public EventBuilder detail(String key, String value) { if (value == null || value.equals("")) { return this; } if (event.getDetails() == null) { event.setDetails(new HashMap<String, String>()); } event.getDetails().put(key, value); return this; }
public Event clone() { Event clone = new Event(); clone.time = time; clone.type = type; clone.realmId = realmId; clone.clientId = clientId; clone.userId = userId; clone.sessionId = sessionId; clone.ipAddress = ipAddress; clone.error = error; clone.details = details != null ? new HashMap<>(details) : null; return clone; }
private static void spoolAndAudit(Path dir, AuditLogger log, Event event, KeycloakSession keycloakSession) throws IOException { Path file = event.getSessionId() != null && !Files.exists(dir.resolve(event.getSessionId())) ? Files.createFile(dir.resolve(event.getSessionId())) : Files.createTempFile(dir, event.getIpAddress() + "-" + event.getUserId(), null); try (SpoolFileWriter writer = new SpoolFileWriter( Files.newBufferedWriter(file, StandardCharsets.UTF_8, StandardOpenOption.APPEND))) { writer.writeLine(new AuthInfo(event, keycloakSession)); } sendAuditMessage(file, event, log, keycloakSession); }
private Event repToModel(EventRepresentation rep) { Event event = new Event(); event.setClientId(rep.getClientId()); event.setDetails(rep.getDetails()); event.setError(rep.getError()); event.setIpAddress(rep.getIpAddress()); event.setRealmId(rep.getRealmId()); event.setSessionId(rep.getSessionId()); event.setTime(rep.getTime()); event.setType(EventType.valueOf(rep.getType())); event.setUserId(rep.getUserId()); return event; }
static DBObject convertEvent(Event event) { BasicDBObject e = new BasicDBObject(); e.put("time", event.getTime()); e.put("type", event.getType().toString()); e.put("realmId", event.getRealmId()); e.put("clientId", event.getClientId()); e.put("userId", event.getUserId()); e.put("sessionId", event.getSessionId()); e.put("ipAddress", event.getIpAddress()); e.put("error", event.getError()); BasicDBObject details = new BasicDBObject(); if (event.getDetails() != null) { for (Map.Entry<String, String> entry : event.getDetails().entrySet()) { details.put(entry.getKey(), entry.getValue()); } } e.put("details", details); return e; }
eventIDBuilder(log, event.getError(), AuditUtils.AuditEventType.UPDT_USER), activeParticipants); } else { emitAudit(log, eventIDBuilder(log, event.getError(), AuditUtils.AuditEventType.forUserAuth(event)), activeParticipants); if (event.getUserId() != null && userRoles(userName, keycloakSession).contains(System.getProperty("super-user-role"))) emitAudit(log, eventIDBuilder(log, event.getError(), AuditUtils.AuditEventType.forSuperUserAuth(event)), activeParticipants); if (event.getType() != EventType.LOGIN) Files.delete(file); } catch (Exception e) {
AuthInfo (Event event, KeycloakSession keycloakSession) { fields = new String[] { event.getDetails() != null ? event.getDetails().get("username") : keycloakSession.users().getUserById(event.getUserId(), keycloakSession.getContext().getRealm()) .getUsername(), event.getIpAddress() }; } AuthInfo(String s) {
@Override public void onEvent(Event event) { if (includedEvents.contains(event.getType())) { if (event.getRealmId() != null && event.getUserId() != null) { RealmModel realm = model.getRealm(event.getRealmId()); UserModel user = session.users().getUserById(event.getUserId(), realm); if (user != null && user.getEmail() != null && user.isEmailVerified()) { try { emailTemplateProvider.setRealm(realm).setUser(user).sendEvent(event); } catch (EmailException e) { log.error("Failed to send type mail", e); } } } } }
private Event event() { Event event = new Event(); event.setRealmId("test-realm"); event.setType(EventType.LOGIN); return event; }
static void spoolAuditMsg(Event event, AuditLogger log, KeycloakSession keycloakSession) { String dataDir = System.getProperty(JBOSS_SERVER_DATA_DIR); Path dir = Paths.get(dataDir, "audit-auth-spool", log.getCommonName().replaceAll(" ", "_")); try { if (!Files.exists(dir)) Files.createDirectories(dir); if (isLogout(event) && Files.exists(dir.resolve(event.getSessionId()))) { sendAuditMessage(dir.resolve(event.getSessionId()), event, log, keycloakSession); return; } spoolAndAudit(dir, log, event, keycloakSession); } catch (Exception e) { LOG.warn("Failed to spool and audit user auth event {}: {}", event.getType().name(), e); } }
private String generateMetricName(Event event) { StringBuilder sb = new StringBuilder(); sb.append("keycloak_events_total"); sb.append(DELIMITER); sb.append(generateLabel(REALM, event.getRealmId())); sb.append(DELIMITER); sb.append(generateLabel(TYPE, event.getType().toString())); return sb.toString(); }
public void publishToHawkular(Event event) throws Exception { if (event.getUserId() == null) { return; } String eventId = UUID.randomUUID().toString(); String userId = event.getUserId(); String action = event.getType().name(); try { TopicConnection connection = connectionFactory.createTopicConnection(); Session session = connection.createTopicSession(true, Session.AUTO_ACKNOWLEDGE); MessageProducer messageProducer = session.createProducer(topic); Message message = session.createMessage(); message.setStringProperty("action", action); message.setStringProperty("userId", userId); message.setStringProperty("eventId", eventId); messageProducer.send(message); messageProducer.close(); session.close(); connection.close(); } catch (Exception e) { String message = "WARNING: Couldn't publish event to Hawkular. Event: " + event.toString(); message += ". Cause: " + e.getMessage(); // yes, System.out.println :-) This gets logged back via jboss-logging into the main server log, // and as this is deployed as a module, we don't get in trouble with classpath/module dependencies. System.out.println(message); } }
private void send() { event.setTime(Time.toMillis(Time.currentTime())); if (store != null) { if (realm.getEnabledEventTypes() != null && !realm.getEnabledEventTypes().isEmpty() ? realm.getEnabledEventTypes().contains(event.getType().name()) : event.getType().isSaveByDefault()) { try { store.onEvent(event); } catch (Throwable t) { log.error("Failed to save event", t); } } } if (listeners != null) { for (EventListenerProvider l : listeners) { try { l.onEvent(event); } catch (Throwable t) { log.error("Failed to send type to " + l, t); } } } }
public EventBuilder removeDetail(String key) { if (event.getDetails() != null) { event.getDetails().remove(key); } return this; }
public String getIpAddress() { return event.getIpAddress(); }
public EventBuilder realm(String realmId) { event.setRealmId(realmId); return this; }
public EventBuilder event(EventType e) { event.setType(e); return this; }
public String getClient() { return event.getClientId(); }