diff --git a/.chloggen/2530.yaml b/.chloggen/2530.yaml new file mode 100644 index 0000000000..1601dcb3b8 --- /dev/null +++ b/.chloggen/2530.yaml @@ -0,0 +1,4 @@ +change_type: enhancement +component: aspnetcore +note: Add ASP.NET Core authentication and authorization metrics and update the registry. +issues: [2530] diff --git a/docs/dotnet/dotnet-aspnetcore-metrics.md b/docs/dotnet/dotnet-aspnetcore-metrics.md index 0c61cfc68e..e9dedef861 100644 --- a/docs/dotnet/dotnet-aspnetcore-metrics.md +++ b/docs/dotnet/dotnet-aspnetcore-metrics.md @@ -26,6 +26,14 @@ This article defines semantic conventions for ASP.NET Core metrics. - [Metric: `aspnetcore.memory_pool.evicted`](#metric-aspnetcorememory_poolevicted) - [Metric: `aspnetcore.memory_pool.allocated`](#metric-aspnetcorememory_poolallocated) - [Metric: `aspnetcore.memory_pool.rented`](#metric-aspnetcorememory_poolrented) +- [Authentication](#authentication) + - [Metric: `aspnetcore.authentication.authenticate.duration`](#metric-aspnetcoreauthenticationauthenticateduration) + - [Metric: `aspnetcore.authentication.challenges`](#metric-aspnetcoreauthenticationchallenges) + - [Metric: `aspnetcore.authentication.forbids`](#metric-aspnetcoreauthenticationforbids) + - [Metric: `aspnetcore.authentication.sign_ins`](#metric-aspnetcoreauthenticationsign_ins) + - [Metric: `aspnetcore.authentication.sign_outs`](#metric-aspnetcoreauthenticationsign_outs) +- [Authorization](#authorization) + - [Metric: `aspnetcore.authorization.attempts`](#metric-aspnetcoreauthorizationattempts) - [Identity](#identity) - [Metric: `aspnetcore.identity.user.create.duration`](#metric-aspnetcoreidentityusercreateduration) - [Metric: `aspnetcore.identity.user.update.duration`](#metric-aspnetcoreidentityuserupdateduration) @@ -416,6 +424,234 @@ All memory pool metrics are reported by the `Microsoft.AspNetCore.MemoryPool` me +## Authentication + +All authentication metrics are reported by the `Microsoft.AspNetCore.Authentication` meter. + +### Metric: `aspnetcore.authentication.authenticate.duration` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authentication.authenticate.duration` | Histogram | `s` | The authentication duration for a request. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.authentication.result`](/docs/registry/attributes/aspnetcore.md) | string | The result of the authentication operation. | `success`; `failure` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Conditionally Required` if a scheme is specified during authentication. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`aspnetcore.authentication.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `failure` | Authentication failed. | ![Development](https://img.shields.io/badge/-development-blue) | +| `none` | No authentication information returned. | ![Development](https://img.shields.io/badge/-development-blue) | +| `success` | Authentication was successful. | ![Development](https://img.shields.io/badge/-development-blue) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + +### Metric: `aspnetcore.authentication.challenges` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authentication.challenges` | Counter | `{challenge}` | The total number of times a scheme is challenged. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Conditionally Required` if a scheme is specified during authentication. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + +### Metric: `aspnetcore.authentication.forbids` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authentication.forbids` | Counter | `{forbid}` | The total number of times an authenticated user attempts to access a resource they are not permitted to access. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Conditionally Required` if a scheme is specified during authentication. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + +### Metric: `aspnetcore.authentication.sign_ins` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authentication.sign_ins` | Counter | `{sign_in}` | The total number of times a principal is signed in with a scheme. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Conditionally Required` if a scheme is specified during authentication. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + +### Metric: `aspnetcore.authentication.sign_outs` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authentication.sign_outs` | Counter | `{sign_out}` | The total number of times a principal is signed out with a scheme. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Conditionally Required` if a scheme is specified during authentication. