[ASM][ATO] user id collection on authenticated request

[anna-git]

Summary of changes

• Add user login tags
• Instrument HttpContext.SetUser to watch for authenticated request (not authenticating), monitoring user id and session id (not reporting the latter)
• Run the waf on login / signup events including SDK, as soon as we have them
• Don't always include the user id coming from the span, to NOT override the sdk
• RunWafForUser to test for sdk precedence

this is all only for .net core for now

Reason for change

https://docs.google.com/document/d/1RT38U6dTTcB-8muiYV4-aVDCsT_XrliyakjtAPyjUpw

Implementation details

• New instrumentation Microsoft.AspNetCore.Http.HttpContext.SetUser
• RunWafForUser
• add new address

Test coverage

• new integration tests for authenticated request / conflict with sdk
• new unit tests

Other details

[github-actions]

Snapshots difference summary

The following differences have been observed in committed snapshots. It is meant to help the reviewer.
The diff is simplistic, so please check some files anyway while we improve it.

6 occurrences of :

+      _dd.appsec.fp.http.header: hdr-0000000100-3626b5f8-2-da57b738,
+      _dd.appsec.fp.http.network: net-1-1000000000,
+      _dd.appsec.fp.session: ssn-<fingerprint>,

[datadog-ddstaging]

Datadog Report

Branch report: anna/asm/userid-monitoring
Commit report: a064bf5
Test service: dd-trace-dotnet

✅ 0 Failed, 555193 Passed, 4591 Skipped, 47h 17m 17.27s Total Time

[andrewlock]

Execution-Time Benchmarks Report ⏱️

Execution-time results for samples comparing the following branches/commits:

• This PR (6431)
• master

Execution-time benchmarks measure the whole time it takes to execute a program. And are intended to measure the one-off costs. Cases where the execution time results for the PR are worse than latest master results are shown in red. The following thresholds were used for comparing the execution times:

• Welch test with statistical test for significance of 5%
• Only results indicating a difference greater than 5% and 5 ms are considered.

Note that these results are based on a single point-in-time result for each branch. For full results, see the dashboard.

Graphs show the p99 interval based on the mean and StdDev of the test run, as well as the mean value of the run (shown as a diamond below the graph).

gantt
    title Execution time (ms) FakeDbCommand (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (69ms)  : 66, 72
     .   : milestone, 69,
    master - mean (69ms)  : 64, 75
     .   : milestone, 69,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (981ms)  : 960, 1001
     .   : milestone, 981,
    master - mean (978ms)  : 954, 1001
     .   : milestone, 978,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (108ms)  : 106, 110
     .   : milestone, 108,
    master - mean (107ms)  : 105, 110
     .   : milestone, 107,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (679ms)  : 662, 696
     .   : milestone, 679,
    master - mean (681ms)  : 667, 695
     .   : milestone, 681,

Loading

gantt
    title Execution time (ms) FakeDbCommand (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (91ms)  : 89, 93
     .   : milestone, 91,
    master - mean (91ms)  : 87, 95
     .   : milestone, 91,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (636ms)  : 623, 650
     .   : milestone, 636,
    master - mean (632ms)  : 615, 650
     .   : milestone, 632,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Framework 4.6.2) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (190ms)  : 186, 194
     .   : milestone, 190,
    master - mean (192ms)  : 184, 200
     .   : milestone, 192,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (1,094ms)  : 1064, 1123
     .   : milestone, 1094,
    master - mean (1,094ms)  : 1058, 1130
     .   : milestone, 1094,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET Core 3.1) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (278ms)  : 273, 282
     .   : milestone, 278,
    master - mean (276ms)  : 272, 280
     .   : milestone, 276,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (872ms)  : 836, 907
     .   : milestone, 872,
    master - mean (872ms)  : 844, 900
     .   : milestone, 872,

Loading

gantt
    title Execution time (ms) HttpMessageHandler (.NET 6) 
    dateFormat  X
    axisFormat %s
    todayMarker off
    section Baseline
    This PR (6431) - mean (265ms)  : 260, 270
     .   : milestone, 265,
    master - mean (264ms)  : 260, 268
     .   : milestone, 264,

    section CallTarget+Inlining+NGEN
    This PR (6431) - mean (848ms)  : 814, 883
     .   : milestone, 848,
    master - mean (849ms)  : 811, 886
     .   : milestone, 849,

