Skip to content

Commit

Permalink
Remove logging of non essential data
Browse files Browse the repository at this point in the history
  • Loading branch information
fhanik committed Nov 15, 2016
1 parent 74e080e commit bf4999d
Show file tree
Hide file tree
Showing 9 changed files with 329 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,15 @@

import org.cloudfoundry.identity.uaa.audit.AuditEvent;
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.springframework.security.core.Authentication;
import org.springframework.util.ReflectionUtils;

import java.lang.reflect.Method;

public class EntityDeletedEvent<T> extends AbstractUaaEvent {

protected static final String dataFormat = "Class:%s; ID:%s";

public EntityDeletedEvent(T deleted, Authentication authentication) {
super(deleted, authentication);
}
Expand All @@ -32,6 +36,16 @@ public T getDeleted() {

@Override
public AuditEvent getAuditEvent() {
return createAuditRecord(getAuthentication().getName(), AuditEventType.EntityDeletedEvent, getOrigin(getAuthentication()), JsonUtils.writeValueAsString(source));
return createAuditRecord(
getAuthentication().getName(),
AuditEventType.EntityDeletedEvent,
getOrigin(getAuthentication()),
String.format(dataFormat, source.getClass().getName(), getObjectId())
);
}

public String getObjectId() {
Method m = ReflectionUtils.findMethod(source.getClass(), "getId");
return m!=null ? (String)ReflectionUtils.invokeMethod(m, source) : String.valueOf(System.identityHashCode(source));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
import org.cloudfoundry.identity.uaa.audit.AuditEvent;
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
import org.springframework.security.core.Authentication;

Expand All @@ -26,20 +25,31 @@ public class IdentityProviderModifiedEvent extends AbstractUaaEvent {

private AuditEventType eventType;

protected static final String dataFormat = "id=%s; type=%s; origin=%s; zone=%s";

public IdentityProviderModifiedEvent(IdentityProvider identityProvider, Authentication authentication, AuditEventType type) {
super(identityProvider, authentication);
eventType = type;
}

@Override
public AuditEvent getAuditEvent() {
return createAuditRecord(getSource().toString(), eventType, getOrigin(getAuthentication()), JsonUtils.writeValueAsString(source));
IdentityProvider provider = (IdentityProvider)source;
return createAuditRecord(getSource().toString(),
eventType,
getOrigin(getAuthentication()),
String.format(IdentityProviderModifiedEvent.dataFormat,
provider.getId(),
provider.getType(),
provider.getOriginKey(),
provider.getIdentityZoneId())
);
}

public static IdentityProviderModifiedEvent identityProviderCreated(IdentityProvider identityProvider) {
return new IdentityProviderModifiedEvent(identityProvider, getContextAuthentication(), AuditEventType.IdentityProviderCreatedEvent);
}

public static IdentityProviderModifiedEvent identityProviderModified(IdentityProvider identityProvider) {
return new IdentityProviderModifiedEvent(identityProvider, getContextAuthentication(), AuditEventType.IdentityProviderModifiedEvent);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
import org.cloudfoundry.identity.uaa.audit.AuditEvent;
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.springframework.security.core.Authentication;

Expand All @@ -25,15 +24,24 @@ public class IdentityZoneModifiedEvent extends AbstractUaaEvent {

private AuditEventType eventType;

protected static final String dataFormat = "id=%s; subdomain=%s";

public IdentityZoneModifiedEvent(IdentityZone identityZone, Authentication authentication, AuditEventType type) {
super(identityZone, authentication);
eventType = type;
}

