feat(appsec: extension): add new address for fingerprint generation o…

…n user events Signed-off-by: Alexandre Rulleau <[email protected]>
DataDog · Dec 9, 2024 · 0e26602 · 0e26602
1 parent 01a5dba
commit 0e26602
Show file tree

Hide file tree

Showing 41 changed files with 64 additions and 0 deletions.
diff --git a/appsec/src/extension/tags.c b/appsec/src/extension/tags.c
@@ -111,6 +111,7 @@ static zend_string *_key_server_name_zstr;
 static zend_string *_key_http_user_agent_zstr;
 static zend_string *_key_https_zstr;
 static zend_string *_key_remote_addr_zstr;
+static zend_string *_null_zstr;
 static zend_string *_true_zstr;
 static zend_string *_false_zstr;
 static zend_string *_track_zstr;
@@ -145,6 +146,7 @@ void dd_tags_startup()
         zend_string_init_interned(LSTRARG(DD_TAG_EVENT), 1 /* permanent */);
     _dd_tag_blocked_zstr =
         zend_string_init_interned(LSTRARG(DD_TAG_BLOCKED), 1 /* permanent */);
+    _null_zstr = zend_string_init_interned(LSTRARG("null"), 1 /* permanent */);
     _true_zstr = zend_string_init_interned(LSTRARG("true"), 1 /* permanent */);
     _false_zstr =
         zend_string_init_interned(LSTRARG("false"), 1 /* permanent */);
@@ -997,6 +999,9 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated)
     _add_custom_event_keyval(
         meta_ht, _dd_signup_event, _track_zstr, _true_zstr, true, false);
 
+    // appsec.events.users.signup = null
+    _add_new_zstr_to_meta(meta_ht, _dd_signup_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 
@@ -1045,6 +1050,9 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event)
     _add_custom_event_keyval(
         meta_ht, _dd_signup_event, _track_zstr, _true_zstr, true, true);
 
+    // appsec.events.users.signup = null
+    _add_new_zstr_to_meta(meta_ht, _dd_signup_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 
@@ -1138,6 +1146,10 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated)
     _add_custom_event_keyval(
         meta_ht, _dd_login_success_event, _track_zstr, _true_zstr, true, false);
 
+    // appsec.events.users.login.success = null
+    _add_new_zstr_to_meta(
+        meta_ht, _dd_login_success_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 
@@ -1192,6 +1204,10 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event)
     _add_custom_event_keyval(
         meta_ht, _dd_login_success_event, _track_zstr, _true_zstr, true, true);
 
+    // appsec.events.users.login.success = null
+    _add_new_zstr_to_meta(
+        meta_ht, _dd_login_success_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 
@@ -1289,6 +1305,10 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated)
     _add_custom_event_keyval(meta_ht, _dd_login_failure_event, _usr_exists_zstr,
         exists ? _true_zstr : _false_zstr, true, false);
 
+    // appsec.events.users.login.failure = null
+    _add_new_zstr_to_meta(
+        meta_ht, _dd_login_failure_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 
@@ -1341,6 +1361,10 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event)
     _add_custom_event_keyval(meta_ht, _dd_login_failure_event, _usr_exists_zstr,
         exists ? _true_zstr : _false_zstr, true, true);
 
+    // appsec.events.users.login.failure = null
+    _add_new_zstr_to_meta(
+        meta_ht, _dd_login_failure_event, _null_zstr, true, true);
+
     dd_tags_set_sampling_priority();
 }
 

diff --git a/appsec/tests/extension/track_user_login_failure_event.phpt b/appsec/tests/extension/track_user_login_failure_event.phpt
@@ -41,6 +41,7 @@ Array
     [appsec.events.users.login.failure.metadata] => some other metadata
     [appsec.events.users.login.failure.email] => [email protected]
     [appsec.events.users.login.failure.usr.exists] => false
+    [appsec.events.users.login.failure] => null
     [_dd.runtime_family] => php
     [_dd.p.dm] => -4
 )

diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode.phpt
@@ -37,4 +37,5 @@ Array
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode_compat.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode_compat.phpt
@@ -37,4 +37,5 @@ Array
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode_full_name.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_anon_mode_full_name.phpt
@@ -37,4 +37,5 @@ Array
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_default_mode.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_default_mode.phpt
@@ -29,4 +29,5 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode.phpt
@@ -30,4 +30,5 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_02.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_02.phpt
@@ -30,4 +30,5 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_compat.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_compat.phpt
@@ -30,4 +30,5 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_full_name.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_ident_mode_full_name.phpt
@@ -30,4 +30,5 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_existing_user.phpt b/appsec/tests/extension/track_user_login_failure_event_existing_user.phpt
@@ -34,4 +34,5 @@ Array
     [appsec.events.users.login.failure.metadata] => some other metadata
     [appsec.events.users.login.failure.email] => [email protected]
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_no_user.phpt b/appsec/tests/extension/track_user_login_failure_event_no_user.phpt
@@ -25,4 +25,5 @@ Array
     [_dd.appsec.events.users.login.failure.auto.mode] => identification
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => false
+    [appsec.events.users.login.failure] => null
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority.phpt
@@ -29,6 +29,7 @@ Array
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.usr.id] => automatedID
     [_dd.appsec.events.users.login.failure.auto.mode] => identification
     [appsec.events.users.login.failure.usr.login] => login

diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_02.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_02.phpt
@@ -31,6 +31,7 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_03.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_03.phpt
@@ -33,6 +33,7 @@ Array
     [_dd.appsec.usr.login] => otherLogin
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk-2
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_04.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_04.phpt
@@ -30,6 +30,7 @@ Array
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.usr.id] => automatedID
     [_dd.appsec.events.users.login.failure.auto.mode] => identification
     [appsec.events.users.login.failure.usr.login] => login

diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_05.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_05.phpt
@@ -32,6 +32,7 @@ Array
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk
 )
diff --git a/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_06.phpt b/appsec/tests/extension/track_user_login_failure_event_sdk_takes_priority_06.phpt
@@ -34,6 +34,7 @@ Array
     [_dd.appsec.usr.login] => otherLogin
     [appsec.events.users.login.failure.track] => true
     [appsec.events.users.login.failure.usr.exists] => true
+    [appsec.events.users.login.failure] => null
     [_dd.appsec.events.users.login.failure.sdk] => true
     [appsec.events.users.login.failure.value] => something-from-sdk-2
 )
diff --git a/appsec/tests/extension/track_user_login_success_event.phpt b/appsec/tests/extension/track_user_login_success_event.phpt
@@ -40,6 +40,7 @@ Array
     [appsec.events.users.login.success.metadata] => some other metadata
     [appsec.events.users.login.success.email] => [email protected]
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
     [_dd.runtime_family] => php
     [_dd.p.dm] => -4
 )

diff --git a/appsec/tests/extension/track_user_login_success_event_automated_anon_mode.phpt b/appsec/tests/extension/track_user_login_success_event_automated_anon_mode.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_anon_mode_compat.phpt b/appsec/tests/extension/track_user_login_success_event_automated_anon_mode_compat.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_anon_mode_full_name.phpt b/appsec/tests/extension/track_user_login_success_event_automated_anon_mode_full_name.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_default_mode.phpt b/appsec/tests/extension/track_user_login_success_event_automated_default_mode.phpt
@@ -28,4 +28,5 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_ident_mode.phpt b/appsec/tests/extension/track_user_login_success_event_automated_ident_mode.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_02.phpt b/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_02.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_compat.phpt b/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_compat.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_full_name.phpt b/appsec/tests/extension/track_user_login_success_event_automated_ident_mode_full_name.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority.phpt b/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority.phpt
@@ -28,6 +28,7 @@ Array
     [_dd.appsec.events.users.login.success.sdk] => true
     [appsec.events.users.login.success.value] => something-from-sdk
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
     [_dd.appsec.usr.id] => automatedID
     [_dd.appsec.events.users.login.success.auto.mode] => identification
     [appsec.events.users.login.success.usr.login] => login

