...

Source file src/edge-infra.dev/pkg/edge/auth-proxy/store/audit.go

Documentation: edge-infra.dev/pkg/edge/auth-proxy/store

     1  package store
     2  
     3  import (
     4  	"github.com/gorilla/sessions"
     5  
     6  	"edge-infra.dev/pkg/edge/audit"
     7  	"edge-infra.dev/pkg/edge/auth-proxy/types"
     8  )
     9  
    10  const (
    11  	// Success
    12  	Success = "Success"
    13  	// Failure
    14  	Failure = "Failure"
    15  	// Unknown
    16  	Unknown = "UNKNOWN"
    17  	// SaveSessionOp
    18  	SaveSessionOp = "session:save"
    19  	// DestroySessionOp
    20  	DestroySessionOp = "session:destroy"
    21  	// CleanupExpiredSessionOp
    22  	CleanupExpiredSessionOp = "session:cleanupExpired"
    23  )
    24  
    25  func (db *PGStore) audit(operationName, status string, session *sessions.Session) {
    26  	opts := []audit.Option{
    27  		audit.WithOperationName(operationName),
    28  		audit.WithStatus(status),
    29  		audit.WithRequestURL(Unknown),
    30  		audit.WithMethod(Unknown),
    31  		audit.WithActor(Unknown),
    32  		audit.WithUserAgent(Unknown),
    33  		audit.WithUserIP(Unknown),
    34  		audit.WithParameters(map[string]interface{}{
    35  			"session_id":           session.ID,
    36  			"session_name":         session.Name(),
    37  			"session_username":     session.Values[types.SessionUsernameField],
    38  			"session_email":        session.Values[types.SessionEmailField],
    39  			"session_auth_type":    session.Values[types.SessionAuthTypeField],
    40  			"session_organization": session.Values[types.SessionOrganizationField],
    41  			"session_created_at":   session.Values[types.SessionCreationField],
    42  			"session_expired_at":   session.Values[types.SessionExpirationField],
    43  		}),
    44  	}
    45  	db.auditLog.Log(opts...)
    46  }
    47  
    48  func enrichLogWithSession(opName string, session *sessions.Session) []any {
    49  	return []any{
    50  		"correlation_id",
    51  		session.Values[types.SessionCorrelationID],
    52  		"operation_name",
    53  		opName,
    54  		"session_id",
    55  		session.ID,
    56  		"session_username",
    57  		session.Values[types.SessionUsernameField],
    58  		"session_email",
    59  		session.Values[types.SessionEmailField],
    60  		"session_auth_type",
    61  		session.Values[types.SessionAuthTypeField],
    62  		"session_organization",
    63  		session.Values[types.SessionOrganizationField],
    64  		"session_created_at",
    65  		session.Values[types.SessionCreationField],
    66  		"session_expired_at",
    67  		session.Values[types.SessionExpirationField],
    68  	}
    69  }
    70  

View as plain text