Log client_name and client_schachome when defined for app

Author: remvee

config/gateway.config.yml

@@ -143,12 +143,18 @@ pipelines:
           - action:
               apps:
                 fred:
+                  client_name: 'Fred Flintstone'
+                  client_schachome: 'fred.flintstone'
                   passwordSalt: 8b52795e90b598eb022647f17c93ac2b
                   passwordHash: e4c9628c52aead0dcf10330a6864d8bcc78a5a4a463b274bee39cee4cfc0a574
                 barney:
+                  client_name: 'Barney Rubble'
+                  client_schachome: 'barney.rubble'
                   passwordSalt: 5e5b3fb149fdd06ba9d18edd178d77cb
                   passwordHash: 19d767b82ebb294e3c2008b53a0bcc59140e688baded13eea1794099c869e89f
                 bubbles:
+                  client_name: 'Bubbles Flintstone'
+                  client_schachome: 'bubbles.flintstone'
                   passwordSalt: 5970ad7d7501916274cf114f68d2aed0
                   passwordHash: 5e063ba6dcff4b7bc0234be7861dac8c4dd7db573f36755e0578b2e77a5cf6bf
               acls:

config/gateway.config.yml.v5

@@ -148,12 +148,18 @@ pipelines:
           - action:
               apps:
                 fred:
+                  client_name: 'Fred Flintstone'
+                  client_schachome: 'fred.flintstone'
                   passwordSalt: 8b52795e90b598eb022647f17c93ac2b
                   passwordHash: e4c9628c52aead0dcf10330a6864d8bcc78a5a4a463b274bee39cee4cfc0a574
                 barney:
+                  client_name: 'Barney Rubble'
+                  client_schachome: 'barney.rubble'
                   passwordSalt: 5e5b3fb149fdd06ba9d18edd178d77cb
                   passwordHash: 19d767b82ebb294e3c2008b53a0bcc59140e688baded13eea1794099c869e89f
                 bubbles:
+                  client_name: 'Bubbles Flintstone'
+                  client_schachome: 'bubbles.flintstone'
                   passwordSalt: 5970ad7d7501916274cf114f68d2aed0
                   passwordHash: 5e063ba6dcff4b7bc0234be7861dac8c4dd7db573f36755e0578b2e77a5cf6bf
               acls:

policies/aggregation/aggregation.js

@@ -117,19 +117,21 @@ module.exports = (config, { gatewayConfig: { serviceEndpoints } }) => {
       const outgoingTraceParent = traceParent.child()
       const reqTimerStart = new Date()
       // setup logging and metrics
-      const app = req.egContext.app
+      const app = req.egContext.app // set by gatekeeper policy
       const labels = {
         method: req.method,
         path: req.route.path,
         endpoint: endpointId,
-        client: app
+        client: app.user
       }
       concurrentRequestsMetric.labels(labels).inc()
 
       // log and keep metrics for request to endpoint
       const report = ({ statusCode, reqTimerEnd, ...rest }) => {
         jsonLog.info({
-          client: app,
+          client: app.user,
+          client_name: app.client_name,
+          client_schachome: app.client_schachome,
           side: 'backend',
           http_status: statusCode,
           endpoint: endpointId,

policies/gatekeeper/authentication.js

@@ -68,8 +68,9 @@ const appFromRequest = (req, apps) => {
     const pass = password || dummyPass
     const salt = app ? app.passwordSalt : dummySalt
     const hash = app ? app.passwordHash : dummyHash
+
     if (timingSafeHashEqual(hashPassword(pass, salt), hash)) {
-      return app ? user : null
+      return { ...app, user }
     }
   }
 

policies/gatekeeper/gatekeeper.js

@@ -55,7 +55,7 @@ module.exports = (params, config) => {
     delete req.headers.authorization
 
     if (app) {
-      const acl = acls[app]
+      const acl = acls[app.user]
 
       if (acl) {
         authorization.prepareRequestHeaders(acl, req)

