search

azist / azos

A to Z Sky Operating System / Microservice Chassis Framework
MIT License
213 stars 29 forks source link

Add `Requestor` to the AuthKit tracing #846

Closed itadapter closed 1 year ago

itadapter commented 1 year ago

Need:

Example:

{
  "g_l": "0:0:1",
  "g_u": "0:0:1",
  "LoginProps": "",
  "LoginRights": "",
  "nm": "root",
  "p": "syslogin",
  "req": "appid@tbiz-app-01",//<========== 
  "Props": "prop{ }",
  "r": {
    "Data": {
      "c": 1,
      "d": "Found by id"
    },
    "OK": true
  },
  "ResultProps": "{\"prop\":{\"g-user\":\"0:0:1\",\"org-unit\":\"orgu.path@sky-auth::\\/org\"}}",
  "ResultRights": "{\"rights\":{}}",
  "ResultRole": null,
  "ResultRoleConfig": "{\"rights\":{}}",
  "Rights": "",
  "rlm": "gdi"
}
itadapter commented 1 year ago

We should use DistributedCallFlow concept for this.

itadapter commented 1 year ago

Added call prop with distributed call flow we will see how this shows up in logs

itadapter commented 1 year ago

c474902

itadapter commented 1 year ago

This is a call flow. We need to add meaningful port intead of System.Private.CoreLib", and agent in the ChronicleWebClient:

"steps": [
      {
        "utc": 1681402310428,
        "ssn": "NOPSession([Invalid]John Doe,Fake user)",
        "app": "hub",
        "ain": "5cfdd79a11744d1381a6d8179c069bac",
        "h": "dbiz-app-01",
        "t": "WorkContext",
        "id": "ebace43e7b984bf8870326afaf5d15dc",
        "dir": null,
        "cad": "71.74.103.156:0",
        "cag": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0...",
        "cpr": "GET  /chronicle/log/view"
      },
      {
        "utc": 1681402310464,
        "ssn": "NOPSession([Invalid]John Doe,Fake user)",
        "app": "hub",
        "ain": "5cfdd79a11744d1381a6d8179c069bac",
        "h": "dbiz-app-01",
        "t": "CodeCallFlow",
        "id": "ebace43e7b984bf8870326afaf5d15dc",
        "dir": null,
        "cad": "code",
        "cag": "System.Private.CoreLib",
        "cpr": "azh"
      },
      {
        "utc": 1681402310834,
        "ssn": "NOPSession([Invalid]John Doe,Fake user)",
        "app": "idp",
        "ain": "5e19be437eb54b39b228182704527d9b",
        "h": "dsys-app-02",
        "t": "WorkContext",
        "id": "b53f2a0f617d4133abde88e86905b03d",
        "dir": null,
        "cad": "139.144.54.57:0",
        "cag": "",
        "cpr": "POST  /minidp/server/byid"
      }
itadapter commented 1 year ago

Why is "Session" always "INvalid John Doe" in the DCF snippet above?

itadapter commented 1 year ago

Because DistributedCallFlowFilter needs to call wc.NeedsSession and you must put DCF filter AFTER session filter in chain not true, because session is captured at the very beginning and gets stuck when STEp is allocated. I am adding SetSession to re-assign a known session later