From 4cc2ea790ca939ac137c185efcb8986fe896f437 Mon Sep 17 00:00:00 2001
From: "antonio.torre" <antonio.torre@pagopa.it>
Date: Tue, 12 Nov 2024 15:42:20 +0100
Subject: [PATCH] P4PU-685 logging traceId and userId

---
 build.gradle.kts                                  |  3 +++
 gradle.lockfile                                   | 15 +++++++++++++++
 .../CustomAuthenticationSuccessHandler.java       |  3 +++
 .../arc/security/JwtAuthenticationFilter.java     |  2 ++
 src/main/resources/logback-spring.xml             |  2 +-
 5 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index b36c62fc..7570ff96 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -33,11 +33,13 @@ val javaJwtVersion = "4.4.0"
 val jwksRsaVersion = "0.22.1"
 val mapstructVersion = "1.5.5.Final"
 val commonsIo = "2.16.1"
+val micrometerVersion = "1.3.5"
 
 dependencies {
 	implementation("org.springframework.boot:spring-boot-starter")
 	implementation("org.springframework.boot:spring-boot-starter-web")
 	implementation("org.springframework.boot:spring-boot-starter-actuator")
+	implementation("io.micrometer:micrometer-tracing-bridge-otel:$micrometerVersion")
 	implementation("org.springframework.boot:spring-boot-starter-data-redis")
 	implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:$springdocOpenApiVersion")
 	implementation("org.codehaus.janino:janino:$janinoVersion")
@@ -47,6 +49,7 @@ dependencies {
 	// Spring Security
 	// https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-oauth2-client
 	implementation("org.springframework.boot:spring-boot-starter-oauth2-client")
+
 	//lombok
 	annotationProcessor("org.projectlombok:lombok")
 	compileOnly("org.projectlombok:lombok")
diff --git a/gradle.lockfile b/gradle.lockfile
index 5c5324e6..67bda069 100644
--- a/gradle.lockfile
+++ b/gradle.lockfile
@@ -1,6 +1,7 @@
 # This is a Gradle generated file for dependency locking.
 # Manual edits can break the build and are not advised.
 # This file is expected to be part of source control.
+aopalliance:aopalliance:1.0=compileClasspath
 ch.qos.logback:logback-classic:1.5.8=compileClasspath
 ch.qos.logback:logback-core:1.5.8=compileClasspath
 com.auth0:java-jwt:4.4.0=compileClasspath
@@ -25,10 +26,13 @@ io.github.openfeign.form:feign-form:3.8.0=compileClasspath
 io.github.openfeign:feign-core:13.3=compileClasspath
 io.github.openfeign:feign-slf4j:13.3=compileClasspath
 io.lettuce:lettuce-core:6.3.2.RELEASE=compileClasspath
+io.micrometer:context-propagation:1.1.1=compileClasspath
 io.micrometer:micrometer-commons:1.13.4=compileClasspath
 io.micrometer:micrometer-core:1.13.4=compileClasspath
 io.micrometer:micrometer-jakarta9:1.13.4=compileClasspath
 io.micrometer:micrometer-observation:1.13.4=compileClasspath
+io.micrometer:micrometer-tracing-bridge-otel:1.3.5=compileClasspath
+io.micrometer:micrometer-tracing:1.3.4=compileClasspath
 io.netty:netty-buffer:4.1.113.Final=compileClasspath
 io.netty:netty-codec:4.1.113.Final=compileClasspath
 io.netty:netty-common:4.1.113.Final=compileClasspath
@@ -36,6 +40,17 @@ io.netty:netty-handler:4.1.113.Final=compileClasspath
 io.netty:netty-resolver:4.1.113.Final=compileClasspath
 io.netty:netty-transport-native-unix-common:4.1.113.Final=compileClasspath
 io.netty:netty-transport:4.1.113.Final=compileClasspath
+io.opentelemetry.instrumentation:opentelemetry-instrumentation-api-semconv:1.33.3-alpha=compileClasspath
+io.opentelemetry.instrumentation:opentelemetry-instrumentation-api:1.33.3=compileClasspath
+io.opentelemetry.semconv:opentelemetry-semconv:1.23.1-alpha=compileClasspath
+io.opentelemetry:opentelemetry-api:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-context:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-extension-trace-propagators:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-common:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-logs:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-metrics:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-trace:1.37.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk:1.37.0=compileClasspath
 io.projectreactor:reactor-core:3.6.10=compileClasspath
 io.swagger.core.v3:swagger-annotations-jakarta:2.2.21=compileClasspath
 io.swagger.core.v3:swagger-core-jakarta:2.2.21=compileClasspath
diff --git a/src/main/java/it/gov/pagopa/arc/security/CustomAuthenticationSuccessHandler.java b/src/main/java/it/gov/pagopa/arc/security/CustomAuthenticationSuccessHandler.java
index 4087053a..bbd9f715 100644
--- a/src/main/java/it/gov/pagopa/arc/security/CustomAuthenticationSuccessHandler.java
+++ b/src/main/java/it/gov/pagopa/arc/security/CustomAuthenticationSuccessHandler.java
@@ -10,6 +10,8 @@
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.Set;
+
+import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.MediaType;
 import org.springframework.security.core.Authentication;
@@ -45,6 +47,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 
     OAuth2AuthenticationToken oauth2Token = (OAuth2AuthenticationToken) authentication;
     IamUserInfoDTO userInfoDTO = IamUserInfoDTO.map2IamUserInfoDTO( oauth2Token.getPrincipal().getAttributes());
+    MDC.put("userId", userInfoDTO.getUserId());
     String body;
     if( isInWhiteList(userInfoDTO.getFiscalCode()) ){
       TokenResponse accessToken = new TokenResponse(
diff --git a/src/main/java/it/gov/pagopa/arc/security/JwtAuthenticationFilter.java b/src/main/java/it/gov/pagopa/arc/security/JwtAuthenticationFilter.java
index 4a30b28d..e21bcdd5 100644
--- a/src/main/java/it/gov/pagopa/arc/security/JwtAuthenticationFilter.java
+++ b/src/main/java/it/gov/pagopa/arc/security/JwtAuthenticationFilter.java
@@ -12,6 +12,7 @@
 import java.io.IOException;
 import java.util.Optional;
 import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -44,6 +45,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         accessTokenValidationService.validate(token);
         IamUserInfoDTO userInfo = tokenStoreService.getUserInfo(token);
         if(userInfo!=null){
+          MDC.put("userId", userInfo.getUserId());
           UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userInfo, null, null);
           authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
           // https://docs.spring.io/spring-security/site/docs/5.2.11.RELEASE/reference/html/overall-architecture.html#:~:text=SecurityContextHolder%2C%20SecurityContext%20and%20Authentication%20Objects
diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml
index f6e43ed5..ad89e122 100644
--- a/src/main/resources/logback-spring.xml
+++ b/src/main/resources/logback-spring.xml
@@ -6,7 +6,7 @@
                     source="spring.application.name"/>
 
     <property name="CONSOLE_LOG_PATTERN"
-              value="%d{yyyy-MM-dd HH:mm:ss.SSS} [${appName:-}] %-5level [%15.15t] [%-40.40logger{39}] - %msg%n"/>
+              value="%d{yyyy-MM-dd HH:mm:ss.SSS} [${appName:-}] [%X{userId:-}] [%X{traceId:-}] %-5level [%15.15t] [%-40.40logger{39}] - %msg%n"/>
     <property name="AUDIT_LOG_PATTERN"
               value="%msg"/>