[INFS-4028] Add new ALB auth error Enum (#36)

aws_log_parser/models.py

@@ -36,6 +36,7 @@ class HttpRequest:
 
 
 class LoadBalancerErrorReason(Enum):
+    AuthInvalidAWSALBAuthNonce = auto()
     AuthInvalidCookie = auto()
     AuthInvalidGrantError = auto()
     AuthInvalidIdToken = auto()

test/conftest.py

@@ -1,5 +1,4 @@
 import datetime
-import json
 import pytest
 
 
@@ -106,6 +105,11 @@ def loadbalancer_http2_entry(shared_datadir):
     return log_entry(shared_datadir, loadbalancer_http2_entry.__name__)
 
 
+@pytest.fixture
+def loadbalancer_http2_entry_auth_error(shared_datadir):
+    return log_entry(shared_datadir, loadbalancer_http2_entry_auth_error.__name__)
+
+
 @pytest.fixture
 def loadbalancer_websockets_entry(shared_datadir):
     return log_entry(shared_datadir, loadbalancer_websockets_entry.__name__)

test/data/loadbalancer_http2_entry_auth_error.csv

@@ -0,0 +1 @@
+h2 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 - -1 -1 -1 401 - 4956 616 "GET https://example.com:443/oauth2/idpresponse?code=XXXXX HTTP/2.0" "curl/7.46.0" TLS_AES_128_GCM_SHA256 TLSv1.3 - "Root=1-665d7a41-032e7e1d59b8e8043f88b4dc" "example.com" "arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012" -1 2018-07-02T22:22:48.364000Z "authenticate" "-" "AuthInvalidAWSALBAuthNonce" "-" "-" "-" "-" TID_b33932fc40603344b9a76c1b94b208fd

test/test_parse_loadbalancer.py

@@ -249,6 +249,50 @@ def test_loadbalancer_http2_entry(loadbalancer_http2_entry):
     )
 
 
+def test_loadbalancer_http2_entry_auth_error(loadbalancer_http2_entry_auth_error):
+    entry = parse_entry(loadbalancer_http2_entry_auth_error, LogType.LoadBalancer)
+    assert entry == LoadBalancerLogEntry(
+        type=HttpType.H2,
+        timestamp=datetime.datetime(
+            2018, 7, 2, 22, 23, 0, 186641, tzinfo=datetime.timezone.utc
+        ),
+        elb="app/my-loadbalancer/50dc6c495c0c9188",
+        client=Host(
+            ip="192.168.131.39",
+            port=2817,
+        ),
+        target=None,
+        request_processing_time=-1.0,
+        target_processing_time=-1.0,
+        response_processing_time=-1.0,
+        elb_status_code=401,
+        target_status_code=None,
+        received_bytes=4956,
+        sent_bytes=616,
+        http_request=HttpRequest(
+            method="GET",
+            url="https://example.com:443/oauth2/idpresponse?code=XXXXX",
+            path="/oauth2/idpresponse",
+            query={"code": ["XXXXX"]},
+            protocol="HTTP/2.0",
+        ),
+        user_agent="curl/7.46.0",
+        ssl_cipher="TLS_AES_128_GCM_SHA256",
+        ssl_protocol="TLSv1.3",
+        target_group_arn=None,
+        trace_id="Root=1-665d7a41-032e7e1d59b8e8043f88b4dc",
+        domain_name="example.com",
+        chosen_cert_arn="arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012",
+        matched_rule_priority=-1,
+        request_creation_time=datetime.datetime(
+            2018, 7, 2, 22, 22, 48, 364000, tzinfo=datetime.timezone.utc
+        ),
+        actions_executed=["authenticate"],
+        redirect_url=None,
+        error_reason=LoadBalancerErrorReason.AuthInvalidAWSALBAuthNonce,
+    )
+
+
 def test_loadbalancer_websockets_entry(loadbalancer_websockets_entry):
     entry = parse_entry(loadbalancer_websockets_entry, LogType.LoadBalancer)
     assert entry == LoadBalancerLogEntry(