diff --git a/internal/api/acl.go b/internal/api/acl.go index b3b6870..222bc17 100644 --- a/internal/api/acl.go +++ b/internal/api/acl.go @@ -42,6 +42,7 @@ func (a API) ACLv1(c *fiber.Ctx) error { zap.String("username", request.Username), zap.String("password", request.Password), ) + authenticator.IncrementWithErrorAuthCounter("unknown_company_before_parse_body", err) return c.Status(http.StatusBadRequest).SendString("bad request") } @@ -66,6 +67,8 @@ func (a API) ACLv1(c *fiber.Ctx) error { span.RecordError(err) } + authenticator.IncrementWithErrorAuthCounter(vendor, err) + var tnaErr authenticator.TopicNotAllowedError if errors.As(err, &tnaErr) { @@ -102,6 +105,7 @@ func (a API) ACLv1(c *fiber.Ctx) error { zap.String("password", request.Password), zap.String("authenticator", auth.GetCompany()), ) + authenticator.IncrementWithErrorAuthCounter(vendor, err) return c.Status(http.StatusOK).SendString("ok") } @@ -133,6 +137,7 @@ func (a API) ACLv2(c *fiber.Ctx) error { zap.String("username", request.Username), zap.String("password", request.Password), ) + authenticator.IncrementWithErrorAuthCounter("unknown_company_before_parse_body", err) return c.Status(http.StatusOK).JSON(ACLResponse{ Result: "deny", @@ -168,6 +173,8 @@ func (a API) ACLv2(c *fiber.Ctx) error { span.RecordError(err) } + authenticator.IncrementWithErrorAuthCounter(vendor, err) + var tnaErr authenticator.TopicNotAllowedError if errors.As(err, &tnaErr) { @@ -206,6 +213,7 @@ func (a API) ACLv2(c *fiber.Ctx) error { zap.String("password", request.Password), zap.String("authenticator", auth.GetCompany()), ) + authenticator.IncrementWithErrorAuthCounter(vendor, err) return c.Status(http.StatusOK).JSON(ACLResponse{ Result: "allow", diff --git a/internal/api/auth.go b/internal/api/auth.go index 34f6e1c..e5bdebe 100644 --- a/internal/api/auth.go +++ b/internal/api/auth.go @@ -6,9 +6,10 @@ import ( "github.com/gofiber/fiber/v2" "github.com/golang-jwt/jwt/v5" - "github.com/snapp-incubator/soteria/internal/authenticator" "go.opentelemetry.io/otel/attribute" "go.uber.org/zap" + + "github.com/snapp-incubator/soteria/internal/authenticator" ) // AuthRequest is the body payload structure of the auth endpoint. @@ -56,6 +57,7 @@ func (a API) Authv1(c *fiber.Ctx) error { err := auth.Auth(token) if err != nil { + authenticator.IncrementWithErrorAuthCounter(vendor, err) span.RecordError(err) if !errors.Is(err, jwt.ErrTokenExpired) { @@ -123,6 +125,7 @@ func (a API) Authv2(c *fiber.Ctx) error { err := auth.Auth(token) if err != nil { span.RecordError(err) + authenticator.IncrementWithErrorAuthCounter(vendor, err) if !errors.Is(err, jwt.ErrTokenExpired) { a.Logger.