Merge PR #7453

application/src/main/java/org/thingsboard/server/controller/AuthController.java

@@ -58,7 +58,6 @@ import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
-import ua_parser.Client;
 
 import javax.servlet.http.HttpServletRequest;
 import java.net.URI;
@@ -317,49 +316,8 @@ public class AuthController extends BaseController {
 
     private void logLogoutAction(HttpServletRequest request) throws ThingsboardException {
         try {
-            SecurityUser user = getCurrentUser();
+            var user = getCurrentUser();
-            RestAuthenticationDetails details = new RestAuthenticationDetails(request);
+            systemSecurityService.logLoginAction(user, new RestAuthenticationDetails(request), ActionType.LOGOUT, null);
-            String clientAddress = details.getClientAddress();
-            String browser = "Unknown";
-            String os = "Unknown";
-            String device = "Unknown";
-            if (details.getUserAgent() != null) {
-                Client userAgent = details.getUserAgent();
-                if (userAgent.userAgent != null) {
-                    browser = userAgent.userAgent.family;
-                    if (userAgent.userAgent.major != null) {
-                        browser += " " + userAgent.userAgent.major;
-                        if (userAgent.userAgent.minor != null) {
-                            browser += "." + userAgent.userAgent.minor;
-                            if (userAgent.userAgent.patch != null) {
-                                browser += "." + userAgent.userAgent.patch;
-                            }
-                        }
-                    }
-                }
-                if (userAgent.os != null) {
-                    os = userAgent.os.family;
-                    if (userAgent.os.major != null) {
-                        os += " " + userAgent.os.major;
-                        if (userAgent.os.minor != null) {
-                            os += "." + userAgent.os.minor;
-                            if (userAgent.os.patch != null) {
-                                os += "." + userAgent.os.patch;
-                                if (userAgent.os.patchMinor != null) {
-                                    os += "." + userAgent.os.patchMinor;
-                                }
-                            }
-                        }
-                    }
-                }
-                if (userAgent.device != null) {
-                    device = userAgent.device.family;
-                }
-            }
-            auditLogService.logEntityAction(
-                    user.getTenantId(), user.getCustomerId(), user.getId(),
-                    user.getName(), user.getId(), null, ActionType.LOGOUT, null, clientAddress, browser, os, device);
-
             eventPublisher.publishEvent(new UserSessionInvalidationEvent(user.getSessionId()));
         } catch (Exception e) {
             throw handleException(e);

application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java

@@ -47,6 +47,7 @@ import org.thingsboard.server.dao.oauth2.OAuth2User;
 import org.thingsboard.server.dao.tenant.TbTenantProfileCache;
 import org.thingsboard.server.dao.tenant.TenantService;
 import org.thingsboard.server.dao.user.UserService;
+import org.thingsboard.server.service.entitiy.user.TbUserService;
 import org.thingsboard.server.service.install.InstallScripts;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.UserPrincipal;
@@ -81,6 +82,9 @@ public abstract class AbstractOAuth2ClientMapper {
     @Autowired
     private InstallScripts installScripts;
 
+    @Autowired
+    private TbUserService tbUserService;
+
     @Autowired
     protected TbTenantProfileCache tenantProfileCache;
 
@@ -146,7 +150,7 @@ public abstract class AbstractOAuth2ClientMapper {
 
                     user.setAdditionalInfo(additionalInfo);
 
