From 7ae2b71e0b6aa8b8226a329dbe2b12729a35c0d4 Mon Sep 17 00:00:00 2001 From: Alexandre Rulleau Date: Tue, 24 Dec 2024 13:54:30 +0100 Subject: [PATCH] chore(appsec): apply suggestions Signed-off-by: Alexandre Rulleau --- appsec/src/extension/tags.c | 124 ++++++++-------- appsec/src/extension/user_tracking.h | 2 +- .../extension/headers_collection_14.phpt | 133 ----------------- .../extension/headers_collection_15.phpt | 133 ----------------- .../extension/headers_collection_16.phpt | 133 ----------------- .../extension/headers_collection_17.phpt | 134 ------------------ .../extension/headers_collection_18.phpt | 134 ------------------ .../extension/headers_collection_19.phpt | 134 ------------------ .../extension/headers_collection_20.phpt | 134 ------------------ .../extension/headers_collection_21.phpt | 132 ----------------- .../extension/headers_collection_22.phpt | 132 ----------------- .../extension/headers_collection_23.phpt | 134 ------------------ .../Laravel/LaravelIntegration.php | 11 +- 13 files changed, 74 insertions(+), 1396 deletions(-) delete mode 100644 appsec/tests/extension/headers_collection_14.phpt delete mode 100644 appsec/tests/extension/headers_collection_15.phpt delete mode 100644 appsec/tests/extension/headers_collection_16.phpt delete mode 100644 appsec/tests/extension/headers_collection_17.phpt delete mode 100644 appsec/tests/extension/headers_collection_18.phpt delete mode 100644 appsec/tests/extension/headers_collection_19.phpt delete mode 100644 appsec/tests/extension/headers_collection_20.phpt delete mode 100644 appsec/tests/extension/headers_collection_21.phpt delete mode 100644 appsec/tests/extension/headers_collection_22.phpt delete mode 100644 appsec/tests/extension/headers_collection_23.phpt diff --git a/appsec/src/extension/tags.c b/appsec/src/extension/tags.c index 27f15a3e3ff..ee557d35b3d 100644 --- a/appsec/src/extension/tags.c +++ b/appsec/src/extension/tags.c @@ -463,7 +463,7 @@ static zend_string *_concat_json_fragments() zend_llist_position pos; for (zend_string **sp = zend_llist_get_first_ex(&_appsec_json_frags, &pos); - sp != NULL; sp = zend_llist_get_next_ex(&_appsec_json_frags, &pos)) { + sp != NULL; sp = zend_llist_get_next_ex(&_appsec_json_frags, &pos)) { zend_string *s = *sp; needed_len += ZSTR_LEN(s); } @@ -475,8 +475,8 @@ static zend_string *_concat_json_fragments() size_t i = 0; for (zend_string **sp = zend_llist_get_first_ex(&_appsec_json_frags, &pos); - sp != NULL; - sp = zend_llist_get_next_ex(&_appsec_json_frags, &pos), i++) { + sp != NULL; + sp = zend_llist_get_next_ex(&_appsec_json_frags, &pos), i++) { if (i != 0) { *buf++ = ','; } @@ -788,7 +788,7 @@ static void _dd_response_headers(zend_array *meta_ht) zend_llist *l = &SG(sapi_headers).headers; zend_llist_position pos; for (sapi_header_struct *header = zend_llist_get_first_ex(l, &pos); header; - header = zend_llist_get_next_ex(l, &pos)) { + header = zend_llist_get_next_ex(l, &pos)) { const char *pcol = memchr(header->header, ':', header->header_len); if (!pcol) { if (header->header_len <= INT_MAX) { @@ -956,17 +956,19 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated) return; } - zend_string *user_login = NULL; - zend_string *user_id = NULL; + zend_string *user_login; + zend_string *user_id; + zend_string *anon_user_login = NULL; + zend_string *anon_user_id = NULL; HashTable *metadata = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS(), "SS|h", &user_login, &user_id, + if (zend_parse_parameters(ZEND_NUM_ARGS(), "S|Sh", &user_login, &user_id, &metadata) == FAILURE) { mlog(dd_log_warning, "Unexpected parameter combination, expected " "(user_login, user_id, metadata)"); return; } - if (user_login == NULL || ZSTR_LEN(user_login) == 