Loading

[andrewlock]

Benchmarks Report for appsec 🐌

Benchmarks for #6431 compared to master:

• 1 benchmarks are slower, with geometric mean 1.193
• 2 benchmarks have fewer allocations
• 7 benchmarks have more allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.Asm.AppSecBodyBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	AllCycleSimpleBody	net6.0	203μs	88.6ns	332ns	2.62	0	0	188.76 KB
master	AllCycleSimpleBody	netcoreapp3.1	300μs	97.6ns	378ns	2.69	0	0	196.09 KB
master	AllCycleSimpleBody	net472	270μs	239ns	893ns	35.8	2.02	0	225.78 KB
master	AllCycleMoreComplexBody	net6.0	211μs	108ns	418ns	2.73	0	0	192.26 KB
master	AllCycleMoreComplexBody	netcoreapp3.1	327μs	179ns	669ns	2.61	0	0	199.5 KB
master	AllCycleMoreComplexBody	net472	277μs	155ns	558ns	36.4	2.07	0	229.3 KB
master	ObjectExtractorSimpleBody	net6.0	139ns	0.0962ns	0.36ns	0.00394	0	0	280 B
master	ObjectExtractorSimpleBody	netcoreapp3.1	202ns	1.01ns	4.4ns	0.00366	0	0	272 B
master	ObjectExtractorSimpleBody	net472	164ns	0.14ns	0.541ns	0.0446	0	0	281 B
master	ObjectExtractorMoreComplexBody	net6.0	2.96μs	2.48ns	8.95ns	0.0533	0	0	3.78 KB
master	ObjectExtractorMoreComplexBody	netcoreapp3.1	3.82μs	2.41ns	9.35ns	0.0496	0	0	3.69 KB
master	ObjectExtractorMoreComplexBody	net472	3.69μs	5.19ns	19.4ns	0.603	0.00551	0	3.8 KB
#6431	AllCycleSimpleBody	net6.0	206μs	106ns	384ns	2.69	0	0	188.69 KB
#6431	AllCycleSimpleBody	netcoreapp3.1	309μs	161ns	602ns	2.62	0	0	196.02 KB
#6431	AllCycleSimpleBody	net472	274μs	348ns	1.35μs	35.8	2.03	0	225.76 KB
#6431	AllCycleMoreComplexBody	net6.0	210μs	135ns	487ns	2.73	0	0	192.19 KB
#6431	AllCycleMoreComplexBody	netcoreapp3.1	301μs	342ns	1.33μs	2.7	0	0	199.43 KB
#6431	AllCycleMoreComplexBody	net472	281μs	231ns	801ns	36.3	2.07	0	229.27 KB
#6431	ObjectExtractorSimpleBody	net6.0	136ns	0.153ns	0.593ns	0.00394	0	0	280 B
#6431	ObjectExtractorSimpleBody	netcoreapp3.1	194ns	0.152ns	0.57ns	0.00374	0	0	272 B
#6431	ObjectExtractorSimpleBody	net472	165ns	0.174ns	0.672ns	0.0446	0	0	281 B
#6431	ObjectExtractorMoreComplexBody	net6.0	2.9μs	0.841ns	3.03ns	0.0523	0	0	3.78 KB
#6431	ObjectExtractorMoreComplexBody	netcoreapp3.1	3.75μs	4.14ns	16ns	0.0507	0	0	3.69 KB
#6431	ObjectExtractorMoreComplexBody	net472	3.65μs	3.1ns	12ns	0.602	0.00549	0	3.8 KB

