From d2f21a9181084435252d4d39a1fb46aa1029162d Mon Sep 17 00:00:00 2001
From: harid <harid_pr61@live.rmutl.com>
Date: Tue, 28 Apr 2026 10:02:17 +0700
Subject: [PATCH] fix #2367

---
 Core/RequestLoggingMiddleware.cs | 78 ++++++++++++++++++++++++--------
 1 file changed, 58 insertions(+), 20 deletions(-)

diff --git a/Core/RequestLoggingMiddleware.cs b/Core/RequestLoggingMiddleware.cs
index 6d306de..a39a4d9 100644
--- a/Core/RequestLoggingMiddleware.cs
+++ b/Core/RequestLoggingMiddleware.cs
@@ -2,6 +2,7 @@
 using Microsoft.Extensions.Configuration;
 using Nest;
 using System.Diagnostics;
+using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
 using System.Text.Encodings.Web;
 using System.Text.Json;
@@ -29,6 +30,49 @@ namespace BMA.EHR.Recurit.Exam.Service.Core
             SystemName = "recruiting";
         }
 
+        /// <summary>
+        /// แกะ JWT token เพื่อดึง claims ต่างๆ
+        /// </summary>
+        private JwtSecurityToken? ParseToken(string token)
+        {
+            try
+            {
+                var tokenHandler = new JwtSecurityTokenHandler();
+                var jwtToken = tokenHandler.ReadJwtToken(token.Replace("Bearer ", ""));
+                return jwtToken;
+            }
+            catch
+            {
+                return null;
+            }
+        }
+
+        /// <summary>
+        /// ดึงค่า claim จาก token โดยลองชื่อหลายแบบ
+        /// </summary>
+        private string? GetClaimValue(JwtSecurityToken? token, params string[] claimNames)
+        {
+            if (token == null) return null;
+
+            foreach (var name in claimNames)
+            {
+                var claim = token.Claims.FirstOrDefault(c => c.Type == name);
+                if (claim != null)
+                    return claim.Value;
+            }
+            return null;
+        }
+
+        /// <summary>
+        /// ดึงค่า Guid claim จาก token
+        /// </summary>
+        private Guid? GetGuidClaim(JwtSecurityToken? token, params string[] claimNames)
+        {
+            var value = GetClaimValue(token, claimNames);
+            if (Guid.TryParse(value, out var guid))
+                return guid;
+            return null;
+        }
 
         public async Task Invoke(HttpContext context)
         {
@@ -92,28 +136,22 @@ namespace BMA.EHR.Recurit.Exam.Service.Core
                 // เปลี่ยน stream ของ Response เพื่อให้สามารถอ่านได้
                 context.Response.Body = memoryStream;
 
-
-
-                // Extract all required data from JWT token claims
                 var keycloakId = context.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value ?? Guid.Empty.ToString("D");
+                var tokenHeader = context.Request.Headers["Authorization"].ToString();
 
-                var prefix = context.User?.FindFirst("prefix")?.Value;
-                var firstName = context.User?.FindFirst("given_name")?.Value;
-                var lastName = context.User?.FindFirst("family_name")?.Value;
-                var preferredUsername = context.User?.FindFirst("preferred_username")?.Value;
+                // แกะ JWT token เพื่อดึง claims ต่างๆ
+                var jwtToken = ParseToken(tokenHeader);
 
-                var orgRootDnaId = context.User?.FindFirst("orgRootDnaId")?.Value;
-                var orgChild1DnaId = context.User?.FindFirst("orgChild1DnaId")?.Value;
-                var orgChild2DnaId = context.User?.FindFirst("orgChild2DnaId")?.Value;
-                var orgChild3DnaId = context.User?.FindFirst("orgChild3DnaId")?.Value;
-                var orgChild4DnaId = context.User?.FindFirst("orgChild4DnaId")?.Value;
-
-                // Parse Guid values safely
-                Guid? rootDnaId = Guid.TryParse(orgRootDnaId, out var rid) ? rid : null;
-                Guid? child1DnaId = Guid.TryParse(orgChild1DnaId, out var c1) ? c1 : null;
-                Guid? child2DnaId = Guid.TryParse(orgChild2DnaId, out var c2) ? c2 : null;
-                Guid? child3DnaId = Guid.TryParse(orgChild3DnaId, out var c3) ? c3 : null;
-                Guid? child4DnaId = Guid.TryParse(orgChild4DnaId, out var c4) ? c4 : null;
+                // ดึงข้อมูลจาก claims โดยลองชื่อหลายแบบ (camelCase, snake_case, ฯลฯ)
+                var prefix = GetClaimValue(jwtToken, "prefix", "Prefix", "PREFIX");
+                var firstName = GetClaimValue(jwtToken, "given_name", "firstname", "firstName", "FirstName", "FIRSTNAME");
+                var lastName = GetClaimValue(jwtToken, "family_name", "lastname", "lastName", "LastName", "LASTNAME");
+                var preferredUsername = GetClaimValue(jwtToken, "preferred_username", "preferred_username", "PreferredUsername");
+                var orgRootDnaId = GetGuidClaim(jwtToken, "orgRootDnaId", "org_root_dna_id", "OrgRootDnaId", "rootDnaId");
+                var orgChild1DnaId = GetGuidClaim(jwtToken, "orgChild1DnaId", "org_child1_dna", "OrgChild1Dna", "child1DnaId");
+                var orgChild2DnaId = GetGuidClaim(jwtToken, "orgChild2DnaId", "org_child2_dna", "OrgChild2Dna", "child2DnaId");
+                var orgChild3DnaId = GetGuidClaim(jwtToken, "orgChild3DnaId", "org_child3_dna", "OrgChild3Dna", "child3DnaId");
+                var orgChild4DnaId = GetGuidClaim(jwtToken, "orgChild4DnaId", "org_child4_dna", "OrgChild4Dna", "child4DnaId");
 
                 await _next(context); // ดำเนินการต่อไปยัง Middleware อื่น ๆ
 
@@ -200,7 +238,7 @@ namespace BMA.EHR.Recurit.Exam.Service.Core
                 {
                     logType = logType,
                     ip = context.Connection.RemoteIpAddress?.ToString(),
-                    rootId = rootDnaId,
+                    rootId = orgRootDnaId?.ToString("D"),
                     systemName = SystemName,
                     startTimeStamp = startTime.ToString("o"),
                     endTimeStamp = endTime.ToString("o"),