From 0c8f9d7d2aabc717660e13166f564382bf4d5553 Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Fri, 15 Dec 2023 15:34:08 +0300
Subject: [PATCH] added JSONStdout audit logger

---
 .../openam-audit-configuration/pom.xml        |  5 ++
 .../JsonStdoutAuditEventHandlerFactory.java   | 44 ++++++++++
 .../resources/JSONStdout.section.properties   | 32 ++++++++
 .../src/main/resources/audit.properties       | 16 ++++
 .../src/main/resources/audit.xml              | 80 ++++++++++++++++++-
 ...sonStdoutAuditEventHandlerFactoryTest.java | 71 ++++++++++++++++
 pom.xml                                       |  2 +-
 7 files changed, 247 insertions(+), 3 deletions(-)
 create mode 100644 openam-audit/openam-audit-configuration/src/main/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactory.java
 create mode 100644 openam-audit/openam-audit-configuration/src/main/resources/JSONStdout.section.properties
 create mode 100644 openam-audit/openam-audit-configuration/src/test/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactoryTest.java

diff --git a/openam-audit/openam-audit-configuration/pom.xml b/openam-audit/openam-audit-configuration/pom.xml
index 8caea440a3..b24a6f4c85 100644
--- a/openam-audit/openam-audit-configuration/pom.xml
+++ b/openam-audit/openam-audit-configuration/pom.xml
@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2014-2016 ForgeRock AS.
+ * Portions copyright 2023 3A Systems LLC
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <parent>
@@ -63,6 +64,10 @@
             <groupId>org.openidentityplatform.commons.audit</groupId>
             <artifactId>handler-jms</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.openidentityplatform.commons.audit</groupId>
+            <artifactId>handler-json</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.zaxxer</groupId>
             <artifactId>HikariCP</artifactId>
diff --git a/openam-audit/openam-audit-configuration/src/main/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactory.java b/openam-audit/openam-audit-configuration/src/main/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactory.java
new file mode 100644
index 0000000000..d840257925
--- /dev/null
+++ b/openam-audit/openam-audit-configuration/src/main/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactory.java
@@ -0,0 +1,44 @@
+/*
+ * The contents of this file are subject to the terms of the Common Development and
+ * Distribution License (the License). You may not use this file except in compliance with the
+ * License.
+ *
+ * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
+ * specific language governing permission and limitations under the License.
+ *
+ * When distributing Covered Software, include this CDDL Header Notice in each file and include
+ * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
+ * Header, with the fields enclosed by brackets [] replaced by your own identifying
+ * information: "Portions copyright [year] [name of copyright owner]".
+ *
+ * Copyright 2023 3A Systems LLC
+ */
+
+package org.forgerock.openam.audit.events.handlers;
+
+import org.forgerock.audit.AuditException;
+import org.forgerock.audit.events.handlers.AuditEventHandler;
+import org.forgerock.audit.handlers.json.JsonStdoutAuditEventHandler;
+import org.forgerock.audit.handlers.json.JsonStdoutAuditEventHandlerConfiguration;
+import org.forgerock.openam.audit.AuditEventHandlerFactory;
+import org.forgerock.openam.audit.configuration.AuditEventHandlerConfiguration;
+
+import java.util.Map;
+import java.util.Set;
+
+import static com.sun.identity.shared.datastruct.CollectionHelper.getBooleanMapAttr;
+
+public class JsonStdoutAuditEventHandlerFactory implements AuditEventHandlerFactory {
+
+    @Override
+    public AuditEventHandler create(AuditEventHandlerConfiguration configuration) throws AuditException {
+        Map<String, Set<String>> attributes = configuration.getAttributes();
+
+        JsonStdoutAuditEventHandlerConfiguration handlerConfig = new JsonStdoutAuditEventHandlerConfiguration();
+        handlerConfig.setTopics(attributes.get("topics"));
+        handlerConfig.setName(configuration.getHandlerName());
+        handlerConfig.setEnabled(getBooleanMapAttr(attributes, "enabled", false));
+        handlerConfig.setElasticsearchCompatible(getBooleanMapAttr(attributes, "elasticsearchCompatible", false));
+        return new JsonStdoutAuditEventHandler(handlerConfig, configuration.getEventTopicsMetaData());
+    }
+}
diff --git a/openam-audit/openam-audit-configuration/src/main/resources/JSONStdout.section.properties b/openam-audit/openam-audit-configuration/src/main/resources/JSONStdout.section.properties
new file mode 100644
index 0000000000..5afe073d4f
--- /dev/null
+++ b/openam-audit/openam-audit-configuration/src/main/resources/JSONStdout.section.properties
@@ -0,0 +1,32 @@
+#
+# The contents of this file are subject to the terms of the Common Development and
+# Distribution License (the License). You may not use this file except in compliance with the
+# License.
+#
+# You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
+# specific language governing permission and limitations under the License.
+#
+# When distributing Covered Software, include this CDDL Header Notice in each file and include
+# the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
+# Header, with the fields enclosed by brackets [] replaced by your own identifying
+# information: "Portions copyright [year] [name of copyright owner]".
+#
+# Copyright 2016 ForgeRock AS.
+# Portions copyright 2023 3A Systems LLC
+#
+
+########################################################################################################################
+# Common handler section properties
+########################################################################################################################
+commonHandler=enabled
+commonHandler=topics
+
+########################################################################################################################
+# Common handler plugin section properties
+########################################################################################################################
+commonHandlerPlugin=handlerFactory
+
+########################################################################################################################
+# JMS handler section properties
+########################################################################################################################
+jsonStdoutConfig=elasticsearchCompatible
diff --git a/openam-audit/openam-audit-configuration/src/main/resources/audit.properties b/openam-audit/openam-audit-configuration/src/main/resources/audit.properties
index aa86c0fc18..e24f27cbeb 100644
--- a/openam-audit/openam-audit-configuration/src/main/resources/audit.properties
+++ b/openam-audit/openam-audit-configuration/src/main/resources/audit.properties
@@ -11,6 +11,7 @@
 # information: "Portions copyright [year] [name of copyright owner]".
 #
 # Copyright 2015-2016 ForgeRock AS.
+# Portions copyright 2023 3A Systems LLC
 