Benchmarks.Trace.Asm.AppSecEncoderBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EncodeArgs	net6.0	38.6μs	14.8ns	57.3ns	0.444	0	0	32.4 KB
master	EncodeArgs	netcoreapp3.1	54.1μs	28.5ns	110ns	0.431	0	0	32.4 KB
master	EncodeArgs	net472	67.2μs	208ns	807ns	5.16	0.0661	0	32.5 KB
master	EncodeLegacyArgs	net6.0	80.2μs	167ns	645ns	0	0	0	2.14 KB
master	EncodeLegacyArgs	netcoreapp3.1	108μs	147ns	552ns	0	0	0	2.14 KB
master	EncodeLegacyArgs	net472	154μs	106ns	409ns	0.308	0	0	2.15 KB
#6431	EncodeArgs	net6.0	40.1μs	26.4ns	98.7ns	0.461	0	0	32.4 KB
#6431	EncodeArgs	netcoreapp3.1	54.1μs	45.6ns	164ns	0.428	0	0	32.4 KB
#6431	EncodeArgs	net472	67.9μs	72.9ns	282ns	5.14	0.068	0	32.5 KB
#6431	EncodeLegacyArgs	net6.0	74.1μs	20.2ns	72.8ns	0	0	0	2.14 KB
#6431	EncodeLegacyArgs	netcoreapp3.1	106μs	413ns	1.6μs	0	0	0	2.15 KB
#6431	EncodeLegacyArgs	net472	155μs	67.9ns	254ns	0.308	0	0	2.15 KB

Benchmarks.Trace.Asm.AppSecWafBenchmark - Same speed ✔️ More allocations ⚠️

More allocations ⚠️ in #6431

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmarkWithAttack‑netcoreapp3.1	1.46 KB	1.53 KB	72 B	4.95%
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmarkWithAttack‑net472	1.48 KB	1.56 KB	73 B	4.92%
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmarkWithAttack‑net6.0	1.47 KB	1.54 KB	72 B	4.89%
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmark‑netcoreapp3.1	2.39 KB	2.46 KB	72 B	3.01%
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmark‑net472	2.46 KB	2.53 KB	73 B	2.97%
Benchmarks.Trace.Asm.AppSecWafBenchmark.RunWafRealisticBenchmark‑net6.0	2.44 KB	2.51 KB	72 B	2.95%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunWafRealisticBenchmark	net6.0	175μs	67.6ns	253ns	0	0	0	2.44 KB
master	RunWafRealisticBenchmark	netcoreapp3.1	186μs	241ns	935ns	0	0	0	2.39 KB
master	RunWafRealisticBenchmark	net472	201μs	157ns	609ns	0.302	0	0	2.46 KB
master	RunWafRealisticBenchmarkWithAttack	net6.0	116μs	82.5ns	320ns	0	0	0	1.47 KB
master	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	123μs	101ns	349ns	0	0	0	1.46 KB
master	RunWafRealisticBenchmarkWithAttack	net472	133μs	83.6ns	324ns	0.199	0	0	1.48 KB
#6431	RunWafRealisticBenchmark	net6.0	175μs	310ns	1.2μs	0	0	0	2.51 KB
#6431	RunWafRealisticBenchmark	netcoreapp3.1	188μs	189ns	708ns	0	0	0	2.46 KB
#6431	RunWafRealisticBenchmark	net472	200μs	69.6ns	260ns	0.401	0	0	2.53 KB
#6431	RunWafRealisticBenchmarkWithAttack	net6.0	115μs	146ns	567ns	0	0	0	1.54 KB
#6431	RunWafRealisticBenchmarkWithAttack	netcoreapp3.1	125μs	144ns	539ns	0	0	0	1.53 KB
#6431	RunWafRealisticBenchmarkWithAttack	net472	133μs	77.9ns	291ns	0.199	0	0	1.56 KB

Benchmarks.Trace.Iast.StringAspectsBenchmark - Slower ⚠️ More allocations ⚠️

Slower ⚠️ in #6431

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net6.0	1.193	51,900.00	61,900.00	bimodal

More allocations ⚠️ in #6431

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑netcoreapp3.1	252.53 KB	265.08 KB	12.55 KB	4.97%

Fewer allocations 🎉 in #6431

Benchmark	Base Allocated	Diff Allocated	Change	Change %
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatAspectBenchmark‑net6.0	264.31 KB	254.55 KB	-9.76 KB	-3.69%
Benchmarks.Trace.Iast.StringAspectsBenchmark.StringConcatBenchmark‑net472	61.98 KB	59.12 KB	-2.86 KB	-4.62%

