Add audit to PDP and CE

Author: ginaxu1

audit-service/config/config.go

@@ -36,11 +36,18 @@ var (
 	// DefaultEnums provides default enum values if config file is not found
 	DefaultEnums = AuditEnums{
 		EventTypes: []string{
+			"ORCHESTRATION_REQUEST_RECEIVED",
 			"POLICY_CHECK",
+			"POLICY_CHECK_REQUEST",
+			"POLICY_CHECK_RESPONSE",
+			"CONSENT_CHECK",
+			"CONSENT_CHECK_REQUEST",
+			"CONSENT_CHECK_RESPONSE",
+			"PROVIDER_FETCH_REQUEST",
+			"PROVIDER_FETCH_RESPONSE",
 			"MANAGEMENT_EVENT",
 			"USER_MANAGEMENT",
 			"DATA_FETCH",
-			"CONSENT_CHECK",
 		},
 		EventActions: []string{
 			"CREATE",

audit-service/config/enums.yaml

@@ -6,11 +6,18 @@ enums:
   # Event Type: User-defined custom names for event classification
   # Examples: POLICY_CHECK, MANAGEMENT_EVENT, USER_MANAGEMENT, etc.
   eventTypes:
+    - ORCHESTRATION_REQUEST_RECEIVED
     - POLICY_CHECK
+    - POLICY_CHECK_REQUEST
+    - POLICY_CHECK_RESPONSE
+    - CONSENT_CHECK
+    - CONSENT_CHECK_REQUEST
+    - CONSENT_CHECK_RESPONSE
+    - PROVIDER_FETCH_REQUEST
+    - PROVIDER_FETCH_RESPONSE
     - MANAGEMENT_EVENT
     - USER_MANAGEMENT
     - DATA_FETCH
-    - CONSENT_CHECK
 
   # Event Action: CRUD operations
   eventActions:

exchange/consent-engine/go.mod

@@ -5,6 +5,8 @@ go 1.24.6
 require (
 	github.com/golang-jwt/jwt/v5 v5.3.0
 	github.com/google/uuid v1.6.0
+	github.com/gov-dx-sandbox/audit-service v0.0.0-00010101000000-000000000000
+	github.com/gov-dx-sandbox/exchange/shared/audit v0.0.0-00010101000000-000000000000
 	github.com/gov-dx-sandbox/exchange/shared/config v0.0.0
 	github.com/gov-dx-sandbox/exchange/shared/monitoring v0.0.0-00010101000000-000000000000
 	github.com/gov-dx-sandbox/exchange/shared/utils v0.0.0
@@ -38,7 +40,6 @@ require (
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.60.1 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
-	github.com/rogpeppe/go-internal v1.14.1 // indirect
 	go.opentelemetry.io/otel v1.32.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.32.0 // indirect
 	go.opentelemetry.io/otel/exporters/prometheus v0.54.0 // indirect
@@ -59,6 +60,10 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
+replace github.com/gov-dx-sandbox/audit-service => ../../audit-service
+
+replace github.com/gov-dx-sandbox/exchange/shared/audit => ../shared/audit
+
 replace github.com/gov-dx-sandbox/exchange/shared/config => ./shared/config
 
 replace github.com/gov-dx-sandbox/exchange/shared/constants => ./shared/constants

exchange/consent-engine/main.go

@@ -14,6 +14,7 @@ import (
 	v1auth "github.com/gov-dx-sandbox/exchange/consent-engine/v1/auth"
 	v1db "github.com/gov-dx-sandbox/exchange/consent-engine/v1/database"
 	v1handlers "github.com/gov-dx-sandbox/exchange/consent-engine/v1/handlers"
+	v1middleware "github.com/gov-dx-sandbox/exchange/consent-engine/v1/middleware"
 	v1router "github.com/gov-dx-sandbox/exchange/consent-engine/v1/router"
 	v1services "github.com/gov-dx-sandbox/exchange/consent-engine/v1/services"
 )
@@ -82,6 +83,15 @@ func main() {
 		os.Exit(1)
 	}
 
+	// Initialize audit middleware (optional - can be disabled via ENABLE_AUDIT=false or empty URL)
+	auditServiceURL := getEnvOrDefault("CHOREO_AUDIT_CONNECTION_SERVICEURL", "")
+	v1middleware.NewAuditMiddleware(auditServiceURL)
+	if auditServiceURL != "" {
+		slog.Info("Audit logging enabled", "auditServiceURL", auditServiceURL)
+	} else {
+		slog.Info("Audit logging disabled (no audit service URL configured)")
+	}
+
 	// Initialize V1 handlers
 	v1InternalHandler := v1handlers.NewInternalHandler(v1ConsentService)
 	v1PortalHandler := v1handlers.NewPortalHandler(v1ConsentService)

exchange/consent-engine/v1/handlers/internal_handler.go

@@ -1,12 +1,16 @@
 package handlers
 
 import (
+	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"log/slog"
 	"net/http"
+	"time"
 