 
 ########################################################################################################################
@@ -41,6 +42,7 @@ handler.name.jdbc=JDBC
 handler.name.syslog=Syslog
 handler.name.elasticsearch=Elasticsearch
 handler.name.jms=JMS
+handler.name.jsonstdout=JSONStdout
 
 # Additions to handler properties. Other properties are stored in commons audit translation.properties.
 audit.handlers.jdbc.databaseType.help=Select the database to use for logging audit events.
@@ -194,6 +196,17 @@ section.label.AuditService.Global.splunkBuffering=Buffering
 section.label.AuditService.Organization.splunkConfig=Splunk Configuration
 section.label.AuditService.Organization.splunkBuffering=Buffering
 
+########################################################################################################################
+# JSONStdout handler section properties
+########################################################################################################################
+sections.JSONStdout=\
+  commonHandler \
+  jsonStdoutConfig \
+  commonHandlerPlugin
+
+section.label.AuditService.Global.jsonStdoutConfig=JSONStdout Configuration
+
+section.label.AuditService.Organization.jsonStdoutConfig=JSONStdout Configuration
 
 ########################################################################################################################
 # NOTE:
@@ -427,3 +440,6 @@ audit.handlers.splunk.bufferingMaxEvents.help=Maximum number of audit logs in th
   events are dropped
 audit.handlers.splunk.bufferingWriteInterval=Write interval (in milliseconds)
 audit.handlers.splunk.bufferingWriteInterval.help=Interval at which buffered events are written to Splunk
+
+#JSON handler configuration
+audit.handlers.json.elasticsearchCompatible.enabled=ElasticSearch JSON Format Compatible
\ No newline at end of file
diff --git a/openam-audit/openam-audit-configuration/src/main/resources/audit.xml b/openam-audit/openam-audit-configuration/src/main/resources/audit.xml
index 4335b445fb..bfd9e9455d 100755
--- a/openam-audit/openam-audit-configuration/src/main/resources/audit.xml
+++ b/openam-audit/openam-audit-configuration/src/main/resources/audit.xml
@@ -13,6 +13,7 @@
  * information: "Portions copyright [year] [name of copyright owner]".
  *
  * Copyright 2015-2016 ForgeRock AS.
+ * Portions copyright 2023 3A Systems LLC
 -->
 <!DOCTYPE ServicesConfiguration
         PUBLIC "=//iPlanet//Service Management Services (SMS) 1.0 DTD//EN" "jar://com/sun/identity/sm/sms.dtd">
@@ -21,7 +22,7 @@
     <Service name="AuditService" version="1.0">
         <Schema serviceHierarchy="/DSAMEConfig/AuditService"
                 i18nFileName="audit"
-                revisionNumber="1"
+                revisionNumber="2"
                 resourceName="audit"
                 i18nKey="audit-description"
                 propertiesViewBeanURL="../audit/RealmAuditConfig">
@@ -762,6 +763,44 @@
                         </DefaultValues>
                     </AttributeSchema>
                 </SubSchema>
+
+                <SubSchema name="JSONStdout" inheritance="multiple" i18nKey="handler.name.jsonstdout" i18nFileName="audit">
+                    <AttributeSchema name="enabled" type="single" syntax="boolean"
+                                     i18nKey="audit.handlers.all.enabled" order="8000">
+                        <BooleanValues>
+                            <BooleanTrueValue>true</BooleanTrueValue>
+                            <BooleanFalseValue>false</BooleanFalseValue>
+                        </BooleanValues>
+                        <DefaultValues>
+                            <Value>true</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="topics" type="multiple_choice" i18nKey="audit.handlers.all.topics" order="8100">
+                        <ChoiceValues>
+                            <ChoiceValuesClassName
+                                    className="org.forgerock.openam.audit.configuration.AuditTopicChoiceValues"/>
+                        </ChoiceValues>
