Skip to content
This repository has been archived by the owner on Jan 12, 2024. It is now read-only.

Commit

Permalink
enable audit logging for sts auth failures (#190)
Browse files Browse the repository at this point in the history
* enable audit logging for sts auth failures
  • Loading branch information
mayitbeegh authored Mar 8, 2019
1 parent 077acd0 commit 0c3539b
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 9 deletions.
2 changes: 1 addition & 1 deletion gradle.properties
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,6 @@
# limitations under the License.
#

version=3.25.5
version=3.25.7
groupId=com.nike.cerberus
artifactId=cms
Original file line number Diff line number Diff line change
Expand Up @@ -78,16 +78,17 @@ private ResponseInfo<AuthTokenResponse> authenticate(RequestInfo<Void> request)
final String headerXAmzDate = getHeaderXAmzDate(request);
final String headerXAmzSecurityToken = getHeaderXAmzSecurityToken(request);
final String headerAuthorization = getHeaderAuthorization(request);

if (headerAuthorization == null || headerXAmzDate == null || headerXAmzSecurityToken == null) {
throw new ApiException(DefaultApiError.MISSING_AWS_SIGNATURE_HEADERS);
}

AwsStsHttpHeader header = new AwsStsHttpHeader(headerXAmzDate, headerXAmzSecurityToken, headerAuthorization);
GetCallerIdentityResponse getCallerIdentityResponse = awsStsClient.getCallerIdentity(header);
String iamPrincipalArn = getCallerIdentityResponse.getGetCallerIdentityResult().getArn();
String iamPrincipalArn = null;
AuthTokenResponse authResponse = null;
try {
if (headerAuthorization == null || headerXAmzDate == null || headerXAmzSecurityToken == null) {
throw new ApiException(DefaultApiError.MISSING_AWS_SIGNATURE_HEADERS);
}

AwsStsHttpHeader header = new AwsStsHttpHeader(headerXAmzDate, headerXAmzSecurityToken, headerAuthorization);
GetCallerIdentityResponse getCallerIdentityResponse = awsStsClient.getCallerIdentity(header);
iamPrincipalArn = getCallerIdentityResponse.getGetCallerIdentityResult().getArn();

authResponse = authenticationService.stsAuthenticate(iamPrincipalArn);
} catch (ApiException e) {
eventProcessorService.ingestEvent(auditableEvent(
Expand Down

0 comments on commit 0c3539b

Please sign in to comment.