diff --git a/config_sample/config.json b/config_sample/config.json index b14c106..aa0ab57 100644 --- a/config_sample/config.json +++ b/config_sample/config.json @@ -3,9 +3,18 @@ "install_dir": "/home/spid-cie-oidc-php", "www_dir": "/var/www/html", "service_name": "", - "log_path": "./log/spid-cie-oidc-php.log", "homepage": "/test.php", "default_domain": "default", + + "log_handler": "stream", + "log_stream_path": "./log/spid-cie-oidc-php.log", + "log_azure_tenantId": "", + "log_azure_appId": "", + "log_azure_appSecret": "", + "log_azure_dceURI": "", + "log_azure_dcrImmutableId": "", + "log_azure_table": "", + "sa": { "client_id": "http://relying-party-php.org:8003/", "client_name": "Soggetto Aggregatore", diff --git a/config_sample/federation-authority.json b/config_sample/federation-authority.json index 8aae37a..c736bf3 100644 --- a/config_sample/federation-authority.json +++ b/config_sample/federation-authority.json @@ -7,12 +7,6 @@ "https://registry.spid.gov.it": { "organization_name": "Federazione SPID" }, - "https://preprod.oidc.registry.servizicie.interno.gov.it": { - "organization_name": "Federazione preprod CIE" - }, - "https://oidc.registry.servizicie.interno.gov.it": { - "organization_name": "Federazione CIE" - }, "http://127.0.0.1:8000": { "organization_name": "Federazione test local" }, diff --git a/data/.dummy b/data/.dummy old mode 100644 new mode 100755 diff --git a/lib/Core/AzureHandler.php b/lib/Core/AzureHandler.php new file mode 100644 index 0000000..03ef6a5 --- /dev/null +++ b/lib/Core/AzureHandler.php @@ -0,0 +1,132 @@ + + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + */ + +//namespace Monolog\Handler; +namespace SPID_CIE_OIDC_PHP\Core; + +use Monolog\Level; +use Monolog\Utils; +use Monolog\LogRecord; +use Monolog\Handler\AbstractProcessingHandler; +use Monolog\Handler\Curl; + +/** + * @author Michele D'Amico + * Linfa Service - https://www.linfaservice.it + * Damikael - https://www.damikael.dev + */ +class AzureHandler extends AbstractProcessingHandler +{ + private string $eventName; + private string $secretKey; + + /** + * @param string $tenantId + * @param string $appId + * @param string $appSecret + * @param string $dceURI + * @param string $dcrImmutableId; + * @param string $table + * + * @throws MissingExtensionException If the curl extension is missing + */ + public function __construct(string $tenantId, string $appId, string $appSecret, string $dceURI, string $dcrImmutableId, string $table, int|string|Level $level = Level::Debug, bool $bubble = true) + { + if (!\extension_loaded('curl')) { + throw new MissingExtensionException('The curl extension is needed to use the AzureHandler'); + } + + $this->tenantId = $tenantId; + $this->appId = $appId; + $this->appSecret = $appSecret; + $this->dceURI = $dceURI; + $this->dcrImmutableId = $dcrImmutableId; + $this->table = $table; + + parent::__construct($level, $bubble); + } + + /** + * @inheritDoc + */ + public function write(LogRecord $record): void + { + + // retrieve access_token + $url = "https://login.microsoftonline.com/" . $this->tenantId . "/oauth2/v2.0/token"; + $postString = " + grant_type=client_credentials + &scope=https://monitor.azure.com//.default + &client_id=" . $this->appId . " + &client_secret=" . $this->appSecret . " + "; + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, $postString); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + "Content-Type: application/x-www-form-urlencoded", + ]); + + $response = Curl\Util::execute($ch); + $access_token = json_decode($response)->access_token; + + // send log + $url = $this->dceURI . "/dataCollectionRules/" . $this->dcrImmutableId . "/streams/Custom-" . $this->table . "?api-version=2023-01-01"; + $sourceUrl = $_SERVER['HTTP_HOST']; + $clientIp = $_SERVER['REMOTE_ADDR']; + + $postString = "[ + { + \"TimeGenerated\": \"" . (new \DateTime())->format('c') . "\", + \"Direction\": \"REQUEST\", + \"Method\": \"GET\", + \"Url\": \"" . $sourceUrl ."\", + \"IP\": \"" . $clientIp ."\", + \"Level\": \"INFO\", + \"response_type\": \"code\", + \"message\": \"" . $record->message . "\" + } + ]"; + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, $postString); + curl_setopt($ch, CURLOPT_HTTPHEADER, [ + "Authorization: Bearer " . $access_token, + "Content-Type: application/json", + ]); + + //error_log("Log Request: " . var_export($postString, true)); + + $response = Curl\Util::execute($ch); + $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); + + //error_log("Log Response: [" . $httpcode . "] " . var_export($response, true)); + } +} \ No newline at end of file diff --git a/lib/Core/Logger.php b/lib/Core/Logger.php index 2b05d80..2984281 100644 --- a/lib/Core/Logger.php +++ b/lib/Core/Logger.php @@ -53,8 +53,27 @@ public function __construct(array $config = null) } $this->config = $config; - //$handler = new SyslogHandler('spid-cie-oidc-php'); - $handler = new StreamHandler($this->config['log_path']); + switch($this->config['log_handler']) { + case 'azure': + $tenantId = $this->config['log_azure_tenantId']; + $appId = $this->config['log_azure_appId']; + $appSecret = $this->config['log_azure_appSecret']; + $dceURI = $this->config['log_azure_dceURI']; + $dcrImmutableId = $this->config['log_azure_dcrImmutableId']; + $table = $this->config['log_azure_table']; + $handler = new AzureHandler($tenantId, $appId, $appSecret, $dceURI, $dcrImmutableId, $table); + break; + + case 'syslog': + $handler = new SyslogHandler('spid-cie-oidc-php'); + break; + + case 'stream': + default: + $handler = new StreamHandler($this->config['log_stream_path']); + break; + } + $formatter = new SyslogFormatter(); $handler->setFormatter($formatter);