+                        <DefaultValues>
+                            <DefaultValuesClassName
+                                    className="org.forgerock.openam.audit.configuration.AuditTopicDefaultValues"/>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="elasticsearchCompatible" type="single" syntax="boolean" i18nKey="audit.handlers.json.elasticsearchCompatible.enabled" order="8200">
+                        <BooleanValues>
+                            <BooleanTrueValue>true</BooleanTrueValue>
+                            <BooleanFalseValue>false</BooleanFalseValue>
+                        </BooleanValues>
+                        <DefaultValues>
+                            <Value>true</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="handlerFactory" type="single" i18nKey="handler.factory" order="8200">
+                        <DefaultValues>
+                            <Value>org.forgerock.openam.audit.events.handlers.JsonStdoutAuditEventHandlerFactory</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                </SubSchema>
+
             </Global>
 
             <Organization>
@@ -807,7 +846,7 @@
                     </AttributeSchema>
                     <AttributeSchema name="location" type="single" i18nKey="audit.handlers.csv.logDirectory" order="500">
                         <DefaultValues>
-                            <Value>%BASE_DIR%/%SERVER_URI%/@LOG_DIR@/</Value>
+                            <Value>%BASE_DIR%/%SERVER_URI%/log/</Value>
                         </DefaultValues>
                     </AttributeSchema>
                     <AttributeSchema name="rotationEnabled" type="single" syntax="boolean"
@@ -1502,6 +1541,43 @@
                         </DefaultValues>
                     </AttributeSchema>
                 </SubSchema>
+
+                <SubSchema name="JSONStdout" inheritance="multiple" i18nKey="handler.name.jsonstdout" i18nFileName="audit">
+                    <AttributeSchema name="enabled" type="single" syntax="boolean"
+                                     i18nKey="audit.handlers.all.enabled" order="8000">
+                        <BooleanValues>
+                            <BooleanTrueValue>true</BooleanTrueValue>
+                            <BooleanFalseValue>false</BooleanFalseValue>
+                        </BooleanValues>
+                        <DefaultValues>
+                            <Value>true</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="topics" type="multiple_choice" i18nKey="audit.handlers.all.topics" order="8100">
+                        <ChoiceValues>
+                            <ChoiceValuesClassName
+                                    className="org.forgerock.openam.audit.configuration.AuditTopicChoiceValues"/>
+                        </ChoiceValues>
+                        <DefaultValues>
+                            <DefaultValuesClassName
+                                    className="org.forgerock.openam.audit.configuration.AuditTopicDefaultValues"/>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="elasticsearchCompatible" type="single" syntax="boolean" i18nKey="audit.handlers.json.elasticsearchCompatible.enabled" order="8200">
+                        <BooleanValues>
+                            <BooleanTrueValue>true</BooleanTrueValue>
+                            <BooleanFalseValue>false</BooleanFalseValue>
+                        </BooleanValues>
+                        <DefaultValues>
+                            <Value>true</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                    <AttributeSchema name="handlerFactory" type="single" i18nKey="handler.factory" order="8300">
+                        <DefaultValues>
+                            <Value>org.forgerock.openam.audit.events.handlers.JsonStdoutAuditEventHandlerFactory</Value>
+                        </DefaultValues>
+                    </AttributeSchema>
+                </SubSchema>
             </Organization>
         </Schema>
 