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StringConcatBenchmark	net6.0	54.2μs	498ns	4.88μs	0	0	0	43.44 KB
master	StringConcatBenchmark	netcoreapp3.1	53.9μs	280ns	1.37μs	0	0	0	42.64 KB
master	StringConcatBenchmark	net472	36.9μs	93.2ns	323ns	0	0	0	61.98 KB
master	StringConcatAspectBenchmark	net6.0	319μs	1.58μs	10.1μs	0	0	0	264.31 KB
master	StringConcatAspectBenchmark	netcoreapp3.1	336μs	1.85μs	10.7μs	0	0	0	252.53 KB
master	StringConcatAspectBenchmark	net472	269μs	4.94μs	47.7μs	0	0	0	278.53 KB
#6431	StringConcatBenchmark	net6.0	61.7μs	683ns	6.62μs	0	0	0	43.44 KB
#6431	StringConcatBenchmark	netcoreapp3.1	54.5μs	258ns	1.34μs	0	0	0	42.64 KB
#6431	StringConcatBenchmark	net472	37.4μs	109ns	409ns	0	0	0	59.12 KB
#6431	StringConcatAspectBenchmark	net6.0	310μs	1.69μs	9.55μs	0	0	0	254.55 KB
#6431	StringConcatAspectBenchmark	netcoreapp3.1	351μs	1.91μs	15.1μs	0	0	0	265.08 KB
#6431	StringConcatAspectBenchmark	net472	280μs	5.49μs	53μs	0	0	0	278.53 KB

[andrewlock]

Throughput/Crank Report ⚡

Throughput results for AspNetCoreSimpleController comparing the following branches/commits:

• This PR (6431)
• master
• benchmarks/2.9.0

Cases where throughput results for the PR are worse than latest master (5% drop or greater), results are shown in red.

Note that these results are based on a single point-in-time result for each branch. For full results, see one of the many, many dashboards!

gantt
    title Throughput Linux x64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6431) (11.158M)   : 0, 11158228
    master (11.434M)   : 0, 11433823
    benchmarks/2.9.0 (11.033M)   : 0, 11032866

    section Automatic
    This PR (6431) (7.318M)   : 0, 7318390
    master (7.329M)   : 0, 7329326
    benchmarks/2.9.0 (7.786M)   : 0, 7785853

    section Trace stats
    master (7.611M)   : 0, 7611113

    section Manual
    master (11.108M)   : 0, 11107912

    section Manual + Automatic
    This PR (6431) (6.842M)   : 0, 6842127
    master (6.845M)   : 0, 6844945

    section DD_TRACE_ENABLED=0
    master (10.329M)   : 0, 10328733

Loading

gantt
    title Throughput Linux arm64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6431) (9.512M)   : 0, 9511726
    master (9.534M)   : 0, 9533585
    benchmarks/2.9.0 (9.495M)   : 0, 9494821

    section Automatic
    This PR (6431) (6.335M)   : 0, 6334952
    master (6.293M)   : 0, 6293263

    section Trace stats
    master (6.541M)   : 0, 6541247

    section Manual
    master (9.502M)   : 0, 9502053

    section Manual + Automatic
    This PR (6431) (5.936M)   : 0, 5936063
    master (5.976M)   : 0, 5976365

    section DD_TRACE_ENABLED=0
    master (8.806M)   : 0, 8806055

Loading

gantt
    title Throughput Windows x64 (Total requests) 
    dateFormat  X
    axisFormat %s
    section Baseline
    This PR (6431) (9.679M)   : 0, 9678866
    master (9.968M)   : 0, 9968345
    benchmarks/2.9.0 (10.020M)   : 0, 10019592

    section Automatic
    This PR (6431) (6.254M)   : 0, 6254041
    master (6.506M)   : 0, 6506205
    benchmarks/2.9.0 (7.255M)   : 0, 7255257

    section Trace stats
    master (7.120M)   : 0, 7119839

    section Manual
    master (10.011M)   : 0, 10010780

    section Manual + Automatic
    This PR (6431) (5.825M)   : 0, 5825023
    master (5.923M)   : 0, 5922704

    section DD_TRACE_ENABLED=0
    master (9.290M)   : 0, 9290361

Loading

[andrewlock]

Benchmarks Report for tracer 🐌

Benchmarks for #6431 compared to master:

• 1 benchmarks are faster, with geometric mean 1.140
• 3 benchmarks are slower, with geometric mean 1.133
• All benchmarks have the same allocations

The following thresholds were used for comparing the benchmark speeds:

• Mann–Whitney U test with statistical test for significance of 5%
• Only results indicating a difference greater than 10% and 0.3 ns are considered.

Allocation changes below 0.5% are ignored.

