/// <summary> /// Audit a login of a principal /// </summary> public static void AuditLogin(IPrincipal principal, String identityName, IIdentityProviderService identityProvider, bool successfulLogin = true) { traceSource.TraceVerbose("Create Login audit"); AuditData audit = new AuditData(DateTime.Now, ActionType.Execute, successfulLogin ? OutcomeIndicator.Success : OutcomeIndicator.EpicFail, EventIdentifierType.UserAuthentication, CreateAuditActionCode(EventTypeCodes.Login)); audit.Actors.Add(new AuditActorData() { NetworkAccessPointType = NetworkAccessPointType.MachineName, NetworkAccessPointId = Dns.GetHostName(), UserName = principal?.Identity?.Name ?? identityName, UserIsRequestor = true, ActorRoleCode = principal == null ? new List <AuditCode>() : ApplicationContext.Current.GetService <IRoleProviderService>()?.GetAllRoles(principal.Identity.Name).Select(o => new AuditCode(o, null) ).ToList() }); AddDeviceActor(audit); AddSenderDeviceActor(audit); audit.AuditableObjects.Add(new AuditableObject() { IDTypeCode = AuditableObjectIdType.Uri, NameData = identityProvider.GetType().AssemblyQualifiedName, ObjectId = $"http://openiz.org/auth/{identityProvider.GetType().FullName.Replace(".", "/")}", Type = AuditableObjectType.SystemObject, Role = AuditableObjectRole.Job }); SendAudit(audit); }
/// <summary> /// Audit a login of a principal /// </summary> public static void AuditLogin(IPrincipal principal, String identityName, IIdentityProviderService identityProvider, bool successfulLogin = true) { if ((principal?.Identity?.Name ?? identityName) == ApplicationContext.Current.Configuration.GetSection <SecurityConfigurationSection>().DeviceName) { return; // don't worry about this } AuditData audit = new AuditData(DateTime.Now, ActionType.Execute, successfulLogin ? OutcomeIndicator.Success : OutcomeIndicator.EpicFail, EventIdentifierType.UserAuthentication, CreateAuditActionCode(EventTypeCodes.Login)); var configService = ApplicationContext.Current.Configuration.GetSection <SecurityConfigurationSection>(); audit.Actors.Add(new AuditActorData() { NetworkAccessPointType = NetworkAccessPointType.MachineName, NetworkAccessPointId = configService.DeviceName, UserName = principal?.Identity?.Name ?? identityName, UserIsRequestor = true, ActorRoleCode = (principal as ClaimsPrincipal)?.Claims.Where(o => o.Type == ClaimsIdentity.DefaultRoleClaimType).Select(o => new AuditCode(o.Value, "OizRoles")).ToList() }); AddDeviceActor(audit); audit.AuditableObjects.Add(new AuditableObject() { IDTypeCode = AuditableObjectIdType.Uri, NameData = identityProvider.GetType().AssemblyQualifiedName, ObjectId = $"http://openiz.org/mobile/auth/{identityProvider.GetType().FullName.Replace(".", "/")}", Type = AuditableObjectType.SystemObject, Role = AuditableObjectRole.Job }); AddAncillaryObject(audit); SendAudit(audit); }