From d288a2bd33d00811392d7aca2594b5b184f268f8 Mon Sep 17 00:00:00 2001 From: fwang12 Date: Tue, 21 Feb 2023 13:00:04 +0800 Subject: [PATCH] [KYUUBI #3951][FOLLOWUP] Audit the rest request params ### _Why are the changes needed?_ Before: ``` user=anonymous(auth:BASIC) ip=127.0.0.1 proxyIp=null method=GET uri=/api/v1/operations/5e286c5d-2880-443f-a4e8-633964dcd699/rowset protocol=HTTP/1.1 status=200 ``` After: ``` user=anonymous(auth:BASIC) ip=127.0.0.1 proxyIp=null method=GET uri=/api/v1/operations/5e286c5d-2880-443f-a4e8-633964dcd699/rowset params=maxrows=2&fetchorientation=FETCH_NEXT protocol=HTTP/1.1 status=200 ``` ``` params=maxrows=2&fetchorientation=FETCH_NEXT ``` ### _How was this patch tested?_ - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible - [ ] Add screenshots for manual tests if appropriate - [x] [Run test](https://kyuubi.readthedocs.io/en/master/develop_tools/testing.html#running-tests) locally before make a pull request Closes #4389 from turboFei/rest_params. Closes #3951 6ffc1adbd [fwang12] comments 61e12b1b1 [fwang12] nit 0632860d2 [fwang12] Audit the request params Authored-by: fwang12 Signed-off-by: fwang12 --- .../server/http/authentication/AuthenticationAuditLogger.scala | 1 + 1 file changed, 1 insertion(+) diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala index ac1ee2a63a6..ac74c449bdf 100644 --- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala +++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala @@ -35,6 +35,7 @@ object AuthenticationAuditLogger extends Logging { sb.append(s"proxyIp=${HTTP_PROXY_HEADER_CLIENT_IP_ADDRESS.get()}").append("\t") sb.append(s"method=${request.getMethod}").append("\t") sb.append(s"uri=${request.getRequestURI}").append("\t") + sb.append(s"params=${request.getQueryString}").append("\t") sb.append(s"protocol=${request.getProtocol}").append("\t") sb.append(s"status=${response.getStatus}") info(sb.toString())