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + +## Authorization + +All authorization metrics are reported by the `Microsoft.AspNetCore.Authorization` meter. + +### Metric: `aspnetcore.authorization.attempts` + + + + + + + + +| Name | Instrument Type | Unit (UCUM) | Description | Stability | Entity Associations | +| -------- | --------------- | ----------- | -------------- | --------- | ------ | +| `aspnetcore.authorization.attempts` | Counter | `{attempt}` | The total number of authorization attempts. [1] | ![Development](https://img.shields.io/badge/-development-blue) | | + +**[1]:** Meter name: `Microsoft.AspNetCore.Authorization`; Added in: ASP.NET Core 10.0 + +| Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | +|---|---|---|---|---|---| +| [`aspnetcore.user.is_authenticated`](/docs/registry/attributes/aspnetcore.md) | boolean | A value that indicates whether the user is authenticated. | `true` | `Required` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | +| [`aspnetcore.authorization.policy`](/docs/registry/attributes/aspnetcore.md) | string | The name of the authorization policy. | `RequireAdminRole` | `Conditionally Required` if a policy is specified. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authorization.result`](/docs/registry/attributes/aspnetcore.md) | string | The result of calling the authorization service. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) | +| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`aspnetcore.authorization.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `failure` | Authorization failed. | ![Development](https://img.shields.io/badge/-development-blue) | +| `success` | Authorization was successful. | ![Development](https://img.shields.io/badge/-development-blue) | + +--- + +`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + + + + + + ## Identity All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Identity` meter. @@ -760,7 +996,7 @@ All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Iden | Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | |---|---|---|---|---|---| -| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.sign_in.type`](/docs/registry/attributes/aspnetcore.md) | string | The authentication type. | `password`; `two_factor` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.sign_in.result`](/docs/registry/attributes/aspnetcore.md) | string | Whether the sign in result was success or failure. | `password`; `two_factor` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) | @@ -868,7 +1104,7 @@ All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Iden | Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | |---|---|---|---|---|---| -| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.sign_in.is_persistent`](/docs/registry/attributes/aspnetcore.md) | boolean | A flag indicating whether the sign in is persistent. | | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) | | [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | @@ -903,7 +1139,7 @@ All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Iden | Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | |---|---|---|---|---|---| -| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | @@ -937,7 +1173,7 @@ All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Iden | Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | |---|---|---|---|---|---| -| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | @@ -971,7 +1207,7 @@ All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Iden | Attribute | Type | Description | Examples | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability | |---|---|---|---|---|---| -| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | +| [`aspnetcore.authentication.scheme`](/docs/registry/attributes/aspnetcore.md) | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) | | [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | diff --git a/docs/registry/attributes/aspnetcore.md b/docs/registry/attributes/aspnetcore.md index 6c48093481..42e6f4e0a3 100644 --- a/docs/registry/attributes/aspnetcore.md +++ b/docs/registry/attributes/aspnetcore.md @@ -9,7 +9,10 @@ ASP.NET Core attributes | Attribute | Type | Description | Examples | Stability | |---|---|---|---|---| -| `aspnetcore.authentication_scheme` | string | The authentication scheme to sign in with. | `Identity.Application` | ![Development](https://img.shields.io/badge/-development-blue) | +| `aspnetcore.authentication.result` | string | The result of the authentication operation. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) | +| `aspnetcore.authentication.scheme` | string | The identifier that names a particular authentication handler. | `Cookies`; `Bearer`; `Identity.Application` | ![Development](https://img.shields.io/badge/-development-blue) | +| `aspnetcore.authorization.policy` | string | The name of the authorization policy. | `RequireAdminRole` | ![Development](https://img.shields.io/badge/-development-blue) | +| `aspnetcore.authorization.result` | string | The result of calling the authorization service. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) | | `aspnetcore.diagnostics.exception.result` | string | ASP.NET Core exception middleware handling result. | `handled`; `unhandled` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | | `aspnetcore.diagnostics.handler.type` | string | Full type name of the [`IExceptionHandler`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.diagnostics.iexceptionhandler) implementation that handled the exception. | `Contoso.MyHandler` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | | `aspnetcore.identity.error_code` | string | The error code for a failed identity operation. | `DefaultError`; `PasswordMismatch` | ![Development](https://img.shields.io/badge/-development-blue) | @@ -28,6 +31,26 @@ ASP.NET Core attributes | `aspnetcore.routing.is_fallback` | boolean | A value that indicates whether the matched route is a fallback route. | `true` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | | `aspnetcore.routing.match_status` | string | Match result - success or failure | `success`; `failure` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | | `aspnetcore.sign_in.is_persistent` | boolean | A flag indicating whether the sign in is persistent. | | ![Development](https://img.shields.io/badge/-development-blue) | +| `aspnetcore.user.is_authenticated` | boolean | A value that indicates whether the user is authenticated. | `true` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) | + +--- + +`aspnetcore.authentication.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `failure` | Authentication failed. | ![Development](https://img.shields.io/badge/-development-blue) | +| `none` | No authentication information returned. | ![Development](https://img.shields.io/badge/-development-blue) | +| `success` | Authentication was successful. | ![Development](https://img.shields.io/badge/-development-blue) | + +--- + +`aspnetcore.authorization.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used. + +| Value | Description | Stability | +|---|---|---| +| `failure` | Authorization failed. | ![Development](https://img.shields.io/badge/-development-blue) | +| `success` | Authorization was successful. | ![Development](https://img.shields.io/badge/-development-blue) | --- diff --git a/model/aspnetcore/metrics.yaml b/model/aspnetcore/metrics.yaml index fc1e961b91..d611b41eb6 100644 --- a/model/aspnetcore/metrics.yaml +++ b/model/aspnetcore/metrics.yaml @@ -6,6 +6,19 @@ groups: - ref: aspnetcore.rate_limiting.policy requirement_level: conditionally_required: if the matched endpoint for the request had a rate-limiting policy. + - id: aspnetcore.common.authentication.metrics.attributes + type: attribute_group + brief: Common ASP.NET Core authentication metrics attributes + attributes: + - ref: aspnetcore.authentication.scheme + requirement_level: + conditionally_required: if a scheme is specified during authentication. + - ref: error.type + brief: The full name of exception type. + requirement_level: + conditionally_required: if and only if an error has occurred. + examples: ['System.OperationCanceledException'] + note: "" - id: aspnetcore.common.identity.metrics.attributes type: attribute_group brief: Common ASP.NET Core Identity metrics attributes @@ -207,6 +220,109 @@ groups: Meter name: `Microsoft.AspNetCore.MemoryPool`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.memory_pool.metrics.attributes + # authentication + - id: metric.aspnetcore.authentication.authenticate.duration + type: metric + metric_name: aspnetcore.authentication.authenticate.duration + annotations: + code_generation: + metric_value_type: double + stability: development + brief: The authentication duration for a request. + instrument: histogram + unit: "s" + note: | + Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + extends: aspnetcore.common.authentication.metrics.attributes + attributes: + - ref: aspnetcore.authentication.result + requirement_level: required + + - id: metric.aspnetcore.authentication.challenges + type: metric + metric_name: aspnetcore.authentication.challenges + annotations: + code_generation: + metric_value_type: int + stability: development + brief: The total number of times a scheme is challenged. + instrument: counter + unit: "{challenge}" + note: | + Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + extends: aspnetcore.common.authentication.metrics.attributes + + - id: metric.aspnetcore.authentication.forbids + type: metric + metric_name: aspnetcore.authentication.forbids + annotations: + code_generation: + metric_value_type: int + stability: development + brief: The total number of times an authenticated user attempts to access a resource they are not permitted to access. + instrument: counter + unit: "{forbid}" + note: | + Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + extends: aspnetcore.common.authentication.metrics.attributes + + - id: metric.aspnetcore.authentication.sign_ins + type: metric + metric_name: aspnetcore.authentication.sign_ins + annotations: + code_generation: + metric_value_type: int + stability: development + brief: The total number of times a principal is signed in with a scheme. + instrument: counter + unit: "{sign_in}" + note: | + Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + extends: aspnetcore.common.authentication.metrics.attributes + + - id: metric.aspnetcore.authentication.sign_outs + type: metric + metric_name: aspnetcore.authentication.sign_outs + annotations: + code_generation: + metric_value_type: int + stability: development + brief: The total number of times a principal is signed out with a scheme. + instrument: counter + unit: "{sign_out}" + note: | + Meter name: `Microsoft.AspNetCore.Authentication`; Added in: ASP.NET Core 10.0 + extends: aspnetcore.common.authentication.metrics.attributes + + # authentication + - id: metric.aspnetcore.authorization.attempts + type: metric + metric_name: aspnetcore.authorization.attempts + annotations: + code_generation: + metric_value_type: int + stability: development + brief: The total number of authorization attempts. + instrument: counter + unit: "{attempt}" + note: | + Meter name: `Microsoft.AspNetCore.Authorization`; Added in: ASP.NET Core 10.0 + attributes: + - ref: aspnetcore.user.is_authenticated + requirement_level: required + - ref: aspnetcore.authorization.policy + requirement_level: + conditionally_required: if a policy is specified. + - ref: aspnetcore.authorization.result + requirement_level: + conditionally_required: if no exception was thrown. + - ref: error.type + brief: The full name of exception type. + requirement_level: + conditionally_required: if and only if an error has occurred. + examples: ['System.OperationCanceledException'] + note: "" + # identity - id: metric.aspnetcore.identity.user.create.duration type: metric @@ -378,7 +494,7 @@ groups: Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.identity.metrics.attributes attributes: - - ref: aspnetcore.authentication_scheme + - ref: aspnetcore.authentication.scheme requirement_level: required - ref: aspnetcore.sign_in.is_persistent requirement_level: @@ -409,7 +525,7 @@ groups: Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.identity.metrics.attributes attributes: - - ref: aspnetcore.authentication_scheme + - ref: aspnetcore.authentication.scheme requirement_level: required - ref: error.type brief: The full name of exception type. @@ -432,7 +548,7 @@ groups: Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.identity.metrics.attributes attributes: - - ref: aspnetcore.authentication_scheme + - ref: aspnetcore.authentication.scheme requirement_level: required - ref: error.type brief: The full name of exception type. @@ -479,7 +595,7 @@ groups: Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.identity.metrics.attributes attributes: - - ref: aspnetcore.authentication_scheme + - ref: aspnetcore.authentication.scheme requirement_level: required - ref: aspnetcore.sign_in.is_persistent requirement_level: @@ -505,7 +621,7 @@ groups: Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0 extends: aspnetcore.common.identity.metrics.attributes attributes: - - ref: aspnetcore.authentication_scheme + - ref: aspnetcore.authentication.scheme requirement_level: required - ref: error.type brief: The full name of exception type. diff --git a/model/aspnetcore/registry.yaml b/model/aspnetcore/registry.yaml index 3ae15195e7..84425cb761 100644 --- a/model/aspnetcore/registry.yaml +++ b/model/aspnetcore/registry.yaml @@ -93,6 +93,53 @@ groups: brief: The full name of the identity user type. stability: development examples: ["Contoso.ContosoUser"] + - id: aspnetcore.authentication.result + type: + members: + - id: success + value: 'success' + brief: "Authentication was successful." + stability: development + - id: failure + value: 'failure' + brief: "Authentication failed." + stability: development + - id: none + value: 'none' + brief: "No authentication information returned." + stability: development + stability: development + brief: The result of the authentication operation. + examples: ["success", "failure"] + - id: aspnetcore.authentication.scheme + type: string + stability: development + brief: The identifier that names a particular authentication handler. + examples: ["Cookies", "Bearer", "Identity.Application"] + - id: aspnetcore.user.is_authenticated + type: boolean + stability: stable + brief: A value that indicates whether the user is authenticated. + examples: [true] + - id: aspnetcore.authorization.policy + type: string + stability: development + brief: The name of the authorization policy. + examples: ["RequireAdminRole"] + - id: aspnetcore.authorization.result + type: + members: + - id: success + value: 'success' + brief: "Authorization was successful." + stability: development + - id: failure + value: 'failure' + brief: "Authorization failed." + stability: development + stability: development + brief: The result of calling the authorization service. + examples: ["success", "failure"] - id: aspnetcore.identity.result type: members: @@ -320,11 +367,6 @@ groups: stability: development brief: The result of token verification. examples: ["success", "failure"] - - id: aspnetcore.authentication_scheme - type: string - stability: development - brief: The authentication scheme to sign in with. - examples: ["Identity.Application"] - id: aspnetcore.identity.sign_in.type type: members: