Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit log for impersonated resource access #273

Merged
merged 1 commit into from
Jun 12, 2024
Merged

Audit log for impersonated resource access #273

merged 1 commit into from
Jun 12, 2024

Conversation

Thumimku
Copy link
Contributor

Public Issue: wso2/product-is#20066

Purpose

Add audit log for impersonated resource access.

Approach

Once authorised we inspect the token whether its impersonated or not, then log the details.

sample log

TID: [-1234] [2024-04-29 12:08:51,718] [096205f0-67f6-49b6-bec3-eba6f4e82369]  INFO {AUDIT_LOG} - Initiator=d9982d93-4e73-4565-b7ac-3605e8d05f80 (id of the user B)Action=resource-modification-via-impersonation Target=8122e3de-0f3b-4b0e-a43a-d0c237451b7a Data={"ResourcePath":"/scim2/Me","clientId":"xnygcXs9Z4L5fhhfDY9MCcnUwxQa","scope":"internal_login internal_user_mgt_list internal_user_mgt_view openid","subject":"8122e3de-0f3b-4b0e-a43a-d0c237451b7a","impersonator":"d9982d93-4e73-4565-b7ac-3605e8d05f80","httpMethod":"PATCH"} Outcome=AUTHORIZED

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9252394588

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9252394588
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9280431534

@Thumimku
Copy link
Contributor Author

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/9252394588 Status: failure

1 intermittent failure hence triggereing again

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9280431534
Status: cancelled

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9280459442

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9280459442
Status: cancelled

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9281034059

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9281034059
Status: success

jenkins-is-staging
jenkins-is-staging approved these changes May 29, 2024
View reviewed changes
Copy link

@jenkins-is-staging jenkins-is-staging left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/9281034059

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9444788561

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9444788561
Status: success

jenkins-is-staging
jenkins-is-staging approved these changes Jun 10, 2024
View reviewed changes
Copy link

@jenkins-is-staging jenkins-is-staging left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/9444788561

@Thumimku Thumimku merged commit bddb5b2 into wso2-extensions:master Jun 12, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jenkins-is-staging jenkins-is-staging jenkins-is-staging approved these changes

@DMHP DMHP DMHP approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Thumimku @jenkins-is-staging @DMHP