Refactor logs with constants

wso2-extensions · Jul 28, 2023 · 1609e66 · 1609e66
1 parent 8102ac1
commit 1609e66
Show file tree

Hide file tree

Showing 11 changed files with 224 additions and 88 deletions.
diff --git a/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java b/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java
diff --git a/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java b/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java
@@ -30,6 +30,7 @@
 import org.apache.oltu.oauth2.common.message.OAuthResponse;
 import org.apache.oltu.oauth2.common.message.types.GrantType;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
+import org.wso2.carbon.identity.central.log.mgt.utils.LogConstants;
 import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
 import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
 import org.wso2.carbon.identity.oauth.client.authn.filter.OAuthClientAuthenticatorProxy;
@@ -39,6 +40,7 @@
 import org.wso2.carbon.identity.oauth.endpoint.exception.InvalidApplicationClientException;
 import org.wso2.carbon.identity.oauth.endpoint.exception.InvalidRequestParentException;
 import org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException;
+import org.wso2.carbon.identity.oauth.endpoint.util.EndpointConstants;
 import org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil;
 import org.wso2.carbon.identity.oauth2.ResponseHeader;
 import org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext;
@@ -64,6 +66,7 @@
 import javax.ws.rs.core.Response.ResponseBuilder;
 
 import static org.apache.commons.lang.StringUtils.isNotBlank;
+import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.PROP_CLIENT_ID;
 import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.parseJsonTokenRequest;
 import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.startSuperTenantFlow;
 import static org.wso2.carbon.identity.oauth.endpoint.util.EndpointUtil.triggerOnTokenExceptionListeners;
@@ -96,11 +99,12 @@ public Response issueAccessToken(@Context HttpServletRequest request, String pay
             }
             paramMap = parseJsonTokenRequest(payload);
             DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "receive-token-request");
-            if (MapUtils.isNotEmpty(paramMap) && paramMap.containsKey("client_id")) {
-                diagnosticLogBuilder.inputParam("client id", paramMap.get("client_id"));
+                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE,
+                    EndpointConstants.LogConstants.ActionIDs.RECEIVE_TOKEN_REQUEST);
+            if (MapUtils.isNotEmpty(paramMap) && paramMap.containsKey(PROP_CLIENT_ID)) {
+                diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID, paramMap.get(PROP_CLIENT_ID));
             }
-            diagnosticLogBuilder.resultMessage("Successfully received token request.")
+            diagnosticLogBuilder.resultMessage("Successfully received the token request.")
                     .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
                     .logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION);
             LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
@@ -125,12 +129,13 @@ public Response issueAccessToken(@Context HttpServletRequest request,
 
         if (LoggerUtils.isDiagnosticLogsEnabled()) {
             DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "receive-token-request");
-            if (MapUtils.isNotEmpty(paramMap) && paramMap.containsKey("client_id")) {
-                diagnosticLogBuilder.inputParam("client id", paramMap.getFirst("client_id"));
+                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE,
+                    EndpointConstants.LogConstants.ActionIDs.RECEIVE_TOKEN_REQUEST);
+            if (MapUtils.isNotEmpty(paramMap) && paramMap.containsKey(PROP_CLIENT_ID)) {
+                diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID, paramMap.getFirst(PROP_CLIENT_ID));
             }
             diagnosticLogBuilder.resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
-                    .resultMessage("Successfully received token request.")
+                    .resultMessage("Successfully received the token request.")
                     .logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION);
             LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
         }

