Automatic userID tracking and blocking

[simon-id]

TODO:

• check if there is any unexpected behavior when using passport-jwt
• /* TODO: test with:
  passport-jwt JWTs
  can be used both for login events, or as a session, that complicates things it think
  maybe instrument this lib directly, and ofc only send the events after it was verified
  @nestjs/passport
  pasport-local
  passport-oauth2
  passport-google-oauth20
  passport-custom
  passport-http
  passport-http-bearer
  koa-passport
  */
• check with a stack of deserialize
• or a stack of authenticate ?

/*
check conflict when trackUser and trackLogin is called

test with:

• express-session with passport
• passport-jwt (or general jwt tokens)
• data stored in cookies
• opaque tokens that calls to third party service to get the users in each request (auth0, hydra...)
• passport-saml (Onelogin, Okta, Shibboleth, LDAP)
• passport-oauth2

*/

What does this PR do?

Motivation

Plugin Checklist

• Unit tests.
• TypeScript definitions.
• TypeScript tests.
• API documentation.
• CircleCI jobs/workflows.
• Plugin is exported.

Additional Notes

[github-actions]

Overall package size

Self size: 8.49 MB
Deduped: 94.84 MB
No deduping: 95.35 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.4.0 | 29.44 MB | 29.44 MB | | @datadog/native-appsec | 8.4.0 | 19.25 MB | 19.26 MB | | @datadog/native-iast-taint-tracking | 3.2.0 | 13.9 MB | 13.91 MB | | @datadog/pprof | 5.4.1 | 9.76 MB | 10.13 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.6.1 | 2.59 MB | 2.73 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 3.1.0 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-01-18 17:40:58

Comparing candidate commit 1cb83fb in PR branch automatic_userid_blocking with baseline commit 4ef12fc in branch master.

Found 0 performance improvements and 3 performance regressions! Performance is the same for 909 metrics, 21 unstable metrics.

scenario:log-without-log-20

• 🟥 cpu_user_time [+19.163ms; +23.889ms] or [+5.746%; +7.163%]
• 🟥 execution_time [+19.911ms; +21.602ms] or [+5.267%; +5.714%]

scenario:startup-with-tracer-20

• 🟥 cpu_user_time [+13.626ms; +21.021ms] or [+5.718%; +8.822%]

[codecov]

Codecov Report

Attention: Patch coverage is 20.16807% with 95 lines in your changes missing coverage. Please review.

Project coverage is 61.16%. Comparing base (70a2c22) to head (79a7ff5).
Report is 74 commits behind head on master.

Files with missing lines	Patch %	Lines
packages/dd-trace/src/appsec/user_tracking.js	19.71%	57 Missing ⚠️
packages/dd-trace/src/appsec/sdk/track_event.js	7.69%	12 Missing ⚠️
packages/dd-trace/src/appsec/sdk/set_user.js	9.09%	10 Missing ⚠️
...ackages/dd-trace/src/appsec/remote_config/index.js	25.00%	9 Missing ⚠️
packages/dd-trace/src/appsec/index.js	44.44%	5 Missing ⚠️
packages/dd-trace/src/appsec/telemetry.js	0.00%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4670      +/-   ##
==========================================
- Coverage   66.25%   61.16%   -5.09%     
==========================================
  Files         112      144      +32     
  Lines        3734     5166    +1432     
==========================================
+ Hits         2474     3160     +686     
- Misses       1260     2006     +746     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.