Support Customizing Observation Conventions

Closes gh-12534

Author: braunsonm

core/src/main/java/org/springframework/security/authentication/ObservationAuthenticationManager.java

@@ -17,6 +17,7 @@
 package org.springframework.security.authentication;
 
 import io.micrometer.observation.Observation;
+import io.micrometer.observation.ObservationConvention;
 import io.micrometer.observation.ObservationRegistry;
 
 import org.springframework.security.core.Authentication;
@@ -35,7 +36,7 @@ public final class ObservationAuthenticationManager implements AuthenticationMan
 
 	private final AuthenticationManager delegate;
 
-	private final AuthenticationObservationConvention convention = new AuthenticationObservationConvention();
+	private ObservationConvention<AuthenticationObservationContext> convention = new AuthenticationObservationConvention();
 
 	public ObservationAuthenticationManager(ObservationRegistry registry, AuthenticationManager delegate) {
 		Assert.notNull(registry, "observationRegistry cannot be null");
@@ -56,4 +57,15 @@ public Authentication authenticate(Authentication authentication) throws Authent
 		});
 	}
 
+	/**
+	 * Use the provided convention for reporting observation data
+	 *
+	 * @param convention The provided convention
+	 *
+	 * @since 6.1
+	 */
+	public void setConvention(ObservationConvention<AuthenticationObservationContext> convention) {
+		Assert.notNull(convention, "The observation convention cannot be null");
+		this.convention = convention;
+	}
 }

core/src/main/java/org/springframework/security/authentication/ObservationReactiveAuthenticationManager.java

@@ -17,8 +17,10 @@
 package org.springframework.security.authentication;
 
 import io.micrometer.observation.Observation;
+import io.micrometer.observation.ObservationConvention;
 import io.micrometer.observation.ObservationRegistry;
 import io.micrometer.observation.contextpropagation.ObservationThreadLocalAccessor;
+import org.springframework.util.Assert;
 import reactor.core.publisher.Mono;
 
 import org.springframework.security.core.Authentication;
@@ -36,7 +38,7 @@ public class ObservationReactiveAuthenticationManager implements ReactiveAuthent
 
 	private final ReactiveAuthenticationManager delegate;
 
-	private final AuthenticationObservationConvention convention = new AuthenticationObservationConvention();
+	private ObservationConvention<AuthenticationObservationContext> convention = new AuthenticationObservationConvention();
 
 	public ObservationReactiveAuthenticationManager(ObservationRegistry registry,
 			ReactiveAuthenticationManager delegate) {
@@ -62,4 +64,15 @@ public Mono<Authentication> authenticate(Authentication authentication) throws A
 		});
 	}
 
+	/**
+	 * Use the provided convention for reporting observation data
+	 *
+	 * @param convention The provided convention
+	 *
+	 * @since 6.1
+	 */
+	public void setConvention(ObservationConvention<AuthenticationObservationContext> convention) {
+		Assert.notNull(convention, "The observation convention cannot be null");
+		this.convention = convention;
+	}
 }

core/src/main/java/org/springframework/security/authorization/ObservationAuthorizationManager.java

@@ -19,10 +19,12 @@
 import java.util.function.Supplier;
 
 import io.micrometer.observation.Observation;
+import io.micrometer.observation.ObservationConvention;
 import io.micrometer.observation.ObservationRegistry;
 
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.core.Authentication;
+import org.springframework.util.Assert;
 
 /**
  * An {@link AuthorizationManager} that observes the authorization
@@ -36,7 +38,7 @@ public final class ObservationAuthorizationManager<T> implements AuthorizationMa
 
 	private final AuthorizationManager<T> delegate;
 
-	private final AuthorizationObservationConvention convention = new AuthorizationObservationConvention();
+	private ObservationConvention<AuthorizationObservationContext<?>> convention = new AuthorizationObservationConvention();
 
 	public ObservationAuthorizationManager(ObservationRegistry registry, AuthorizationManager<T> delegate) {
 		this.registry = registry;
@@ -68,4 +70,15 @@ public AuthorizationDecision check(Supplier<Authentication> authentication, T ob
 		}
 	}
 
