fix: correct method and path for session api activity (#6880)

* fix: correct method and path for session api activity * fix: correct method and path for session api activity * fix: correct function name for activity trigger
2025-08-12 03:27:32 +00:00 · 2023-11-22 11:12:23 +01:00
parent 76fe032b5f
commit 5fcb5568d7
6 changed files with 58 additions and 13 deletions
--- a/internal/activity/activity.go
+++ b/internal/activity/activity.go
@@ -44,7 +44,7 @@ func (t TriggerMethod) String() string {
 	}
 }
-func Trigger(ctx context.Context, orgID, userID string, trigger TriggerMethod) {
+func TriggerHTTP(ctx context.Context, orgID, userID string, trigger TriggerMethod) {
 	ai := info.ActivityInfoFromContext(ctx)
 	triggerLog(
 		authz.GetInstance(ctx).InstanceID(),
@@ -55,11 +55,30 @@ func Trigger(ctx context.Context, orgID, userID string, trigger TriggerMethod) {
 		ai.Method,
 		ai.Path,
 		ai.RequestMethod,
 		"",
 		authz.GetCtxData(ctx).SystemMemberships != nil,
 	)
 }
-func TriggerWithContext(ctx context.Context, trigger TriggerMethod) {
+func TriggerGRPC(ctx context.Context, orgID, userID string, trigger TriggerMethod) {
 	ai := info.ActivityInfoFromContext(ctx)
 	// GRPC call the method is contained in the HTTP request path
 	method := ai.Path
 	triggerLog(
 		authz.GetInstance(ctx).InstanceID(),
 		orgID,
 		userID,
 		http_utils.ComposedOrigin(ctx),
 		trigger,
 		method,
 		"",
 		ai.RequestMethod,
 		ai.GRPCStatus.String(),
 		authz.GetCtxData(ctx).SystemMemberships != nil,
 	)
 }
 func TriggerGRPCWithContext(ctx context.Context, trigger TriggerMethod) {
 	ai := info.ActivityInfoFromContext(ctx)
 	// GRPC call the method is contained in the HTTP request path
 	method := ai.Path
@@ -72,11 +91,12 @@ func TriggerWithContext(ctx context.Context, trigger TriggerMethod) {
 		method,
 		"",
 		ai.RequestMethod,
 		ai.GRPCStatus.String(),
 		authz.GetCtxData(ctx).SystemMemberships != nil,
 	)
 }
-func triggerLog(instanceID, orgID, userID, domain string, trigger TriggerMethod, method, path, requestMethod string, isSystemUser bool) {
+func triggerLog(instanceID, orgID, userID, domain string, trigger TriggerMethod, method, path, requestMethod, status string, isSystemUser bool) {
 	logging.WithFields(
 		"instance", instanceID,
 		"org", orgID,
@@ -85,6 +105,7 @@ func triggerLog(instanceID, orgID, userID, domain string, trigger TriggerMethod,
 		"trigger", trigger.String(),
 		"method", method,
 		"path", path,
 		"grpcStatus", status,
 		"requestMethod", requestMethod,
 		"isSystemUser", isSystemUser,
 	).Info(Activity)
--- a/internal/api/grpc/server/middleware/activity_interceptor.go
+++ b/internal/api/grpc/server/middleware/activity_interceptor.go
@@ -8,13 +8,22 @@ import (
 	"google.golang.org/grpc"
 	"github.com/zitadel/zitadel/internal/activity"
 	"github.com/zitadel/zitadel/internal/api/grpc/errors"
 	ainfo "github.com/zitadel/zitadel/internal/api/info"
 )
 func ActivityInterceptor() grpc.UnaryServerInterceptor {
 	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
 		resp, err := handler(ctx, req)
 		if isResourceAPI(info.FullMethod) {
-			activity.TriggerWithContext(ctx, activity.ResourceAPI)
+			code, _, _, _ := errors.ExtractCaosError(err)
 			ctx = ainfo.ActivityInfoFromContext(ctx).SetGRPCStatus(code).IntoContext(ctx)
 			activity.TriggerGRPCWithContext(ctx, activity.ResourceAPI)
 		}
 		if strings.HasPrefix(info.FullMethod, "/zitadel.session.v1.SessionService/") {
 			code, _, _, _ := errors.ExtractCaosError(err)
 			ctx = ainfo.ActivityInfoFromContext(ctx).SetGRPCStatus(code).IntoContext(ctx)
 			activity.TriggerGRPCWithContext(ctx, activity.SessionAPI)
 		}
 		return resp, err
 	}
--- a/internal/api/grpc/session/v2/session.go
+++ b/internal/api/grpc/session/v2/session.go
@@ -354,7 +354,7 @@ func (s *Server) checksToCommand(ctx context.Context, checks *session.Checks) ([
 		}
 		// trigger activity log for session for user
-		activity.Trigger(ctx, user.ResourceOwner, user.ID, activity.SessionAPI)
+		activity.TriggerHTTP(ctx, user.ResourceOwner, user.ID, activity.SessionAPI)
 		sessionChecks = append(sessionChecks, command.CheckUser(user.ID, user.ResourceOwner))