-                    user = userService.saveUser(user);
+                    user = tbUserService.save(tenantId, customerId, user, false, null, null);
                     if (config.isActivateUser()) {
                         UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getTenantId(), user.getId());
                         userService.activateUserCredentials(user.getTenantId(), userCredentials.getActivateToken(), passwordEncoder.encode(""));

application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java

@@ -25,6 +25,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
 import org.thingsboard.server.common.data.StringUtils;
+import org.thingsboard.server.common.data.audit.ActionType;
 import org.thingsboard.server.common.data.id.CustomerId;
 import org.thingsboard.server.common.data.id.EntityId;
 import org.thingsboard.server.common.data.id.TenantId;
@@ -32,6 +33,7 @@ import org.thingsboard.server.common.data.oauth2.OAuth2Registration;
 import org.thingsboard.server.dao.oauth2.OAuth2Service;
 import org.thingsboard.server.queue.util.TbCoreComponent;
 import org.thingsboard.server.service.security.model.JwtTokenPair;
+import org.thingsboard.server.service.security.auth.rest.RestAuthenticationDetails;
 import org.thingsboard.server.service.security.model.SecurityUser;
 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
 import org.thingsboard.server.service.security.system.SystemSecurityService;
@@ -106,6 +108,7 @@ public class Oauth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS
 
             clearAuthenticationAttributes(request, response);
             getRedirectStrategy().sendRedirect(request, response, baseUrl + "/?accessToken=" + tokenPair.getToken() + "&refreshToken=" + tokenPair.getRefreshToken());
+            systemSecurityService.logLoginAction(securityUser, new RestAuthenticationDetails(request), ActionType.LOGIN, registration.getName(), null);
         } catch (Exception e) {
             log.debug("Error occurred during processing authentication success result. " +
                     "request [{}], response [{}], authentication [{}]", request, response, authentication, e);

application/src/main/java/org/thingsboard/server/service/security/system/DefaultSystemSecurityService.java

@@ -263,6 +263,11 @@ public class DefaultSystemSecurityService implements SystemSecurityService {
 
     @Override
     public void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e) {
+        logLoginAction(user, authenticationDetails, actionType, null, e);
+    }
+
+    @Override
+    public void logLoginAction(User user, Object authenticationDetails, ActionType actionType, String provider, Exception e) {
         String clientAddress = "Unknown";
         String browser = "Unknown";
         String os = "Unknown";
@@ -309,7 +314,7 @@ public class DefaultSystemSecurityService implements SystemSecurityService {
         }
         auditLogService.logEntityAction(
                 user.getTenantId(), user.getCustomerId(), user.getId(),
-                user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device);
+                user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device, provider);
     }
 
     private static boolean isPositiveInteger(Integer val) {

application/src/main/java/org/thingsboard/server/service/security/system/SystemSecurityService.java

@@ -44,4 +44,5 @@ public interface SystemSecurityService {
 
     void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e);
 
+    void logLoginAction(User user, Object authenticationDetails, ActionType actionType, String provider, Exception e);
 }

dao/src/main/java/org/thingsboard/server/dao/audit/AuditLogServiceImpl.java

@@ -23,13 +23,13 @@ import com.google.common.collect.Lists;
 import com.google.common.util.concurrent.Futures;
 import com.google.common.util.concurrent.ListenableFuture;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.stereotype.Service;
 import org.thingsboard.common.util.JacksonUtil;
 import org.thingsboard.server.common.data.EntityType;
 import org.thingsboard.server.common.data.HasName;
+import org.thingsboard.server.common.data.StringUtils;
 import org.thingsboard.server.common.data.audit.ActionStatus;
 import org.thingsboard.server.common.data.audit.ActionType;
 import org.thingsboard.server.common.data.audit.AuditLog;
@@ -257,10 +257,14 @@ public class AuditLogServiceImpl implements AuditLogService {
                 String browser = extractParameter(String.class, 1, additionalInfo);
                 String os = extractParameter(String.class, 2, additionalInfo);
                 String device = extractParameter(String.class, 3, additionalInfo);
+                String provider = extractParameter(String.class, 4, additionalInfo);
                 actionData.put("clientAddress", clientAddress);
                 actionData.put("browser", browser);
                 actionData.put("os", os);
                 actionData.put("device", device);
+                if (StringUtils.hasText(provider)) {
+                    actionData.put("provider", provider);
+                }
                 break;
             case PROVISION_SUCCESS:
             case PROVISION_FAILURE: