Added audit event publishing for IdP creation

[#82438282]
https://www.pivotaltracker.com/story/show/82438282

common/src/main/java/org/cloudfoundry/identity/uaa/audit/AuditEventType.java

@@ -48,7 +48,8 @@ public enum AuditEventType {
     GroupModifiedEvent(24),
     GroupDeletedEvent(25),
     EmailChangedEvent(26),
-    UnverifiedUserAuthentication(27);
+    UnverifiedUserAuthentication(27),
+    IdentityProviderCreatedEvent(28);
 
 
     private final int code;

common/src/main/java/org/cloudfoundry/identity/uaa/audit/event/AbstractUaaEvent.java

@@ -13,6 +13,8 @@
 package org.cloudfoundry.identity.uaa.audit.event;
 
 import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collection;
 import java.util.Map;
 
 import org.cloudfoundry.identity.uaa.audit.AuditEvent;
@@ -22,6 +24,8 @@
 import org.codehaus.jackson.map.annotate.JsonSerialize.Inclusion;
 import org.springframework.context.ApplicationEvent;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 
 /**
@@ -32,7 +36,8 @@
  * 
  */
 public abstract class AbstractUaaEvent extends ApplicationEvent {
-
+
+    private static final long serialVersionUID = -7639844193401892160L;
     private static ObjectMapper mapper = new ObjectMapper();
 
     {
@@ -113,5 +118,50 @@ protected String getOrigin(Principal principal) {
     }
 
     public abstract AuditEvent getAuditEvent();
+
+    protected static Authentication getContextAuthentication() {
+        Authentication a = SecurityContextHolder.getContext().getAuthentication();
+        if (a==null) {
+            a = new Authentication() {
+                private static final long serialVersionUID = 1748694836774597624L;
+
+                ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+                @Override
+                public Collection<? extends GrantedAuthority> getAuthorities() {
+                    return authorities;
+                }
+
+                @Override
+                public Object getCredentials() {
+                    return null;
+                }
+
+                @Override
+                public Object getDetails() {
+                    return null;
+                }
+
+                @Override
+                public Object getPrincipal() {
+                    return "null";
+                }
+
+                @Override
+                public boolean isAuthenticated() {
+                    return false;
+                }
+
+                @Override
+                public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
+                }
+
+                @Override
+                public String getName() {
+                    return "null";
+                }
+            };
+        }
+        return a;
+    }
 
 }

common/src/main/java/org/cloudfoundry/identity/uaa/audit/event/UserModifiedEvent.java

@@ -19,15 +19,12 @@
 import org.cloudfoundry.identity.uaa.audit.AuditEventType;
 import org.codehaus.jackson.map.ObjectMapper;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collection;
 
 public class UserModifiedEvent extends AbstractUaaEvent {
 
+    private static final long serialVersionUID = 8139998613071093676L;
     private String userId;
     private String username;
     private String email;
@@ -116,46 +113,4 @@ public String getEmail() {
         return email;
     }
 
-    protected static Authentication getContextAuthentication() {
-        Authentication a = SecurityContextHolder.getContext().getAuthentication();
-        if (a==null) {
-            a = new Authentication() {
-                ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
-                @Override
-                public Collection<? extends GrantedAuthority> getAuthorities() {
-                    return authorities;
-                }
-
-                @Override
-                public Object getCredentials() {
-                    return null;
-                }
-
-                @Override
-                public Object getDetails() {
-                    return null;
-                }
-
-                @Override
-                public Object getPrincipal() {
-                    return "null";
-                }
-
-                @Override
-                public boolean isAuthenticated() {
-                    return false;
-                }
-
-                @Override
-                public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
-                }
-
-                @Override
-                public String getName() {
-                    return "null";
-                }
-            };
-        }
-        return a;
-    }
 }

common/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderEndpoints.java

@@ -1,3 +1,15 @@
+/*******************************************************************************
+ *     Cloud Foundry
+ *     Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved.
+ *
+ *     This product is licensed to you under the Apache License, Version 2.0 (the "License").
+ *     You may not use this product except in compliance with the License.
+ *
+ *     This product includes a number of subcomponents with
+ *     separate copyright notices and license terms. Your use of these
+ *     subcomponents is subject to the terms and conditions of the
+ *     subcomponent's license, as noted in the LICENSE file.
+ *******************************************************************************/
 package org.cloudfoundry.identity.uaa.zone;
 
 import org.springframework.http.HttpStatus;
@@ -23,5 +35,4 @@ public ResponseEntity<IdentityProvider> createIdentityProvider(@RequestBody Iden
         IdentityProvider createdIdp = identityProviderProvisioning.create(body);
         return new ResponseEntity<>(createdIdp, HttpStatus.CREATED);
     }
-
 }

common/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderModifiedEvent.java

