-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CC-33738 Audit Logs with CloudWatch. (#10986)
CC-33738 Audit Logs with CloudWatch
- Loading branch information
1 parent
aa400df
commit 09cc24e
Showing
10 changed files
with
445 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
namespace: WarehouseOauthBackendApi | ||
include: | ||
- tests/SprykerTest/Glue/WarehouseOauthBackendApi | ||
actor: Tester | ||
paths: | ||
tests: tests | ||
output: tests/_output | ||
data: tests/_data | ||
support: tests/_support | ||
envs: tests/_envs | ||
settings: | ||
suite_class: \PHPUnit\Framework\TestSuite | ||
colors: true | ||
memory_limit: 1024M | ||
log: true | ||
coverage: | ||
enabled: true | ||
whitelist: | ||
include: | ||
- 'src/*.php' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
87 changes: 87 additions & 0 deletions
87
src/Spryker/Glue/WarehouseOauthBackendApi/Processor/Logger/AuditLogger.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
<?php | ||
|
||
/** | ||
* Copyright © 2016-present Spryker Systems GmbH. All rights reserved. | ||
* Use of this software requires acceptance of the Evaluation License Agreement. See LICENSE file. | ||
*/ | ||
|
||
namespace Spryker\Glue\WarehouseOauthBackendApi\Processor\Logger; | ||
|
||
use Generated\Shared\Transfer\AuditLoggerConfigCriteriaTransfer; | ||
use Generated\Shared\Transfer\GlueRequestTransfer; | ||
use Spryker\Shared\Log\AuditLoggerTrait; | ||
|
||
class AuditLogger implements AuditLoggerInterface | ||
{ | ||
use AuditLoggerTrait; | ||
|
||
/** | ||
* @uses \Spryker\Shared\Log\LogConfig::AUDIT_LOGGER_CHANNEL_NAME_SECURITY | ||
* | ||
* @var string | ||
*/ | ||
protected const AUDIT_LOGGER_CHANNEL_NAME_SECURITY = 'security'; | ||
|
||
/** | ||
* @uses \Spryker\Shared\Log\Handler\TagFilterBufferedStreamHandler::RECORD_KEY_CONTEXT_TAGS | ||
* | ||
* @var string | ||
*/ | ||
protected const AUDIT_LOGGER_RECORD_KEY_CONTEXT_TAGS = 'tags'; | ||
|
||
/** | ||
* @param \Generated\Shared\Transfer\GlueRequestTransfer $glueRequestTransfer | ||
* | ||
* @return void | ||
*/ | ||
public function addWarehouseUserFailedLoginAuditLog(GlueRequestTransfer $glueRequestTransfer): void | ||
{ | ||
$context = $this->addGlueRequestContext( | ||
[static::AUDIT_LOGGER_RECORD_KEY_CONTEXT_TAGS => ['warehouse_user_failed_login']], | ||
$glueRequestTransfer, | ||
); | ||
|
||
$this->addAuditLog('Failed Login (Warehouse User)', $context); | ||
} | ||
|
||
/** | ||
* @param \Generated\Shared\Transfer\GlueRequestTransfer $glueRequestTransfer | ||
* | ||
* @return void | ||
*/ | ||
public function addWarehouseUserSuccessfulLoginAuditLog(GlueRequestTransfer $glueRequestTransfer): void | ||
{ | ||
$context = $this->addGlueRequestContext( | ||
[static::AUDIT_LOGGER_RECORD_KEY_CONTEXT_TAGS => ['warehouse_user_successful_login']], | ||
$glueRequestTransfer, | ||
); | ||
|
||
$this->addAuditLog('Successful Login (Warehouse User)', $context); | ||
} | ||
|
||
/** | ||
* @param array<string, mixed> $context | ||
* @param \Generated\Shared\Transfer\GlueRequestTransfer $glueRequestTransfer | ||
* | ||
* @return array<string, mixed> | ||
*/ | ||
protected function addGlueRequestContext(array $context, GlueRequestTransfer $glueRequestTransfer): array | ||
{ | ||
$context['user_uuid'] = $glueRequestTransfer->getRequestUserOrFail()->getNaturalIdentifier(); | ||
|
||
return $context; | ||
} | ||
|
||
/** | ||
* @param string $action | ||
* @param array<string, mixed> $context | ||
* | ||
* @return void | ||
*/ | ||
protected function addAuditLog(string $action, array $context): void | ||
{ | ||
$this->getAuditLogger( | ||
(new AuditLoggerConfigCriteriaTransfer())->setChannelName(static::AUDIT_LOGGER_CHANNEL_NAME_SECURITY), | ||
)->info($action, $context); | ||
} | ||
} |
27 changes: 27 additions & 0 deletions
27
src/Spryker/Glue/WarehouseOauthBackendApi/Processor/Logger/AuditLoggerInterface.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
<?php | ||
|
||
/** | ||
* Copyright © 2016-present Spryker Systems GmbH. All rights reserved. | ||
* Use of this software requires acceptance of the Evaluation License Agreement. See LICENSE file. | ||
*/ | ||
|
||
namespace Spryker\Glue\WarehouseOauthBackendApi\Processor\Logger; | ||
|
||
use Generated\Shared\Transfer\GlueRequestTransfer; | ||
|
||
interface AuditLoggerInterface | ||
{ | ||
/** | ||
* @param \Generated\Shared\Transfer\GlueRequestTransfer $glueRequestTransfer | ||
* | ||
* @return void | ||
*/ | ||
public function addWarehouseUserFailedLoginAuditLog(GlueRequestTransfer $glueRequestTransfer): void; | ||
|
||
/** | ||
* @param \Generated\Shared\Transfer\GlueRequestTransfer $glueRequestTransfer | ||
* | ||
* @return void | ||
*/ | ||
public function addWarehouseUserSuccessfulLoginAuditLog(GlueRequestTransfer $glueRequestTransfer): void; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.