diff --git a/...ndpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointConstants.java b/...ndpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointConstants.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2023, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.identity.oauth.endpoint.util;
+
+
+/**
+ * Constants used in OAuth Endpoint.
+ */
+public class EndpointConstants {
+
+    private EndpointConstants() {
+        // To prevent instantiation.
+    }
+
+    /**
+     * Constants related to OAuth Endpoint log management.
+     */
+    public static class LogConstants {
+
+        /**
+         * Define action IDs for diagnostic logs.
+         */
+        public static class ActionIDs {
+
+            public static final String RECEIVE_CONSENT_RESPONSE = "receive-consent-response";
+            public static final String RECEIVE_TOKEN_REQUEST = "receive-token-request";
+            public static final String RECEIVE_AUTHENTICATION_RESPONSE = "receive-authn-response";
+            public static final String VALIDATE_AUTHENTICATION_RESPONSE = "validate-authn-status";
+            public static final String RECEIVE_AUTHORIZATION_RESPONSE = "receive-authz-request";
+            public static final String HANDLE_AUTHORIZATION = "handle-authorization";
+            public static final String VALIDATE_SCOPES_BEFORE_CONSENT = "validate-scopes-before-consent";
+            public static final String HAND_OVER_TO_FRAMEWORK = "hand-over-to-framework";
+            public static final String PERSIST_OAUTH_SCOPE_CONSENT = "persist-oauth-scope-consent";
+        }
+
+        /**
+         * Define common and reusable Input keys for diagnostic logs.
+         */
+        public static class InputKeys {
+
+            public static final String RESPONSE_TYPE = "response type";
+        }
+    }
+}
diff --git a/...uth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java b/...uth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java
@@ -54,6 +54,7 @@
 import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
 import org.wso2.carbon.identity.application.common.util.IdentityApplicationManagementUtil;
 import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
+import org.wso2.carbon.identity.central.log.mgt.utils.LogConstants;
 import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
 import org.wso2.carbon.identity.core.ServiceURLBuilder;
 import org.wso2.carbon.identity.core.URLBuilderException;
@@ -143,7 +144,7 @@ public class EndpointUtil {
     private static final String OAUTH2_AUTHORIZE = "/oauth2/authorize";
     public static final String OAUTH2_CIBA_ENDPOINT = "oauth2/ciba";
     private static final String UTF_8 = "UTF-8";
-    private static final String PROP_CLIENT_ID = "client_id";
+    public static final String PROP_CLIENT_ID = "client_id";
     private static final String PROP_GRANT_TYPE = "response_type";
     private static final String PROP_RESPONSE_TYPE = "response_type";
     private static final String PROP_SCOPE = "scope";
@@ -1077,10 +1078,11 @@ public static void storeOAuthScopeConsent(AuthenticatedUser user, OAuth2Paramete
                 }
                 if (LoggerUtils.isDiagnosticLogsEnabled()) {
                     DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                            OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "persist-oauth-scope-consent");
-                    diagnosticLogBuilder.inputParam("clientId", params.getClientId())
+                            OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE,
+                            EndpointConstants.LogConstants.ActionIDs.PERSIST_OAUTH_SCOPE_CONSENT);
+                    diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID, params.getClientId())
                             .inputParam("approved scopes", userApprovedScopes)
-                            .inputParam("user", userId)
+                            .inputParam(LogConstants.InputKeys.USER_ID, userId)
                             .inputParam("override existing consent", overrideExistingConsent)
                             .resultMessage("Successfully persisted oauth scopes.")
                             .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)

diff --git a/....carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java b/....carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/OAuth2Constants.java
@@ -71,4 +71,38 @@ public static class RoleBasedScope {
 
