BB2-3345: Added DATA-END-USER header logging and test. (#1244)

* Added DATA-END-USER header logging and test.

* Changed header name

Author: loganbertram

apps/logging/request_logger.py

@@ -132,11 +132,15 @@ def extract_request_data(self, request):
             self.standard_log_data["auth_pkce_method"] = request.session["auth_pkce_method"]
         except Exception:
             self.standard_log_data["auth_pkce_method"] = None
-
         try:
             self.standard_log_data["auth_language"] = request.session["auth_language"]
         except Exception:
             pass
+        try:
+            request_headers = getattr(request, "headers")
+            self.standard_log_data["data_facilitator_end_user"] = request_headers["data_facilitator_end_user"]
+        except Exception:
+            pass
 
         self.standard_log_data.update(get_session_auth_flow_trace(request))
 

apps/logging/tests/test_audit_loggers.py

@@ -532,6 +532,46 @@ def _request_logger_app_not_exist(self, v2=False):
         self.assertEqual(json_rec.get("req_app_name"), "")
         self.assertEqual(json_rec.get("req_app_id"), "")
 
+    def test_request_logger_data_facilitator_end_user(self):
+        self._request_logger_data_facilitator_end_user(False)
+
+    def test_request_logger_data_facilitator_end_user_v2(self):
+        self._request_logger_data_facilitator_end_user(True)
+
+    def _request_logger_data_facilitator_end_user(self, v2=False):
+        redirect_uri = "http://localhost"
+        self._create_user("anna", "123456")
+        capability_a = self._create_capability("Capability A", [])
+        capability_b = self._create_capability("Capability B", [])
+        application = self._create_application(
+            "an app",
+            grant_type=Application.GRANT_AUTHORIZATION_CODE,
+            redirect_uris=redirect_uri,
+        )
+
+        application.scope.add(capability_a, capability_b)
+        api_ver = "v1" if not v2 else "v2"
+
+        request = HttpRequest()
+        self.client.login(request=request, username="anna", password="123456")
+
+        payload = {
+            "client_id": application.id,
+            "response_type": "code",
+            "redirect_uri": redirect_uri,
+        }
+
+        headers = {"DATA-END-USER": "End User App"}
+
+        response = self.client.get("/{}/o/authorize/".format(api_ver), data=payload, headers=headers)
+
+        self.assertNotEqual(response.status_code, 500)
+        # assert request logger record exist and app name, app id has expected value ""
+        request_log_content = get_log_content(self.logger_registry, logging.AUDIT_HHS_AUTH_SERVER_REQ_LOGGER)
+        self.assertIsNotNone(request_log_content)
+        json_rec = json.loads(request_log_content)
+        self.assertEqual(json_rec.get("data_facilitator_end_user"), "End User App")
+
     def test_auth_flow_lang_logger(self, v2=False):
         # copy and adapted to test auth flow logger
         redirect_uri = "http://localhost"

hhs_oauth_server/request_logging.py

@@ -114,6 +114,7 @@ class RequestResponseLog(object):
         - user_id = Login user (or None) or OAuth2 API id. (BB2-342)
         - user = Login user (or None) or OAuth2 API username.
         - user_username = Login user (or None) or OAuth2 API username. (BB2-342)
+        - data_facilitator_end_user = End user for data facilitator app. (BB2-3345)
     """
 
     request = None
@@ -245,6 +246,9 @@ def to_dict(self):
             self._log_msg_update_from_dict(
                 request_headers, "req_header_bluebutton_app_version", "X-BLUEBUTTON-APP-VERSION"
             )
+            self._log_msg_update_from_dict(
+                request_headers, "data_facilitator_end_user", "DATA-END-USER"
+            )
 
         """
         --- Logging items from request.body ---