apache
diff --git a/‎core/metrics-starter/pom.xml‎
Lines changed: 68 additions & 0 deletions b/‎core/metrics-starter/pom.xml‎
Lines changed: 68 additions & 0 deletions
diff --git a/‎core/metrics-starter/src/main/java/org/apache/syncope/core/provisioning/java/propagation/InstrumentedPriorityPropagationTaskExecutor.java‎
Lines changed: 85 additions & 0 deletions b/‎core/metrics-starter/src/main/java/org/apache/syncope/core/provisioning/java/propagation/InstrumentedPriorityPropagationTaskExecutor.java‎
Lines changed: 85 additions & 0 deletions
diff --git a/‎core/metrics-starter/src/main/java/org/apache/syncope/core/spring/security/InstrumentedAuthDataAccessor.java‎
Lines changed: 171 additions & 0 deletions b/‎core/metrics-starter/src/main/java/org/apache/syncope/core/spring/security/InstrumentedAuthDataAccessor.java‎
Lines changed: 171 additions & 0 deletions
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.apache.syncope</groupId>
+    <artifactId>syncope-core</artifactId>
+    <version>4.1.0-SNAPSHOT</version>
+  </parent>
+
+  <name>Apache Syncope Core Spring Boot Metrics</name>
+  <description>Apache Syncope Core Spring Boot Metrics</description>
+  <groupId>org.apache.syncope.core</groupId>
+  <artifactId>syncope-core-metrics-starter</artifactId>
+  <packaging>jar</packaging>
+  
+  <properties>
+    <rootpom.basedir>${basedir}/../..</rootpom.basedir>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.apache.syncope.core</groupId>
+      <artifactId>syncope-core-starter</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+
+    <dependency>
+      <groupId>io.micrometer</groupId>
+      <artifactId>micrometer-core</artifactId>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-checkstyle-plugin</artifactId>
+      </plugin>
+    </plugins>
+
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+        <filtering>true</filtering>
+      </resource>
+    </resources>
+  </build>
+</project>
@@ -0,0 +1,85 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.provisioning.java.propagation;
+
+import io.micrometer.core.instrument.Counter;
+import io.micrometer.core.instrument.MeterRegistry;
+import java.util.Collection;
+import org.apache.syncope.core.persistence.api.attrvalue.PlainAttrValidationManager;
+import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
+import org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO;
+import org.apache.syncope.core.persistence.api.dao.TaskDAO;
+import org.apache.syncope.core.persistence.api.entity.AnyUtilsFactory;
+import org.apache.syncope.core.persistence.api.entity.task.TaskUtilsFactory;
+import org.apache.syncope.core.provisioning.api.AuditManager;
+import org.apache.syncope.core.provisioning.api.ConnectorManager;
+import org.apache.syncope.core.provisioning.api.data.TaskDataBinder;
+import org.apache.syncope.core.provisioning.api.notification.NotificationManager;
+import org.apache.syncope.core.provisioning.api.propagation.PropagationReporter;
+import org.apache.syncope.core.provisioning.api.propagation.PropagationTaskInfo;
+import org.apache.syncope.core.provisioning.java.pushpull.OutboundMatcher;
+import org.apache.syncope.core.provisioning.java.utils.ConnObjectUtils;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.core.task.AsyncTaskExecutor;
+
+public class InstrumentedPriorityPropagationTaskExecutor extends PriorityPropagationTaskExecutor {
+
+    protected final MeterRegistry meterRegistry;
+
+    public InstrumentedPriorityPropagationTaskExecutor(
+            final ConnectorManager connectorManager,
+            final ConnObjectUtils connObjectUtils,
+            final TaskDAO taskDAO,
+            final ExternalResourceDAO resourceDAO,
+            final PlainSchemaDAO plainSchemaDAO,
+            final NotificationManager notificationManager,
+            final AuditManager auditManager,
+            final TaskDataBinder taskDataBinder,
+            final AnyUtilsFactory anyUtilsFactory,
+            final TaskUtilsFactory taskUtilsFactory,
+            final OutboundMatcher outboundMatcher,
+            final PlainAttrValidationManager validator,
+            final ApplicationEventPublisher publisher,
+            final AsyncTaskExecutor taskExecutor,
+            final MeterRegistry meterRegistry) {
+
+        super(connectorManager, connObjectUtils, taskDAO, resourceDAO, plainSchemaDAO, notificationManager,
+                auditManager, taskDataBinder, anyUtilsFactory, taskUtilsFactory, outboundMatcher, validator, publisher,
+                taskExecutor);
+        this.meterRegistry = meterRegistry;
+    }
+
+    @Override
+    public PropagationReporter execute(
+            final Collection<PropagationTaskInfo> taskInfos,
+            final boolean nullPriorityAsync,
+            final String executor) {
+
+        PropagationReporter reporter = super.execute(taskInfos, nullPriorityAsync, executor);
+
+        reporter.getStatuses().forEach(status -> Counter.builder(
+                "syncope.propagation." + status.getStatus().name().toLowerCase() + ".count").
