-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PXP-7447 audit-service integration #885
Conversation
Pull Request Test Coverage Report for Build 10605
💛 - Coveralls |
The style in this PR agrees with This formatting comment was generated automatically by a script in uc-cdis/wool. |
looks good to me |
create_login_log(self.idp_name) | ||
|
||
|
||
def create_login_log(idp_name): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a thought (no need to take any action), but I wonder if we could make our own @audit
decorator where needed to generically (more or less) allow for auditable functions 🤔
# The audit-service returns 201 before inserting the log in the DB. | ||
# This request should only error if the input is incorrect (status | ||
# code 422) or if the service is unreachable. | ||
if resp.status_code != 201: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the audit service becomes unavailable for any reason or an unexpected error occurs, is that acceptable for the user story? In that case might we lose some fidelity on auditing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i'm not sure i understand your question but yes, fence crashing in case of audit-service failure is fine for this ticket, there's a separate ticket to improve this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I worded that poorly, and thanks for confirming! I was wondering if there were some cases where maybe we'd send an audit log request before an action like...
# 1 Track an audit entry
POST /audit
# 2 Perform some action
POST /login
And if it was possible for the /audit
action to fail, but the /login
action to succeed. And so maybe we'd log in but not track it properly, and I was wondering if that was a problem. I wasn't sure if it could be a problem that we didn't have 100% confidence on how well we logged all our auditable behavior.
But it sounds like things should crash for now if that happens and then we'll enhance in the future, so nevermind! 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
gotcha, yeah that would be a problem. the current plan is to use a queueing service that Fence can post to and the audit service can read from
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a few questions, but lgtm!
Jira Ticket: PXP-7447
Audit Service integration:
post_login
)post_login
calls to all IDPs' callback endpoints, and add a unit test to make sure all future IDP implementations call it tooAnd other changes:
handle_login
function andmock_get
,authentication_headers
fixturesFenceLogin
(/login/fence
),FenceCallback
(/login/fence/login
),ShibbolethLogin
(/login/shib
) andShibbolethCallback
(/login/shib/login
) classes now inherit from the same base classes as other IDP endpoints/login/fence/login
endpoint now ignores mismatched states ifMOCK_AUTH == True
to facilitate testing/login/ras/callback
endpoint so we get logs ifrefresh_token
oridp_token
are missing before crashingDEFAULT_LOGIN_URL
in the/oauth2
endpoint; checkDEFAULT_LOGIN_IDP
and use this IDP's URL insteadfence_idp
andshib_idp
to userinfo endpointNew Features
Deployment changes
ENABLE_AUDIT_LOGS
to the fence config (seefence/fence/config-default.yaml
Lines 586 to 588 in 1c850d0