mosip · vishwa-vyom · Jan 8, 2024 · Jan 7, 2024
diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/util/AuditHelper.java b/esignet-core/src/main/java/io/mosip/esignet/core/util/AuditHelper.java
@@ -16,12 +16,18 @@ public class AuditHelper {
     public static AuditDTO buildAuditDto(String clientId) {
         AuditDTO auditDTO = new AuditDTO();
         auditDTO.setClientId(clientId);
+        auditDTO.setIdType("ClientId");
         return auditDTO;
     }
 
     public static AuditDTO buildAuditDto(String transactionId, OIDCTransaction transaction) {
+        return buildAuditDto(transactionId, "transaction", transaction);
+    }
+
+    public static AuditDTO buildAuditDto(String transactionId, String idType, OIDCTransaction transaction) {
         AuditDTO auditDTO = new AuditDTO();
         auditDTO.setTransactionId(transactionId);
+        auditDTO.setIdType(idType);
         if(transaction != null) {
             auditDTO.setRelyingPartyId(transaction.getRelyingPartyId());
             auditDTO.setClientId(transaction.getClientId());

diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/validator/RedirectURL.java b/esignet-core/src/main/java/io/mosip/esignet/core/validator/RedirectURL.java
@@ -12,7 +12,7 @@
 import static java.lang.annotation.ElementType.TYPE_USE;
 import static java.lang.annotation.RetentionPolicy.RUNTIME;
 
-@Target({ FIELD,TYPE_USE })
+@Target({ FIELD,TYPE_USE  })
 @Retention(RUNTIME)
 @Constraint(validatedBy = RedirectURLValidator.class)
 @Documented

diff --git a/esignet-integration-api/src/main/java/io/mosip/esignet/api/dto/AuditDTO.java b/esignet-integration-api/src/main/java/io/mosip/esignet/api/dto/AuditDTO.java
@@ -31,4 +31,6 @@ public class AuditDTO {
     String linkedTransactionId;
     String nonce;
     String state;
+
+    String idType;
 }
diff --git a/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java b/esignet-integration-api/src/main/java/io/mosip/esignet/api/util/Action.java
@@ -1,31 +1,39 @@
 package io.mosip.esignet.api.util;
 
 public enum Action {
-    OIDC_CLIENT_CREATE,
-    OIDC_CLIENT_UPDATE,
-    OAUTH_CLIENT_CREATE,
-    OAUTH_CLIENT_UPDATE,
-    GET_OAUTH_DETAILS,
-    TRANSACTION_STARTED,
-    SEND_OTP,
-    AUTHENTICATE,
-    GET_AUTH_CODE,
-    GENERATE_TOKEN,
-    GET_USERINFO,
-    DO_KYC_AUTH,
-    DO_KYC_EXCHANGE,
-    GET_CERTIFICATE,
-    UPLOAD_CERTIFICATE,
-    LINK_CODE,
-    LINK_TRANSACTION,
-    LINK_STATUS,
-    LINK_AUTHENTICATE,
-    SAVE_CONSENT,
-    LINK_SEND_OTP,
-    LINK_AUTH_CODE,
-    GET_USER_CONSENT,
-    SAVE_USER_CONSENT,
-    UPDATE_USER_CONSENT,
-    DELETE_USER_CONSENT,
-    VC_ISSUANCE
+    OIDC_CLIENT_CREATE("client-mgmt-service"),
+    OIDC_CLIENT_UPDATE("client-mgmt-service"),
+    OAUTH_CLIENT_CREATE("client-mgmt-service"),
+    OAUTH_CLIENT_UPDATE("client-mgmt-service"),
+    GET_OAUTH_DETAILS("esignet-service"),
+    TRANSACTION_STARTED("esignet-service"),
+    SEND_OTP("esignet-service"),
+    AUTHENTICATE("esignet-service"),
+    GET_AUTH_CODE("esignet-service"),
+    GENERATE_TOKEN("esignet-service"),
+    GET_USERINFO("esignet-service"),
+    DO_KYC_AUTH("esignet-service"),
+    DO_KYC_EXCHANGE("esignet-service"),
+    GET_CERTIFICATE("keymanager"),
+    UPLOAD_CERTIFICATE("keymanager"),
+    LINK_CODE("esignet-service"),
+    LINK_TRANSACTION("esignet-service"),
+    LINK_STATUS("esignet-service"),
+    LINK_AUTHENTICATE("esignet-service"),
+    SAVE_CONSENT("consent-service"),
+    LINK_SEND_OTP("esignet-service"),
+    LINK_AUTH_CODE("esignet-service"),
+    GET_USER_CONSENT("consent-service"),
+    SAVE_USER_CONSENT("consent-service"),
+    UPDATE_USER_CONSENT("consent-service"),
+    DELETE_USER_CONSENT("consent-service"),
+    SEND_BINDING_OTP("key-binding"),
+    KEY_BINDING("key-binding"),
+    VC_ISSUANCE("vci-service");
+
+    String module;
+
+    Action(String module) {
+        this.module = module;
+    }
 }
diff --git a/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java b/esignet-service/src/main/java/io/mosip/esignet/controllers/KeyBindingController.java
@@ -5,9 +5,13 @@
  */
 package io.mosip.esignet.controllers;
 