+                description("The total number of propagations with status " + status.getStatus().name()).
+                tag("resource", status.getResource()).
+                register(meterRegistry).
+                increment());
+
+        return reporter;
+    }
+}
@@ -0,0 +1,171 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.spring.security;
+
+import io.micrometer.core.instrument.Counter;
+import io.micrometer.core.instrument.MeterRegistry;
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+import java.util.function.Function;
+import org.apache.commons.lang3.tuple.Pair;
+import org.apache.commons.lang3.tuple.Triple;
+import org.apache.syncope.common.keymaster.client.api.ConfParamOps;
+import org.apache.syncope.core.persistence.api.EncryptorManager;
+import org.apache.syncope.core.persistence.api.dao.AccessTokenDAO;
+import org.apache.syncope.core.persistence.api.dao.AnySearchDAO;
+import org.apache.syncope.core.persistence.api.dao.DelegationDAO;
+import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
+import org.apache.syncope.core.persistence.api.dao.GroupDAO;
+import org.apache.syncope.core.persistence.api.dao.RealmSearchDAO;
+import org.apache.syncope.core.persistence.api.dao.RoleDAO;
+import org.apache.syncope.core.persistence.api.dao.UserDAO;
+import org.apache.syncope.core.persistence.api.entity.user.User;
+import org.apache.syncope.core.provisioning.api.AuditManager;
+import org.apache.syncope.core.provisioning.api.ConnectorManager;
+import org.apache.syncope.core.provisioning.api.MappingManager;
+import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
+import org.springframework.security.authentication.DisabledException;
+import org.springframework.security.core.Authentication;
+
+public class InstrumentedAuthDataAccessor extends AuthDataAccessor {
+
+    protected static final String SUCCESS_TYPE = ".success";
+
+    protected static final String FAILURE_TYPE = ".failure";
+
+    protected static final String MUST_CHANGE_PASSWORD_TYPE = ".failure";
+
+    protected static final String NOT_FOUND_TYPE = ".notfound";
+
+    protected static final String DISABLED_TYPE = ".disabled";
+
+    protected static final Function<String, String> USERNAME = suffix -> "syncope.auth.username" + suffix + ".count";
+
+    protected static final Function<String, String> JWT = suffix -> "syncope.auth.jwt" + suffix + ".count";
+
+    protected static final Function<String, String> SUCCESS_DESC =
+            type -> "The total number of succeeded " + type + " logins";
+
+    protected static final Function<String, String> FAILURE_DESC =
+            type -> "The total number of failed " + type + " logins";
+
+    protected static final Function<String, String> MUST_CHANGE_PASSWORD_DESC =
+            type -> "The total number of mustChangePassword users attempting to perform " + type + " login";
+
+    protected static final Function<String, String> NOT_FOUND_DESC =
+            type -> "The total number of not found users attempting to perform " + type + " login";
+
+    protected static final Function<String, String> DISABLED_DESC =
+            type -> "The total number of disabled users attempting to perform " + type + " login";
+
+    protected final MeterRegistry meterRegistry;
+
+    public InstrumentedAuthDataAccessor(
+            final SecurityProperties securityProperties,
+            final EncryptorManager encryptorManager,
+            final RealmSearchDAO realmSearchDAO,
+            final UserDAO userDAO,
+            final GroupDAO groupDAO,
+            final AnySearchDAO anySearchDAO,
+            final AccessTokenDAO accessTokenDAO,
+            final ConfParamOps confParamOps,
+            final RoleDAO roleDAO,
+            final DelegationDAO delegationDAO,
+            final ExternalResourceDAO resourceDAO,