Benchmark details

Benchmarks.Trace.ActivityBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartStopWithChild	net6.0	8.09μs	45.7ns	303ns	0.016	0.004	0	5.61 KB
master	StartStopWithChild	netcoreapp3.1	10.1μs	55.4ns	332ns	0.0192	0.00479	0	5.8 KB
master	StartStopWithChild	net472	16.4μs	58.6ns	211ns	1.04	0.297	0.0989	6.21 KB
#6431	StartStopWithChild	net6.0	8.43μs	46.7ns	310ns	0.0159	0.00796	0	5.61 KB
#6431	StartStopWithChild	netcoreapp3.1	10.1μs	55.7ns	315ns	0.0191	0.00954	0	5.8 KB
#6431	StartStopWithChild	net472	16.3μs	53.2ns	206ns	1.05	0.317	0.0976	6.21 KB

Benchmarks.Trace.AgentWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	486μs	383ns	1.48μs	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	663μs	498ns	1.93μs	0	0	0	2.7 KB
master	WriteAndFlushEnrichedTraces	net472	853μs	391ns	1.51μs	0.425	0	0	3.3 KB
#6431	WriteAndFlushEnrichedTraces	net6.0	475μs	419ns	1.62μs	0	0	0	2.7 KB
#6431	WriteAndFlushEnrichedTraces	netcoreapp3.1	662μs	675ns	2.61μs	0	0	0	2.7 KB
#6431	WriteAndFlushEnrichedTraces	net472	871μs	502ns	1.94μs	0.434	0	0	3.3 KB

Benchmarks.Trace.AspNetCoreBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendRequest	net6.0	153μs	923ns	9μs	0.159	0	0	14.47 KB
master	SendRequest	netcoreapp3.1	170μs	986ns	8.13μs	0.133	0	0	17.27 KB
master	SendRequest	net472	0.000249ns	0.000222ns	0.000802ns	0	0	0	0 b
#6431	SendRequest	net6.0	148μs	815ns	5.28μs	0.143	0	0	14.47 KB
#6431	SendRequest	netcoreapp3.1	175μs	1.11μs	11μs	0.166	0	0	17.27 KB
#6431	SendRequest	net472	0.00159ns	0.00072ns	0.00259ns	0	0	0	0 b

Benchmarks.Trace.CIVisibilityProtocolWriterBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	WriteAndFlushEnrichedTraces	net6.0	576μs	3.2μs	20.3μs	0.558	0	0	41.56 KB
master	WriteAndFlushEnrichedTraces	netcoreapp3.1	658μs	2.02μs	7.29μs	0.327	0	0	41.74 KB
master	WriteAndFlushEnrichedTraces	net472	860μs	3.59μs	13.9μs	8.25	2.6	0.434	53.27 KB
#6431	WriteAndFlushEnrichedTraces	net6.0	556μs	2.94μs	14.4μs	0.548	0	0	41.48 KB
#6431	WriteAndFlushEnrichedTraces	netcoreapp3.1	674μs	3.82μs	28.3μs	0.331	0	0	41.71 KB
#6431	WriteAndFlushEnrichedTraces	net472	846μs	3.35μs	13μs	8.08	2.55	0.425	53.3 KB

Benchmarks.Trace.DbCommandBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteNonQuery	net6.0	1.32μs	1.08ns	3.91ns	0.0145	0	0	1.02 KB
master	ExecuteNonQuery	netcoreapp3.1	1.76μs	1.42ns	5.52ns	0.0131	0	0	1.02 KB
master	ExecuteNonQuery	net472	2.09μs	1.67ns	6.24ns	0.156	0.00105	0	987 B
#6431	ExecuteNonQuery	net6.0	1.26μs	1.27ns	4.76ns	0.0143	0	0	1.02 KB
#6431	ExecuteNonQuery	netcoreapp3.1	1.76μs	1.44ns	5.38ns	0.0132	0	0	1.02 KB
#6431	ExecuteNonQuery	net472	2.05μs	1.23ns	4.43ns	0.157	0.00102	0	987 B