+	auditmodels "github.com/gov-dx-sandbox/audit-service/v1/models"
+	"github.com/gov-dx-sandbox/exchange/consent-engine/v1/middleware"
 	"github.com/gov-dx-sandbox/exchange/consent-engine/v1/models"
 	"github.com/gov-dx-sandbox/exchange/consent-engine/v1/services"
 	"github.com/gov-dx-sandbox/exchange/consent-engine/v1/utils"
@@ -46,6 +50,9 @@ func (h *InternalHandler) GetConsent(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// Extract trace ID from request and add to context
+	ctx := middleware.ExtractTraceIDFromRequest(r)
+
 	// Parse query parameters
 	ownerEmail := r.URL.Query().Get("ownerEmail")
 	ownerID := r.URL.Query().Get("ownerId")
@@ -62,20 +69,26 @@ func (h *InternalHandler) GetConsent(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// Log consent check request
+	h.logConsentCheckRequest(ctx, appID, ownerEmail, ownerID)
+
 	// Get consent from service (context with timeout is propagated)
 	var consent *models.ConsentResponseInternalView
 	var err error
 
 	if ownerEmail != "" {
-		consent, err = h.consentService.GetConsentInternalView(r.Context(), nil, nil, &ownerEmail, &appID)
+		consent, err = h.consentService.GetConsentInternalView(ctx, nil, nil, &ownerEmail, &appID)
 	} else {
-		consent, err = h.consentService.GetConsentInternalView(r.Context(), nil, &ownerID, nil, &appID)
+		consent, err = h.consentService.GetConsentInternalView(ctx, nil, &ownerID, nil, &appID)
 	}
 
+	// Log consent check response
+	h.logConsentCheckResponse(ctx, appID, consent, err)
+
 	if err != nil {
 		// Check if error is due to context cancellation or timeout
-		if r.Context().Err() != nil {
-			slog.Warn("Request context cancelled during service call", "error", r.Context().Err())
+		if ctx.Err() != nil {
+			slog.Warn("Request context cancelled during service call", "error", ctx.Err())
 			utils.RespondWithError(w, http.StatusRequestTimeout, models.ErrorCodeInternalError, "Request timeout or cancelled")
 			return
 		}
@@ -91,6 +104,104 @@ func (h *InternalHandler) GetConsent(w http.ResponseWriter, r *http.Request) {
 	utils.RespondWithJSON(w, http.StatusOK, consent)
 }
 
+// logConsentCheckRequest logs a CONSENT_CHECK_REQUEST event from consent-engine's perspective
+func (h *InternalHandler) logConsentCheckRequest(ctx context.Context, appID, ownerEmail, ownerID string) {
+	traceID := middleware.GetTraceIDFromContext(ctx)
+	if traceID == "" {
+		return
+	}
+
+	eventType := "CONSENT_CHECK_REQUEST"
+	actorType := "SERVICE"
+	actorID := "consent-engine"
+	targetType := "SERVICE"
+	targetID := "orchestration-engine"
+
+	requestMetadata := map[string]interface{}{
+		"applicationId": appID,
+	}
+	if ownerEmail != "" {
+		requestMetadata["ownerEmail"] = ownerEmail
+	}
+	if ownerID != "" {
+		requestMetadata["ownerId"] = ownerID
+	}
+
+	requestMetadataJSON, err := json.Marshal(requestMetadata)
+	if err != nil {
+		slog.Error("Failed to marshal request metadata for audit", "error", err)
+		return
+	}
+
+	auditRequest := &auditmodels.CreateAuditLogRequest{
+		TraceID:         &traceID,
+		Timestamp:       time.Now().UTC().Format(time.RFC3339),
+		EventType:       &eventType,
+		Status:          auditmodels.StatusSuccess,
+		ActorType:       actorType,
+		ActorID:         actorID,
+		TargetType:      targetType,
+		TargetID:        &targetID,
+		RequestMetadata: json.RawMessage(requestMetadataJSON),
+	}
+
+	middleware.LogGeneralizedAuditEvent(ctx, auditRequest)
+}
+
+// logConsentCheckResponse logs a CONSENT_CHECK_RESPONSE event from consent-engine's perspective
+func (h *InternalHandler) logConsentCheckResponse(ctx context.Context, appID string, consent *models.ConsentResponseInternalView, err error) {
+	traceID := middleware.GetTraceIDFromContext(ctx)
+	if traceID == "" {
+		return
+	}
+
+	eventType := "CONSENT_CHECK_RESPONSE"
+	actorType := "SERVICE"
+	actorID := "consent-engine"
+	targetType := "SERVICE"
+	targetID := "orchestration-engine"
+
+	status := auditmodels.StatusSuccess
+	responseMetadata := make(map[string]interface{})
+
+	if err != nil {
+		status = auditmodels.StatusFailure
+		responseMetadata["error"] = err.Error()
+		if errors.Is(err, models.ErrConsentNotFound) {
+			responseMetadata["consentNotFound"] = true
+		}
+	} else if consent != nil {
+		responseMetadata["consentId"] = consent.ConsentID
+		responseMetadata["status"] = consent.Status
+		if consent.ConsentPortalURL != nil {
+			responseMetadata["consentPortalUrl"] = *consent.ConsentPortalURL
+		}
+		if consent.Fields != nil {
+			responseMetadata["fieldsCount"] = len(*consent.Fields)
+		}
+	}
+
+	responseMetadataJSON, jsonErr := json.Marshal(responseMetadata)
+	if jsonErr != nil {
+		slog.Error("Failed to marshal response metadata for audit", "error", jsonErr)
+		responseMetadataJSON = []byte("{}")
+	}
+
+	auditRequest := &auditmodels.CreateAuditLogRequest{
+		TraceID:          &traceID,
+		Timestamp:        time.Now().UTC().Format(time.RFC3339),
+		EventType:        &eventType,
+		Status:           status,
+		ActorType:        actorType,
+		ActorID:          actorID,
+		TargetType:       targetType,
+		TargetID:         &targetID,
+		ResponseMetadata: json.RawMessage(responseMetadataJSON),
+	}
+
+	middleware.LogGeneralizedAuditEvent(ctx, auditRequest)
+}
+
 // CreateConsent handles POST /internal/api/v1/consents
 // Body: models.CreateConsentRequest
 // Returns: []models.ConsentResponseInternalView

