Aut 3601/emit basic auth reauth success event #5242
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BeckaL
force-pushed
the
AUT-3601/emit-basic-auth-reauth-success-event
branch
from
215a741
to
bd3357e
Compare
This gets rid of some java boilerplate
…ul reauth journey Emits a basic event with no extensions - this to follow. This required: * setting up the feature flag for this lambda * Adding a new param to the auth code request (note here that I chose to pass in the boolean of whether or not the journey is a reauth journey, rather than the journey type. This is because passing in the journey type can be somewhat flakey (what if you're resetting a password as part of a reauth journey?) and I don't want to give the false impression that we otherwise have a correct journey type available to us here * Submitting the audit event in the relevant places I think that the lamdba already has correct access to the txma queue although it does not already emit audit events, so no extra permissions should be required here
BeckaL
force-pushed
the
AUT-3601/emit-basic-auth-reauth-success-event
branch
from
bd3357e
to
dd79bc2
Compare
Involved an unholy amount of setup to get this working in tests - would be easier if we were not using the handler method that calls the base frontend handler and sets up a lot of things based on the request, but considering that outside of the scope of the current change
BeckaL
force-pushed
the
AUT-3601/emit-basic-auth-reauth-success-event
branch
from
8779012
to
5714f81
Compare
|
dbes-gds
approved these changes
Sep 17, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What
Emits the AUTH_REAUTH_SUCCESS event in the case of a reauth journey that has reached the point of the authentication auth handler, with metadata of the pairwise id.
Note that this PR does not contain all the extensions required by the event schema - adding the incorrect counts will be done in a subsequent PR, since we'd like to do this by way of the new session stored in dynamo.
How to review
Related PRs
This event will not be emitted until this PR is also merged on the frontend that adds the necessary information to the auth code request to indicate the journey is a reauth journey. This PR is safe to merge first.