/// <summary>
/// Audit a login of a principal
/// </summary>
public static void AuditLogin(IPrincipal principal, String identityName, IIdentityProviderService identityProvider, bool successfulLogin = true)
{
traceSource.TraceVerbose("Create Login audit");
AuditData audit = new AuditData(DateTime.Now, ActionType.Execute, successfulLogin ? OutcomeIndicator.Success : OutcomeIndicator.EpicFail, EventIdentifierType.UserAuthentication, CreateAuditActionCode(EventTypeCodes.Login));
audit.Actors.Add(new AuditActorData()
{
NetworkAccessPointType = NetworkAccessPointType.MachineName,
NetworkAccessPointId = Dns.GetHostName(),
UserName = principal?.Identity?.Name ?? identityName,
UserIsRequestor = true,
ActorRoleCode = principal == null ? new List <AuditCode>() : ApplicationContext.Current.GetService <IRoleProviderService>()?.GetAllRoles(principal.Identity.Name).Select(o =>
new AuditCode(o, null)
).ToList()
});
AddDeviceActor(audit);
AddSenderDeviceActor(audit);
audit.AuditableObjects.Add(new AuditableObject()
{
IDTypeCode = AuditableObjectIdType.Uri,
NameData = identityProvider.GetType().AssemblyQualifiedName,
ObjectId = $"http://openiz.org/auth/{identityProvider.GetType().FullName.Replace(".", "/")}",
Type = AuditableObjectType.SystemObject,
Role = AuditableObjectRole.Job
});
SendAudit(audit);
}
/// <summary>
/// Audit a login of a principal
/// </summary>
public static void AuditLogin(IPrincipal principal, String identityName, IIdentityProviderService identityProvider, bool successfulLogin = true)
{
if ((principal?.Identity?.Name ?? identityName) == ApplicationContext.Current.Configuration.GetSection <SecurityConfigurationSection>().DeviceName)
{
return; // don't worry about this
}
AuditData audit = new AuditData(DateTime.Now, ActionType.Execute, successfulLogin ? OutcomeIndicator.Success : OutcomeIndicator.EpicFail, EventIdentifierType.UserAuthentication, CreateAuditActionCode(EventTypeCodes.Login));
var configService = ApplicationContext.Current.Configuration.GetSection <SecurityConfigurationSection>();
audit.Actors.Add(new AuditActorData()
{
NetworkAccessPointType = NetworkAccessPointType.MachineName,
NetworkAccessPointId = configService.DeviceName,
UserName = principal?.Identity?.Name ?? identityName,
UserIsRequestor = true,
ActorRoleCode = (principal as ClaimsPrincipal)?.Claims.Where(o => o.Type == ClaimsIdentity.DefaultRoleClaimType).Select(o => new AuditCode(o.Value, "OizRoles")).ToList()
});
AddDeviceActor(audit);
audit.AuditableObjects.Add(new AuditableObject()
{
IDTypeCode = AuditableObjectIdType.Uri,
NameData = identityProvider.GetType().AssemblyQualifiedName,
ObjectId = $"http://openiz.org/mobile/auth/{identityProvider.GetType().FullName.Replace(".", "/")}",
Type = AuditableObjectType.SystemObject,
Role = AuditableObjectRole.Job
});
AddAncillaryObject(audit);
SendAudit(audit);
}
