diff --git a/pom.xml b/pom.xml
index 12d25b5f..066c1fd4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
com.uid2
uid2-shared
- 10.9.0
+ 10.9.1-alpha-286-SNAPSHOT
${project.groupId}:${project.artifactId}
Library for all the shared uid2 operations
https://github.com/IABTechLab/uid2docs
diff --git a/src/main/java/com/uid2/shared/middleware/AuthMiddleware.java b/src/main/java/com/uid2/shared/middleware/AuthMiddleware.java
index a7391cbe..17389399 100644
--- a/src/main/java/com/uid2/shared/middleware/AuthMiddleware.java
+++ b/src/main/java/com/uid2/shared/middleware/AuthMiddleware.java
@@ -72,7 +72,7 @@ public Handler handleV1(Handler handler, E..
throw new IllegalArgumentException("must specify at least one role");
}
final RoleBasedAuthorizationProvider authorizationProvider = new RoleBasedAuthorizationProvider<>(Collections.unmodifiableSet(new HashSet(Arrays.asList(roles))));
- final AuthHandler h = new AuthHandler(handler, this.authKeyStore, authorizationProvider, true);
+ final AuthHandler h = new AuthHandler(handler, this.authKeyStore, authorizationProvider, true, this.audit, null);
return h::handle;
}
@@ -102,9 +102,9 @@ public final Handler handleWithAudit(Handler
AuthHandler h;
if (enableAuditLog) {
final Handler loggedHandler = logAndHandle(handler, params);
- h = new AuthHandler(loggedHandler, this.authKeyStore, authorizationProvider, false);
+ h = new AuthHandler(loggedHandler, this.authKeyStore, authorizationProvider, false, this.audit, params);
} else {
- h = new AuthHandler(handler, this.authKeyStore, authorizationProvider, false);
+ h = new AuthHandler(handler, this.authKeyStore, authorizationProvider, false, this.audit, null);
}
return h::handle;
@@ -112,7 +112,7 @@ public final Handler handleWithAudit(Handler
public Handler handleWithOptionalAuth(Handler handler) {
- final AuthHandler h = new AuthHandler(handler, this.authKeyStore, blankAuthorizationProvider, true);
+ final AuthHandler h = new AuthHandler(handler, this.authKeyStore, blankAuthorizationProvider, true, this.audit, null);
return h::handle;
}
@@ -154,12 +154,16 @@ private static class AuthHandler {
private final IAuthorizableProvider authKeyStore;
private final IAuthorizationProvider authorizationProvider;
private final boolean isV1Response;
+ private final Audit audit;
+ private final AuditParams auditParams;
- private AuthHandler(Handler handler, IAuthorizableProvider authKeyStore, IAuthorizationProvider authorizationProvider, boolean isV1Response) {
+ private AuthHandler(Handler handler, IAuthorizableProvider authKeyStore, IAuthorizationProvider authorizationProvider, boolean isV1Response, Audit audit, AuditParams auditParams) {
this.innerHandler = handler;
this.authKeyStore = authKeyStore;
this.authorizationProvider = authorizationProvider;
this.isV1Response = isV1Response;
+ this.audit = audit;
+ this.auditParams = auditParams;
}
@@ -182,6 +186,12 @@ public void handle(RoutingContext rc) {
}
private void onFailedAuth(RoutingContext rc) {
+ // Log failed authentication attempt
+ if (this.audit != null) {
+ AuditParams failedAuthParams = this.auditParams != null ? this.auditParams : new AuditParams();
+ this.audit.log(rc, failedAuthParams);
+ }
+
if (isV1Response) {
rc.response().putHeader(HttpHeaders.CONTENT_TYPE, "application/json")
.setStatusCode(401)