Search in sources :

Example 1 with RequestAuditRecord

use of org.cloudfoundry.credhub.entity.RequestAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditOAuth2AccessDeniedHandler method handle.

@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException, ServletException {
    try {
        super.handle(request, response, authException);
    } finally {
        String token = (String) request.getAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE);
        UserContext userContext = userContextFactory.createUserContext(tokenStore.readAuthentication(token), token);
        RequestAuditRecord requestAuditRecord = auditLogFactory.createRequestAuditRecord(request, userContext, response.getStatus());
        requestAuditRecordDataService.save(requestAuditRecord);
        securityEventsLogService.log(new SecurityEventAuditRecord(requestAuditRecord, userContext.getActor()));
    }
}
Also used : SecurityEventAuditRecord(org.cloudfoundry.credhub.domain.SecurityEventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord)

Example 2 with RequestAuditRecord

use of org.cloudfoundry.credhub.entity.RequestAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditTest method when_event_fails_it_logs_correct_success_flag_and_status_code.

@Test
public void when_event_fails_it_logs_correct_success_flag_and_status_code() throws Exception {
    long initialRequestAuditCount = requestAuditRecordRepository.count();
    long initialEventAuditCount = eventAuditRecordRepository.count();
    String credentialName = "/TEST/SECRET";
    mockMvc.perform(get("/api/v1/data?name=" + credentialName).header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON)).andExpect(status().isNotFound());
    assertThat(requestAuditRecordRepository.count(), equalTo(initialRequestAuditCount + 1L));
    assertThat(eventAuditRecordRepository.count(), equalTo(initialEventAuditCount + 1));
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(requestAuditRecord.getStatusCode(), equalTo(404));
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    verify(logger, times(1)).info(captor.capture());
    assertThat(captor.getValue(), containsString("cs4=404"));
    EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(eventAuditRecord.isSuccess(), equalTo(false));
    assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 3 with RequestAuditRecord

use of org.cloudfoundry.credhub.entity.RequestAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditTest method normally_logs_event_and_request.

@Test
public void normally_logs_event_and_request() throws Exception {
    String credentialName = "/TEST/SECRET";
    String credentialType = "password";
    long initialRequestAuditCount = requestAuditRecordRepository.count();
    long initialEventAuditCount = eventAuditRecordRepository.count();
    mockMvc.perform(post("/api/v1/data").header("Authorization", "Bearer " + AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_TOKEN).accept(APPLICATION_JSON).contentType(APPLICATION_JSON).content("{" + "\"name\":\"" + credentialName + "\"," + "\"type\":\"" + credentialType + "\"" + "}")).andExpect(status().isOk());
    assertThat(requestAuditRecordRepository.count(), equalTo(1L + initialRequestAuditCount));
    assertThat(eventAuditRecordRepository.count(), equalTo(6L + initialEventAuditCount));
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(requestAuditRecord.getAuthMethod(), equalTo("uaa"));
    assertThat(requestAuditRecord.getPath(), equalTo("/api/v1/data"));
    ArgumentCaptor<String> captor = ArgumentCaptor.forClass(String.class);
    verify(logger, times(1)).info(captor.capture());
    assertThat(captor.getValue(), containsString("cs4=200"));
    EventAuditRecord eventAuditRecord = eventAuditRecordRepository.findAll(sortByDate).get(0);
    assertThat(eventAuditRecord.getCredentialName(), equalTo("/TEST/SECRET"));
    assertThat(eventAuditRecord.getActor(), equalTo(AuthConstants.UAA_OAUTH2_PASSWORD_GRANT_ACTOR_ID));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 4 with RequestAuditRecord

use of org.cloudfoundry.credhub.entity.RequestAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditingHelper method verifyAuditing.

