Skip to content

Commit

Permalink
Refactor diagnostic log builders.
Browse files Browse the repository at this point in the history
  • Loading branch information
@dhaura
dhaura committed Apr 5, 2024
1 parent 784af7d commit 8598f8b
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 24 deletions.
2 changes: 2 additions & 0 deletions ...a/org/wso2/carbon/identity/application/authenticator/oidc/OIDCAuthenticatorConstants.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,8 @@ private OIDCAuthenticatorConstants() {
public static final String SCOPE_PARAM_SUFFIX = "_scope_param";
public static final String REDIRECTION_PROMPT = "REDIRECTION_PROMPT";
public static final String SCOPE = "scope";
public static final String AMPERSAND_SIGN = "&";
public static final String EQUAL_SIGN = "=";

/**
* This class holds the constants related to authenticator configuration parameters.
Expand Down
75 changes: 51 additions & 24 deletions ...a/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
Expand Down Expand Up @@ -450,49 +451,58 @@ protected void initiateAuthenticationRequest(HttpServletRequest request, HttpSer
AuthenticationContext context) throws AuthenticationFailedException {

try {
DiagnosticLog.DiagnosticLogBuilder flowCompletionDiagnosticLogBuilder = null;
if (LoggerUtils.isDiagnosticLogsEnabled()) {
flowCompletionDiagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = null;
if (LoggerUtils.isDiagnosticLogsEnabled() && context.getAuthenticatorProperties() != null) {
diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
getComponentId(), INITIATE_OUTBOUND_AUTH_REQUEST);
diagnosticLogBuilder.logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION)
.resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
.inputParam(LogConstants.InputKeys.STEP, context.getCurrentStep())
.inputParam("authenticator properties", context.getAuthenticatorProperties().keySet())
.inputParam(LogConstants.InputKeys.IDP, context.getExternalIdP().getIdPName())
.inputParams(getApplicationDetails(context));
}
String loginPage = prepareLoginPage(request, context, flowCompletionDiagnosticLogBuilder);

String loginPage = prepareLoginPage(request, context);
response.sendRedirect(loginPage);
if (LoggerUtils.isDiagnosticLogsEnabled() && flowCompletionDiagnosticLogBuilder != null) {
flowCompletionDiagnosticLogBuilder.resultMessage("Redirecting to the federated IDP login page.");
LoggerUtils.triggerDiagnosticLogEvent(flowCompletionDiagnosticLogBuilder);
if (LoggerUtils.isDiagnosticLogsEnabled() && diagnosticLogBuilder != null) {
String scopes = extractScopesFromURL(loginPage);
if (StringUtils.isNotEmpty(scopes)) {
diagnosticLogBuilder.inputParam("scopes", scopes);
}
diagnosticLogBuilder.resultMessage("Redirecting to the federated IDP login page.");
LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
}
} catch (IOException e) {
throw new AuthenticationFailedException(ErrorMessages.IO_ERROR.getCode(), e.getMessage(), e);
}
}

protected String prepareLoginPage(HttpServletRequest request, AuthenticationContext context,
DiagnosticLog.DiagnosticLogBuilder flowCompletionDiagnosticLogBuilder)
/**
* Prepare the login page needed for initiating authentication request.
*
* @param request Http Servlet Request.
* @param context Authentication Context of the flow.
* @return Login page needed for initiating authentication request.
*/
protected String prepareLoginPage(HttpServletRequest request, AuthenticationContext context)
throws AuthenticationFailedException {

try {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
DiagnosticLog.DiagnosticLogBuilder flowInitiationDiagnosticLogBuilder =
DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder =
new DiagnosticLog.DiagnosticLogBuilder(
getComponentId(), INITIATE_OUTBOUND_AUTH_REQUEST);
flowInitiationDiagnosticLogBuilder.resultMessage("Initiate outbound OIDC authentication request.")
diagnosticLogBuilder.resultMessage("Initiate outbound OIDC authentication request.")
.logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION)
.resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
.inputParam(LogConstants.InputKeys.STEP, context.getCurrentStep())
.inputParam(LogConstants.InputKeys.IDP, context.getExternalIdP().getIdPName())
.inputParams(getApplicationDetails(context));
LoggerUtils.triggerDiagnosticLogEvent(flowInitiationDiagnosticLogBuilder);
LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
}
Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
if (authenticatorProperties != null) {
if (LoggerUtils.isDiagnosticLogsEnabled()) {
flowCompletionDiagnosticLogBuilder.logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION)
.resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
.inputParam(LogConstants.InputKeys.STEP, context.getCurrentStep())
.inputParam("authenticator properties", authenticatorProperties.keySet())
.inputParam(LogConstants.InputKeys.IDP, context.getExternalIdP().getIdPName())
.inputParams(getApplicationDetails(context));
}
String clientId = authenticatorProperties.get(OIDCAuthenticatorConstants.CLIENT_ID);
String authorizationEP = getOIDCAuthzEndpoint(authenticatorProperties);
String callbackurl = getCallbackUrl(authenticatorProperties);
Expand Down Expand Up @@ -521,9 +531,6 @@ protected String prepareLoginPage(HttpServletRequest request, AuthenticationCont

String queryString = getQueryString(authenticatorProperties);
if (StringUtils.isNotBlank(scopes)) {
if (LoggerUtils.isDiagnosticLogsEnabled() && flowCompletionDiagnosticLogBuilder != null) {
flowCompletionDiagnosticLogBuilder.inputParam("scopes", scopes);
}
queryString += "&scope=" + scopes;
}
queryString = interpretQueryString(context, queryString, request.getParameterMap());
Expand Down Expand Up @@ -2050,7 +2057,7 @@ private AuthenticatorFlowStatus processLogout(HttpServletRequest request, HttpSe
* @param context Authentication context.
* @return Map of application details.
*/
private Map<String, String> getApplicationDetails(AuthenticationContext context) {
protected Map<String, String> getApplicationDetails(AuthenticationContext context) {

Map<String, String> applicationDetailsMap = new HashMap<>();
FrameworkUtils.getApplicationResourceId(context).ifPresent(applicationId ->
Expand All @@ -2061,6 +2068,26 @@ private Map<String, String> getApplicationDetails(AuthenticationContext context)
return applicationDetailsMap;
}

/**
* Extract query param scopes from a given url.
*
* @param url Given url.
* @return Extracted scopes as a String.
*/
protected String extractScopesFromURL(String url) throws UnsupportedEncodingException {

if (StringUtils.isNotBlank(url)) {
String[] params = url.split(OIDCAuthenticatorConstants.AMPERSAND_SIGN);
for (String param : params) {
String[] keyValue = param.split(OIDCAuthenticatorConstants.EQUAL_SIGN);
if (keyValue.length >= 2 && OAuthConstants.OAuth20Params.SCOPE.equals(keyValue[0])) {
return URLDecoder.decode(param, FrameworkUtils.UTF_8);
}
}
}
return StringUtils.EMPTY;
}

private static List<String> getUserAttributeClaimMappingList(AuthenticatedUser authenticatedUser) {

return authenticatedUser.getUserAttributes().keySet().stream()
Expand Down

0 comments on commit 8598f8b

Please sign in to comment.