+import io.mosip.esignet.api.spi.AuditPlugin;
+import io.mosip.esignet.api.util.Action;
+import io.mosip.esignet.api.util.ActionStatus;
 import io.mosip.esignet.core.dto.*;
 import io.mosip.esignet.core.exception.EsignetException;
 import io.mosip.esignet.core.spi.KeyBindingService;
+import io.mosip.esignet.core.util.AuditHelper;
 import io.mosip.esignet.core.util.IdentityProviderUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -24,15 +28,26 @@ public class KeyBindingController {
 
     @Autowired
     private KeyBindingService keyBindingService;
+
+    @Autowired
+    private AuditPlugin auditPlugin;
 
     @PostMapping(value = "binding-otp", consumes = {MediaType.APPLICATION_JSON_VALUE},
             produces = {MediaType.APPLICATION_JSON_VALUE})
     public ResponseWrapper<OtpResponse> sendBindingOtp(@Valid @RequestBody RequestWrapper<BindingOtpRequest> requestWrapper,
                                                        @RequestHeader Map<String, String> headers)
             throws EsignetException {
         ResponseWrapper responseWrapper = new ResponseWrapper();
-        responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime());
-        responseWrapper.setResponse(keyBindingService.sendBindingOtp(requestWrapper.getRequest(), headers));
+        try {
+            responseWrapper.setResponse(keyBindingService.sendBindingOtp(requestWrapper.getRequest(), headers));
+            responseWrapper.setResponseTime(IdentityProviderUtil.getUTCDateTime());
+            auditPlugin.logAudit(Action.SEND_BINDING_OTP, ActionStatus.SUCCESS,
+                    AuditHelper.buildAuditDto("individualId", null), null);
+        } catch (EsignetException ex) {
+            auditPlugin.logAudit(Action.SEND_BINDING_OTP, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto("individualId", null), ex);
+            throw ex;
+        }
         return responseWrapper;
     }
 