         public static final String APIM_SERVICE_CATALOG_PREFIX = "service_catalog:";
     }
+
+    /**
+     * Constants related to OAuth2 log management.
+     */
+    public static class LogConstants {
+
+        public static final String OAUTH_INBOUND_SERVICE = "oauth-inbound-service";
+
+        /**
+         * Define action IDs for diagnostic logs.
+         */
+        public static class ActionIDs {
+
+            public static final String SCOPE_VALIDATION = "scope-validation";
+            public static final String ISSUE_ACCESS_TOKEN = "issue-access-token";
+            public static final String ISSUE_ID_TOKEN = "issue-id-token";
+            public static final String VALIDATE_AUTHORIZATION_CODE = "validate-authz-code";
+            public static final String ISSUE_AUTHZ_CODE = "issue-authz-code";
+
+        }
+
+        /**
+         * Define common and reusable Input keys for diagnostic logs.
+         */
+        public static class InputKeys {
+
+            public static final String SCOPE_VALIDATOR = "scope validator";
+            public static final String REQUESTED_SCOPES = "requested scopes";
+            public static final String AUTHORIZED_SCOPES = "authorized scopes";
+            public static final String GRANT_TYPE = "grant type";
+            public static final String AUTHORIZATION_CODE = "authorization code";
+
+        }
+    }
 }
diff --git a/...main/java/org/wso2/carbon/identity/oauth2/authz/handlers/AbstractResponseTypeHandler.java b/...main/java/org/wso2/carbon/identity/oauth2/authz/handlers/AbstractResponseTypeHandler.java
@@ -23,6 +23,7 @@
 import org.apache.commons.logging.LogFactory;
 import org.apache.oltu.oauth2.common.message.types.GrantType;
 import org.apache.oltu.oauth2.common.message.types.ResponseType;
+import org.wso2.carbon.identity.central.log.mgt.utils.LogConstants;
 import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
 import org.wso2.carbon.identity.oauth.cache.OAuthCache;
 import org.wso2.carbon.identity.oauth.callback.OAuthCallback;
@@ -32,6 +33,7 @@
 import org.wso2.carbon.identity.oauth.dao.OAuthAppDO;
 import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
+import org.wso2.carbon.identity.oauth2.OAuth2Constants;
 import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
 import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO;
 import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
@@ -46,6 +48,8 @@
 import java.util.List;
 import java.util.Map;
 
+import static org.wso2.carbon.identity.oauth2.OAuth2Constants.LogConstants.InputKeys.SCOPE_VALIDATOR;
+
 /**
  * AbstractResponseTypeHandler contains all the common methods of all three basic handlers.
  */
@@ -116,21 +120,25 @@ && hasValidationByApplicationScopeValidatorsFailed(oauthAuthzMsgCtx)) {
             }
             if (LoggerUtils.isDiagnosticLogsEnabled()) {
                 DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                        OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "scope-validation");
-                diagnosticLogBuilder.inputParam("client id", oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey())
-                        .inputParam("scope validator", validator.getName())
+                        OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE,
+                        OAuth2Constants.LogConstants.ActionIDs.SCOPE_VALIDATION);
+                diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID,
+                                oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey())
+                        .inputParam(SCOPE_VALIDATOR, validator.getName())
                         .inputParam("scopes (before validation)", oauthAuthzMsgCtx.getApprovedScope())
                         .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
-                        .resultMessage("Before validating scopes")
+                        .resultMessage("Before validating scopes.")
                         .logDetailLevel(DiagnosticLog.LogDetailLevel.INTERNAL_SYSTEM);
                 LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
             }
             boolean isGlobalValidScope = validator.validateScope(oauthAuthzMsgCtx);
             if (LoggerUtils.isDiagnosticLogsEnabled()) {
                 DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                        OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "scope-validation");
-                diagnosticLogBuilder.inputParam("client id", oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey())
-                        .inputParam("scope validator", validator.getName())
+                        OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE,
+                        OAuth2Constants.LogConstants.ActionIDs.SCOPE_VALIDATION);
+                diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID,
+                                oauthAuthzMsgCtx.getAuthorizationReqDTO().getConsumerKey())
+                        .inputParam(SCOPE_VALIDATOR, validator.getName())
                         .inputParam("scopes (after validation)", oauthAuthzMsgCtx.getApprovedScope())
                         .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
                         .resultMessage("After validating scopes.")

