { #pragma warning disable IDE0019 // Use pattern matching var auditAction = context.Items[AuditApiHelper.AuditApiActionKey] as AuditApiAction; var auditScope = context.Items[AuditApiHelper.AuditApiScopeKey] as AuditScope; #pragma warning restore IDE0019 // Use pattern matching if (auditAction != null && auditScope != null) { if (exception != null) { auditAction.Exception = exception.GetExceptionInfo(); auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } else if (context.Response != null) { var statusCode = context.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = AuditApiHelper.GetStatusCodeString(statusCode); if (includeResponseBody && auditAction.ResponseBody == null) { auditAction.ResponseBody = new BodyContent { Type = context.Response.ContentType, Length = context.Response.ContentLength, Value = await AuditApiHelper.GetResponseBody(context) }; } } if (includeResponseHeaders) { auditAction.ResponseHeaders = AuditApiHelper.ToDictionary(context.Response.Headers); } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.DisposeAsync(); } }
/// <summary> /// Occurs after the action method is invoked. /// </summary> public async Task AfterExecutedAsync(ActionExecutedContext context, bool includeModelState, bool includeResponseBody) { var httpContext = context.HttpContext; var auditAction = httpContext.Items[AuditApiActionKey] as AuditApiAction; var auditScope = httpContext.Items[AuditApiScopeKey] as AuditScope; if (auditAction != null && auditScope != null) { auditAction.Exception = context.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = includeModelState ? AuditApiHelper.GetModelStateErrors(context.ModelState) : null; auditAction.ModelStateValid = includeModelState ? context.ModelState?.IsValid : null; if (context.HttpContext.Response != null && context.Result != null) { var statusCode = context.Result is ObjectResult && (context.Result as ObjectResult).StatusCode.HasValue ? (context.Result as ObjectResult).StatusCode.Value : context.Result is StatusCodeResult ? (context.Result as StatusCodeResult).StatusCode : context.HttpContext.Response.StatusCode; auditAction.ResponseStatusCode = statusCode; auditAction.ResponseStatus = GetStatusCodeString(auditAction.ResponseStatusCode); if (includeResponseBody) { var bodyType = context.Result?.GetType().GetFullTypeName(); if (bodyType != null) { auditAction.ResponseBody = new BodyContent { Type = bodyType, Value = GetResponseBody(context.Result) }; } } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.SaveAsync(); } }
private async Task BeforeInvoke(HttpContext context, bool includeHeaders, bool includeRequestBody, string eventTypeName) { var auditAction = new AuditApiAction { IsMiddleware = true, UserName = context.User?.Identity.Name, IpAddress = context.Connection?.RemoteIpAddress?.ToString(), RequestUrl = context.Request.GetDisplayUrl(), HttpMethod = context.Request.Method, FormVariables = AuditApiHelper.GetFormVariables(context), Headers = includeHeaders ? AuditApiHelper.ToDictionary(context.Request.Headers) : null, ActionName = null, ControllerName = null, ActionParameters = null, RequestBody = new BodyContent { Type = context.Request.ContentType, Length = context.Request.ContentLength, Value = includeRequestBody ? AuditApiHelper.GetRequestBody(context) : null }, TraceId = context.TraceIdentifier }; var eventType = (eventTypeName ?? "{verb} {url}").Replace("{verb}", auditAction.HttpMethod) .Replace("{url}", auditAction.RequestUrl); // Create the audit scope var auditEventAction = new AuditEventWebApi() { Action = auditAction }; var auditScope = await AuditScope.CreateAsync(new AuditScopeOptions() { EventType = eventType, AuditEvent = auditEventAction }); context.Items[AuditApiHelper.AuditApiActionKey] = auditAction; context.Items[AuditApiHelper.AuditApiScopeKey] = auditScope; }
/// <summary> /// Occurs after the action method is invoked. /// </summary> public async Task AfterExecutedAsync(HttpActionExecutedContext actionExecutedContext, IContextWrapper contextWrapper, bool includeModelState, bool includeResponseBody, bool includeResponseHeaders) { var auditAction = contextWrapper.Get <AuditApiAction>(AuditApiHelper.AuditApiActionKey); var auditScope = contextWrapper.Get <AuditScope>(AuditApiHelper.AuditApiScopeKey); if (auditAction != null && auditScope != null) { auditAction.Exception = actionExecutedContext.Exception.GetExceptionInfo(); auditAction.ModelStateErrors = includeModelState ? AuditApiHelper.GetModelStateErrors(actionExecutedContext.ActionContext.ModelState) : null; auditAction.ModelStateValid = includeModelState ? actionExecutedContext.ActionContext.ModelState?.IsValid : null; if (actionExecutedContext.Response != null) { auditAction.ResponseStatus = actionExecutedContext.Response.ReasonPhrase; auditAction.ResponseStatusCode = (int)actionExecutedContext.Response.StatusCode; if (includeResponseBody) { bool ignoreValue = IsResponseExplicitlyIgnored(actionExecutedContext); if (actionExecutedContext.Response.Content is ObjectContent objContent) { auditAction.ResponseBody = new BodyContent { Type = objContent.ObjectType.Name, Length = objContent.Headers?.ContentLength, Value = ignoreValue ? null : objContent.Value }; } else if (actionExecutedContext.Response.Content != null) { var httpContent = actionExecutedContext.Response.Content; auditAction.ResponseBody = new BodyContent { Value = ignoreValue ? null : httpContent.ReadAsStringAsync().Result }; if (httpContent.Headers != null) { auditAction.ResponseBody.Type = httpContent.Headers.ContentType.ToString(); auditAction.ResponseBody.Length = httpContent.Headers.ContentLength; } } else { auditAction.ResponseBody = new BodyContent(); } } if (includeResponseHeaders) { auditAction.ResponseHeaders = ToDictionary(actionExecutedContext.Response.Headers); } } else { auditAction.ResponseStatusCode = 500; auditAction.ResponseStatus = "Internal Server Error"; } // Replace the Action field and save (auditScope.Event as AuditEventWebApi).Action = auditAction; await auditScope.DisposeAsync(); } }