Skip to content

feat: replace static event name with dynamic based on event id #1029

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jfallows merged 29 commits into from
Jun 5, 2024
Merged

feat: replace static event name with dynamic based on event id #1029

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
13d20ae
feat: replace static event name with dynamic based on event id
vordimous May 15, 2024
8c44723
update event.name test value
vordimous May 15, 2024
db6c249
Update incubator/catalog-filesystem/src/main/java/io/aklivity/zilla/r…
vordimous May 15, 2024
a9b16cd
Update runtime/exporter-stdout/src/main/java/io/aklivity/zilla/runtim…
vordimous May 15, 2024
db918eb
Update runtime/exporter-otlp/src/main/java/io/aklivity/zilla/runtime/…
vordimous May 15, 2024
5b3b00d
Build event name in Engine context
vordimous May 15, 2024
35f3254
fix build errors
vordimous May 16, 2024
5608829
update tests
vordimous May 16, 2024
34deb18
fix http binding event test
vordimous May 16, 2024
981fed4
move event names out of format
vordimous May 20, 2024
7bff9fe
correct code to pass tests
vordimous May 30, 2024
1ba8a8e
refactor the compact session topic event
vordimous May 30, 2024
30430b8
move the static reason into the event formatter
vordimous Jun 3, 2024
f3ccc93
update model validation event messages
vordimous Jun 3, 2024
c45effe
update jwt guard event message
vordimous Jun 3, 2024
74af1f5
update catalog filesystem event message
vordimous Jun 3, 2024
d11f441
Add generic tls error message
vordimous Jun 3, 2024
0d122ac
update tcp event message
vordimous Jun 3, 2024
7bdd8e3
add context to mqtt client connected message
vordimous Jun 3, 2024
a23579b
update kafka and http message formatting
vordimous Jun 3, 2024
4086ca4
update apicurio artifact fetch messages
vordimous Jun 3, 2024
369e109
update karapace schema registry message formatting
vordimous Jun 3, 2024
6cd31b3
fix test
vordimous Jun 3, 2024
656b19a
Update runtime/binding-tls/src/main/java/io/aklivity/zilla/runtime/bi…
vordimous Jun 3, 2024
187bd0e
Improve jwt message with added reason
vordimous Jun 3, 2024
140f628
rename
vordimous Jun 3, 2024
6377a8a
improve mqtt session topic compated event message
vordimous Jun 3, 2024
0b38f7a
update code coverage for guard-jwt project to 0.97
vordimous Jun 3, 2024
5d6e603
Merge branch 'develop' into feature/1013-use-full-event-id-and-the-ev…
vordimous Jun 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Improve jwt message with added reason
  • Loading branch information
@vordimous
vordimous committed Jun 3, 2024
commit 187bd0e64dda2259bc46254780084494741d9a2f
4 changes: 3 additions & 1 deletion ...guard-jwt/src/main/java/io/aklivity/zilla/runtime/guard/jwt/internal/JwtEventContext.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,13 +52,15 @@ public JwtEventContext(
public void authorizationFailed(
long traceId,
long bindingId,
String identity)
String identity,
String reason)
{
JwtEventExFW extension = jwtEventExRW
.wrap(extensionBuffer, 0, extensionBuffer.capacity())
.authorizationFailed(e -> e
.typeId(AUTHORIZATION_FAILED.value())
.identity(identity)
.reason(reason)
)
.build();
EventFW event = eventRW
Expand Down
13 changes: 8 additions & 5 deletions ...ard-jwt/src/main/java/io/aklivity/zilla/runtime/guard/jwt/internal/JwtEventFormatter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,17 +47,20 @@ public String format(
case AUTHORIZATION_FAILED:
{
JwtAuthorizationFailedExFW ex = extension.authorizationFailed();
result = String.format("No active session found for token identity (%s).", identity(ex.identity()));
result = String.format("JWT token authorization failed for identity (%s). %s",
asString(ex.identity()),
asString(ex.reason())
);
break;
}
}
return result;
}

private static String identity(
StringFW identity)
private static String asString(
StringFW stringFW)
{
int length = identity.length();
return length <= 0 ? "-" : identity.asString();
String s = stringFW.asString();
return s == null ? "" : s;
}
}
16 changes: 12 additions & 4 deletions ...guard-jwt/src/main/java/io/aklivity/zilla/runtime/guard/jwt/internal/JwtGuardHandler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,7 @@ public long reauthorize(
{
JwtSession session = null;
String subject = null;
String reason = "";

authorize:
try
Expand All @@ -142,13 +143,15 @@ public long reauthorize(
key == null ||
!Objects.equals(alg, key.getAlgorithm()))
{
reason = "Invalid alg or key.";
break authorize;
}

signature.setKey(null);
signature.setKey(key.getKey());
if (!signature.verifySignature())
{
reason = "Unable to verify key signature.";
break authorize;
}

Expand All @@ -162,10 +165,15 @@ public long reauthorize(

long now = Instant.now().toEpochMilli();
if (notBefore != null && now < notBefore.getValueInMillis() ||
notAfter != null && now > notAfter.getValueInMillis() ||
issuer == null || !issuer.equals(this.issuer) ||
notAfter != null && now > notAfter.getValueInMillis())
{
reason = "Token is expired.";
break authorize;
}
if (issuer == null || !issuer.equals(this.issuer) ||
audience == null || !audience.contains(this.audience))
{
reason = "Invalid issuer or audience.";
break authorize;
}

Expand All @@ -191,11 +199,11 @@ public long reauthorize(
}
catch (JoseException | InvalidJwtException | MalformedClaimException ex)
{
// not authorized
reason = ex.getMessage();
}
if (session == null)
{
event.authorizationFailed(traceId, bindingId, subject);
event.authorizationFailed(traceId, bindingId, subject, reason);
}
return session != null ? session.authorized : NOT_AUTHORIZED;
}
Expand Down
1 change: 1 addition & 0 deletions specs/guard-jwt.spec/src/main/resources/META-INF/zilla/jwt.idl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ scope jwt
struct JwtAuthorizationFailedEx extends core::stream::Extension
{
string8 identity;
string16 reason;
}

union JwtEventEx switch (JwtEventType)
Expand Down
2 changes: 1 addition & 1 deletion specs/guard-jwt.spec/src/main/scripts/io/aklivity/zilla/specs/guard/jwt/config/event.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ telemetry:
- qname: test.net0
id: guard.jwt.authorization.failed
name: GUARD_JWT_AUTHORIZATION_FAILED
message: No active session found for token identity (user).
message: JWT token authorization failed for identity (user). Token is expired.
guards:
jwt0:
type: jwt
Expand Down