From 8dcb6000b194c760e7e0ea16f60a713dbd94f5d5 Mon Sep 17 00:00:00 2001 From: Tiffany Citra Date: Sun, 4 Oct 2020 10:36:53 -0700 Subject: [PATCH 1/3] Define AuthLog struct --- admin/logs.go | 56 ++++++++++++++++++++++++++++++++++++++++++---- admin/logs_test.go | 2 +- 2 files changed, 53 insertions(+), 5 deletions(-) diff --git a/admin/logs.go b/admin/logs.go index 446e8fb..d966436 100644 --- a/admin/logs.go +++ b/admin/logs.go @@ -44,10 +44,58 @@ type AuthLogResult struct { } // An AuthLog retrieved from https://duo.com/docs/adminapi#authentication-logs -// TODO: @Duo update this to be a struct based on the returned JSON structure of an authentication log. -type AuthLog map[string]interface{} +type AuthLog struct { + AccessDevice AccessDevice `json:"access_device"` + Application Application `json:"application"` + AuthDevice AuthDevice `json:"auth_device"` + EventType string `json:"event_type"` + Factor string `json:"factor"` + Reason string `json:"reason"` + Result string `json:"result"` + Timestamp int64 `json:"timestamp"` + TxID string `json:"txid"` + User UserV2 `json:"user"` +} + +// AccessDevice models a device that user uses to authenticate themselves. +type AccessDevice struct { + Browser string `json:"browser"` + BrowserVersion string `json:"browser_version"` + FlashVersion string `json:"flash_version"` + JavaVersion string `json:"java_version"` + OS string `json:"os"` + OSVersion string `json:"os_version"` + TrustedEndpointStatus string `json:"trusted_endpoint_status"` +} + +// Application models information about the accessed application. +type Application struct { + Key string + Name string +} + +// Location represents a location where the user authenticates themselves. +type Location struct { + City string `json:"city"` + Country string `json:"country"` + State string `json:"state"` +} + +// AuthDevice models information about the device used to approve or +// deny authentication. +type AuthDevice struct { + IP string `json:"ip"` + Location Location `json:"location"` + Name string `json:"name"` +} -// An AuthLogList holds retreived logs and V2 metadata used for pagination. +// UserV2 models information about the authenticating user. +type UserV2 struct { + Key string `json:"key"` + Name string `json:"name"` +} + +// An AuthLogList holds retrieved logs and V2 metadata used for pagination. type AuthLogList struct { Metadata LogListV2Metadata `json:"metadata"` Logs []AuthLog `json:"authlogs"` @@ -351,4 +399,4 @@ func (c *Client) GetTelephonyLogs(mintime time.Time, options ...func(*url.Values } return result, nil -} +} \ No newline at end of file diff --git a/admin/logs_test.go b/admin/logs_test.go index 31fb766..f63aa1b 100644 --- a/admin/logs_test.go +++ b/admin/logs_test.go @@ -134,7 +134,7 @@ func TestGetAuthLogs(t *testing.T) { if length := len(result.Response.Logs); length != 1 { t.Errorf("Expected 1 log, but got %d", length) } - if txid := result.Response.Logs[0]["txid"]; txid != "340a23e3-23f3-23c1-87dc-1491a23dfdbb" { + if txid := result.Response.Logs[0].TxID; txid != "340a23e3-23f3-23c1-87dc-1491a23dfdbb" { t.Errorf("Expected txid '340a23e3-23f3-23c1-87dc-1491a23dfdbb', but got %v", txid) } if next := result.Response.Metadata.GetNextOffset(); next == nil { From 8fbe01c23cb378c84d120615c61a38d1ae3d64a0 Mon Sep 17 00:00:00 2001 From: Tiffany Citra Date: Tue, 6 Oct 2020 10:56:02 -0700 Subject: [PATCH 2/3] Add new line at the end of logs.go file --- admin/logs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin/logs.go b/admin/logs.go index d966436..6e1f904 100644 --- a/admin/logs.go +++ b/admin/logs.go @@ -399,4 +399,4 @@ func (c *Client) GetTelephonyLogs(mintime time.Time, options ...func(*url.Values } return result, nil -} \ No newline at end of