+	/**
+	 * Use the provided convention for reporting observation data
+	 *
+	 * @param convention The provided convention
+	 *
+	 * @since 6.1
+	 */
+	public void setConvention(ObservationConvention<AuthorizationObservationContext<?>> convention) {
+		Assert.notNull(convention, "The observation convention cannot be null");
+		this.convention = convention;
+	}
 }

core/src/main/java/org/springframework/security/authorization/ObservationReactiveAuthorizationManager.java

@@ -17,8 +17,10 @@
 package org.springframework.security.authorization;
 
 import io.micrometer.observation.Observation;
+import io.micrometer.observation.ObservationConvention;
 import io.micrometer.observation.ObservationRegistry;
 import io.micrometer.observation.contextpropagation.ObservationThreadLocalAccessor;
+import org.springframework.util.Assert;
 import reactor.core.publisher.Mono;
 
 import org.springframework.security.access.AccessDeniedException;
@@ -36,7 +38,7 @@ public final class ObservationReactiveAuthorizationManager<T> implements Reactiv
 
 	private final ReactiveAuthorizationManager<T> delegate;
 
-	private final AuthorizationObservationConvention convention = new AuthorizationObservationConvention();
+	private ObservationConvention<AuthorizationObservationContext<?>> convention = new AuthorizationObservationConvention();
 
 	public ObservationReactiveAuthorizationManager(ObservationRegistry registry,
 			ReactiveAuthorizationManager<T> delegate) {
@@ -67,4 +69,15 @@ public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, T
 		});
 	}
 
+	/**
+	 * Use the provided convention for reporting observation data
+	 *
+	 * @param convention The provided convention
+	 *
+	 * @since 6.1
+	 */
+	public void setConvention(ObservationConvention<AuthorizationObservationContext<?>> convention) {
+		Assert.notNull(convention, "The observation convention cannot be null");
+		this.convention = convention;
+	}
 }

core/src/test/java/org/springframework/security/authentication/ObservationAuthenticationManagerTests.java

@@ -93,4 +93,9 @@ void authenticationWhenErrorsThenObserves() {
 		assertThat(context.getAuthenticationResult()).isNull();
 	}
 
+	@Test
+	void conventionSetterThrowsWhenNull() {
+		assertThatExceptionOfType(IllegalArgumentException.class)
+				.isThrownBy(() -> this.tested.setConvention(null));
+	}
 }

core/src/test/java/org/springframework/security/authentication/ObservationReactiveAuthenticationManagerTests.java

@@ -96,4 +96,10 @@ void authenticationWhenErrorsThenObserves() {
 		assertThat(context.getAuthenticationResult()).isNull();
 	}
 
+	@Test
+	void conventionSetterThrowsWhenNull() {
+		assertThatExceptionOfType(IllegalArgumentException.class)
+				.isThrownBy(() -> this.tested.setConvention(null));
+	}
+
 }

core/src/test/java/org/springframework/security/authorization/ObservationAuthorizationManagerTests.java

@@ -118,4 +118,9 @@ void verifyWhenLooksUpAuthenticationThenObserves() {
 		assertThat(context.getDecision()).isEqualTo(this.grant);
 	}
 
+	@Test
+	void conventionSetterThrowsWhenNull() {
+		assertThatExceptionOfType(IllegalArgumentException.class)
+				.isThrownBy(() -> this.tested.setConvention(null));
+	}
 }

core/src/test/java/org/springframework/security/authorization/ObservationReactiveAuthorizationManagerTests.java

@@ -117,4 +117,9 @@ void verifyWhenLooksUpAuthenticationThenObserves() {
 		assertThat(context.getDecision()).isEqualTo(this.grant);
 	}
 
+	@Test
+	void conventionSetterThrowsWhenNull() {
+		assertThatExceptionOfType(IllegalArgumentException.class)
+				.isThrownBy(() -> this.tested.setConvention(null));
+	}
 }