mirror of
https://github.com/logto-io/logto.git
synced 2024-12-30 20:33:54 -05:00
feat(core,console,schemas): add idp-initiated sso session create log (#6743)
add idp-initiated sso session create log
This commit is contained in:
parent
5bb9375055
commit
f2d280466d
3 changed files with 14 additions and 1 deletions
|
@ -104,6 +104,8 @@ export const auditLogEventTitle: Record<string, Optional<string>> & {
|
||||||
'Create and send forgot-password SMS verification code',
|
'Create and send forgot-password SMS verification code',
|
||||||
'Interaction.ForgotPassword.Verification.SmsVerificationCode.Submit':
|
'Interaction.ForgotPassword.Verification.SmsVerificationCode.Submit':
|
||||||
'Verify forgot-password SMS verification code',
|
'Verify forgot-password SMS verification code',
|
||||||
|
'Interaction.SignIn.Verification.IdpInitiatedSso.Create':
|
||||||
|
'Create IdP-initiated SAML SSO authentication session',
|
||||||
});
|
});
|
||||||
|
|
||||||
export const logEventTitle: Record<string, Optional<string>> & {
|
export const logEventTitle: Record<string, Optional<string>> & {
|
||||||
|
|
|
@ -18,6 +18,7 @@ import {
|
||||||
|
|
||||||
import { idpInitiatedSamlSsoSessionCookieName } from '../constants/index.js';
|
import { idpInitiatedSamlSsoSessionCookieName } from '../constants/index.js';
|
||||||
import { EnvSet } from '../env-set/index.js';
|
import { EnvSet } from '../env-set/index.js';
|
||||||
|
import koaAuditLog from '../middleware/koa-audit-log.js';
|
||||||
|
|
||||||
import { ssoPath } from './interaction/const.js';
|
import { ssoPath } from './interaction/const.js';
|
||||||
import type { AnonymousRouter, RouterInitArgs } from './types.js';
|
import type { AnonymousRouter, RouterInitArgs } from './types.js';
|
||||||
|
@ -183,6 +184,7 @@ export default function authnRoutes<T extends AnonymousRouter>(
|
||||||
params: z.object({ connectorId: z.string().min(1) }),
|
params: z.object({ connectorId: z.string().min(1) }),
|
||||||
status: [302, 400, 404],
|
status: [302, 400, 404],
|
||||||
}),
|
}),
|
||||||
|
koaAuditLog(queries),
|
||||||
async (ctx, next) => {
|
async (ctx, next) => {
|
||||||
const {
|
const {
|
||||||
params: { connectorId },
|
params: { connectorId },
|
||||||
|
@ -237,6 +239,13 @@ export default function authnRoutes<T extends AnonymousRouter>(
|
||||||
const { autoSendAuthorizationRequest, clientIdpInitiatedAuthCallbackUri } =
|
const { autoSendAuthorizationRequest, clientIdpInitiatedAuthCallbackUri } =
|
||||||
idpInitiatedAuthConfig;
|
idpInitiatedAuthConfig;
|
||||||
|
|
||||||
|
const log = ctx.createLog('Interaction.SignIn.Verification.IdpInitiatedSso.Create');
|
||||||
|
log.append({
|
||||||
|
connectorId,
|
||||||
|
ssoSessionId: id,
|
||||||
|
assertionContent,
|
||||||
|
});
|
||||||
|
|
||||||
// Redirect to the client side callback URI if the autoSendAuthorizationRequest is disabled.
|
// Redirect to the client side callback URI if the autoSendAuthorizationRequest is disabled.
|
||||||
// Client side will generate and verify the state to prevent CSRF attack.
|
// Client side will generate and verify the state to prevent CSRF attack.
|
||||||
if (!autoSendAuthorizationRequest) {
|
if (!autoSendAuthorizationRequest) {
|
||||||
|
|
|
@ -96,4 +96,6 @@ export type LogKey =
|
||||||
| Action.Submit
|
| Action.Submit
|
||||||
| Action.Create}`
|
| Action.Create}`
|
||||||
| `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}`
|
| `${Prefix}.${InteractionEvent}.${Field.Verification}.${VerificationType}.${Action}`
|
||||||
| `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}`;
|
| `${Prefix}.${InteractionEvent}.${Field.Identifier}.${Action.Submit}`
|
||||||
|
// IdpInitiatedSingleSignOn log, used upon receiving a SAML request from the IdP
|
||||||
|
| `${Prefix}.${InteractionEvent.SignIn}.${Field.Verification}.IdpInitiatedSso.${Action.Create}`;
|
||||||
|
|
Loading…
Reference in a new issue