@Override
public AuditEvent getAuditEvent() {
return createAuditRecord(getSource().toString(), eventType, getOrigin(getAuthentication()),
JsonUtils.writeValueAsString(source));
IdentityZone zone = (IdentityZone)source;
return createAuditRecord(
getSource().toString(),
eventType,
getOrigin(getAuthentication()),
String.format(IdentityZoneModifiedEvent.dataFormat,
zone.getId(),
zone.getSubdomain())
);
}

public static IdentityZoneModifiedEvent identityZoneCreated(IdentityZone identityZone) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,26 +17,31 @@
import org.cloudfoundry.identity.uaa.audit.AuditEventType;
import org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent;
import org.cloudfoundry.identity.uaa.provider.saml.idp.SamlServiceProvider;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.springframework.security.core.Authentication;

public class ServiceProviderModifiedEvent extends AbstractUaaEvent {

/**
* Generated serialization id.
*/
private static final long serialVersionUID = -204120790766086570L;

private AuditEventType eventType;

protected static final String dataFormat = "id=%s; name=%s; entityID=%s";

public ServiceProviderModifiedEvent(SamlServiceProvider serviceProvider, Authentication authentication, AuditEventType type) {
super(serviceProvider, authentication);
eventType = type;
}

@Override
public AuditEvent getAuditEvent() {
return createAuditRecord(getSource().toString(), eventType, getOrigin(getAuthentication()), JsonUtils.writeValueAsString(source));
SamlServiceProvider provider = (SamlServiceProvider)source;
return createAuditRecord(getSource().toString(),
eventType,
getOrigin(getAuthentication()),
String.format(dataFormat,
provider.getId(),
provider.getName(),
provider.getEntityId()));
}

public static ServiceProviderModifiedEvent serviceProviderCreated(SamlServiceProvider serviceProvider) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
/*
* ****************************************************************************
* Cloud Foundry
* Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved.
*
* This product is licensed to you under the Apache License, Version 2.0 (the "License").
* You may not use this product except in compliance with the License.
*
* This product includes a number of subcomponents with
* separate copyright notices and license terms. Your use of these
* subcomponents is subject to the terms and conditions of the
* subcomponent's license, as noted in the LICENSE file.
* ****************************************************************************
*/

package org.cloudfoundry.identity.uaa.audit.event;

import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
import org.cloudfoundry.identity.uaa.provider.IdentityProviderValidationRequest;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.junit.Before;
import org.junit.Test;

import static org.cloudfoundry.identity.uaa.audit.event.EntityDeletedEvent.dataFormat;
import static org.junit.Assert.assertEquals;

public class EntityDeletedEventTest {


private IdentityProvider provider;
private IdentityZone zone;

@Before
public void setup() throws Exception {
provider = new IdentityProvider();
provider.setId("id");

zone = IdentityZone.getUaa();
}

@Test
public void getAuditEvent_IdentityProvider() throws Exception {
String expected = String.format(dataFormat, IdentityZone.class.getName(), zone.getId());
evalute(zone, expected);
}

@Test
public void getAuditEvent_IdentityZone() throws Exception {
String expected = String.format(dataFormat, IdentityProvider.class.getName(), provider.getId());
evalute(provider, expected);
}

public void evalute(Object o, String expected) {
EntityDeletedEvent<Object> event = new EntityDeletedEvent(o, new IdentityProviderValidationRequest.UsernamePasswordAuthentication("username","password"));
assertEquals(expected, event.getAuditEvent().getData());
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
/*
* ****************************************************************************
* Cloud Foundry
* Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved.
*
* This product is licensed to you under the Apache License, Version 2.0 (the "License").
* You may not use this product except in compliance with the License.
*
* This product includes a number of subcomponents with
* separate copyright notices and license terms. Your use of these
* subcomponents is subject to the terms and conditions of the
* subcomponent's license, as noted in the LICENSE file.
* ****************************************************************************
*/

package org.cloudfoundry.identity.uaa.zone.event;

import org.cloudfoundry.identity.uaa.constants.OriginKeys;
import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
import org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition;
import org.cloudfoundry.identity.uaa.provider.saml.BootstrapSamlIdentityProviderConfiguratorTests;
import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.junit.Before;
import org.junit.Test;
import org.springframework.security.oauth2.common.util.RandomValueStringGenerator;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import static org.junit.Assert.assertEquals;


public class IdentityProviderModifiedEventTest {

private IdentityProvider<SamlIdentityProviderDefinition> provider;

