search

wso2-extensions / identity-carbon-auth-rest

Apache License 2.0
1 stars 144 forks source link

Audit log for impersonated resource access #273

Closed Thumimku closed 3 months ago

Thumimku commented 4 months ago

Public Issue: https://github.com/wso2/product-is/issues/20066

Purpose

Add audit log for impersonated resource access.

Approach

Once authorised we inspect the token whether its impersonated or not, then log the details.

sample log

TID: [-1234] [2024-04-29 12:08:51,718] [096205f0-67f6-49b6-bec3-eba6f4e82369]  INFO {AUDIT_LOG} - Initiator=d9982d93-4e73-4565-b7ac-3605e8d05f80 (id of the user B)Action=resource-modification-via-impersonation Target=8122e3de-0f3b-4b0e-a43a-d0c237451b7a Data={"ResourcePath":"/scim2/Me","clientId":"xnygcXs9Z4L5fhhfDY9MCcnUwxQa","scope":"internal_login internal_user_mgt_list internal_user_mgt_view openid","subject":"8122e3de-0f3b-4b0e-a43a-d0c237451b7a","impersonator":"d9982d93-4e73-4565-b7ac-3605e8d05f80","httpMethod":"PATCH"} Outcome=AUTHORIZED
jenkins-is-staging commented 3 months ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/9252394588

jenkins-is-staging commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9252394588 Status: failure

jenkins-is-staging commented 3 months ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/9280431534

Thumimku commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9252394588 Status: failure

1 intermittent failure hence triggereing again

jenkins-is-staging commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9280431534 Status: cancelled

jenkins-is-staging commented 3 months ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/9280459442

jenkins-is-staging commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9280459442 Status: cancelled

jenkins-is-staging commented 3 months ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/9281034059

jenkins-is-staging commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9281034059 Status: success

jenkins-is-staging commented 3 months ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/9444788561

jenkins-is-staging commented 3 months ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9444788561 Status: success