Benchmarks.Trace.ElasticsearchBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	CallElasticsearch	net6.0	1.2μs	0.492ns	1.84ns	0.0138	0	0	976 B
master	CallElasticsearch	netcoreapp3.1	1.54μs	1.23ns	4.61ns	0.0128	0	0	976 B
master	CallElasticsearch	net472	2.68μs	1.67ns	6.48ns	0.158	0	0	995 B
master	CallElasticsearchAsync	net6.0	1.28μs	0.504ns	1.95ns	0.0135	0	0	952 B
master	CallElasticsearchAsync	netcoreapp3.1	1.69μs	0.398ns	1.43ns	0.0136	0	0	1.02 KB
master	CallElasticsearchAsync	net472	2.66μs	1.83ns	7.08ns	0.166	0	0	1.05 KB
#6431	CallElasticsearch	net6.0	1.22μs	0.575ns	2.07ns	0.0135	0	0	976 B
#6431	CallElasticsearch	netcoreapp3.1	1.5μs	1.76ns	6.8ns	0.0129	0	0	976 B
#6431	CallElasticsearch	net472	2.55μs	2.31ns	8.93ns	0.157	0	0	995 B
#6431	CallElasticsearchAsync	net6.0	1.28μs	1.35ns	5.22ns	0.0135	0	0	952 B
#6431	CallElasticsearchAsync	netcoreapp3.1	1.66μs	2.71ns	10.5ns	0.0138	0	0	1.02 KB
#6431	CallElasticsearchAsync	net472	2.69μs	2.09ns	7.81ns	0.166	0	0	1.05 KB

Benchmarks.Trace.GraphQLBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	ExecuteAsync	net6.0	1.31μs	0.718ns	2.69ns	0.0131	0	0	952 B
master	ExecuteAsync	netcoreapp3.1	1.69μs	0.974ns	3.77ns	0.0126	0	0	952 B
master	ExecuteAsync	net472	1.85μs	0.604ns	2.26ns	0.145	0	0	915 B
#6431	ExecuteAsync	net6.0	1.3μs	0.497ns	1.93ns	0.0131	0	0	952 B
#6431	ExecuteAsync	netcoreapp3.1	1.62μs	0.434ns	1.68ns	0.013	0	0	952 B
#6431	ExecuteAsync	net472	1.79μs	0.494ns	1.91ns	0.145	0	0	915 B

Benchmarks.Trace.HttpClientBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendAsync	net6.0	4.43μs	1.49ns	5.77ns	0.031	0	0	2.31 KB
master	SendAsync	netcoreapp3.1	5.28μs	1.72ns	6.65ns	0.0371	0	0	2.85 KB
master	SendAsync	net472	7.32μs	1.41ns	5.45ns	0.494	0	0	3.12 KB
#6431	SendAsync	net6.0	4.33μs	1.68ns	6.3ns	0.0327	0	0	2.31 KB
#6431	SendAsync	netcoreapp3.1	5.29μs	3.02ns	11.7ns	0.037	0	0	2.85 KB
#6431	SendAsync	net472	7.52μs	5.07ns	19.6ns	0.495	0	0	3.12 KB

Benchmarks.Trace.ILoggerBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	1.58μs	1ns	3.76ns	0.0231	0	0	1.64 KB
master	EnrichedLog	netcoreapp3.1	2.18μs	1.44ns	5.37ns	0.0218	0	0	1.64 KB
master	EnrichedLog	net472	2.74μs	1.18ns	4.58ns	0.249	0	0	1.57 KB
#6431	EnrichedLog	net6.0	1.55μs	1.02ns	3.82ns	0.0232	0	0	1.64 KB
#6431	EnrichedLog	netcoreapp3.1	2.12μs	1.13ns	4.24ns	0.0223	0	0	1.64 KB
#6431	EnrichedLog	net472	2.65μs	1.24ns	4.8ns	0.249	0	0	1.57 KB

Benchmarks.Trace.Log4netBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	119μs	180ns	696ns	0	0	0	4.28 KB
master	EnrichedLog	netcoreapp3.1	123μs	263ns	1.02μs	0	0	0	4.28 KB
master	EnrichedLog	net472	152μs	120ns	448ns	0.691	0.23	0	4.46 KB
#6431	EnrichedLog	net6.0	116μs	142ns	550ns	0.0577	0	0	4.28 KB
#6431	EnrichedLog	netcoreapp3.1	120μs	130ns	504ns	0	0	0	4.28 KB
#6431	EnrichedLog	net472	151μs	89.3ns	346ns	0.679	0.226	0	4.46 KB