diff --git a/openam-audit/openam-audit-configuration/src/test/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactoryTest.java b/openam-audit/openam-audit-configuration/src/test/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactoryTest.java
new file mode 100644
index 0000000000..60dc0d66bc
--- /dev/null
+++ b/openam-audit/openam-audit-configuration/src/test/java/org/forgerock/openam/audit/events/handlers/JsonStdoutAuditEventHandlerFactoryTest.java
@@ -0,0 +1,71 @@
+/*
+* The contents of this file are subject to the terms of the Common Development and
+* Distribution License (the License). You may not use this file except in compliance with the
+* License.
+*
+* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
+* specific language governing permission and limitations under the License.
+*
+* When distributing Covered Software, include this CDDL Header Notice in each file and include
+* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
+* Header, with the fields enclosed by brackets [] replaced by your own identifying
+* information: "Portions copyright [year] [name of copyright owner]".
+*
+* Copyright 2023 3A Systems LLC
+*/
+package org.forgerock.openam.audit.events.handlers;
+
+import org.forgerock.audit.AuditException;
+import org.forgerock.audit.events.EventTopicsMetaData;
+import org.forgerock.audit.events.EventTopicsMetaDataBuilder;
+import org.forgerock.audit.events.handlers.AuditEventHandler;
+import org.forgerock.audit.handlers.json.JsonStdoutAuditEventHandler;
+import org.forgerock.openam.audit.AuditEventHandlerFactory;
+import org.forgerock.openam.audit.configuration.AuditEventHandlerConfiguration;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import static java.util.Collections.singleton;
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * Test the JsonStdoutAuditEventHandlerFactoryTest class.
+ *
+ * @since 14.8.3
+ */
+public class JsonStdoutAuditEventHandlerFactoryTest {
+
+    private AuditEventHandlerFactory factory;
+    private EventTopicsMetaData eventTopicsMetaData;
+    private Map<String, Set<String>> configAttributes;
+
+    @BeforeMethod
+    public void setUp() {
+        factory = new JsonStdoutAuditEventHandlerFactory();
+        eventTopicsMetaData = EventTopicsMetaDataBuilder.coreTopicSchemas().build();
+
+        configAttributes = new HashMap<>();
+        configAttributes.put("enabled", singleton("true"));
+        configAttributes.put("topics", singleton("access"));
+        configAttributes.put("elasticsearchCompatible", singleton("true"));
+    }
+
+    @Test
+    void shouldCreateJsonStdoutEventHandler() throws AuditException {
+        AuditEventHandlerConfiguration configuration = AuditEventHandlerConfiguration.builder()
+                .withName("JSONStdout")
+                .withAttributes(configAttributes)
+                .withEventTopicsMetaData(eventTopicsMetaData).build();
+
+        AuditEventHandler handler = factory.create(configuration);
+
+        assertThat(handler).isInstanceOf(JsonStdoutAuditEventHandler.class);
+        assertThat(handler.getName()).isEqualTo("JSONStdout");
+        assertThat(handler.getHandledTopics()).containsExactly("access");
+        assertThat(handler.isEnabled()).isTrue();
+    }
+}
diff --git a/pom.xml b/pom.xml
index 89e7bdeb92..f82434eb4f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,7 +79,7 @@
     <maven.compiler.source>1.8</maven.compiler.source>
     <!-- Supress checkstyle errors on legacy com.iplanet and com.sun.identity packages -->
     <checkstyleUnitTestSuppressionsLocation>checkstyle/suppressions.xml</checkstyleUnitTestSuppressionsLocation>
-    <opendj.version>4.6.1</opendj.version>
+    <opendj.version>4.6.2-SNAPSHOT</opendj.version>
     <javadoc-utils.version>1.0.0</javadoc-utils.version>
     <ant.contrib.version>1.0b3</ant.contrib.version>
     <guice.version>3.0</guice.version>