feat(audit_trail): add authentication events in public API (#2374)

Co-authored-by: Rémy Léone <[email protected]>

Author: scaleway-bot

packages_generated/audit_trail/src/v1alpha1/api.gen.ts

@@ -9,10 +9,13 @@ import {
   validatePathParam,
 } from '@scaleway/sdk-client'
 import {
+  unmarshalListAuthenticationEventsResponse,
   unmarshalListEventsResponse,
   unmarshalListProductsResponse,
 } from './marshalling.gen'
 import type {
+  ListAuthenticationEventsRequest,
+  ListAuthenticationEventsResponse,
   ListEventsRequest,
   ListEventsResponse,
   ListProductsRequest,
@@ -70,6 +73,38 @@ export class API extends ParentAPI {
       unmarshalListEventsResponse,
     )
 
+  /**
+   * List authentication events. Retrieve the list of Audit Trail authentication events for a Scaleway Organization. You must specify the `organization_id`.
+   *
+   * @param request - The request {@link ListAuthenticationEventsRequest}
+   * @returns A Promise of ListAuthenticationEventsResponse
+   */
+  listAuthenticationEvents = (
+    request: Readonly<ListAuthenticationEventsRequest> = {},
+  ) =>
+    this.client.fetch<ListAuthenticationEventsResponse>(
+      {
+        method: 'GET',
+        path: `/audit-trail/v1alpha1/regions/${validatePathParam('region', request.region ?? this.client.settings.defaultRegion)}/authentication-events`,
+        urlParams: urlParams(
+          ['order_by', request.orderBy],
+          [
+            'organization_id',
+            request.organizationId ??
+              this.client.settings.defaultOrganizationId,
+          ],
+          [
+            'page_size',
+            request.pageSize ?? this.client.settings.defaultPageSize,
+          ],
+          ['page_token', request.pageToken],
+          ['recorded_after', request.recordedAfter],
+          ['recorded_before', request.recordedBefore],
+        ),
+      },
+      unmarshalListAuthenticationEventsResponse,
+    )
+
   /**
    * Retrieve the list of Scaleway resources for which you have Audit Trail events.
    *

packages_generated/audit_trail/src/v1alpha1/index.gen.ts

@@ -7,6 +7,12 @@ export type {
   AccountProjectInfo,
   AccountUserInfo,
   AppleSiliconServerInfo,
+  AuthenticationEvent,
+  AuthenticationEventFailureReason,
+  AuthenticationEventMethod,
+  AuthenticationEventMFAType,
+  AuthenticationEventOrigin,
+  AuthenticationEventResult,
   BaremetalServerInfo,
   BaremetalSettingInfo,
   Event,
@@ -19,6 +25,9 @@ export type {
   KubernetesClusterInfo,
   KubernetesNodeInfo,
   KubernetesPoolInfo,
+  ListAuthenticationEventsRequest,
+  ListAuthenticationEventsRequestOrderBy,
+  ListAuthenticationEventsResponse,
   ListEventsRequest,
   ListEventsRequestOrderBy,
   ListEventsResponse,

packages_generated/audit_trail/src/v1alpha1/marshalling.gen.ts

@@ -10,6 +10,7 @@ import type {
   AccountProjectInfo,
   AccountUserInfo,
   AppleSiliconServerInfo,
+  AuthenticationEvent,
   BaremetalServerInfo,
   BaremetalSettingInfo,
   Event,
@@ -22,6 +23,7 @@ import type {
   KubernetesClusterInfo,
   KubernetesNodeInfo,
   KubernetesPoolInfo,
+  ListAuthenticationEventsResponse,
   ListEventsResponse,
   ListProductsResponse,
   LoadBalancerAclInfo,
@@ -323,30 +325,6 @@ const unmarshalSecretManagerSecretVersionInfo = (
   } as SecretManagerSecretVersionInfo
 }
 