 	}
 	if password := checks.GetPassword(); password != nil {
--- a/internal/api/info/info.go
+++ b/internal/api/info/info.go
@@ -2,6 +2,8 @@ package info
 import (
 	"context"
 	"google.golang.org/grpc/codes"
 )
 type activityInfoKey struct{}
@@ -10,6 +12,8 @@ type ActivityInfo struct {
 	Method        string
 	Path          string
 	RequestMethod string
 	GRPCStatus    codes.Code
 	HTTPStatus    int
 }
 func (a *ActivityInfo) IntoContext(ctx context.Context) context.Context {
@@ -32,6 +36,7 @@ func (a *ActivityInfo) SetMethod(method string) *ActivityInfo {
 	a.Method = method
 	return a
 }
 func (a *ActivityInfo) SetPath(path string) *ActivityInfo {
 	a.Path = path
 	return a
@@ -41,3 +46,13 @@ func (a *ActivityInfo) SetRequestMethod(method string) *ActivityInfo {
 	a.RequestMethod = method
 	return a
 }
 func (a *ActivityInfo) SetGRPCStatus(status codes.Code) *ActivityInfo {
 	a.GRPCStatus = status
 	return a
 }
 func (a *ActivityInfo) SetHTTPStatus(status int) *ActivityInfo {
 	a.HTTPStatus = status
 	return a
 }
--- a/internal/api/oidc/auth_request.go
+++ b/internal/api/oidc/auth_request.go
@@ -198,7 +198,7 @@ func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest)
 		userOrgID = authReq.UserOrgID
 	case *AuthRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", authReq.CurrentAuthRequest.UserID, activity.OIDCAccessToken)
+		activity.TriggerHTTP(ctx, "", authReq.CurrentAuthRequest.UserID, activity.OIDCAccessToken)
 		return o.command.AddOIDCSessionAccessToken(setContextUserSystem(ctx), authReq.GetID())
 	}
@@ -213,7 +213,7 @@ func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest)
 	}
 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, userOrgID, req.GetSubject(), activity.OIDCAccessToken)
+	activity.TriggerHTTP(ctx, userOrgID, req.GetSubject(), activity.OIDCAccessToken)
 	return resp.TokenID, resp.Expiration, nil
 }
@@ -225,11 +225,11 @@ func (o *OPStorage) CreateAccessAndRefreshTokens(ctx context.Context, req op.Tok
 	switch tokenReq := req.(type) {
 	case *AuthRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
 		return o.command.AddOIDCSessionRefreshAndAccessToken(setContextUserSystem(ctx), tokenReq.GetID())
 	case *RefreshTokenRequestV2:
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", tokenReq.GetSubject(), activity.OIDCRefreshToken)
 		return o.command.ExchangeOIDCSessionRefreshAndAccessToken(setContextUserSystem(ctx), tokenReq.OIDCSessionWriteModel.AggregateID, refreshToken, tokenReq.RequestedScopes)
 	}
@@ -258,7 +258,7 @@ func (o *OPStorage) CreateAccessAndRefreshTokens(ctx context.Context, req op.Tok
 	}
 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, userOrgID, req.GetSubject(), activity.OIDCRefreshToken)
+	activity.TriggerHTTP(ctx, userOrgID, req.GetSubject(), activity.OIDCRefreshToken)
 	return resp.TokenID, token, resp.Expiration, nil
 }
@@ -288,7 +288,7 @@ func (o *OPStorage) TokenRequestByRefreshToken(ctx context.Context, refreshToken
 			return nil, err
 		}
 		// trigger activity log for authentication for user
-		activity.Trigger(ctx, "", oidcSession.UserID, activity.OIDCRefreshToken)
+		activity.TriggerHTTP(ctx, "", oidcSession.UserID, activity.OIDCRefreshToken)
 		return &RefreshTokenRequestV2{OIDCSessionWriteModel: oidcSession}, nil
 	}
@@ -298,7 +298,7 @@ func (o *OPStorage) TokenRequestByRefreshToken(ctx context.Context, refreshToken
 	}
 	// trigger activity log for use of refresh token for user
-	activity.Trigger(ctx, tokenView.ResourceOwner, tokenView.UserID, activity.OIDCRefreshToken)
+	activity.TriggerHTTP(ctx, tokenView.ResourceOwner, tokenView.UserID, activity.OIDCRefreshToken)
 	return RefreshTokenRequestFromBusiness(tokenView), nil
 }
--- a/internal/api/saml/storage.go
+++ b/internal/api/saml/storage.go
@@ -151,7 +151,7 @@ func (p *Storage) SetUserinfoWithUserID(ctx context.Context, applicationID strin
 	setUserinfo(user, userinfo, attributes, customAttributes)
 	// trigger activity log for authentication for user
-	activity.Trigger(ctx, user.ResourceOwner, user.ID, activity.SAMLResponse)
+	activity.TriggerHTTP(ctx, user.ResourceOwner, user.ID, activity.SAMLResponse)
 	return nil
 }