Merge pull request #50697 from nextcloud/admin-audit-listen-failed-login

feat(admin_audit): write admin audit log for AnyLoginFailedEvent

Author: nickvergessen

apps/admin_audit/lib/AppInfo/Application.php

@@ -34,6 +34,7 @@
 use OCP\AppFramework\Bootstrap\IBootContext;
 use OCP\AppFramework\Bootstrap\IBootstrap;
 use OCP\AppFramework\Bootstrap\IRegistrationContext;
+use OCP\Authentication\Events\AnyLoginFailedEvent;
 use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengeFailed;
 use OCP\Authentication\TwoFactorAuth\TwoFactorProviderChallengePassed;
 use OCP\Console\ConsoleEvent;
@@ -105,6 +106,7 @@ public function register(IRegistrationContext $context): void {
 		$context->registerEventListener(UserLoggedInWithCookieEvent::class, AuthEventListener::class);
 		$context->registerEventListener(UserLoggedInEvent::class, AuthEventListener::class);
 		$context->registerEventListener(BeforeUserLoggedOutEvent::class, AuthEventListener::class);
+		$context->registerEventListener(AnyLoginFailedEvent::class, AuthEventListener::class);
 
 		// File events
 		$context->registerEventListener(BeforePreviewFetchedEvent::class, FileEventListener::class);

apps/admin_audit/lib/Listener/AuthEventListener.php

@@ -10,6 +10,7 @@
 namespace OCA\AdminAudit\Listener;
 
 use OCA\AdminAudit\Actions\Action;
+use OCP\Authentication\Events\AnyLoginFailedEvent;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
 use OCP\User\Events\BeforeUserLoggedInEvent;
@@ -18,7 +19,7 @@
 use OCP\User\Events\UserLoggedInWithCookieEvent;
 
 /**
- * @template-implements IEventListener<BeforeUserLoggedInEvent|UserLoggedInWithCookieEvent|UserLoggedInEvent|BeforeUserLoggedOutEvent>
+ * @template-implements IEventListener<BeforeUserLoggedInEvent|UserLoggedInWithCookieEvent|UserLoggedInEvent|BeforeUserLoggedOutEvent|AnyLoginFailedEvent>
  */
 class AuthEventListener extends Action implements IEventListener {
 	public function handle(Event $event): void {
@@ -28,6 +29,8 @@ public function handle(Event $event): void {
 			$this->userLoggedIn($event);
 		} elseif ($event instanceof BeforeUserLoggedOutEvent) {
 			$this->beforeUserLogout($event);
+		} elseif ($event instanceof AnyLoginFailedEvent) {
+			$this->anyLoginFailed($event);
 		}
 	}
 
@@ -64,4 +67,17 @@ private function beforeUserLogout(BeforeUserLoggedOutEvent $event): void {
 			[]
 		);
 	}
+
+	private function anyLoginFailed(AnyLoginFailedEvent $event): void {
+		$this->log(
+			'Login failed: "%s"',
+			[
+				'loginName' => $event->getLoginName()
+			],
+			[
+				'loginName',
+			],
+			true
+		);
+	}
 }

lib/public/Authentication/Events/AnyLoginFailedEvent.php

@@ -31,11 +31,19 @@ public function __construct(string $loginName, ?string $password) {
 
 	/**
 	 * @since 26.0.0
+	 * @deprecated 31.0.0 Use getLoginName() instead
 	 */
 	public function geLoginName(): string {
 		return $this->loginName;
 	}
 
+	/**
+	 * @since 31.0.0
+	 */
+	public function getLoginName(): string {
+		return $this->loginName;
+	}
+
 	/**
 	 * @since 26.0.0
 	 */