diff --git a/...ain/java/org/wso2/carbon/identity/oauth2/authz/handlers/util/ResponseTypeHandlerUtil.java b/...ain/java/org/wso2/carbon/identity/oauth2/authz/handlers/util/ResponseTypeHandlerUtil.java
@@ -29,6 +29,7 @@
 import org.wso2.carbon.identity.application.common.model.ClaimMapping;
 import org.wso2.carbon.identity.base.IdentityConstants;
 import org.wso2.carbon.identity.base.IdentityException;
+import org.wso2.carbon.identity.central.log.mgt.utils.LogConstants;
 import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
 import org.wso2.carbon.identity.core.util.IdentityUtil;
 import org.wso2.carbon.identity.oauth.cache.AuthorizationGrantCache;
@@ -45,6 +46,7 @@
 import org.wso2.carbon.identity.oauth.event.OAuthEventInterceptor;
 import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
+import org.wso2.carbon.identity.oauth2.OAuth2Constants;
 import org.wso2.carbon.identity.oauth2.OAuth2Service;
 import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
 import org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext;
@@ -68,6 +70,8 @@
 import java.util.concurrent.TimeUnit;
 
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.TokenStates.TOKEN_STATE_ACTIVE;
+import static org.wso2.carbon.identity.oauth2.OAuth2Constants.LogConstants.ActionIDs.ISSUE_AUTHZ_CODE;
+import static org.wso2.carbon.identity.oauth2.OAuth2Constants.LogConstants.OAUTH_INBOUND_SERVICE;
 
 /**
  * ResponseTypeHandlerUtil contains all the common methods in tokenResponseTypeHandler and IDTokenResponseTypeHandler.
@@ -305,23 +309,25 @@ public static AuthzCodeDO generateAuthorizationCode(OAuthAuthzReqMessageContext
         }
         if (LoggerUtils.isDiagnosticLogsEnabled()) {
             DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
-                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "issue-authz-code");
-            diagnosticLogBuilder.inputParam("client id", authorizationReqDTO.getConsumerKey())
+                    OAUTH_INBOUND_SERVICE, ISSUE_AUTHZ_CODE);
+            diagnosticLogBuilder.inputParam(LogConstants.InputKeys.CLIENT_ID, authorizationReqDTO.getConsumerKey())
                     .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
                     .resultMessage("Authorization Code issued successfully.")
-                    .inputParam("requested scopes", OAuth2Util.buildScopeString(authorizationReqDTO.getScopes()))
-                    .inputParam("redirect uri", authorizationReqDTO.getCallbackUrl())
+                    .inputParam(OAuth2Constants.LogConstants.InputKeys.REQUESTED_SCOPES,
+                            OAuth2Util.buildScopeString(authorizationReqDTO.getScopes()))
+                    .inputParam(LogConstants.InputKeys.REDIREDCT_URI, authorizationReqDTO.getCallbackUrl())
                     .inputParam("authz code validity period (ms)", String.valueOf(validityPeriod))
                     .logDetailLevel(DiagnosticLog.LogDetailLevel.APPLICATION);
             if (authorizationReqDTO.getUser() != null) {
                 try {
-                    diagnosticLogBuilder.inputParam("user", authorizationReqDTO.getUser().getUserId());
+                    diagnosticLogBuilder.inputParam(LogConstants.InputKeys.USER_ID, authorizationReqDTO.getUser()
+                            .getUserId());
                 } catch (UserIdNotFoundException e) {
                     if (StringUtils.isNotBlank(authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier())) {
-
-                        diagnosticLogBuilder.inputParam("user", LoggerUtils.isLogMaskingEnable ? LoggerUtils
-                                .getMaskedContent(authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier()) :
-                                authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier());
+                        diagnosticLogBuilder.inputParam(LogConstants.InputKeys.USER, LoggerUtils.isLogMaskingEnable ?
+                                LoggerUtils.getMaskedContent(authorizationReqDTO.getUser()
+                                        .getAuthenticatedSubjectIdentifier()) : authorizationReqDTO.getUser()
+                                .getAuthenticatedSubjectIdentifier());
                     }
                 }
             }