public void verifyAuditing(AuditingOperationCode auditingOperationCode, String credentialName, String actor, String path, int statusCode) {
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(requestAuditRecord.getPath(), equalTo(path));
    assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
    List<EventAuditRecord> auditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
    EventAuditRecord eventAuditRecord = auditRecords.get(0);
    assertThat(eventAuditRecord.getOperation(), equalTo(auditingOperationCode.toString()));
    assertThat(eventAuditRecord.getCredentialName(), equalTo(credentialName));
    assertThat(eventAuditRecord.isSuccess(), equalTo(HttpStatus.valueOf(statusCode).is2xxSuccessful()));
    assertThat(eventAuditRecord.getActor(), equalTo(actor));
    assertThat(requestAuditRecord.getUuid(), equalTo(eventAuditRecord.getRequestUuid()));
}
Also used : EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Sort(org.springframework.data.domain.Sort)

Example 5 with RequestAuditRecord

use of org.cloudfoundry.credhub.entity.RequestAuditRecord in project credhub by cloudfoundry-incubator.

the class AuditingHelper method verifyAuditing.

public void verifyAuditing(String actor, String path, int statusCode, List<EventAuditRecordParameters> eventAuditRecordParametersList) {
    RequestAuditRecord requestAuditRecord = requestAuditRecordRepository.findAll(new Sort(DESC, "now")).get(0);
    assertThat(requestAuditRecord.getPath(), equalTo(path));
    assertThat(requestAuditRecord.getStatusCode(), equalTo(statusCode));
    List<EventAuditRecord> eventAuditRecords = eventAuditRecordRepository.findAll(new Sort(DESC, "now"));
    assertThat(eventAuditRecords, hasSize(greaterThanOrEqualTo(eventAuditRecordParametersList.size())));
    boolean expectedSuccess = HttpStatus.valueOf(statusCode).is2xxSuccessful();
    assertThat(eventAuditRecords.subList(0, eventAuditRecordParametersList.size()), containsInAnyOrder(eventAuditRecordParametersList.stream().map(parameters -> matchesExpectedEvent(parameters, actor, expectedSuccess, requestAuditRecord.getUuid())).collect(Collectors.toList())));
}
Also used : Description(org.hamcrest.Description) Matchers.greaterThanOrEqualTo(org.hamcrest.Matchers.greaterThanOrEqualTo) IsEqual.equalTo(org.hamcrest.core.IsEqual.equalTo) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) UUID(java.util.UUID) StringUtils(org.apache.commons.lang3.StringUtils) Collectors(java.util.stream.Collectors) BaseMatcher(org.hamcrest.BaseMatcher) HttpStatus(org.springframework.http.HttpStatus) List(java.util.List) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) AuditingOperationCode(org.cloudfoundry.credhub.audit.AuditingOperationCode) Matcher(org.hamcrest.Matcher) RequestAuditRecordRepository(org.cloudfoundry.credhub.repository.RequestAuditRecordRepository) Matchers.hasSize(org.hamcrest.Matchers.hasSize) Sort(org.springframework.data.domain.Sort) EventAuditRecordRepository(org.cloudfoundry.credhub.repository.EventAuditRecordRepository) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) DESC(org.springframework.data.domain.Sort.Direction.DESC) EventAuditRecord(org.cloudfoundry.credhub.entity.EventAuditRecord) RequestAuditRecord(org.cloudfoundry.credhub.entity.RequestAuditRecord) Sort(org.springframework.data.domain.Sort)

Aggregations

RequestAuditRecord (org.cloudfoundry.credhub.entity.RequestAuditRecord)19 Test (org.junit.Test)13 SecurityEventAuditRecord (org.cloudfoundry.credhub.domain.SecurityEventAuditRecord)8 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)6 EventAuditRecord (org.cloudfoundry.credhub.entity.EventAuditRecord)4 Sort (org.springframework.data.domain.Sort)4 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 List (java.util.List)2 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)2 Principal (java.security.Principal)1 Collections.emptyList (java.util.Collections.emptyList)1 UUID (java.util.UUID)1 Collectors (java.util.stream.Collectors)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 StringUtils (org.apache.commons.lang3.StringUtils)1 AuditingOperationCode (org.cloudfoundry.credhub.audit.AuditingOperationCode)1 EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)1 UserContext (org.cloudfoundry.credhub.auth.UserContext)1 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)1