From fbaacdf7eb1a41fac055788a6613b38a7cb68adf Mon Sep 17 00:00:00 2001
From: aeneasr <3372410+aeneasr@users.noreply.github.com>
Date: Mon, 10 Jul 2023 16:01:29 +0200
Subject: [PATCH] u

---
 persistence/sql/persister_oauth2.go | 35 +++++++++++++++++------------
 1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/persistence/sql/persister_oauth2.go b/persistence/sql/persister_oauth2.go
index d6a3f821078..c4613bd80a8 100644
--- a/persistence/sql/persister_oauth2.go
+++ b/persistence/sql/persister_oauth2.go
@@ -5,14 +5,18 @@ package sql
 
 import (
 	"context"
+	"crypto/sha256"
 	"crypto/sha512"
 	"database/sql"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"net/url"
 	"strings"
 	"time"
 
+	"go.opentelemetry.io/otel/trace"
+
 	"github.com/gofrs/uuid"
 	"github.com/pkg/errors"
 	"github.com/tidwall/gjson"
@@ -368,10 +372,7 @@ func (p *Persister) CreateAccessTokenSession(ctx context.Context, signature stri
 	defer otelx.End(span, &err)
 
 	events.Trace(ctx, events.AccessTokenIssued,
-		events.WithRequest(requester),
-		events.WithGrantType(requester.GetRequestForm().Get("grant_type")),
-		events.WithTokenFormat(string(p.config.AccessTokenStrategy(ctx))),
-		events.WithClientID(requester.GetClient().GetID()),
+		append(toEventOptions(requester), events.WithGrantType(requester.GetRequestForm().Get("grant_type")))...,
 	)
 
 	return p.createSession(ctx, signature, requester, sqlTableAccess)
@@ -389,14 +390,24 @@ func (p *Persister) DeleteAccessTokenSession(ctx context.Context, signature stri
 	return p.deleteSessionBySignature(ctx, signature, sqlTableAccess)
 }
 
-func (p *Persister) CreateRefreshTokenSession(ctx context.Context, signature string, requester fosite.Requester) (err error) {
-	ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteCreateRefreshTokenSessionAccessTokenSession")
-	defer otelx.End(span, &err)
-	events.Trace(ctx, events.RefreshTokenIssued,
+func toEventOptions(requester fosite.Requester) []trace.EventOption {
+	sub := ""
+	if requester.GetSession() != nil {
+		hash := sha256.Sum256([]byte(requester.GetSession().GetSubject()))
+		sub = hex.EncodeToString(hash[:])
+	}
+	return []trace.EventOption{
 		events.WithGrantType(requester.GetRequestForm().Get("grant_type")),
+		events.WithSubject(sub),
 		events.WithRequest(requester),
 		events.WithClientID(requester.GetClient().GetID()),
-	)
+	}
+}
+
+func (p *Persister) CreateRefreshTokenSession(ctx context.Context, signature string, requester fosite.Requester) (err error) {
+	ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteCreateRefreshTokenSessionAccessTokenSession")
+	defer otelx.End(span, &err)
+	events.Trace(ctx, events.RefreshTokenIssued, toEventOptions(requester)...)
 	return p.createSession(ctx, signature, requester, sqlTableRefresh)
 }
 
@@ -415,11 +426,7 @@ func (p *Persister) DeleteRefreshTokenSession(ctx context.Context, signature str
 func (p *Persister) CreateOpenIDConnectSession(ctx context.Context, signature string, requester fosite.Requester) (err error) {
 	ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateOpenIDConnectSession")
 	defer otelx.End(span, &err)
-	events.Trace(ctx, events.IdentityTokenIssued,
-		events.WithRequest(requester),
-		events.WithGrantType(requester.GetRequestForm().Get("grant_type")),
-		events.WithClientID(requester.GetClient().GetID()),
-	)
+	events.Trace(ctx, events.IdentityTokenIssued, toEventOptions(requester)...)
 	return p.createSession(ctx, signature, requester, sqlTableOpenID)
 }