+            final ConnectorManager connectorManager,
+            final AuditManager auditManager,
+            final MappingManager mappingManager,
+            final List<JWTSSOProvider> jwtSSOProviders,
+            final MeterRegistry meterRegistry) {
+
+        super(securityProperties, encryptorManager, realmSearchDAO, userDAO, groupDAO, anySearchDAO, accessTokenDAO,
+                confParamOps, roleDAO, delegationDAO, resourceDAO, connectorManager, auditManager, mappingManager,
+                jwtSSOProviders);
+        this.meterRegistry = meterRegistry;
+    }
+
+    @Override
+    public Triple<User, Boolean, String> authenticate(final String domain, final Authentication authentication) {
+        try {
+            Triple<User, Boolean, String> auth = super.authenticate(domain, authentication);
+
+            Optional.ofNullable(auth.getLeft()).ifPresentOrElse(
+                    user -> {
+                        Counter.builder(auth.getMiddle() ? USERNAME.apply(SUCCESS_TYPE) : USERNAME.apply(FAILURE_TYPE)).
+                                description(auth.getMiddle()
+                                        ? SUCCESS_DESC.apply("username") : FAILURE_DESC.apply("username")).
+                                tag("realm", user.getRealm().getFullPath()).
+                                register(meterRegistry).
+                                increment();
+                        if (user.isMustChangePassword()) {
+                            Counter.builder(USERNAME.apply(MUST_CHANGE_PASSWORD_TYPE)).
+                                    description(MUST_CHANGE_PASSWORD_DESC.apply("username")).
+                                    register(meterRegistry).
+                                    increment();
+                        }
+                    },
+                    () -> Counter.builder(USERNAME.apply(NOT_FOUND_TYPE)).
+                            description(NOT_FOUND_DESC.apply("username")).
+                            register(meterRegistry).
+                            increment());
+
+            return auth;
+        } catch (DisabledException e) {
+            Counter.builder(USERNAME.apply(DISABLED_TYPE)).
+                    description(DISABLED_DESC.apply("JWT")).
+                    register(meterRegistry).
+                    increment();
+            throw e;
+        }
+    }
+
+    @Override
+    public Pair<String, Set<SyncopeGrantedAuthority>> authenticate(final JWTAuthentication authentication) {
+        try {
+            Pair<String, Set<SyncopeGrantedAuthority>> auth = super.authenticate(authentication);
+
+            if (MUST_CHANGE_PASSWORD_AUTHORITIES.equals(auth.getRight())) {
+                Counter.builder(JWT.apply(MUST_CHANGE_PASSWORD_TYPE)).
+                        description(MUST_CHANGE_PASSWORD_DESC.apply("JWT")).
+                        register(meterRegistry).
+                        increment();
+            } else {
+                Counter.builder(JWT.apply(SUCCESS_TYPE)).
+                        description(SUCCESS_DESC.apply("JWT")).
+                        register(meterRegistry).
+                        increment();
+            }
+
+            return auth;
+        } catch (AuthenticationCredentialsNotFoundException e) {
+            Counter.builder(JWT.apply(NOT_FOUND_TYPE)).
+                    description(NOT_FOUND_DESC.apply("JWT")).
+                    register(meterRegistry).
+                    increment();
+            throw e;
+        } catch (DisabledException e) {
+            Counter.builder(JWT.apply(DISABLED_TYPE)).
+                    description(DISABLED_DESC.apply("JWT")).
+                    register(meterRegistry).
+                    increment();
+            throw e;
+        }
+    }
+}