Benchmarks.Trace.NLogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	3.16μs	1.46ns	5.66ns	0.0303	0	0	2.2 KB
master	EnrichedLog	netcoreapp3.1	4.14μs	1.55ns	5.36ns	0.0295	0	0	2.2 KB
master	EnrichedLog	net472	4.78μs	0.719ns	2.69ns	0.32	0	0	2.02 KB
#6431	EnrichedLog	net6.0	3.08μs	0.964ns	3.73ns	0.0302	0	0	2.2 KB
#6431	EnrichedLog	netcoreapp3.1	4.04μs	2.76ns	10.7ns	0.0302	0	0	2.2 KB
#6431	EnrichedLog	net472	4.97μs	1.22ns	4.74ns	0.32	0	0	2.02 KB

Benchmarks.Trace.RedisBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	SendReceive	net6.0	1.37μs	1.04ns	4.02ns	0.0159	0	0	1.14 KB
master	SendReceive	netcoreapp3.1	1.86μs	0.598ns	2.32ns	0.0158	0	0	1.14 KB
master	SendReceive	net472	2.2μs	1.56ns	6.03ns	0.183	0	0	1.16 KB
#6431	SendReceive	net6.0	1.49μs	0.48ns	1.86ns	0.0159	0	0	1.14 KB
#6431	SendReceive	netcoreapp3.1	1.78μs	0.818ns	3.17ns	0.015	0	0	1.14 KB
#6431	SendReceive	net472	2.11μs	1.06ns	4.11ns	0.183	0	0	1.16 KB

Benchmarks.Trace.SerilogBenchmark - Same speed ✔️ Same allocations ✔️

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	EnrichedLog	net6.0	2.78μs	0.857ns	3.21ns	0.0226	0	0	1.6 KB
master	EnrichedLog	netcoreapp3.1	3.89μs	1.97ns	7.64ns	0.0212	0	0	1.65 KB
master	EnrichedLog	net472	4.5μs	1.74ns	6.26ns	0.322	0	0	2.04 KB
#6431	EnrichedLog	net6.0	2.88μs	1.14ns	4.4ns	0.0216	0	0	1.6 KB
#6431	EnrichedLog	netcoreapp3.1	3.92μs	1.38ns	5.35ns	0.0215	0	0	1.65 KB
#6431	EnrichedLog	net472	4.42μs	3.8ns	14.2ns	0.323	0	0	2.04 KB

Benchmarks.Trace.SpanBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6431

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑net6.0	1.134	409.69	464.64
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑netcoreapp3.1	1.133	553.12	626.83

Faster 🎉 in #6431

Benchmark	base/diff	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.SpanBenchmark.StartFinishSpan‑net472	1.140	733.50	643.37

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	StartFinishSpan	net6.0	410ns	0.344ns	1.33ns	0.00805	0	0	576 B
master	StartFinishSpan	netcoreapp3.1	553ns	0.481ns	1.86ns	0.00772	0	0	576 B
master	StartFinishSpan	net472	733ns	0.207ns	0.802ns	0.0918	0	0	578 B
master	StartFinishScope	net6.0	478ns	0.228ns	0.885ns	0.00985	0	0	696 B
master	StartFinishScope	netcoreapp3.1	729ns	0.517ns	2ns	0.00945	0	0	696 B
master	StartFinishScope	net472	896ns	0.369ns	1.38ns	0.104	0	0	658 B
#6431	StartFinishSpan	net6.0	461ns	1.7ns	6.57ns	0.00806	0	0	576 B
#6431	StartFinishSpan	netcoreapp3.1	627ns	0.279ns	1.04ns	0.00788	0	0	576 B
#6431	StartFinishSpan	net472	643ns	0.354ns	1.37ns	0.0918	0	0	578 B
#6431	StartFinishScope	net6.0	473ns	0.245ns	0.948ns	0.0097	0	0	696 B
#6431	StartFinishScope	netcoreapp3.1	673ns	0.434ns	1.68ns	0.00947	0	0	696 B
#6431	StartFinishScope	net472	824ns	0.472ns	1.77ns	0.104	0	0	658 B

Benchmarks.Trace.TraceAnnotationsBenchmark - Slower ⚠️ Same allocations ✔️

Slower ⚠️ in #6431

Benchmark	diff/base	Base Median (ns)	Diff Median (ns)	Modality
Benchmarks.Trace.TraceAnnotationsBenchmark.RunOnMethodBegin‑netcoreapp3.1	1.130	853.29	964.34

