fix: correct method and path for session api activity (#6880)

* fix: correct method and path for session api activity * fix: correct method and path for session api activity * fix: correct function name for activity trigger
2025-08-12 03:57:32 +00:00 · 2023-11-22 11:12:23 +01:00
parent 76fe032b5f
commit 5fcb5568d7
6 changed files with 58 additions and 13 deletions
--- a/internal/api/grpc/server/middleware/activity_interceptor.go
+++ b/internal/api/grpc/server/middleware/activity_interceptor.go
@@ -8,13 +8,22 @@ import (
 	"google.golang.org/grpc"

 	"github.com/zitadel/zitadel/internal/activity"
+	"github.com/zitadel/zitadel/internal/api/grpc/errors"
+	ainfo "github.com/zitadel/zitadel/internal/api/info"
 )

 func ActivityInterceptor() grpc.UnaryServerInterceptor {
 	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
 		resp, err := handler(ctx, req)
 		if isResourceAPI(info.FullMethod) {
-			activity.TriggerWithContext(ctx, activity.ResourceAPI)
+			code, _, _, _ := errors.ExtractCaosError(err)
+			ctx = ainfo.ActivityInfoFromContext(ctx).SetGRPCStatus(code).IntoContext(ctx)
+			activity.TriggerGRPCWithContext(ctx, activity.ResourceAPI)
+		}
+		if strings.HasPrefix(info.FullMethod, "/zitadel.session.v1.SessionService/") {
+			code, _, _, _ := errors.ExtractCaosError(err)
+			ctx = ainfo.ActivityInfoFromContext(ctx).SetGRPCStatus(code).IntoContext(ctx)
+			activity.TriggerGRPCWithContext(ctx, activity.SessionAPI)
 		}
 		return resp, err
 	}
--- a/internal/api/grpc/session/v2/session.go
+++ b/internal/api/grpc/session/v2/session.go
@@ -354,7 +354,7 @@ func (s *Server) checksToCommand(ctx context.Context, checks *session.Checks) ([
 		}

 		// trigger activity log for session for user
-		activity.Trigger(ctx, user.ResourceOwner, user.ID, activity.SessionAPI)
+		activity.TriggerHTTP(ctx, user.ResourceOwner, user.ID, activity.SessionAPI)
 		sessionChecks = append(sessionChecks, command.CheckUser(user.ID, user.ResourceOwner))
 	}
 	if password := checks.GetPassword(); password != nil {
--- a/internal/api/info/info.go
+++ b/internal/api/info/info.go
@@ -2,6 +2,8 @@ package info

 import (
 	"context"
+
+	"google.golang.org/grpc/codes"
 )

 type activityInfoKey struct{}
@@ -10,6 +12,8 @@ type ActivityInfo struct {
 	Method        string
 	Path          string
 	RequestMethod string
+	GRPCStatus    codes.Code
+	HTTPStatus    int
 }

 func (a *ActivityInfo) IntoContext(ctx context.Context) context.Context {
@@ -32,6 +36,7 @@ func (a *ActivityInfo) SetMethod(method string) *ActivityInfo {
 	a.Method = method
 	return a
 }
+
 func (a *ActivityInfo) SetPath(path string) *ActivityInfo {
 	a.Path = path
 	return a
@@ -41,3 +46,13 @@ func (a *ActivityInfo) SetRequestMethod(method string) *ActivityInfo {
 	a.RequestMethod = method
 	return a
 }
+
+func (a *ActivityInfo) SetGRPCStatus(status codes.Code) *ActivityInfo {
+	a.GRPCStatus = status
+	return a
+}
+
+func (a *ActivityInfo) SetHTTPStatus(status int) *ActivityInfo {
+	a.HTTPStatus = status
+	return a
+}
--- a/internal/api/oidc/auth_request.go
+++ b/internal/api/oidc/auth_request.go
@@ -198,7 +198,7 @@ func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest)
 		userOrgID = authReq.UserOrgID
 	case *AuthRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", authReq.CurrentAuthRequest.UserID, activity.OIDCAccessToken)
+		activity.TriggerHTTP(ctx, "", authReq.CurrentAuthRequest.UserID, activity.OIDCAccessToken)
 		return o.command.AddOIDCSessionAccessToken(setContextUserSystem(ctx), authReq.GetID())
 	}

@@ -213,7 +213,7 @@ func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest)
 	}

 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, userOrgID, req.GetSubject(), activity.OIDCAccessToken)
+	activity.TriggerHTTP(ctx, userOrgID, req.GetSubject(), activity.OIDCAccessToken)
 	return resp.TokenID, resp.Expiration, nil
 }

@@ -225,11 +225,11 @@ func (o *OPStorage) CreateAccessAndRefreshTokens(ctx context.Context, req op.Tok
 	switch tokenReq := req.(type) {
 	case *AuthRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
 		return o.command.AddOIDCSessionRefreshAndAccessToken(setContextUserSystem(ctx), tokenReq.GetID())
 	case *RefreshTokenRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
 		return o.command.ExchangeOIDCSessionRefreshAndAccessToken(setContextUserSystem(ctx), tokenReq.OIDCSessionWriteModel.AggregateID, refreshToken, tokenReq.RequestedScopes)
 	}

@@ -258,7 +258,7 @@ func (o *OPStorage) CreateAccessAndRefreshTokens(ctx context.Context, req op.Tok
 	}

 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, userOrgID, req.GetSubject(), activity.OIDCRefreshToken)
+	activity.TriggerHTTP(ctx, userOrgID, req.GetSubject(), activity.OIDCRefreshToken)
 	return resp.TokenID, token, resp.Expiration, nil
 }

@@ -288,7 +288,7 @@ func (o *OPStorage) TokenRequestByRefreshToken(ctx context.Context, refreshToken
 			return nil, err
 		}
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", oidcSession.UserID, activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", oidcSession.UserID, activity.OIDCRefreshToken)
 		return &RefreshTokenRequestV2{OIDCSessionWriteModel: oidcSession}, nil
 	}

@@ -298,7 +298,7 @@ func (o *OPStorage) TokenRequestByRefreshToken(ctx context.Context, refreshToken
 	}

 	// trigger activity log for use of refresh token for user
-	activity.Trigger(ctx, tokenView.ResourceOwner, tokenView.UserID, activity.OIDCRefreshToken)
+	activity.TriggerHTTP(ctx, tokenView.ResourceOwner, tokenView.UserID, activity.OIDCRefreshToken)
 	return RefreshTokenRequestFromBusiness(tokenView), nil
 }

--- a/internal/api/saml/storage.go
+++ b/internal/api/saml/storage.go
@@ -151,7 +151,7 @@ func (p *Storage) SetUserinfoWithUserID(ctx context.Context, applicationID strin
 	setUserinfo(user, userinfo, attributes, customAttributes)

 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, user.ResourceOwner, user.ID, activity.SAMLResponse)
+	activity.TriggerHTTP(ctx, user.ResourceOwner, user.ID, activity.SAMLResponse)
 	return nil
 }