diff --git a/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority_02.phpt b/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority_02.phpt
@@ -30,6 +30,7 @@ Array
     [appsec.events.users.login.success.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
     [_dd.appsec.events.users.login.success.sdk] => true
     [appsec.events.users.login.success.value] => something-from-sdk
 )
diff --git a/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority_03.phpt b/appsec/tests/extension/track_user_login_success_event_sdk_takes_priority_03.phpt
@@ -32,6 +32,7 @@ Array
     [appsec.events.users.login.success.usr.login] => otherLogin
     [_dd.appsec.usr.login] => otherLogin
     [appsec.events.users.login.success.track] => true
+    [appsec.events.users.login.success] => null
     [_dd.appsec.events.users.login.success.sdk] => true
     [appsec.events.users.login.success.value] => something-from-sdk-2
 )
diff --git a/appsec/tests/extension/track_user_signup_event.phpt b/appsec/tests/extension/track_user_signup_event.phpt
@@ -40,6 +40,7 @@ Array
     [appsec.events.users.signup.metadata] => some other metadata
     [appsec.events.users.signup.email] => [email protected]
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
     [_dd.runtime_family] => php
     [_dd.p.dm] => -4
 )

diff --git a/appsec/tests/extension/track_user_signup_event_automated_anon_mode.phpt b/appsec/tests/extension/track_user_signup_event_automated_anon_mode.phpt
@@ -34,4 +34,5 @@ Array
     [appsec.events.users.signup.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_anon_mode_compat.phpt b/appsec/tests/extension/track_user_signup_event_automated_anon_mode_compat.phpt
@@ -34,4 +34,5 @@ Array
     [appsec.events.users.signup.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_anon_mode_full_name.phpt b/appsec/tests/extension/track_user_signup_event_automated_anon_mode_full_name.phpt
@@ -34,4 +34,5 @@ Array
     [appsec.events.users.signup.usr.login] => anon_428821350e9691491f616b754cd8315f
     [_dd.appsec.usr.login] => anon_428821350e9691491f616b754cd8315f
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_default_mode.phpt b/appsec/tests/extension/track_user_signup_event_automated_default_mode.phpt
@@ -28,4 +28,5 @@ Array
     [appsec.events.users.signup.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_ident_mode.phpt b/appsec/tests/extension/track_user_signup_event_automated_ident_mode.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.signup.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_ident_mode_compat.phpt b/appsec/tests/extension/track_user_signup_event_automated_ident_mode_compat.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.signup.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_automated_ident_mode_full_name.phpt b/appsec/tests/extension/track_user_signup_event_automated_ident_mode_full_name.phpt
@@ -29,4 +29,5 @@ Array
     [appsec.events.users.signup.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
 )
diff --git a/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt b/appsec/tests/extension/track_user_signup_event_sdk_takes_priority.phpt
@@ -28,6 +28,7 @@ Array
     [_dd.appsec.events.users.signup.sdk] => true
     [appsec.events.users.signup.value] => something-from-sdk
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
     [_dd.appsec.usr.id] => automatedID
     [_dd.appsec.events.users.signup.auto.mode] => identification
     [appsec.events.users.signup.usr.login] => login

diff --git a/appsec/tests/extension/track_user_signup_event_sdk_takes_priority_02.phpt b/appsec/tests/extension/track_user_signup_event_sdk_takes_priority_02.phpt
@@ -30,6 +30,7 @@ Array
     [appsec.events.users.signup.usr.login] => login
     [_dd.appsec.usr.login] => login
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
     [_dd.appsec.events.users.signup.sdk] => true
     [appsec.events.users.signup.value] => something-from-sdk
 )
diff --git a/appsec/tests/extension/track_user_signup_event_sdk_takes_priority_03.phpt b/appsec/tests/extension/track_user_signup_event_sdk_takes_priority_03.phpt
@@ -32,6 +32,7 @@ Array
     [appsec.events.users.signup.usr.login] => OtherLogin
     [_dd.appsec.usr.login] => OtherLogin
     [appsec.events.users.signup.track] => true
+    [appsec.events.users.signup] => null
     [_dd.appsec.events.users.signup.sdk] => true
     [appsec.events.users.signup.value] => something-from-sdk-2
 )