@@ -41,9 +56,16 @@ public ResponseWrapper<OtpResponse> sendBindingOtp(@Valid @RequestBody RequestWr
     public ResponseWrapper<WalletBindingResponse> bindWallet(@Valid @RequestBody RequestWrapper<WalletBindingRequest> requestWrapper,
                                                              @RequestHeader Map<String, String> headers) throws EsignetException {
         ResponseWrapper response = new ResponseWrapper<WalletBindingResponse>();
-        response.setResponse(keyBindingService.bindWallet(requestWrapper.getRequest(), headers));
-        response.setResponseTime(IdentityProviderUtil.getUTCDateTime());
+        try {
+            response.setResponse(keyBindingService.bindWallet(requestWrapper.getRequest(), headers));
+            auditPlugin.logAudit(Action.KEY_BINDING, ActionStatus.SUCCESS,
+                    AuditHelper.buildAuditDto("individualId", null), null);
+            response.setResponseTime(IdentityProviderUtil.getUTCDateTime());
+        } catch (EsignetException ex) {
+            auditPlugin.logAudit(Action.KEY_BINDING, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto("individualId", null), ex);
+            throw ex;
+        }
         return response;
-
     }
 }
diff --git a/...net-service/src/main/java/io/mosip/esignet/controllers/LinkedAuthorizationController.java b/...net-service/src/main/java/io/mosip/esignet/controllers/LinkedAuthorizationController.java
@@ -81,7 +81,8 @@ public ResponseWrapper<LinkTransactionResponse> linkTransaction(@Valid @RequestB
         try {
         	responseWrapper.setResponse(linkedAuthorizationService.linkTransaction(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkCode(), null), ex);
+            auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkCode(), "link-code", null), ex);
             throw ex;
         }        
         return responseWrapper;
@@ -95,7 +96,8 @@ public ResponseWrapper<LinkTransactionResponseV2> linkTransactionV2(@Valid @Requ
         try {
             responseWrapper.setResponse(linkedAuthorizationService.linkTransactionV2(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkCode(), null), ex);
+            auditWrapper.logAudit(Action.LINK_TRANSACTION, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkCode(), "link-code",null), ex);
             throw ex;
         }
         return responseWrapper;
@@ -124,7 +126,8 @@ public ResponseWrapper<LinkedKycAuthResponse> authenticate(@Valid @RequestBody R
         try {
         	responseWrapper.setResponse(linkedAuthorizationService.authenticateUser(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.LINK_AUTHENTICATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), null), ex);
+            auditWrapper.logAudit(Action.LINK_AUTHENTICATE, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), "linkTransactionId", null), ex);
             throw ex;
         }
         return responseWrapper;
@@ -138,7 +141,8 @@ public ResponseWrapper<LinkedKycAuthResponseV2> authenticateV2(@Valid @RequestBo
         try {
             responseWrapper.setResponse(linkedAuthorizationService.authenticateUserV2(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.LINK_AUTHENTICATE, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), null), ex);
+            auditWrapper.logAudit(Action.LINK_AUTHENTICATE, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), "linkTransactionId",null), ex);
             throw ex;
         }
         return responseWrapper;
@@ -152,7 +156,8 @@ public ResponseWrapper<LinkedConsentResponse> saveConsent(@Valid @RequestBody Re
         try {
         	responseWrapper.setResponse(linkedAuthorizationService.saveConsent(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.SAVE_CONSENT, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), null), ex);
+            auditWrapper.logAudit(Action.SAVE_CONSENT, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), "linkTransactionId",null), ex);
             throw ex;
         }
         return responseWrapper;
@@ -166,7 +171,8 @@ public ResponseWrapper<LinkedConsentResponse> saveConsentV2(@Valid @RequestBody
         try {
             responseWrapper.setResponse(linkedAuthorizationService.saveConsentV2(requestWrapper.getRequest()));
         } catch (EsignetException ex) {
-            auditWrapper.logAudit(Action.SAVE_CONSENT, ActionStatus.ERROR, AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), null), ex);
+            auditWrapper.logAudit(Action.SAVE_CONSENT, ActionStatus.ERROR,
+                    AuditHelper.buildAuditDto(requestWrapper.getRequest().getLinkedTransactionId(), "linkTransactionId",null), ex);
             throw ex;
         }
         return responseWrapper;