policies/lifecycle-logger/logger.js

@@ -36,7 +36,9 @@ module.exports = () => {
         traceparent_trace_id: traceParent.traceId,
         traceparent_id: traceParent.id,
         traceparent_parent_id: traceParent.parent_id,
-        client: app,
+        client: app && app.user,
+        client_name: app && app.client_name,
+        client_schachome: app && app.client_schachome,
         route_path: req.route && req.route.path,
         http_status: statusCode,
         request_method: method,

test/config/gateway.config.v4.yml

@@ -145,12 +145,18 @@ pipelines:
           - action:
               apps:
                 fred:
+                  client_name: 'Fred Flintstone'
+                  client_schachome: 'fred.flintstone'
                   passwordSalt: 8b52795e90b598eb022647f17c93ac2b
                   passwordHash: e4c9628c52aead0dcf10330a6864d8bcc78a5a4a463b274bee39cee4cfc0a574
                 barney:
+                  client_name: 'Barney Rubble'
+                  client_schachome: 'barney.rubble'
                   passwordSalt: 5e5b3fb149fdd06ba9d18edd178d77cb
                   passwordHash: 19d767b82ebb294e3c2008b53a0bcc59140e688baded13eea1794099c869e89f
                 bubbles:
+                  client_name: 'Bubbles Flintstone'
+                  client_schachome: 'bubbles.flintstone'
                   passwordSalt: 5970ad7d7501916274cf114f68d2aed0
                   passwordHash: 5e063ba6dcff4b7bc0234be7861dac8c4dd7db573f36755e0578b2e77a5cf6bf
               acls:

test/config/gateway.config.v5.yml

@@ -152,12 +152,18 @@ pipelines:
           - action:
               apps:
                 fred:
+                  client_name: 'Fred Flintstone'
+                  client_schachome: 'fred.flintstone'
                   passwordSalt: 8b52795e90b598eb022647f17c93ac2b
                   passwordHash: e4c9628c52aead0dcf10330a6864d8bcc78a5a4a463b274bee39cee4cfc0a574
                 barney:
+                  client_name: 'Bubbles Flintstone'
+                  client_schachome: 'bubbles.flintstone'
                   passwordSalt: 5e5b3fb149fdd06ba9d18edd178d77cb
                   passwordHash: 19d767b82ebb294e3c2008b53a0bcc59140e688baded13eea1794099c869e89f
                 bubbles:
+                  client_name: 'Bubbles Flintstone'
+                  client_schachome: 'bubbles.flintstone'
                   passwordSalt: 5970ad7d7501916274cf114f68d2aed0
                   passwordHash: 5e063ba6dcff4b7bc0234be7861dac8c4dd7db573f36755e0578b2e77a5cf6bf
               acls:

test/gatekeeper/authentication.test.js

@@ -64,6 +64,8 @@ describe('gatekeeper/authentication', () => {
     let salt
     const apps = {
       fred: {
+        client_name: 'Fred Flintstone',
+        client_schachome: 'fred.flintstone',
         passwordHash: authentication.hashPassword('wilma', salt = randomString()),
         passwordSalt: salt
       },
@@ -82,19 +84,20 @@ describe('gatekeeper/authentication', () => {
     )
 
     it('should return app from basic authentication', () => {
-      assert.equal(
-        authentication.appFromRequest({
-          headers: { authorization: authorizationHeader('fred', 'wilma') }
-        }, apps),
-        'fred'
-      )
+      const app = authentication.appFromRequest({
+        headers: { authorization: authorizationHeader('fred', 'wilma') }
+      }, apps)
+
+      assert.equal(app.user, 'fred')
+      assert.equal(app.client_name, 'Fred Flintstone')
+      assert.equal(app.client_schachome, 'fred.flintstone')
     })
 
     it('should allow colon in password', () => {
       assert.equal(
         authentication.appFromRequest({
           headers: { authorization: authorizationHeader('with-colon', 'with:colon') }
-        }, apps),
+        }, apps).user,
         'with-colon'
       )
     })