Op 17001 audit tail exec v4.0 phase2 (#239)

* OP-15420: filterBy in gate v4.0 * OP-14834: invalidate session and throw SAMLAuthenticationException (#209) (#216) * OP-14834: Check and update the token. * OP-14834: Updated logs and packages. * OP-14834: Only validates ExpiringUsernameAuthenticationToken. * OP-14834: Only validates ExpiringUsernameAuthenticationToken. * OP-14834: Added SamlAuthTokenUpdateFilter to the filter chain. * OP-14834: Added SamlAuthTokenUpdateFilter to the filter chain after basic auth filter. * OP-14834: redirect to logout * OP-14834: throw AccessDeniedException * OP-14834:redirect to /saml/login. * OP-14834:redirect to /saml/sso. * OP-14834: send html response * OP-14834: clear context * OP-14834: invalidate session * OP-14834: and then logout * OP-14834: clear context, invalidate session and redirect to log out url. * OP-14834: invalidate session and throw SAMLAuthenticationException * OP-14834: removed commented code. * OP-14834: Updated the log message. * OP-14834: Updated the certificate * OP-16308: OP-16308: Wait and retry if connection fails. Also, css file missing fix. (#217) (#218) * op-16538 op-16537 - Added autocomplete off in login page * OP-16545: jquery upgraded to 3.6.0. (#224) * OP-16992 : Added parameter for PipelineAndPolicy summarycount (#229) (#230) * OP-16541: Added contentSecurityPolicy header. * OP-16541: config change contentSecurityPolicy. * OP-17106: Added SamlSsoEventPublishConfig to update ApplicationEventPublisher. * OP-17106: get FilterChainProxy and then go for SAMLProcessingFilter to update ApplicationEventPublisher. * OP-17106: code correction. * OP-17106: added logs. * OP-17106: Handling InteractiveAuthenticationSuccessEvent events also. * OP-17106: Handling serialization issues. * OP-17106: set details to null to remove some json serialization issues. * OP-17106: Added AuditData. * OP-17106: Setting name. * OP-17106: Setting name via source. * OP-17106: Refactored code. * OP-17106: Added some comments. * OP-17106: Refactored configs. * OP-17106: Appending roles configs. * OP-17106: Logs and comments. * OP-17001: audit trail execution (#237) * OP-17001: audit trail execution * OP-17001: audit trail execution phase 2 * OP-17001: audit trail execution phase 3 Co-authored-by: arunkumaropsmx <arun.kumar@opsmx.io> Co-authored-by: Rahul Chekuri <89373036+rahul-chekuri@users.noreply.github.com> Co-authored-by: Sahiti Tarigoppula <sahiti.tarigoppula@opsmx.io> Co-authored-by: Luthan95 <66585454+Luthan95@users.noreply.github.com> Co-authored-by: Sudhakar Guvvalapall <sudhakar@opsmx.io> Co-authored-by: rahul-chekuri <rahulgandhi.chekuri@opsmx.io> Co-authored-by: Sri Harsha Kancharla <harsha.kancharla@opsmx.io>
OpsMx · Sep 30, 2022 · afcba1a · afcba1a
1 parent 99810e1
commit afcba1a
Showing 1 changed file with 3 additions and 13 deletions.
diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/audit/AuthenticationAuditListener.java
@@ -49,7 +49,7 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) {
       if (event.getAuthentication().isAuthenticated()
           && event instanceof InteractiveAuthenticationSuccessEvent) {
         log.debug("publishEvent InteractiveAuthenticationSuccessEvent");
-        handleAuthenticationEvent(event, AuditEventType.AUTHENTICATION_SUCCESSFUL_AUDIT);
+        handleInteractiveAuthenticationSuccessEvent(event);
         return;
       }
 
@@ -62,15 +62,6 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) {
         log.debug("publishEvent AbstractAuthenticationFailureEvent");
         auditHandler.publishEvent(AuditEventType.AUTHENTICATION_FAILURE_AUDIT, event);
       } else if (event instanceof LogoutSuccessEvent) {
-        if (event
-            .getAuthentication()
-            .getClass()
-            .getName()
-            .equals("org.springframework.security.providers.ExpiringUsernameAuthenticationToken")) {
-          log.debug("publishEvent LogoutSuccessEvent with ExpiringUsernameAuthenticationToken");
-          handleAuthenticationEvent(event, AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT);
-          return;
-        }
         log.debug("publishEvent LogoutSuccessEvent");
         auditHandler.publishEvent(AuditEventType.SUCCESSFUL_USER_LOGOUT_AUDIT, event);
       }
@@ -80,15 +71,14 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) {
     }
   }
 
-  private void handleAuthenticationEvent(
-      AbstractAuthenticationEvent event, AuditEventType eventType) {
+  private void handleInteractiveAuthenticationSuccessEvent(AbstractAuthenticationEvent event) {
     AbstractAuthenticationToken auth = (AbstractAuthenticationToken) event.getAuthentication();
     String name = auth.getName();
     List<String> roles =
         Optional.ofNullable(auth.getAuthorities()).orElse(new ArrayList<>()).stream()
             .map(GrantedAuthority::getAuthority)
             .collect(Collectors.toList());
     AuditData data = new AuditData(name, roles);
-    auditHandler.publishEvent(eventType, data);
+    auditHandler.publishEvent(AuditEventType.AUTHENTICATION_SUCCESSFUL_AUDIT, data);
   }
 }