-const unmarshalEventPrincipal = (data: unknown): EventPrincipal => {
-  if (!isJSONObject(data)) {
-    throw new TypeError(
-      `Unmarshalling the type 'EventPrincipal' failed as data isn't a dictionary.`,
-    )
-  }
-
-  return {
-    id: data.id,
-  } as EventPrincipal
-}
-
-const unmarshalEventSystem = (data: unknown): EventSystem => {
-  if (!isJSONObject(data)) {
-    throw new TypeError(
-      `Unmarshalling the type 'EventSystem' failed as data isn't a dictionary.`,
-    )
-  }
-
-  return {
-    name: data.name,
-  } as EventSystem
-}
-
 export const unmarshalResource = (data: unknown): Resource => {
   if (!isJSONObject(data)) {
     throw new TypeError(
@@ -443,6 +421,68 @@ export const unmarshalResource = (data: unknown): Resource => {
   } as Resource
 }
 
+const unmarshalAuthenticationEvent = (data: unknown): AuthenticationEvent => {
+  if (!isJSONObject(data)) {
+    throw new TypeError(
+      `Unmarshalling the type 'AuthenticationEvent' failed as data isn't a dictionary.`,
+    )
+  }
+
+  return {
+    countryCode: data.country_code ? data.country_code : undefined,
+    failureReason: data.failure_reason ? data.failure_reason : undefined,
+    id: data.id,
+    method: data.method,
+    mfaType: data.mfa_type ? data.mfa_type : undefined,
+    organizationId: data.organization_id,
+    origin: data.origin,
+    recordedAt: unmarshalDate(data.recorded_at),
+    resources: unmarshalArrayOfObject(data.resources, unmarshalResource),
+    result: data.result,
+    sourceIp: data.source_ip,
+    userAgent: data.user_agent,
+  } as AuthenticationEvent
+}
+
+export const unmarshalListAuthenticationEventsResponse = (
+  data: unknown,
+): ListAuthenticationEventsResponse => {
+  if (!isJSONObject(data)) {
+    throw new TypeError(
+      `Unmarshalling the type 'ListAuthenticationEventsResponse' failed as data isn't a dictionary.`,
+    )
+  }
+
+  return {
+    events: unmarshalArrayOfObject(data.events, unmarshalAuthenticationEvent),
+    nextPageToken: data.next_page_token,
+  } as ListAuthenticationEventsResponse
+}
+
+const unmarshalEventPrincipal = (data: unknown): EventPrincipal => {
+  if (!isJSONObject(data)) {
+    throw new TypeError(
+      `Unmarshalling the type 'EventPrincipal' failed as data isn't a dictionary.`,
+    )
+  }
+
+  return {
+    id: data.id,
+  } as EventPrincipal
+}
+
+const unmarshalEventSystem = (data: unknown): EventSystem => {
+  if (!isJSONObject(data)) {
+    throw new TypeError(
+      `Unmarshalling the type 'EventSystem' failed as data isn't a dictionary.`,
+    )
+  }
+
+  return {
+    name: data.name,
+  } as EventSystem
+}
+
 export const unmarshalEvent = (data: unknown): Event => {
   if (!isJSONObject(data)) {
     throw new TypeError(

packages_generated/audit_trail/src/v1alpha1/types.gen.ts

@@ -1,6 +1,32 @@
 // This file was automatically generated. DO NOT EDIT.
 // If you have any remark or suggestion do not hesitate to open an issue.
 import type { Region as ScwRegion } from '@scaleway/sdk-client'
+import type { CountryCode as StdCountryCode } from '@scaleway/sdk-std'
+
+export type AuthenticationEventFailureReason =
+  | 'unknown_failure_reason'
+  | 'invalid_mfa'
+  | 'invalid_password'
+
+export type AuthenticationEventMFAType = 'unknown_mfa_type' | 'totp'
+
+export type AuthenticationEventMethod =
+  | 'unknown_method'
+  | 'password'
+  | 'authentication_code'
+  | 'oauth2'
+  | 'saml'
+
+export type AuthenticationEventOrigin =
+  | 'unknown_origin'
+  | 'public_api'
+  | 'admin_api'
+
+export type AuthenticationEventResult = 'unknown_result' | 'success' | 'failure'
+
+export type ListAuthenticationEventsRequestOrderBy =
+  | 'recorded_at_desc'
+  | 'recorded_at_asc'
 
 export type ListEventsRequestOrderBy = 'recorded_at_desc' | 'recorded_at_asc'
 
