You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kyuubi.apache.org by fe...@apache.org on 2023/02/21 05:00:12 UTC

[kyuubi] branch master updated: [KYUUBI #3951][FOLLOWUP] Audit the rest request params

This is an automated email from the ASF dual-hosted git repository.

feiwang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/kyuubi.git


The following commit(s) were added to refs/heads/master by this push:
     new d288a2bd3 [KYUUBI #3951][FOLLOWUP] Audit the rest request params
d288a2bd3 is described below

commit d288a2bd33d00811392d7aca2594b5b184f268f8
Author: fwang12 <fw...@ebay.com>
AuthorDate: Tue Feb 21 13:00:04 2023 +0800

    [KYUUBI #3951][FOLLOWUP] Audit the rest request params
    
    ### _Why are the changes needed?_
    
    Before:
    ```
    user=anonymous(auth:BASIC) ip=127.0.0.1 proxyIp=null    method=GET      uri=/api/v1/operations/5e286c5d-2880-443f-a4e8-633964dcd699/rowset      protocol=HTTP/1.1       status=200
    ```
    
    After:
    
    ```
    user=anonymous(auth:BASIC) ip=127.0.0.1 proxyIp=null    method=GET      uri=/api/v1/operations/5e286c5d-2880-443f-a4e8-633964dcd699/rowset      params=maxrows=2&fetchorientation=FETCH_NEXT       protocol=HTTP/1.1       status=200
    ```
    
    ```
    params=maxrows=2&fetchorientation=FETCH_NEXT
    ```
    ### _How was this patch tested?_
    - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
    
    - [ ] Add screenshots for manual tests if appropriate
    
    - [x] [Run test](https://kyuubi.readthedocs.io/en/master/develop_tools/testing.html#running-tests) locally before make a pull request
    
    Closes #4389 from turboFei/rest_params.
    
    Closes #3951
    
    6ffc1adbd [fwang12] comments
    61e12b1b1 [fwang12] nit
    0632860d2 [fwang12] Audit the request params
    
    Authored-by: fwang12 <fw...@ebay.com>
    Signed-off-by: fwang12 <fw...@ebay.com>
---
 .../kyuubi/server/http/authentication/AuthenticationAuditLogger.scala    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala
index ac1ee2a63..ac74c449b 100644
--- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala
+++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/authentication/AuthenticationAuditLogger.scala
@@ -35,6 +35,7 @@ object AuthenticationAuditLogger extends Logging {
     sb.append(s"proxyIp=${HTTP_PROXY_HEADER_CLIENT_IP_ADDRESS.get()}").append("\t")
     sb.append(s"method=${request.getMethod}").append("\t")
     sb.append(s"uri=${request.getRequestURI}").append("\t")
+    sb.append(s"params=${request.getQueryString}").append("\t")
     sb.append(s"protocol=${request.getProtocol}").append("\t")
     sb.append(s"status=${response.getStatus}")
     info(sb.toString())