Add list of granting policies audit logs (#15457)

* Add list of granting policies audit logs

* Add changelog

sdk/logical/auth.go

@@ -8,7 +8,8 @@ import (
 )
 
 // Auth is the resulting authentication information that is part of
-// Response for credential backends.
+// Response for credential backends. It's also attached to Request objects and
+// defines the authentication used for the request. This value is audit logged.
 type Auth struct {
 	LeaseOptions
 
@@ -101,6 +102,10 @@ type Auth struct {
 	// Orphan is set if the token does not have a parent
 	Orphan bool `json:"orphan"`
 
+	// PolicyResults is the set of policies that grant the token access to the
+	// requesting path.
+	PolicyResults *PolicyResults `json:"policy_results"`
+
 	// MFARequirement
 	MFARequirement *MFARequirement `json:"mfa_requirement"`
 }
@@ -108,3 +113,14 @@ type Auth struct {
 func (a *Auth) GoString() string {
 	return fmt.Sprintf("*%#v", *a)
 }
+
+type PolicyResults struct {
+	Allowed          bool         `json:"allowed"`
+	GrantingPolicies []PolicyInfo `json:"granting_policies"`
+}
+
+type PolicyInfo struct {
+	Name        string `json:"name"`
+	NamespaceId string `json:"namespace_id"`
+	Type        string `json:"type"`
+}