@Before
public void setup() {
String origin = "idp-mock-saml-"+new RandomValueStringGenerator().generate();
String metadata = String.format(BootstrapSamlIdentityProviderConfiguratorTests.xmlWithoutID, "http://localhost:9999/metadata/"+origin);
provider = new IdentityProvider<>();
provider.setId("id");
provider.setActive(true);
provider.setName(origin);
provider.setIdentityZoneId(IdentityZone.getUaa().getId());
provider.setType(OriginKeys.SAML);
provider.setIdentityZoneId(IdentityZone.getUaa().getId());
provider.setOriginKey(origin);
SamlIdentityProviderDefinition samlDefinition =
new SamlIdentityProviderDefinition()
.setMetaDataLocation(metadata)
.setLinkText("Test SAML Provider");
samlDefinition.setEmailDomain(Arrays.asList("test.com", "test2.com"));
List<String> externalGroupsWhitelist = new ArrayList<>();
externalGroupsWhitelist.add("value");
Map<String, Object> attributeMappings = new HashMap<>();
attributeMappings.put("given_name", "first_name");
samlDefinition.setExternalGroupsWhitelist(externalGroupsWhitelist);
samlDefinition.setAttributeMappings(attributeMappings);
provider.setConfig(samlDefinition);
}

@Test
public void identityProviderCreated() throws Exception {
evaluateEventString(IdentityProviderModifiedEvent.identityProviderCreated(provider));
}

@Test
public void identityProviderModified() throws Exception {
evaluateEventString(IdentityProviderModifiedEvent.identityProviderModified(provider));
}

public void evaluateEventString(IdentityProviderModifiedEvent event) {
String s = event.getAuditEvent().getData();
assertEquals(
String.format(IdentityProviderModifiedEvent.dataFormat,
provider.getId(),
provider.getType(),
provider.getOriginKey(),
provider.getIdentityZoneId()),
s);
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
/*
* ****************************************************************************
* Cloud Foundry
* Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved.
*
* This product is licensed to you under the Apache License, Version 2.0 (the "License").
* You may not use this product except in compliance with the License.
*
* This product includes a number of subcomponents with
* separate copyright notices and license terms. Your use of these
* subcomponents is subject to the terms and conditions of the
* subcomponent's license, as noted in the LICENSE file.
* ****************************************************************************
*/

package org.cloudfoundry.identity.uaa.zone.event;

import org.cloudfoundry.identity.uaa.zone.IdentityZone;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration;
import org.junit.Before;
import org.junit.Test;

import java.util.HashMap;
import java.util.Map;

import static org.junit.Assert.assertEquals;


public class IdentityZoneModifiedEventTest {

private IdentityZone zone;

@Before
public void setup() {
zone = new IdentityZone();
zone.setId("id");
zone.setSubdomain("subdomain");
zone.setName("Test Zone");
zone.setDescription("Test Zone Description");
zone.setConfig(new IdentityZoneConfiguration());
zone.getConfig().getSamlConfig().setPrivateKey("key");
zone.getConfig().getSamlConfig().setPrivateKeyPassword("password");
zone.getConfig().getSamlConfig().setCertificate("certificate");
Map<String, String> keys = new HashMap<>();
keys.put("kid", "key");
zone.getConfig().getTokenPolicy().setKeys(keys);

}

@Test
public void identityZoneCreated() throws Exception {
evaluteZoneAuditData(IdentityZoneModifiedEvent.identityZoneCreated(zone));
}

@Test
public void identityZoneModified() throws Exception {
evaluteZoneAuditData(IdentityZoneModifiedEvent.identityZoneModified(zone));
}

public void evaluteZoneAuditData(IdentityZoneModifiedEvent event) {
String s = event.getAuditEvent().getData();
assertEquals(String.format(IdentityZoneModifiedEvent.dataFormat,
zone.getId(),
zone.getSubdomain()),
s);
}

}
Loading

0 comments on commit bf4999d

Please sign in to comment.