Skip to content

Commit

Permalink
Remove usernames and emails from AI traces. (#5293)
Browse files Browse the repository at this point in the history 
Remove usernames and emails from traces.
  • Loading branch information
@cristinamanum
cristinamanum committed Jan 19, 2018
1 parent 2abe600 commit 4caac39
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 17 deletions.
21 changes: 10 additions & 11 deletions src/NuGetGallery/Authentication/AuthenticationService.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,14 +74,14 @@ private void InitCredentialFormatters()

public virtual async Task<PasswordAuthenticationResult> Authenticate(string userNameOrEmail, string password)
{
using (_trace.Activity("Authenticate:" + userNameOrEmail))
using (_trace.Activity("Authenticate"))
{
var user = FindByUserNameOrEmail(userNameOrEmail);

// Check if the user exists
if (user == null)
{
_trace.Information("No such user: " + userNameOrEmail);
_trace.Information("No such user.");

await Auditing.SaveAuditRecordAsync(
new FailedAuthenticatedOperationAuditRecord(
Expand All @@ -92,7 +92,7 @@ await Auditing.SaveAuditRecordAsync(

if (user is Organization)
{
_trace.Information($"Cannot authenticate organization account'{userNameOrEmail}'.");
_trace.Information("Cannot authenticate organization account.");

await Auditing.SaveAuditRecordAsync(
new FailedAuthenticatedOperationAuditRecord(
Expand All @@ -105,7 +105,7 @@ await Auditing.SaveAuditRecordAsync(

if (IsAccountLocked(user, out remainingMinutes))
{
_trace.Information($"Login failed. User account {userNameOrEmail} is locked for the next {remainingMinutes} minutes.");
_trace.Information($"Login failed. User account is locked for the next {remainingMinutes} minutes.");

return new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.AccountLocked,
authenticatedUser: null, lockTimeRemainingMinutes: remainingMinutes);
Expand All @@ -115,7 +115,7 @@ await Auditing.SaveAuditRecordAsync(
Credential matched;
if (!ValidatePasswordCredential(user.Credentials, password, out matched))
{
_trace.Information($"Password validation failed: {userNameOrEmail}");
_trace.Information("Password validation failed.");

await UpdateFailedLoginAttempt(user);

Expand All @@ -141,7 +141,7 @@ await Auditing.SaveAuditRecordAsync(
await UpdateSuccessfulLoginAttempt(user);

// Return the result
_trace.Verbose("Successfully authenticated '" + user.Username + "' with '" + matched.Type + "' credential");
_trace.Verbose("User successfully authenticated with '" + matched.Type + "' credential");
return new PasswordAuthenticationResult(PasswordAuthenticationResult.AuthenticationResult.Success, new AuthenticatedUser(user, matched));
}
}
Expand Down Expand Up @@ -184,7 +184,7 @@ await Auditing.SaveAuditRecordAsync(

if (matched.User is Organization)
{
_trace.Information($"Cannot authenticate organization account '{matched.User.Username}'.");
_trace.Information("Cannot authenticate organization account.");

await Auditing.SaveAuditRecordAsync(
new FailedAuthenticatedOperationAuditRecord(null,
Expand All @@ -196,7 +196,7 @@ await Auditing.SaveAuditRecordAsync(

if (matched.HasExpired)
{
_trace.Verbose("Credential of type '" + matched.Type + "' for user '" + matched.User.Username + "' has expired on " + matched.Expires.Value.ToString("O", CultureInfo.InvariantCulture));
_trace.Verbose("Credential of type '" + matched.Type + "' has expired on " + matched.Expires.Value.ToString("O", CultureInfo.InvariantCulture));

return null;
}
Expand All @@ -214,7 +214,6 @@ await Auditing.SaveAuditRecordAsync(

_trace.Verbose(
"Credential of type '" + matched.Type
+ "' for user '" + matched.User.Username
+ "' was last used on " + matched.LastUsed.Value.ToString("O", CultureInfo.InvariantCulture)
+ " and has now expired.");

Expand All @@ -225,7 +224,7 @@ await Auditing.SaveAuditRecordAsync(
matched.LastUsed = _dateTimeProvider.UtcNow;
await Entities.SaveChangesAsync();

_trace.Verbose("Successfully authenticated '" + matched.User.Username + "' with '" + matched.Type + "' credential");
_trace.Verbose("User successfully authenticated with '" + matched.Type + "' credential");

return new AuthenticatedUser(matched.User, matched);
}
Expand Down Expand Up @@ -756,7 +755,7 @@ private User FindByUserNameOrEmail(string userNameOrEmail)
else
{
// If multiple matches, leave it null to signal no unique email address
_trace.Warning("Multiple user accounts with email address: " + userNameOrEmail + " found: " + String.Join(", ", allMatches.Select(u => u.Username)));
_trace.Warning($"Multiple user accounts with a single email address were found. Count: {allMatches.Count}");
}
}
return user;
Expand Down
2 changes: 1 addition & 1 deletion src/NuGetGallery/Security/SecurePushSubscription.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ public async Task OnSubscribeAsync(UserSecurityPolicySubscriptionContext context
}
await Task.WhenAll(expireTasks);

_diagnostics.Information($"Expiring {pushKeys.Count()} keys with push capability for user '{context.User.Username}'.");
_diagnostics.Information($"Expiring {pushKeys.Count()} keys with push capability.");
}

public Task OnUnsubscribeAsync(UserSecurityPolicySubscriptionContext context)
Expand Down
10 changes: 5 additions & 5 deletions src/NuGetGallery/Security/SecurityPolicyService.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ await Auditing.SaveAuditRecordAsync(new UserSecurityPolicyAuditRecord(
if (!result.Success)
{
Diagnostics.Information(
$"Security policy from subscription '{foundPolicies.First().Subscription}' - '{handler.Name}' failed for user '{user.Username}' with error '{result.ErrorMessage}'.");
$"Security policy from subscription '{foundPolicies.First().Subscription}' - '{handler.Name}' failed with error '{result.ErrorMessage}'.");

return result;
}
Expand Down Expand Up @@ -228,7 +228,7 @@ public async Task<bool> SubscribeAsync(User user, IUserSecurityPolicySubscriptio

if (IsSubscribed(user, subscription))
{
Diagnostics.Information($"User '{user.Username}' is already subscribed to '{subscription.SubscriptionName}'.");
Diagnostics.Information($"User is already subscribed to '{subscription.SubscriptionName}'.");

return false;
}
Expand All @@ -246,7 +246,7 @@ await Auditing.SaveAuditRecordAsync(

await EntitiesContext.SaveChangesAsync();

Diagnostics.Information($"User '{user.Username}' is now subscribed to '{subscription.SubscriptionName}'.");
Diagnostics.Information($"User is now subscribed to '{subscription.SubscriptionName}'.");

return true;
}
Expand Down Expand Up @@ -302,11 +302,11 @@ await Auditing.SaveAuditRecordAsync(

await EntitiesContext.SaveChangesAsync();

Diagnostics.Information($"User '{user.Username}' is now unsubscribed from '{subscription.SubscriptionName}'.");
Diagnostics.Information($"User is now unsubscribed from '{subscription.SubscriptionName}'.");
}
else
{
Diagnostics.Information($"User '{user.Username}' is already unsubscribed from '{subscription.SubscriptionName}'.");
Diagnostics.Information($"User is already unsubscribed from '{subscription.SubscriptionName}'.");
}
}

Expand Down

0 comments on commit 4caac39

Please sign in to comment.