Closed federicaagostini closed 3 months ago
This PR includes the issued token (AT and/or RT) decoded in an audit event, e.g.
2024-06-06 10:44:27.759 INFO 2366961 --- [nio-8080-exec-3] AUDIT : {"@type":"RefreshTokenIssuedEvent","timestamp":1717670606979,"category":"TOKEN","principal":"e048abb2-54ec-48b1-af7f-2199d0086feb","message":"Refresh token issued","subject":"e048abb2-54ec-48b1-af7f-2199d0086feb","scopes":["openid","email","offline_access","profile"],"grantType":"client_credentials","payload":{"exp":1720262606976,"jti":"9515d05f-e493-46e2-a622-ed2766b31d19"},"source":"IamTokenService"} 2024-06-06 10:44:27.823 INFO 2366961 --- [nio-8080-exec-3] AUDIT : {"@type":"AccessTokenIssuedEvent","timestamp":1717670607008,"category":"TOKEN","principal":"e048abb2-54ec-48b1-af7f-2199d0086feb","message":"Access token issued","scopes":["openid","email","offline_access","profile"],"subject":"e048abb2-54ec-48b1-af7f-2199d0086feb","grantType":"client_credentials","header":{"kid":"rsa1","alg":"RS256"},"payload":{"iss":"http://localhost:8080","iat":1717670606982,"exp":1717674206969,"sub":"e048abb2-54ec-48b1-af7f-2199d0086feb","jti":"9d5f9152-5723-4fb6-af45-e8902febdb38","client_id":"e048abb2-54ec-48b1-af7f-2199d0086feb"},"source":"IamTokenService"}
Example of Access Token well-formed AUDIT content:
{ "@type":"AccessTokenIssuedEvent", "timestamp":1717669109480, "category":"TOKEN", "principal":"client", "message":"Access token issued", "scopes":[ "openid", "email", "profile", "offline_access" ], "subject":"admin", "grantType":"authorization_code", "header":{ "kid":"rsa1", "alg":"RS256" }, "payload":{ "iss":"http://localhost:8080", "iat":1717669109456, "exp":1717672709451, "sub":"73f16d93-2441-4a50-88ff-85360d78c6b5", "jti":"d9e14923-dd12-4c7a-ab02-335f6044c0c7", "client_id":"client" }, "source":"IamTokenService" }
Example of Refresh Token well-formed AUDIT content:
{ "@type":"RefreshTokenIssuedEvent", "timestamp":1717669109454, "category":"TOKEN", "principal":"client", "message":"Refresh token issued", "subject":"admin", "scopes":[ "openid", "email", "profile", "offline_access" ], "grantType":"authorization_code", "payload":{ "exp":1725656807452, "jti":"45eb594f-c5bd-4473-8f4d-9ff1835a3ec1" }, "source":"IamTokenService" }
Depends on: https://github.com/indigo-iam/OpenID-Connect-Java-Spring-Server/pull/18
Issues 0 New issues 0 Accepted issues
Measures 0 Security Hotspots 93.0% Coverage on New Code 0.0% Duplication on New Code
See analysis details on SonarCloud
This PR includes the issued token (AT and/or RT) decoded in an audit event, e.g.
Example of Access Token well-formed AUDIT content:
Example of Refresh Token well-formed AUDIT content:
Depends on: https://github.com/indigo-iam/OpenID-Connect-Java-Spring-Server/pull/18