feat(audit): ScadaBridge IAuditActorAccessor + wire audit Actor from Auth principal at authenticated emit sites (Phase 3)
This commit is contained in:
Joseph Doherty
@@ -0,0 +1,65 @@
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using ZB.MOM.WW.Auth.AspNetCore;
|
||||
using ZB.MOM.WW.ScadaBridge.Commons.Interfaces.Services;
|
||||
|
||||
namespace ZB.MOM.WW.ScadaBridge.Security;
|
||||
|
||||
/// <summary>
|
||||
/// HTTP-backed <see cref="IAuditActorAccessor"/> (Phase 3): resolves the audit
|
||||
/// <c>Actor</c> from the authenticated principal on the ambient
|
||||
/// <see cref="IHttpContextAccessor.HttpContext"/>. Used by the user-facing
|
||||
/// inbound API audit path so a cookie/LDAP-authenticated request records the
|
||||
/// real user as <c>AuditEvent.Actor</c>.
|
||||
/// </summary>
|
||||
/// <remarks>
|
||||
/// <para>The username is sourced from the canonical
|
||||
/// <see cref="ZbClaimTypes.Username"/> claim (= <see cref="JwtTokenService.UsernameClaimType"/>,
|
||||
/// minted by <see cref="JwtTokenService"/> and by the cookie login path), falling
|
||||
/// back to <see cref="System.Security.Principal.IIdentity.Name"/> (which
|
||||
/// <see cref="JwtTokenService"/> pins to <see cref="ZbClaimTypes.Name"/> via its
|
||||
/// token-validation <c>NameClaimType</c>).
|
||||
/// When there is no ambient request, the principal is unauthenticated, or no
|
||||
/// usable name claim is present, <see cref="CurrentActor"/> returns <c>null</c> so
|
||||
/// the caller keeps its existing actor/fallback — an unauthenticated principal is
|
||||
/// never echoed back as an actor.</para>
|
||||
/// </remarks>
|
||||
public sealed class HttpAuditActorAccessor : IAuditActorAccessor
|
||||
{
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
|
||||
/// <summary>Initializes a new instance of <see cref="HttpAuditActorAccessor"/>.</summary>
|
||||
/// <param name="httpContextAccessor">Accessor for the ambient HTTP context.</param>
|
||||
public HttpAuditActorAccessor(IHttpContextAccessor httpContextAccessor)
|
||||
{
|
||||
_httpContextAccessor = httpContextAccessor
|
||||
?? throw new ArgumentNullException(nameof(httpContextAccessor));
|
||||
}
|
||||
|
||||
/// <inheritdoc />
|
||||
public string? CurrentActor
|
||||
{
|
||||
get
|
||||
{
|
||||
var user = _httpContextAccessor.HttpContext?.User;
|
||||
if (user?.Identity is not { IsAuthenticated: true })
|
||||
{
|
||||
// No ambient request, or the principal is unauthenticated — never
|
||||
// echo an unauthenticated identity back as an actor.
|
||||
return null;
|
||||
}
|
||||
|
||||
// Prefer the canonical username claim (the value JwtTokenService and
|
||||
// the cookie login path mint); fall back to Identity.Name (pinned to
|
||||
// ZbClaimTypes.Name by JwtTokenService.NameClaimType).
|
||||
var username = user.FindFirst(JwtTokenService.UsernameClaimType)?.Value;
|
||||
if (!string.IsNullOrWhiteSpace(username))
|
||||
{
|
||||
return username;
|
||||
}
|
||||
|
||||
var name = user.Identity?.Name;
|
||||
return string.IsNullOrWhiteSpace(name) ? null : name;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user