file +} From f2c1b347db62202307f7d5b8596d8f97f7511ca6 Mon Sep 17 00:00:00 2001 From: Tiffany Citra Date: Thu, 8 Oct 2020 13:18:28 -0700 Subject: [PATCH 3/3] Update struct fields to reflect the latest API --- admin/logs.go | 29 ++++++++++++++++++++--------- admin/logs_test.go | 16 ++++++++++++++-- 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/admin/logs.go b/admin/logs.go index 6e1f904..014ba39 100644 --- a/admin/logs.go +++ b/admin/logs.go @@ -46,10 +46,14 @@ type AuthLogResult struct { // An AuthLog retrieved from https://duo.com/docs/adminapi#authentication-logs type AuthLog struct { AccessDevice AccessDevice `json:"access_device"` + Alias string `json:"alias"` Application Application `json:"application"` AuthDevice AuthDevice `json:"auth_device"` + Email string `json:"email"` EventType string `json:"event_type"` Factor string `json:"factor"` + ISOTimestamp time.Time `json:"isotimestamp"` + OODSoftware string `json:"ood_software"` Reason string `json:"reason"` Result string `json:"result"` Timestamp int64 `json:"timestamp"` @@ -59,13 +63,19 @@ type AuthLog struct { // AccessDevice models a device that user uses to authenticate themselves. type AccessDevice struct { - Browser string `json:"browser"` - BrowserVersion string `json:"browser_version"` - FlashVersion string `json:"flash_version"` - JavaVersion string `json:"java_version"` - OS string `json:"os"` - OSVersion string `json:"os_version"` - TrustedEndpointStatus string `json:"trusted_endpoint_status"` + Browser string `json:"browser"` + BrowserVersion string `json:"browser_version"` + FlashVersion string `json:"flash_version"` + Hostname string `json:"hostname"` + IP string `json:"ip"` + IsEncryptionEnabled string `json:"is_encryption_enabled"` + IsFirewallEnabled string `json:"is_firewall_enabled"` + IsPasswordSet string `json:"is_password_set"` + JavaVersion string `json:"java_version"` + Location Location `json:"location"` + OS string `json:"os"` + OSVersion string `json:"os_version"` + SecurityAgents string `json:"security_agents"` } // Application models information about the accessed application. @@ -91,8 +101,9 @@ type AuthDevice struct { // UserV2 models information about the authenticating user. type UserV2 struct { - Key string `json:"key"` - Name string `json:"name"` + Groups []string `json:"groups"` + Key string `json:"key"` + Name string `json:"name"` } // An AuthLogList holds retrieved logs and V2 metadata used for pagination. diff --git a/admin/logs_test.go b/admin/logs_test.go index f63aa1b..cae87ae 100644 --- a/admin/logs_test.go +++ b/admin/logs_test.go @@ -59,6 +59,9 @@ const getAuthLogsResponse = `{ "flash_version": "uninstalled", "hostname": "null", "ip": "169.232.89.219", + "is_encryption_enabled": "true", + "is_firewall_enabled": "true", + "is_password_set": "true", "java_version": "uninstalled", "location": { "city": "Ann Arbor", @@ -66,8 +69,10 @@ const getAuthLogsResponse = `{ "state": "Michigan" }, "os": "Mac OS X", - "os_version": "10.14.1" + "os_version": "10.14.1", + "security_agents": "unknown" }, + "alias": "", "application": { "key": "DIY231J8BR23QK4UKBY8", "name": "Microsoft Azure Active Directory" @@ -81,14 +86,21 @@ const getAuthLogsResponse = `{ }, "name": "My iPhone X (734-555-2342)" }, + "email": "narroway@example.com", "event_type": "authentication", "factor": "duo_push", + "isotimestamp": "2020-02-13T18:56:20.351346+00:00", + "ood_software": "null", "reason": "user_approved", "result": "success", - "timestamp": 1532951962, + "timestamp": 1581620180, "trusted_endpoint_status": "not trusted", "txid": "340a23e3-23f3-23c1-87dc-1491a23dfdbb", "user": { + "groups": [ + "Duo Users", + "CorpHQ Users" + ], "key": "DU3KC77WJ06Y5HIV7XKQ", "name": "narroway@example.com" }