diff --git a/src/DDTrace/Integrations/Symfony/SymfonyIntegration.php b/src/DDTrace/Integrations/Symfony/SymfonyIntegration.php index c633513ec04..6bb6d3c5564 100644 --- a/src/DDTrace/Integrations/Symfony/SymfonyIntegration.php +++ b/src/DDTrace/Integrations/Symfony/SymfonyIntegration.php @@ -88,7 +88,7 @@ public function init(): int 'Doctrine\ORM\UnitOfWork', 'executeInserts', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_signup_event')) { + if (!function_exists('\datadog\appsec\track_user_signup_event_automated')) { return; } @@ -117,7 +117,7 @@ function ($This, $scope, $args) { $user = $userEntity->getUserIdentifier(); } - \datadog\appsec\track_user_signup_event($user, [], true); + \datadog\appsec\track_user_signup_event_automated($user, $user, []); } ); @@ -126,23 +126,26 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator', 'onAuthenticationSuccess', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_success_event')) { + if (!function_exists('\datadog\appsec\track_user_login_success_event_automated')) { return; } if (!isset($args[1])) { return; } + $token = $args[1]; $authClass = '\Symfony\Component\Security\Core\Authentication\Token\TokenInterface'; if (!$token || !($token instanceof $authClass)) { return; } + $metadata = []; + $user = \method_exists($token, 'getUsername') ? $token->getUsername() : ''; - \datadog\appsec\track_user_login_success_event( - \method_exists($token, 'getUsername') ? $token->getUsername() : '', + \datadog\appsec\track_user_login_success_event_automated( + $user, + $user, $metadata, - true ); } ); @@ -152,10 +155,10 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator', 'onAuthenticationFailure', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_failure_event')) { + if (!function_exists('\datadog\appsec\track_user_login_failure_event_automated')) { return; } - \datadog\appsec\track_user_login_failure_event(null, false, [], true); + \datadog\appsec\track_user_login_failure_event_automated(null, null, false, []); } ); @@ -164,10 +167,10 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener', 'onFailure', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_failure_event')) { + if (!function_exists('\datadog\appsec\track_user_login_failure_event_automated')) { return; } - \datadog\appsec\track_user_login_failure_event(null, false, [], true); + \datadog\appsec\track_user_login_failure_event_automated(null, null, false, []); } ); @@ -176,7 +179,7 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener', 'onSuccess', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_success_event')) { + if (!function_exists('\datadog\appsec\track_user_login_success_event_automated')) { return; } if (!isset($args[1])) { @@ -189,11 +192,12 @@ function ($This, $scope, $args) { } $metadata = []; + $user = \method_exists($token, 'getUsername') ? $token->getUsername() : ''; - \datadog\appsec\track_user_login_success_event( - \method_exists($token, 'getUsername') ? $token->getUsername() : '', + \datadog\appsec\track_user_login_success_event_automated( + $user, + $user, $metadata, - true ); } ); @@ -203,10 +207,10 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator', 'onAuthenticationFailure', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_failure_event')) { + if (!function_exists('\datadog\appsec\track_user_login_failure_event_automated')) { return; } - \datadog\appsec\track_user_login_failure_event(null, false, [], true); + \datadog\appsec\track_user_login_failure_event_automated(null, null, false, []); } ); @@ -215,7 +219,7 @@ function ($This, $scope, $args) { 'Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator', 'onAuthenticationSuccess', function ($This, $scope, $args) { - if (!function_exists('\datadog\appsec\track_user_login_success_event')) { + if (!function_exists('\datadog\appsec\track_user_login_success_event_automated')) { return; } if (!isset($args[1])) { @@ -226,17 +230,20 @@ function ($This, $scope, $args) { if (!$token || !($token instanceof $authClass)) { return; } - $metadata = []; $user = \method_exists($token, 'getUser') ? $token->getUser() : null; $userClass = '\Symfony\Component\Security\Core\User\UserInterface'; if (!$user || !($user instanceof $userClass)) { return; } - \datadog\appsec\track_user_login_success_event( - \method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : '', + + $metadata = []; + $userIdentifier = \method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : ''; + + \datadog\appsec\track_user_login_success_event_automated( + $userIdentifier, + $userIdentifier, $metadata, - true ); } ); @@ -258,7 +265,8 @@ function ($This, $scope, $args) { $commandName = $this->getName(); - if (\dd_trace_env_config('DD_TRACE_REMOVE_ROOT_SPAN_SYMFONY_MESSENGER') + if ( + \dd_trace_env_config('DD_TRACE_REMOVE_ROOT_SPAN_SYMFONY_MESSENGER') && $commandName === 'messenger:consume' ) { \DDTrace\set_priority_sampling(DD_TRACE_PRIORITY_SAMPLING_AUTO_REJECT); @@ -392,9 +400,11 @@ function (SpanData $span, $args, $response) use ($integration) { } $parameters = $request->get('_route_params'); - if (!empty($parameters) && + if ( + !empty($parameters) && is_array($parameters) && - function_exists('\datadog\appsec\push_address')) { + function_exists('\datadog\appsec\push_address') + ) { \datadog\appsec\push_address("server.request.path_params", $parameters); } diff --git a/tests/Integrations/Symfony/AutomatedLoginEventsTestSuite.php b/tests/Integrations/Symfony/AutomatedLoginEventsTestSuite.php index e413f909534..b5b2f3baf20 100644 --- a/tests/Integrations/Symfony/AutomatedLoginEventsTestSuite.php +++ b/tests/Integrations/Symfony/AutomatedLoginEventsTestSuite.php @@ -44,9 +44,9 @@ public function testUserLoginSuccessEvent() $events = AppsecStatus::getInstance()->getEvents(['track_user_login_success_event']); $this->assertEquals(1, count($events)); + $this->assertEquals($email, $events[0]['userLogin']); $this->assertEquals($email, $events[0]['userId']); $this->assertEmpty($events[0]['metadata']); - $this->assertTrue($events[0]['automated']); } public function testUserLoginFailureEvent() @@ -61,9 +61,9 @@ public function testUserLoginFailureEvent() $events = AppsecStatus::getInstance()->getEvents(['track_user_login_failure_event']); $this->assertEquals(1, count($events)); + $this->assertEmpty($events[0]['userLogin']); $this->assertEmpty($events[0]['userId']); $this->assertEmpty($events[0]['metadata']); - $this->assertTrue($events[0]['automated']); } public function getSignUpPayload($email, $password) { @@ -72,21 +72,22 @@ public function getSignUpPayload($email, $password) { public function testUserSignUp() { - $email = 'test-user@email.com'; - $password = 'some password'; - $spec = PostSpec::create('Signup', '/register', [ - 'Content-Type: application/x-www-form-urlencoded' - ], $this->getSignUpPayload($email, $password)); + $email = 'test-user@email.com'; + $password = 'some password'; + $spec = PostSpec::create('Signup', '/register', [ + 'Content-Type: application/x-www-form-urlencoded' + ], $this->getSignUpPayload($email, $password)); - $this->call($spec, [ CURLOPT_FOLLOWLOCATION => false ]); + $this->call($spec, [ CURLOPT_FOLLOWLOCATION => false ]); - $users = $this->getUser($email); + $users = $this->getUser($email); $this->assertEquals(1, count($users)); $signUpEvent = AppsecStatus::getInstance()->getEvents(['track_user_signup_event']); - $this->assertTrue($signUpEvent[0]['automated']); + $this->assertEquals($email, $signUpEvent[0]['userLogin']); $this->assertEquals($email, $signUpEvent[0]['userId']); + $this->assertEmpty($signUpEvent[0]['metadata']); } }