@@ -0,0 +1,42 @@
+/*******************************************************************************
+ *     Cloud Foundry
+ *     Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved.
+ *
+ *     This product is licensed to you under the Apache License, Version 2.0 (the "License").
+ *     You may not use this product except in compliance with the License.
+ *
+ *     This product includes a number of subcomponents with
+ *     separate copyright notices and license terms. Your use of these
+ *     subcomponents is subject to the terms and conditions of the
+ *     subcomponent's license, as noted in the LICENSE file.
+ *******************************************************************************/
+package org.cloudfoundry.identity.uaa.zone;
+
+
+import org.cloudfoundry.identity.uaa.audit.AuditEvent;
+import org.cloudfoundry.identity.uaa.audit.AuditEventType;
+import org.cloudfoundry.identity.uaa.audit.event.AbstractUaaEvent;
+import org.cloudfoundry.identity.uaa.util.JsonUtils;
+import org.springframework.security.core.Authentication;
+
+public class IdentityProviderModifiedEvent extends AbstractUaaEvent {
+
+    private static final long serialVersionUID = -4559543713244231262L;
+
+    private AuditEventType eventType;
+
+    public IdentityProviderModifiedEvent(IdentityProvider identityProvider, Authentication authentication, AuditEventType type) {
+        super(identityProvider, authentication);
+        eventType = type;
+    }
+
+    @Override
+    public AuditEvent getAuditEvent() {
+        return createAuditRecord(getSource().toString(), eventType, getOrigin(getAuthentication()), JsonUtils.writeValueAsString(source));
+    }
+
+    public static IdentityProviderModifiedEvent identityProviderCreated(IdentityProvider identityProvider) {
+        return new IdentityProviderModifiedEvent(identityProvider, getContextAuthentication(), AuditEventType.IdentityProviderCreatedEvent);
+    }
+
+}

common/src/main/java/org/cloudfoundry/identity/uaa/zone/IdentityProviderProvisioning.java

@@ -1,6 +1,6 @@
 /*******************************************************************************
  *     Cloud Foundry
- *     Copyright (c) [2009-2014] Pivotal Software, Inc. All Rights Reserved.
+ *     Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved.
  *
  *     This product is licensed to you under the Apache License, Version 2.0 (the "License").
  *     You may not use this product except in compliance with the License.

common/src/main/java/org/cloudfoundry/identity/uaa/zone/event/IdentityProviderEventPublisher.java

@@ -0,0 +1,37 @@
+/*******************************************************************************
+ *     Cloud Foundry
+ *     Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved.
+ *
+ *     This product is licensed to you under the Apache License, Version 2.0 (the "License").
+ *     You may not use this product except in compliance with the License.
+ *
+ *     This product includes a number of subcomponents with
+ *     separate copyright notices and license terms. Your use of these
+ *     subcomponents is subject to the terms and conditions of the
+ *     subcomponent's license, as noted in the LICENSE file.
+ *******************************************************************************/
+package org.cloudfoundry.identity.uaa.zone.event;
+
+import org.cloudfoundry.identity.uaa.zone.IdentityProvider;
+import org.cloudfoundry.identity.uaa.zone.IdentityProviderModifiedEvent;
+import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.context.ApplicationEventPublisherAware;
+
+public class IdentityProviderEventPublisher implements ApplicationEventPublisherAware {
+    private ApplicationEventPublisher publisher;
+    @Override
+    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
+        this.publisher = applicationEventPublisher;
+    }
+
+    public void idpCreated(IdentityProvider identityProvider) {
+        publish(IdentityProviderModifiedEvent.identityProviderCreated(identityProvider));
+    }
+
+    public void publish(ApplicationEvent event) {
+        if (publisher!=null) {
+            publisher.publishEvent(event);
+        }
+    }
+}

common/src/test/java/org/cloudfoundry/identity/uaa/audit/AuditEventTypeTests.java

@@ -14,7 +14,7 @@ public void testAuditEventType() {
             assertEquals(type, AuditEventType.fromCode(count));
             count++;
         }
-        assertEquals(28,count);
+        assertEquals(29,count);
     }
 
 }

uaa/src/main/webapp/WEB-INF/spring/multitenant-endpoints.xml

@@ -3,10 +3,13 @@
        xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
        xmlns:mvc="http://www.springframework.org/schema/mvc"
        xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:aop="http://www.springframework.org/schema/aop"
        xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
 		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
 		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
-		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
+		http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd">
 
     <bean id="identityZoneProvisioning" class="org.cloudfoundry.identity.uaa.zone.JdbcIdentityZoneProvisioning">
         <constructor-arg ref="jdbcTemplate" />
@@ -43,4 +46,12 @@
         <expression-handler ref="oauthWebExpressionHandler" />
     </http>
 
+    <bean id="idpEventPublisher" class="org.cloudfoundry.identity.uaa.zone.event.IdentityProviderEventPublisher"/>
+
+    <aop:config proxy-target-class="true">
+        <aop:aspect ref="idpEventPublisher">
+            <aop:after-returning method="idpCreated"
+                                 pointcut="execution(* *..IdentityProviderProvisioning+.create(..)) and bean(identityProviderProvisioning)" returning="identityProvider" />
+        </aop:aspect>
+    </aop:config>
 </beans>