External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 23:12:06 -03:30
Code Issues Packages Projects Releases Wiki Activity

Add information about sessions to the MDC

Browse Source 
Closes #41208

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz 2025-08-13 17:36:29 +05:30 committed by GitHub
parent 5b3b36e300
commit 96d2e041fc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 49 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
quarkus/config-api/src/main/java/org/keycloak/config/LoggingOptions.java
View File

@ -327,8 +327,8 @@ public class LoggingOptions {
public static final Option<List<String>> LOG_MDC_KEYS = OptionBuilder.listOptionBuilder("log-mdc-keys", String.class)
.category(OptionCategory.LOGGING)
.expectedValues(List.of("realm", "clientId", "userId", "ipAddress", "org"))
.defaultValue(List.of("realm", "org", "clientId"))
.expectedValues(List.of("realmName", "clientId", "userId", "ipAddress", "org", "sessionId", "authenticationSessionId", "authenticationTabId"))
.defaultValue(List.of("realmName", "clientId", "org", "sessionId", "authenticationSessionId", "authenticationTabId"))
.description("Defines which information should be added to the mapped diagnostic context as a comma-separated list.")
.build();

4
quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/LoggingDistTest.java vendored
View File

@ -266,12 +266,12 @@ public class LoggingDistTest {
}
@Test
@Launch({ "start-dev", "--features=log-mdc","--log-mdc-enabled=true", "--log-level=org.keycloak:debug" })
@Launch({ "start-dev", "--features=log-mdc","--log-mdc-enabled=true", "--log-level=org.keycloak.transaction:debug" })
void testLogMdcShowingInTheLogs(CLIResult cliResult) {
when().get("http://127.0.0.1:8080/realms/master/.well-known/openid-configuration").then()
.statusCode(200);
assertTrue(cliResult.getOutput().contains("{kc.realm=master} DEBUG [org.keycloak."));
assertThat(cliResult.getOutput(), containsString("{kc.realmName=master} DEBUG [org.keycloak."));
cliResult.assertStartedDevMode();
}

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testExportHelpAll.approved.txt vendored
View File

@ -311,9 +311,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testImportHelpAll.approved.txt vendored
View File

@ -311,9 +311,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.approved.txt vendored
View File

@ -542,9 +542,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.approved.txt vendored
View File

@ -543,9 +543,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartOptimizedHelpAll.approved.txt vendored
View File

@ -477,9 +477,10 @@ Logging:
debug, trace, all.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testUpdateCompatibilityCheckHelpAll.approved.txt vendored
View File

@ -542,9 +542,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

7
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testUpdateCompatibilityMetadataHelpAll.approved.txt vendored
View File

@ -540,9 +540,10 @@ Logging:
Default: false. Available only when log-mdc preview feature is enabled.
--log-mdc-keys <keys>
Defines which information should be added to the mapped diagnostic context as
a comma-separated list. Possible values are: realm, clientId, userId,
ipAddress, org. Default: realm,org,clientId. Available only when MDC logging
is enabled.
a comma-separated list. Possible values are: realmName, clientId, userId,
ipAddress, org, sessionId, authenticationSessionId, authenticationTabId.
Default: realmName,clientId,org,sessionId,authenticationSessionId,
authenticationTabId. Available only when MDC logging is enabled.
--log-syslog-app-name <name>
Set the app name used when formatting the message in RFC5424 format. Default:
keycloak. Available only when Syslog is activated.

22
services/src/main/java/org/keycloak/services/logging/DefaultMappedDiagnosticContextProviderFactory.java
View File

@ -34,11 +34,14 @@ import java.util.stream.Stream;
*/
public class DefaultMappedDiagnosticContextProviderFactory implements MappedDiagnosticContextProviderFactory, MappedDiagnosticContextProvider, EnvironmentDependentProviderFactory {
public static final String MDC_KEY_REALM = MDC_PREFIX + "realm";
public static final String MDC_KEY_REALM_NAME = MDC_PREFIX + "realmName";
public static final String MDC_KEY_CLIENT_ID = MDC_PREFIX + "clientId";
public static final String MDC_KEY_USER_ID = MDC_PREFIX + "userId";
public static final String MDC_KEY_IP_ADDRESS = MDC_PREFIX + "ipAddress";
public static final String MDC_KEY_ORGANIZATION = MDC_PREFIX + "org";
public static final String MDC_KEY_SESSION_ID = MDC_PREFIX + "sessionId";
public static final String MDC_KEY_AUTHENTICATION_SESSION_ID = MDC_PREFIX + "authenticationSessionId";
public static final String MDC_KEY_AUTHENTICATION_TAB_ID = MDC_PREFIX + "authenticationTabId";
public static final String MDC_KEYS = "mdcKeys";
private Set<String> mdcKeys;
@ -78,7 +81,8 @@ public class DefaultMappedDiagnosticContextProviderFactory implements MappedDiag
.name(MDC_KEYS)
.type("string")
.helpText("Comma-separated list of MDC keys to add to the Mapped Diagnostic Context.")
.options(Stream.of(MDC_KEY_REALM, MDC_KEY_CLIENT_ID, MDC_KEY_USER_ID, MDC_KEY_IP_ADDRESS, MDC_KEY_ORGANIZATION).map(s -> s.substring(MDC_PREFIX.length())).collect(Collectors.toList()))
.options(Stream.of(MDC_KEY_REALM_NAME, MDC_KEY_CLIENT_ID, MDC_KEY_USER_ID, MDC_KEY_IP_ADDRESS, MDC_KEY_ORGANIZATION, MDC_KEY_SESSION_ID, MDC_KEY_AUTHENTICATION_SESSION_ID, MDC_KEY_AUTHENTICATION_TAB_ID)
.map(s -> s.substring(MDC_PREFIX.length())).collect(Collectors.toList()))
.add();
return builder.build();
@ -91,13 +95,18 @@ public class DefaultMappedDiagnosticContextProviderFactory implements MappedDiag
@Override
public void update(KeycloakContext keycloakContext, AuthenticationSessionModel session) {
// nothing of interest here
if (mdcKeys.contains(MDC_KEY_AUTHENTICATION_SESSION_ID)) {
putMdc(MDC_KEY_AUTHENTICATION_SESSION_ID, session != null ? (session.getParentSession() != null ? session.getParentSession().getId() : null) : null);
}
if (mdcKeys.contains(MDC_KEY_AUTHENTICATION_TAB_ID)) {
putMdc(MDC_KEY_AUTHENTICATION_TAB_ID, session != null ? session.getTabId() : null);
}
}
@Override
public void update(KeycloakContext keycloakContext, RealmModel realm) {
if (mdcKeys.contains(MDC_KEY_REALM)) {
putMdc(MDC_KEY_REALM, realm != null ? realm.getName() : null);
if (mdcKeys.contains(MDC_KEY_REALM_NAME)) {
putMdc(MDC_KEY_REALM_NAME, realm != null ? realm.getName() : null);
}
}
@ -120,6 +129,9 @@ public class DefaultMappedDiagnosticContextProviderFactory implements MappedDiag
if (mdcKeys.contains(MDC_KEY_USER_ID)) {
putMdc(MDC_KEY_USER_ID, userSession != null && userSession.getUser() != null ? userSession.getUser().getId() : null);
}
if (mdcKeys.contains(MDC_KEY_SESSION_ID)) {
putMdc(MDC_KEY_SESSION_ID, userSession != null ? userSession.getId() : null);
}
if (mdcKeys.contains(MDC_KEY_IP_ADDRESS)) {
putMdc(MDC_KEY_IP_ADDRESS, userSession != null ? userSession.getIpAddress() : null);
}