Raw results

Branch	Method	Toolchain	Mean	StdError	StdDev	Gen 0	Gen 1	Gen 2	Allocated
master	RunOnMethodBegin	net6.0	617ns	0.573ns	2.22ns	0.00965	0	0	696 B
master	RunOnMethodBegin	netcoreapp3.1	853ns	0.454ns	1.76ns	0.0094	0	0	696 B
master	RunOnMethodBegin	net472	1.11μs	0.583ns	2.26ns	0.105	0	0	658 B
#6431	RunOnMethodBegin	net6.0	642ns	0.445ns	1.72ns	0.00964	0	0	696 B
#6431	RunOnMethodBegin	netcoreapp3.1	964ns	0.919ns	3.56ns	0.00953	0	0	696 B
#6431	RunOnMethodBegin	net472	1.12μs	0.563ns	2.18ns	0.104	0	0	658 B

[anna-git]

we need it in order to rebuild and play integration tests for the IDE

[anna-git]

Dont do this anymore: this could override the sdk, we now need a more precise approach with values from the sdk not overriden and others yes

[NachoEchevarria]

NIT: Guess that this is not needed.

[NachoEchevarria]

Do we need to define GetSecurityCoordinatorImpl instead of just writing return TryGet(security, span); in line 48?

[anna-git]

yes because of [MethodImpl(MethodImplOptions.NoInlining)] , we wanna make sure the method is not inlined, as it would cause a crash, trying to load a web assembly in a console app execution context

[NachoEchevarria]

If RASP is not the only one using this, we should delete this comment, right?

[NachoEchevarria]

NIT: Is public required?

[anna-git]

yes as it's now mocked in the unit tests ContextUserEventTests , cant seem to find another way 🤔

[andrewlock]

yes as it's now mocked in the unit tests ContextUserEventTests , cant seem to find another way

IMO, requiring mocking like this is a strong indication that we need an additional layer of abstraction and/or dependency injection. never mind, I didn't spot that it's because there's an interface now, all good 🙂

[NachoEchevarria]

I guess that this is modifying the session fingerprints, right? I have not seen any test related to session fingerprints, though. Should we test in this PR that the fingerprints are generated correctly?

[anna-git]

good point, I added it in the snapshots here
If there is no numbers as per the replacement logic here, this wouldnt print but just ---

[andrewlock]

I'm still not entirely sure how "safe" this really is 😅 but until we see crashes related to it I guess we'll carry on! 😄

[andrewlock]

I'm not actually sure if this is always safe, for similar reasons to .NET Core 🤔 e.g. in Owin, you don't use System.Web... maybe we should test that scenario (manually I mean, we probably don't need integration tests for it at this stage)

[andrewlock]

How is this different to the ReportAndBlock() bellow, and how do you know which one to choose? 😅

[anna-git]

yes I must say it's a bit confusing, ReportAndBlock is used by rasp, as the blocking middleware is not always here to catch the exception, so to make sure it's reported before blocking it.
But I think the preferred method should always be BlockAndReport as we're reporting the actual http status code and other stuff, we want to make sure we report what currently is and not what will be theoretically after blocking...

[andrewlock]

Is it safe to assume additiveContext is not null then, seeing as we removed the check?

[andrewlock]

Can this return null? Should it?

[andrewlock]

userAddresses is already a Dictionary<>, right, and isn't shared anywhere afaict? Can we avoid creating another dictionary here, and just use the one provided instead?

[andrewlock]

Nice 👍 but can addresses still be null? If so you'll still need a similar pattern, right?

[andrewlock]

Is it worth creating "null" versions of the UserRecord? Are the types mutable? If not, that could save a bunch of allocations - currently we're allocating four objects every time, and then potentially replacing them later?

[andrewlock]

Derived integration are much more expensive in general - IIRC, we have to analyze the class hierarchy for every loaded type to see if it derives from the type we're interested in. What I don't know is if the incremental perf hit is significant, or if it's just "as soon as we have a derived instrumentation we pay the cost".

I wonder if it would be sufficient to just instrument the "known" public HttpContext implementations e.g. DefaultHttpContext - realistically no-one outside of Microsoft is implementing their own HttpContext is going to be implementing their own HttpContext, so will probably be good enough? 🤔