@@ -138,14 +164,6 @@ export interface SecretManagerSecretVersionInfo {
   revision: number
 }
 
-export interface EventPrincipal {
-  id: string
-}
-
-export interface EventSystem {
-  name: string
-}
-
 export interface Resource {
   id: string
   type: ResourceType
@@ -284,11 +302,70 @@ export interface Resource {
   loadBalancerCertificateInfo?: LoadBalancerCertificateInfo
 }
 
+export interface EventPrincipal {
+  id: string
+}
+
+export interface EventSystem {
+  name: string
+}
+
 export interface ProductService {
   name: string
   methods: string[]
 }
 
+export interface AuthenticationEvent {
+  /**
+   * ID of the event.
+   */
+  id: string
+  /**
+   * Timestamp of the event.
+   */
+  recordedAt?: Date
+  /**
+   * Organization ID containing the event.
+   */
+  organizationId: string
+  /**
+   * IP address at the origin of the event.
+   */
+  sourceIp: string
+  /**
+   * User Agent at the origin of the event.
+   */
+  userAgent?: string
+  /**
+   * Resources attached to the event.
+   */
+  resources: Resource[]
+  /**
+   * Result of the authentication attempt.
+   */
+  result: AuthenticationEventResult
+  /**
+   * (Optional) Reason for authentication failure.
+   */
+  failureReason?: AuthenticationEventFailureReason
+  /**
+   * (Optional) ISO 3166-1 alpha-2 country code of the source IP.
+   */
+  countryCode?: StdCountryCode
+  /**
+   * Authentication method used.
+   */
+  method: AuthenticationEventMethod
+  /**
+   * Origin of the authentication attempt.
+   */
+  origin: AuthenticationEventOrigin
+  /**
+   * (Optional) MFA type used for the authentication attempt.
+   */
+  mfaType?: AuthenticationEventMFAType
+}
+
 export interface Event {
   /**
    * ID of the event.
@@ -375,6 +452,24 @@ export interface Product {
   services: ProductService[]
 }
 
+export type ListAuthenticationEventsRequest = {
+  /**
+   * Region to target. If none is passed will use default region from the config.
+   */
+  region?: ScwRegion
+  organizationId?: string
+  recordedAfter?: Date
+  recordedBefore?: Date
+  orderBy?: ListAuthenticationEventsRequestOrderBy
+  pageSize?: number
+  pageToken?: string
+}
+
+export interface ListAuthenticationEventsResponse {
+  events: AuthenticationEvent[]
+  nextPageToken?: string
+}
+
 export type ListEventsRequest = {
   /**
    * Region to target. If none is passed will use default region from the config.

packages_generated/audit_trail/src/v1alpha1/validation-rules.gen.ts

@@ -1,6 +1,13 @@
 // This file was automatically generated. DO NOT EDIT.
 // If you have any remark or suggestion do not hesitate to open an issue.
 
+export const ListAuthenticationEventsRequest = {
+  pageSize: {
+    greaterThanOrEqual: 1,
+    lessThanOrEqual: 1000,
+  },
+}
+
 export const ListEventsRequest = {
   methodName: {
     pattern: /^[a-zA-Z][a-zA-Z0-9_]*$/,

packages_generated/std/src/index.gen.ts

@@ -1,3 +1,6 @@
 // This file was automatically generated. DO NOT EDIT.
 // If you have any remark or suggestion do not hesitate to open an issue.
-export type { LanguageCode } from './types.gen'
+export type {
+  CountryCode,
+  LanguageCode,
+} from './types.gen'