diff --git a/esignet-service/src/main/java/io/mosip/esignet/controllers/OAuthController.java b/esignet-service/src/main/java/io/mosip/esignet/controllers/OAuthController.java
@@ -60,7 +60,7 @@ public TokenResponse getToken(@RequestParam MultiValueMap<String,String> paramMa
         	return oAuthService.getTokens(tokenRequest,false);
         } catch (EsignetException ex) {
             auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR,
-                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()), null), ex);
+                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()), "codeHash", null), ex);
             throw ex;
         }               
     }
@@ -79,7 +79,7 @@ public TokenResponse getTokenV2(@RequestParam MultiValueMap<String,String> param
             return oAuthService.getTokens(tokenRequest,true);
         } catch (EsignetException ex) {
             auditWrapper.logAudit(Action.GENERATE_TOKEN, ActionStatus.ERROR,
-                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()), null), ex);
+                    AuditHelper.buildAuditDto(authorizationHelperService.getKeyHash(tokenRequest.getCode()),"codeHash", null), ex);
             throw ex;
         }
     }

diff --git a/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java b/esignet-service/src/test/java/io/mosip/esignet/controllers/KeyBindingControllerTest.java
@@ -10,6 +10,7 @@
 import com.nimbusds.jose.jwk.JWK;
 import io.mosip.esignet.TestUtil;
 import io.mosip.esignet.api.dto.AuthChallenge;
+import io.mosip.esignet.api.spi.AuditPlugin;
 import io.mosip.esignet.api.spi.Authenticator;
 import io.mosip.esignet.core.constants.ErrorConstants;
 import io.mosip.esignet.core.dto.Error;
@@ -74,6 +75,9 @@ public class KeyBindingControllerTest {
 	@MockBean
 	VCICacheService vciCacheService;
 
+	@MockBean
+	AuditPlugin auditPlugin;
+
 	@Test
 	public void sendBindingOtp_withValidRequest_thenPass() throws Exception {
 		BindingOtpRequest otpRequest = new BindingOtpRequest();

diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/OpenIdConnectServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/OpenIdConnectServiceImpl.java
@@ -67,7 +67,7 @@ public String getUserInfo(String accessToken) throws EsignetException {
 
         } catch (EsignetException ex) {
             auditWrapper.logAudit(Action.GET_USERINFO, ActionStatus.ERROR, AuditHelper.buildAuditDto(accessTokenHash,
-                    transaction), ex);
+                   "accessTokenHash", transaction), ex);
             throw ex;
         }
     }

diff --git a/vci-service-impl/src/main/java/io/mosip/esignet/vci/services/VCIssuanceServiceImpl.java b/vci-service-impl/src/main/java/io/mosip/esignet/vci/services/VCIssuanceServiceImpl.java
@@ -106,7 +106,7 @@ public CredentialResponse getCredential(CredentialRequest credentialRequest) {
                 proofValidator.getKeyMaterial(credentialRequest.getProof()));
 
         auditWrapper.logAudit(Action.VC_ISSUANCE, ActionStatus.SUCCESS,
-                AuditHelper.buildAuditDto(parsedAccessToken.getAccessTokenHash(), null), null);
+                AuditHelper.buildAuditDto(parsedAccessToken.getAccessTokenHash(), "accessTokenHash", null), null);
         return getCredentialResponse(credentialRequest.getFormat(), vcResult);
     }
 
@@ -151,7 +151,7 @@ private VCResult<?> getVerifiableCredential(CredentialRequest credentialRequest,
 
         log.error("Failed to generate VC : {}", vcResult);
         auditWrapper.logAudit(Action.VC_ISSUANCE, ActionStatus.ERROR,
-                AuditHelper.buildAuditDto(parsedAccessToken.getAccessTokenHash(), null), null);
+                AuditHelper.buildAuditDto(parsedAccessToken.getAccessTokenHash(), "accessTokenHash", null), null);
         throw new EsignetException(ErrorConstants.VC_ISSUANCE_FAILED);
     }