Merge pull request #9074 from overleaf/jel-saml-log-tests

[web] Add tests for SAML log

GitOrigin-RevId: 7bc5b25461063b32d3471b7f4ab966f2caa4e70c
This commit is contained in:
Jessica Lawshe 2022-08-08 09:19:14 -05:00 committed by Copybot
parent c4c16c6d05
commit f1ee27a518
4 changed files with 73 additions and 18 deletions

View file

@ -26,17 +26,7 @@ module.exports = ErrorController = {
const user = SessionManager.getSessionUser(req.session) const user = SessionManager.getSessionUser(req.session)
// log errors related to SAML flow // log errors related to SAML flow
if (req.session && req.session.saml) { if (req.session && req.session.saml) {
SamlLogHandler.log(req.session.saml.universityId, req.sessionID, { SamlLogHandler.log(req, { error })
error: {
message: error && error.message,
stack: error && error.stack,
},
body: req.body,
path: req.path,
query: req.query,
saml: req.session.saml,
user_id: user && user._id,
})
} }
if (error.code === 'EBADCSRFTOKEN') { if (error.code === 'EBADCSRFTOKEN') {
logger.warn( logger.warn(

View file

@ -1,11 +1,50 @@
const { SamlLog } = require('../../models/SamlLog') const { SamlLog } = require('../../models/SamlLog')
const SessionManager = require('../Authentication/SessionManager')
const logger = require('@overleaf/logger') const logger = require('@overleaf/logger')
const { err: errSerializer } = require('@overleaf/logger/serializers')
function log(req, data, samlAssertion) {
let providerId, sessionId
data = data || {}
function log(providerId, sessionId, data) {
try { try {
const samlLog = new SamlLog() const samlLog = new SamlLog()
samlLog.providerId = providerId = (providerId || '').toString() const { path, query } = req
samlLog.sessionId = sessionId = (sessionId || '').toString().substr(0, 8) const { saml } = req.session
const userId = SessionManager.getLoggedInUserId(req.session)
providerId = (req.session.saml?.universityId || '').toString()
sessionId = (req.sessionID || '').toString().substr(0, 8)
samlLog.providerId = providerId
samlLog.sessionId = sessionId
samlLog.path = path
samlLog.userId = userId
data.query = query
data.samlSession = saml
if (data.error instanceof Error) {
const errSerialized = errSerializer(data.error)
if (data.error.tryAgain) {
errSerialized.tryAgain = data.error.tryAgain
}
data.error = errSerialized
}
if (samlAssertion) {
const samlAssertionForLog = {
assertionXml: samlAssertion.getAssertionXml(),
responseXml: samlAssertion.getSamlResponseXml(),
assertionJsonExtended: req.user_info,
}
samlLog.samlAssertion = JSON.stringify(samlAssertionForLog)
}
if (data.error || samlAssertion) {
data.body = req.body
}
try { try {
samlLog.jsonData = JSON.stringify(data) samlLog.jsonData = JSON.stringify(data)
} catch (err) { } catch (err) {

View file

@ -6,8 +6,11 @@ const SamlLogSchema = new Schema(
createdAt: { type: Date, default: () => new Date() }, createdAt: { type: Date, default: () => new Date() },
data: { type: Object }, data: { type: Object },
jsonData: { type: String }, jsonData: { type: String },
path: { type: String },
providerId: { type: String, default: '' }, providerId: { type: String, default: '' },
samlAssertion: { type: String },
sessionId: { type: String, default: '' }, sessionId: { type: String, default: '' },
userId: { type: String, default: '' },
}, },
{ {
collection: 'samlLogs', collection: 'samlLogs',

View file

@ -31,13 +31,24 @@ describe('SamlLogHandler', function () {
describe('with valid data object', function () { describe('with valid data object', function () {
beforeEach(function () { beforeEach(function () {
SamlLogHandler.log(providerId, sessionId, data) SamlLogHandler.log(
{
session: { saml: { universityId: providerId } },
sessionID: sessionId,
},
data
)
}) })
it('should log data', function () { it('should log data', function () {
samlLog.providerId.should.equal(providerId) samlLog.providerId.should.equal(providerId)
samlLog.sessionId.should.equal(sessionId.substr(0, 8)) samlLog.sessionId.should.equal(sessionId.substr(0, 8))
samlLog.jsonData.should.equal('{"foo":true}') samlLog.jsonData.should.equal(
JSON.stringify({
foo: true,
samlSession: { universityId: 'provider-id' },
})
)
expect(samlLog.data).to.be.undefined expect(samlLog.data).to.be.undefined
samlLog.save.should.have.been.calledOnce samlLog.save.should.have.been.calledOnce
}) })
@ -48,7 +59,13 @@ describe('SamlLogHandler', function () {
const circularRef = {} const circularRef = {}
circularRef.circularRef = circularRef circularRef.circularRef = circularRef
SamlLogHandler.log(providerId, sessionId, circularRef) SamlLogHandler.log(
{
session: { saml: { universityId: providerId } },
sessionID: sessionId,
},
circularRef
)
}) })
it('should log without data and log error', function () { it('should log without data and log error', function () {
@ -68,7 +85,13 @@ describe('SamlLogHandler', function () {
beforeEach(function () { beforeEach(function () {
samlLog.save = sinon.stub().yields('error') samlLog.save = sinon.stub().yields('error')
SamlLogHandler.log(providerId, sessionId, data) SamlLogHandler.log(
{
session: { saml: { universityId: providerId } },
sessionID: sessionId,
},
data
)
}) })
it('should log error', function () { it('should log error', function () {