[MM-18360] Add audit logging for SAML user login (#12831)

* Add audit logging for SAML user login * add statement for login sucess * Update web/saml.go Co-Authored-By: Martin Kraft <martin@upspin.org>
2025-02-25 18:55:24 -06:00 · 2019-10-29 10:54:43 -07:00
parent 9b9923ea42
commit 5dbccd0f07
1 changed files with 8 additions and 0 deletions
--- a/web/saml.go
+++ b/web/saml.go
@@ -84,8 +84,12 @@ func completeSaml(c *Context, w http.ResponseWriter, r *http.Request) {
 		relayProps = model.MapFromJson(strings.NewReader(stateStr))
 	}

+	c.LogAudit("attempt")
+
 	action := relayProps["action"]
 	if user, err := samlInterface.DoLogin(encodedXML, relayProps); err != nil {
+		c.LogAudit("fail")
+
 		if action == model.OAUTH_ACTION_MOBILE {
 			err.Translate(c.App.T)
 			w.Write([]byte(err.ToJson()))
@@ -126,12 +130,16 @@ func completeSaml(c *Context, w http.ResponseWriter, r *http.Request) {
 			})
 		}

+		c.LogAuditWithUserId(user.Id, "obtained user")
+
 		session, err := c.App.DoLogin(w, r, user, "")
 		if err != nil {
 			c.Err = err
 			return
 		}

+		c.LogAuditWithUserId(user.Id, "success")
+
 		c.App.AttachSessionCookies(w, r, session)

 		c.App.Session = *session