Merge pull request #11928 from nextcloud/bugfix/noid/log-bfp-related-info

fix(bruteforce): Log assumed bruteforce relevant actions

Author: nickvergessen

lib/Chat/SystemMessage/Listener.php

@@ -64,6 +64,7 @@
 use OCP\Share\Events\BeforeShareCreatedEvent;
 use OCP\Share\Events\ShareCreatedEvent;
 use OCP\Share\IShare;
+use Psr\Log\LoggerInterface;
 
 /**
  * @template-implements IEventListener<Event>
@@ -81,6 +82,7 @@ public function __construct(
 		protected ParticipantService $participantService,
 		protected MessageParser $messageParser,
 		protected IL10N $l,
+		protected LoggerInterface $logger,
 	) {
 	}
 
@@ -308,6 +310,7 @@ protected function addSystemMessageUserAdded(AttendeesAddedEvent $event, Attende
 			|| $this->getUserId() !== $attendee->getActorId()
 			// - has joined a listable room on their own
 			|| $attendee->getParticipantType() === Participant::USER) {
+			$this->logger->debug('User "' . $attendee->getActorId() . '" added to room "' . $room->getToken() . '"', ['app' => 'spreed-bfp']);
 			$comment = $this->sendSystemMessage(
 				$room,
 				'user_added',
@@ -341,6 +344,7 @@ protected function sendSystemMessageUserRemoved(AttendeeRemovedEvent $event): vo
 			return;
 		}
 
+		$this->logger->debug('User "' . $event->getAttendee()->getActorId() . '" removed from room "' . $room->getToken() . '"', ['app' => 'spreed-bfp']);
 		$this->sendSystemMessage($room, 'user_removed', ['user' => $event->getAttendee()->getActorId()]);
 	}
 
@@ -440,6 +444,7 @@ protected function attendeesAddedEvent(AttendeesAddedEvent $event): void {
 		}
 
 		foreach ($event->getAttendees() as $attendee) {
+			$this->logger->debug($attendee->getActorType() . ' "' . $attendee->getActorId() . '" added to room "' . $event->getRoom()->getToken() . '"', ['app' => 'spreed-bfp']);
 			if ($attendee->getActorType() === Attendee::ACTOR_GROUPS) {
 				$this->sendSystemMessage($event->getRoom(), 'group_added', ['group' => $attendee->getActorId()]);
 			} elseif ($attendee->getActorType() === Attendee::ACTOR_CIRCLES) {
@@ -460,6 +465,7 @@ protected function attendeesRemovedEvent(AttendeesRemovedEvent $event): void {
 		}
 
 		foreach ($event->getAttendees() as $attendee) {
+			$this->logger->debug($attendee->getActorType() . ' "' . $attendee->getActorId() . '" removed from room "' . $event->getRoom()->getToken() . '"', ['app' => 'spreed-bfp']);
 			if ($attendee->getActorType() === Attendee::ACTOR_GROUPS) {
 				$this->sendSystemMessage($event->getRoom(), 'group_removed', ['group' => $attendee->getActorId()]);
 			} elseif ($attendee->getActorType() === Attendee::ACTOR_CIRCLES) {

lib/Controller/PageController.php

@@ -240,6 +240,7 @@ protected function pageHandler(string $token = '', string $callUser = '', string
 							$response = new RedirectResponse($passwordVerification['url']);
 						}
 
+						$this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $token . '"', ['app' => 'spreed-bfp']);
 						$response->throttle(['token' => $token, 'action' => 'talkRoomPassword']);
 						return $response;
 					}
@@ -284,6 +285,7 @@ protected function pageHandler(string $token = '', string $callUser = '', string
 		$response->setContentSecurityPolicy($csp);
 		if ($throttle) {
 			// Logged-in user tried to access a chat they can not access
+			$this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $bruteForceToken . '"', ['app' => 'spreed-bfp']);
 			$response->throttle(['token' => $bruteForceToken, 'action' => 'talkRoomToken']);
 		}
 		return $response;
@@ -301,6 +303,7 @@ public function recording(string $token): Response {
 			$room = $this->manager->getRoomByToken($token);
 		} catch (RoomNotFoundException $e) {
 			$response = new NotFoundResponse();
+			$this->logger->debug('Recording "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . $token . '"', ['app' => 'spreed-bfp']);
 			$response->throttle(['token' => $token, 'action' => 'talkRoomToken']);
 
 			return $response;

lib/Middleware/InjectionMiddleware.php

@@ -67,6 +67,7 @@
 use OCP\IURLGenerator;
 use OCP\Security\Bruteforce\IThrottler;
 use OCP\Security\Bruteforce\MaxDelayReached;
+use Psr\Log\LoggerInterface;
 
 class InjectionMiddleware extends Middleware {
 	public function __construct(
@@ -79,6 +80,7 @@ public function __construct(
 		protected IURLGenerator $url,
 		protected InvitationMapper $invitationMapper,
 		protected Authenticator $federationAuthenticator,
+		protected LoggerInterface $logger,
 		protected ?string $userId,
 	) {
 	}
@@ -354,6 +356,7 @@ public function afterException(Controller $controller, string $methodName, \Exce
 						$action = $protection->getAction();
 
 						if ($action === 'talkRoomToken') {
+							$this->logger->debug('User "' . ($this->userId ?? 'ANONYMOUS') . '" throttled for accessing "' . ($this->request->getParam('token') ?? 'UNKNOWN') . '"', ['app' => 'spreed-bfp']);
 							try {
 								$this->throttler->sleepDelayOrThrowOnMax($this->request->getRemoteAddress(), $action);
 							} catch (MaxDelayReached $e) {

tests/php/Chat/SystemMessage/ListenerTest.php

@@ -45,6 +45,7 @@
 use OCP\IUserSession;
 use PHPUnit\Framework\Assert;
 use PHPUnit\Framework\MockObject\MockObject;
+use Psr\Log\LoggerInterface;
 use Test\TestCase;
 
 /**
@@ -75,6 +76,7 @@ class ListenerTest extends TestCase {
 	protected $participantService;
 	/** @var MessageParser|MockObject */
 	protected $messageParser;
+	protected LoggerInterface|MockObject $logger;
 	protected ?array $handlers = null;
 	protected ?\DateTime $dummyTime = null;
 
@@ -99,6 +101,7 @@ protected function setUp(): void {
 		$this->manager = $this->createMock(Manager::class);
 		$this->participantService = $this->createMock(ParticipantService::class);
 		$this->messageParser = $this->createMock(MessageParser::class);
+		$this->logger = $this->createMock(LoggerInterface::class);
 		$l = $this->createMock(IL10N::class);
 		$l->expects($this->any())
 			->method('t')
@@ -125,6 +128,7 @@ protected function setUp(): void {
 			$this->participantService,
 			$this->messageParser,
 			$l,
+			$this->logger,
 		);
 	}