0) { + if (ZSTR_LEN(user_login) == 0) { mlog(dd_log_warning, "Unexpected empty user login"); return; } @@ -986,27 +988,30 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated) } if (mode == user_mode_anon) { - user_id = dd_user_info_anonymize(user_id); - if (user_id == NULL) { + anon_user_id = dd_user_info_anonymize(user_id); + if (!anon_user_id) { mlog(dd_log_debug, "Failed to anonymize user ID"); return; } - user_login = dd_user_info_anonymize(user_login); - if (user_login == NULL) { + anon_user_login = dd_user_info_anonymize(user_login); + if (!anon_user_login) { mlog(dd_log_debug, "Failed to anonymize user login"); + zend_string_release(anon_user_id); return; } + + user_login = anon_user_login; + user_id = anon_user_id; } - if (user_id && ZSTR_LEN(user_id) > 0) { + if (ZSTR_LEN(user_id) > 0) { // usr.id = _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id, user_id, true, false); // _dd.appsec.usr.id = - // We avoid copy on anonymized data to ensure memory is freed. _add_new_zstr_to_meta( - meta_ht, _dd_appsec_user_id, user_id, mode != user_mode_anon, true); + meta_ht, _dd_appsec_user_id, user_id, false, true); } // _dd.appsec.events.users.signup.auto.mode = @@ -1019,9 +1024,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event_automated) meta_ht, _dd_signup_event_login, user_login, true, true); // _dd.appsec.usr.login = - // We avoid copy on anonymized data to ensure memory is freed. - _add_new_zstr_to_meta(meta_ht, _dd_appsec_user_login, user_login, - mode != user_mode_anon, true); + _add_new_zstr_to_meta( + meta_ht, _dd_appsec_user_login, user_login, false, true); // appsec.events.users.signup.success.track = true _add_custom_event_keyval( @@ -1051,7 +1055,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_signup_event) return; } - if (user_id == NULL || ZSTR_LEN(user_id) == 0) { + if (ZSTR_LEN(user_id) == 0) { mlog(dd_log_warning, "Unexpected empty user id"); return; } @@ -1093,17 +1097,19 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated) return; } - zend_string *user_login = NULL; - zend_string *user_id = NULL; + zend_string *user_login; + zend_string *user_id; + zend_string *anon_user_login = NULL; + zend_string *anon_user_id = NULL; HashTable *metadata = NULL; - if (zend_parse_parameters(ZEND_NUM_ARGS(), "SS|h", &user_login, &user_id, + if (zend_parse_parameters(ZEND_NUM_ARGS(), "S|Sh", &user_login, &user_id, &metadata) == FAILURE) { mlog(dd_log_warning, "Unexpected parameter combination, expected " "(user_login, user_id, metadata)"); return; } - if (user_login == NULL || ZSTR_LEN(user_login) == 0) { + if (ZSTR_LEN(user_login) == 0) { mlog(dd_log_warning, "Unexpected empty user login"); return; } @@ -1123,29 +1129,30 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated) } if (mode == user_mode_anon) { - user_id = dd_user_info_anonymize(user_id); - if (user_id == NULL) { + anon_user_id = dd_user_info_anonymize(user_id); + if (!anon_user_id) { mlog(dd_log_debug, "Failed to anonymize user ID"); return; } - user_login = dd_user_info_anonymize(user_login); - if (user_login == NULL) { + anon_user_login = dd_user_info_anonymize(user_login); + if (!anon_user_login) { mlog(dd_log_debug, "Failed to anonymize user login"); + zend_string_release(anon_user_id); return; } - } - dd_find_and_apply_verdict_for_user(user_id); + user_login = anon_user_login; + user_id = anon_user_id; + } - if (user_id && ZSTR_LEN(user_id) > 0) { + if (ZSTR_LEN(user_id) > 0) { // usr.id = _add_new_zstr_to_meta(meta_ht, _dd_tag_user_id, user_id, true, false); // _dd.appsec.usr.id = - // We avoid copy on anonymized data to ensure memory is freed. _add_new_zstr_to_meta( - meta_ht, _dd_appsec_user_id, user_id, mode != user_mode_anon, true); + meta_ht, _dd_appsec_user_id, user_id, false, true); } // _dd.appsec.events.users.login.success.auto.mode = @@ -1154,9 +1161,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated) dd_get_user_collection_mode_zstr(), true, false); // _dd.appsec.events.users.login.success.usr.login = - // We avoid copy on anonymized data to ensure memory is freed. - _add_new_zstr_to_meta(meta_ht, _dd_login_success_event_login, user_login, - mode != user_mode_anon, true); + _add_new_zstr_to_meta( + meta_ht, _dd_login_success_event_login, user_login, false, true); // _dd.appsec.usr.login = _add_new_zstr_to_meta( @@ -1171,6 +1177,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event_automated) meta_ht, _dd_login_success_event, _null_zstr, true, true); dd_tags_set_sampling_priority(); + + dd_find_and_apply_verdict_for_user(user_id); } static PHP_FUNCTION(datadog_appsec_track_user_login_success_event) @@ -1182,7 +1190,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event) return; } - zend_string *user_id = NULL; + zend_string *user_id; HashTable *metadata = NULL; zend_bool copy_user_id = true; if (zend_parse_parameters(ZEND_NUM_ARGS(), "S|h", &user_id, &metadata) == @@ -1192,7 +1200,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event) return; } - if (user_id == NULL || ZSTR_LEN(user_id) == 0) { + if (ZSTR_LEN(user_id) == 0) { mlog(dd_log_warning, "Unexpected empty user id"); return; } @@ -1205,7 +1213,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_success_event) _user_event_triggered = true; zend_array *meta_ht = Z_ARRVAL_P(meta); - if (user_id && ZSTR_LEN(user_id) > 0) { + if (ZSTR_LEN(user_id) > 0) { dd_find_and_apply_verdict_for_user(user_id); // usr.id = _add_new_zstr_to_meta( @@ -1240,9 +1248,11 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated) return; } - zend_string *user_login = NULL; - zend_string *user_id = NULL; - zend_bool exists = false; + zend_string *user_login; + zend_string *user_id; + zend_string *anon_user_login = NULL; + zend_string *anon_user_id = NULL; + zend_bool exists; HashTable *metadata = NULL; if (zend_parse_parameters(ZEND_NUM_ARGS(), "SSb|h", &user_login, &user_id, &exists, &metadata) == FAILURE) { @@ -1266,32 +1276,35 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated) } if (mode == user_mode_anon) { - user_id = dd_user_info_anonymize(user_id); - if (user_id == NULL) { + anon_user_id = dd_user_info_anonymize(user_id); + if (!anon_user_id) { mlog(dd_log_debug, "Failed to anonymize user ID"); return; } - user_login = dd_user_info_anonymize(user_login); - if (user_login == NULL) { + anon_user_login = dd_user_info_anonymize(user_login); + if (!anon_user_login) { mlog(dd_log_debug, "Failed to anonymize user login"); + zend_string_release(anon_user_id); return; } - if (metadata != NULL && zend_array_count(metadata) > 0) { + if (metadata && zend_array_count(metadata) > 0) { metadata = NULL; } + + user_login = anon_user_login; + user_id = anon_user_id; } - if (user_id != NULL && ZSTR_LEN(user_id) > 0) { + if (ZSTR_LEN(user_id) > 0) { // appsec.events.users.login.failure.usr.id = _add_custom_event_keyval(meta_ht, _dd_login_failure_event, _dd_tag_user_id, user_id, true, false); // _dd.appsec.usr.id = - // We avoid copy on anonymized data to ensure memory is freed. _add_new_zstr_to_meta( - meta_ht, _dd_appsec_user_id, user_id, mode != user_mode_anon, true); + meta_ht, _dd_appsec_user_id, user_id, false, true); } // _dd.appsec.events.users.login.failure.auto.mode = @@ -1299,15 +1312,14 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event_automated) _add_new_zstr_to_meta(meta_ht, _dd_login_failure_event_auto_mode, dd_get_user_collection_mode_zstr(), true, false); - if (user_login != NULL && ZSTR_LEN(user_login) > 0) { + if (ZSTR_LEN(user_login) > 0) { // _dd.appsec.events.users.login.failure.usr.login = _add_new_zstr_to_meta( meta_ht, _dd_login_failure_event_login, user_login, true, true); // _dd.appsec.usr.login = - // We avoid copy on anonymized data to ensure memory is freed. - _add_new_zstr_to_meta(meta_ht, _dd_appsec_user_login, user_login, - mode != user_mode_anon, true); + _add_new_zstr_to_meta( + meta_ht, _dd_appsec_user_login, user_login, false, true); } // appsec.events.users.login.failure.track = true @@ -1334,8 +1346,8 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event) return; } - zend_string *user_id = NULL; - zend_bool exists = false; + zend_string *user_id; + zend_bool exists; HashTable *metadata = NULL; if (zend_parse_parameters( ZEND_NUM_ARGS(), "Sb|h", &user_id, &exists, &metadata) == FAILURE) { @@ -1352,7 +1364,7 @@ static PHP_FUNCTION(datadog_appsec_track_user_login_failure_event) _user_event_triggered = true; zend_array *meta_ht = Z_ARRVAL_P(meta); - if (user_id != NULL && ZSTR_LEN(user_id) > 0) { + if (ZSTR_LEN(user_id) > 0) { // appsec.events.users.login.failure.usr.id = _add_custom_event_keyval(meta_ht, _dd_login_failure_event, _dd_tag_user_id, user_id, true, true); diff --git a/appsec/src/extension/user_tracking.h b/appsec/src/extension/user_tracking.h index 2a724e52a52..fa722267f23 100644 --- a/appsec/src/extension/user_tracking.h +++ b/appsec/src/extension/user_tracking.h @@ -5,8 +5,8 @@ // (https://www.datadoghq.com/). Copyright 2021 Datadog, Inc. #pragma once -#include "attributes.h" #include "configuration.h" +#include "attributes.h" #include typedef enum _user_collection_mode { diff --git a/appsec/tests/extension/headers_collection_14.phpt b/appsec/tests/extension/headers_collection_14.phpt deleted file mode 100644 index 621e142c66d..00000000000 --- a/appsec/tests/extension/headers_collection_14.phpt +++ /dev/null @@ -1,133 +0,0 @@ ---TEST-- -All headers are collected when track_user_signup_event_automated is triggered by user ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_signup_event_automated("login", "1234", []); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_15.phpt b/appsec/tests/extension/headers_collection_15.phpt deleted file mode 100644 index c78211e84b7..00000000000 --- a/appsec/tests/extension/headers_collection_15.phpt +++ /dev/null @@ -1,133 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_success_event_automated is triggered by user ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_success_event_automated("login", "1234", []); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_16.phpt b/appsec/tests/extension/headers_collection_16.phpt deleted file mode 100644 index ce086cdc4c5..00000000000 --- a/appsec/tests/extension/headers_collection_16.phpt +++ /dev/null @@ -1,133 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_failure_event_automated is triggered by user ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_failure_event_automated("login", "1234", true, ['email' => 'some@email.com']); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_17.phpt b/appsec/tests/extension/headers_collection_17.phpt deleted file mode 100644 index 1eab184b522..00000000000 --- a/appsec/tests/extension/headers_collection_17.phpt +++ /dev/null @@ -1,134 +0,0 @@ ---TEST-- -All headers are collected when track_user_signup_event_automated is triggered by automation and identification mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=ident -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_signup_event_automated("login", "1234", []); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_18.phpt b/appsec/tests/extension/headers_collection_18.phpt deleted file mode 100644 index a9fdc699735..00000000000 --- a/appsec/tests/extension/headers_collection_18.phpt +++ /dev/null @@ -1,134 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_success_event_automated is triggered by automation and identification mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=ident -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_success_event_automated("login", "1234", []); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_19.phpt b/appsec/tests/extension/headers_collection_19.phpt deleted file mode 100644 index fa749283675..00000000000 --- a/appsec/tests/extension/headers_collection_19.phpt +++ /dev/null @@ -1,134 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_failure_event_automated is triggered by automation and identification mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=ident -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_failure_event_automated("login", "1234", true, ['email' => 'some@email.com']); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_20.phpt b/appsec/tests/extension/headers_collection_20.phpt deleted file mode 100644 index 08a80472406..00000000000 --- a/appsec/tests/extension/headers_collection_20.phpt +++ /dev/null @@ -1,134 +0,0 @@ ---TEST-- -All headers are collected when track_user_signup_event_automated is triggered by automation and anonymization mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=anon -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_signup_event_automated("login", "1234", []); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_21.phpt b/appsec/tests/extension/headers_collection_21.phpt deleted file mode 100644 index 4b44ec0fc27..00000000000 --- a/appsec/tests/extension/headers_collection_21.phpt +++ /dev/null @@ -1,132 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_success_event_automated is triggered by automation and anonymization mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=anon -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_success_event_automated("login", "1234", ['email' => 'some@email.com']); - -rshutdown(); -$helper->get_commands(); //ignore - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_22.phpt b/appsec/tests/extension/headers_collection_22.phpt deleted file mode 100644 index ad93067b8b2..00000000000 --- a/appsec/tests/extension/headers_collection_22.phpt +++ /dev/null @@ -1,132 +0,0 @@ ---TEST-- -All headers are collected when track_user_login_failure_event_automated is triggered by automation and anonymization mode is set ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE=anon -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_failure_event_automated("login", "1234", true, ['email' => 'some@email.com']); - -rshutdown(); -$helper->get_commands(); //ignore - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/appsec/tests/extension/headers_collection_23.phpt b/appsec/tests/extension/headers_collection_23.phpt deleted file mode 100644 index c478e4b6c33..00000000000 --- a/appsec/tests/extension/headers_collection_23.phpt +++ /dev/null @@ -1,134 +0,0 @@ ---TEST-- -When user event is triggered by user first and then the event is triggered by automation, all headers are sent ---INI-- -extension=ddtrace.so -datadog.appsec.log_file=/tmp/php_appsec_test.log -datadog.appsec.log_level=debug -datadog.appsec.enabled=1 ---ENV-- -HTTP_X_FORWARDED_FOR=7.7.7.7 -DD_TRACE_CLIENT_IP_HEADER_DISABLED=true -HTTP_X_FORWARDED_FOR=7.7.7.6,10.0.0.1 -HTTP_X_CLIENT_IP=7.7.7.7 -HTTP_X_REAL_IP=7.7.7.8 -HTTP_X_FORWARDED=for="foo" -HTTP_X_CLUSTER_CLIENT_IP=7.7.7.9 -HTTP_FORWARDED_FOR=7.7.7.10,10.0.0.1 -HTTP_FORWARDED=for="foo" -HTTP_VIA=HTTP/1.1 GWA -HTTP_TRUE_CLIENT_IP=7.7.7.11 -HTTP_CONTENT_TYPE=text/plain -HTTP_CONTENT_LENGTH=0 -HTTP_CONTENT_ENCODING=utf-8 -HTTP_CONTENT_LANGUATE=pt-PT -HTTP_HOST=myhost:8888 -HTTP_USER_AGENT=my user agent -HTTP_ACCEPT=*/* -HTTP_ACCEPT_ENCODING=gzip -HTTP_ACCEPT_LANGUAGE=pt-PT -HTTP_MY_HEADER=my header value -HTTP_MY_OTHER_HEADER=my other header value -HTTP_X_AMZN_TRACE_ID=amazontraceid -HTTP_IGNORED_HEADER=ignored header -HTTP_CLOUDFRONT_VIEWER_JA3_FINGERPRINT=cloudfrontviewer -HTTP_CF_RAY=cfray -HTTP_X_CLOUD_TRACE_CONTEXT=cloudtracecontext -HTTP_X_APPGW_TRACE_ID=appgvtraceid -HTTP_X_SIGSCI_REQUESTID=sigscirequestid -HTTP_X_SIGSCI_TAGS=sigscitags -HTTP_AKAMAI_USER_RISK=akamaiuserisk ---GET-- -key=val ---FILE-- - true]); - - -rinit(); -$helper->get_commands(); //ignore - -track_user_login_failure_event_automated("login", "1234", true, ['email' => 'some@email.com']); -track_user_login_failure_event_automated("login", "1234", true, ['email' => 'some@email.com']); - -rshutdown(); -$helper->get_commands(); //ignore - - - -ddtrace_rshutdown(); -dd_trace_internal_fn('synchronous_flush'); - -$commands = $helper->get_commands(); -$tags = $commands[0]['payload'][0][0]['meta']; - -$headers = array_filter($tags, function ($key) { return strpos($key, "http.request.headers.") === 0;}, ARRAY_FILTER_USE_KEY); -ksort($headers); -var_dump($headers); - -$helper->finished_with_commands(); -?> ---EXPECTF-- -array(25) { - ["http.request.headers.accept"]=> - string(3) "*/*" - ["http.request.headers.accept-encoding"]=> - string(4) "gzip" - ["http.request.headers.accept-language"]=> - string(5) "pt-PT" - ["http.request.headers.akamai-user-risk"]=> - string(13) "akamaiuserisk" - ["http.request.headers.cf-ray"]=> - string(5) "cfray" - ["http.request.headers.cloudfront-viewer-ja3-fingerprint"]=> - string(16) "cloudfrontviewer" - ["http.request.headers.content-encoding"]=> - string(5) "utf-8" - ["http.request.headers.content-length"]=> - string(1) "0" - ["http.request.headers.content-type"]=> - string(10) "text/plain" - ["http.request.headers.forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.forwarded-for"]=> - string(17) "7.7.7.10,10.0.0.1" - ["http.request.headers.host"]=> - string(11) "myhost:8888" - ["http.request.headers.true-client-ip"]=> - string(8) "7.7.7.11" - ["http.request.headers.user-agent"]=> - string(13) "my user agent" - ["http.request.headers.via"]=> - string(12) "HTTP/1.1 GWA" - ["http.request.headers.x-amzn-trace-id"]=> - string(13) "amazontraceid" - ["http.request.headers.x-appgw-trace-id"]=> - string(12) "appgvtraceid" - ["http.request.headers.x-client-ip"]=> - string(7) "7.7.7.7" - ["http.request.headers.x-cloud-trace-context"]=> - string(17) "cloudtracecontext" - ["http.request.headers.x-cluster-client-ip"]=> - string(7) "7.7.7.9" - ["http.request.headers.x-forwarded"]=> - string(9) "for="foo"" - ["http.request.headers.x-forwarded-for"]=> - string(16) "7.7.7.6,10.0.0.1" - ["http.request.headers.x-real-ip"]=> - string(7) "7.7.7.8" - ["http.request.headers.x-sigsci-requestid"]=> - string(15) "sigscirequestid" - ["http.request.headers.x-sigsci-tags"]=> - string(10) "sigscitags" -} diff --git a/src/DDTrace/Integrations/Laravel/LaravelIntegration.php b/src/DDTrace/Integrations/Laravel/LaravelIntegration.php index 4d6de74e4d7..0495a177b9e 100644 --- a/src/DDTrace/Integrations/Laravel/LaravelIntegration.php +++ b/src/DDTrace/Integrations/Laravel/LaravelIntegration.php @@ -46,12 +46,11 @@ public function isArtisanQueueCommand() public function getLoginFromArgs($args): string { - $allowList = ["email", "username"]; - - foreach ($allowList as $key) { - if (isset($args[$key])) { - return $args[$key]; - } + if (key_exists('email', $args)) { + return $args['email']; + } + if (key_exists('username', $args)) { + return $args['username']; } return null;