authserver
/
stats
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
7 Commits
1 Branch
3 Tags
175 KiB
Tag: Branch: Tree: 85e202506a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '85e202506a'
${ noResults }
stats/EventListener/AuthenticationStatsListener...

120 lines
4.1 KiB
Raw Normal View History Unescape

Add logging of authentication successes and failures
7 years ago
<?php
/**
* Authserver, an OAuth2-based single-signon authentication provider written in PHP.
*
* Copyright (C) 2017 Lars Vierbergen
*
* his program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace vierbergenlars\AuthserverStatsBundle\EventListener;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use vierbergenlars\AuthserverStatsBundle\Event\StatsEvent;
use Symfony\Bridge\Doctrine\RegistryInterface;
use Symfony\Component\Security\Core\AuthenticationEvents;
use Symfony\Component\Security\Core\Event\AuthenticationEvent;
use vierbergenlars\AuthserverStatsBundle\Entity\AuthenticationEntry;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
class AuthenticationStatsListener implements EventSubscriberInterface
{
/**
*
* @var RegistryInterface
*/
private $registry;
/**
*
* @var RequestStack
*/
private $requestStack;
public static function getSubscribedEvents()
{
return [
StatsEvent::class => [
[
'getAuthStats',
-1
]
],
AuthenticationEvents::AUTHENTICATION_SUCCESS => [
'onAuthSuccess'
],
AuthenticationEvents::AUTHENTICATION_FAILURE => [
'onAuthFailure'
]
];
}
public function __construct(RegistryInterface $registry, RequestStack $requestStack)
{
$this->registry = $registry;
$this->requestStack = $requestStack;
}
public function onAuthSuccess(AuthenticationEvent $event)
{
if ($event->getAuthenticationToken() instanceof AnonymousToken)
return;
$authSuccess = new AuthenticationEntry($this->requestStack->getMasterRequest()->getClientIp(), true);
$em = $this->registry->getManagerForClass(AuthenticationEntry::class);
$em->persist($authSuccess);
$em->flush($authSuccess);
}
public function onAuthFailure(AuthenticationFailureEvent $event)
{
$authFailure = new AuthenticationEntry($this->requestStack->getMasterRequest()->getClientIp(), false);
$em = $this->registry->getManagerForClass(AuthenticationEntry::class);
$em->persist($authFailure);
$em->flush($authFailure);
}
public function getAuthStats(StatsEvent $event)
{
if (!$event->isEnabled('login'))
return;
$event->setMuninConfig('login', $event->getMuninConfig('login') + [
'auth_succ.label' => 'Authentication passes',
'auth_succ.type' => 'COUNTER',
'auth_fail.label' => 'Authentication failures',
'auth_fail.type' => 'COUNTER'
]);
$queryBuilder = $this->registry->getRepository(AuthenticationEntry::class)->createQueryBuilder('e');
/* @var $queryBuilder \Doctrine\ORM\QueryBuilder */
$queryBuilder->select('count(e)', 'e.success')->groupBy('e.success');
$rawStats = $queryBuilder->getQuery()->getArrayResult();
$stats = [
'login.auth_succ' => 0,
'login.auth_fail' => 0
];
foreach ($rawStats as $rawStat) {
if ($rawStat['success']) {
$stats['login.auth_succ'] += $rawStat['1'];
} else {
$stats['login.auth_fail'] += $rawStat['1'];
}
}
$event->addStatistics($stats);
}
}