exchange/consent-engine/v1/middleware/audit.go

@@ -0,0 +1,75 @@
+package middleware
+
+import (
+	"context"
+	"log/slog"
+	"net/http"
+	"sync"
+
+	"github.com/google/uuid"
+	"github.com/gov-dx-sandbox/audit-service/v1/models"
+	auditclient "github.com/gov-dx-sandbox/exchange/shared/audit"
+)
+
+// TraceIDHeader is the HTTP header name for trace ID
+const TraceIDHeader = "X-Trace-ID"
+
+// traceIDKey is the context key for trace ID
+type traceIDKey struct{}
+
+// AuditMiddleware handles audit logging
+type AuditMiddleware struct {
+	client *auditclient.Client
+}
+
+// Global audit middleware instance for easy access from handlers
+var (
+	globalAuditMiddleware *AuditMiddleware
+	globalAuditOnce       sync.Once
+)
+
+// NewAuditMiddleware creates a new audit middleware with thread-safe global initialization
+// Audit can be disabled by:
+//   - Setting ENABLE_AUDIT=false environment variable
+//   - Providing an empty auditServiceURL
+//
+// When disabled, the middleware will skip all audit logging operations but services
+// will continue to function normally.
+func NewAuditMiddleware(auditServiceURL string) *AuditMiddleware {
+	client := auditclient.NewClient(auditServiceURL)
+	middleware := &AuditMiddleware{client: client}
+
+	globalAuditOnce.Do(func() {
+		globalAuditMiddleware = middleware
+	})
+
+	return middleware
+}
+
+// LogGeneralizedAuditEvent logs a generalized audit event using global audit middleware instance
+func LogGeneralizedAuditEvent(ctx context.Context, auditRequest *models.CreateAuditLogRequest) {
+	if globalAuditMiddleware != nil {
+		globalAuditMiddleware.client.LogEvent(ctx, auditRequest)
+	} else {
+		slog.Warn("Global AuditMiddleware is not initialized; audit event not logged")
+	}
+}
+
+// GetTraceIDFromContext retrieves the trace ID from the context
+// Returns empty string if trace ID is not found in context
+func GetTraceIDFromContext(ctx context.Context) string {
+	if traceID, ok := ctx.Value(traceIDKey{}).(string); ok {
+		return traceID
+	}
+	return ""
+}
+
+// ExtractTraceIDFromRequest extracts trace ID from HTTP header and adds it to context
+// If no trace ID is found in header, generates a new one
+func ExtractTraceIDFromRequest(r *http.Request) context.Context {
+	traceID := r.Header.Get(TraceIDHeader)
+	if traceID == "" {
+		traceID = uuid.New().String()
+	}
+	return context.WithValue(r.Context(), traceIDKey{}, traceID)
+}