github
/
oauth2_proxy
зеркало из https://github.com/github/oauth2_proxy.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Make request logging format configurable

This commit is contained in:
Paul Seiffert 2017-07-14 13:08:34 +02:00 коммит произвёл Tanvir Alam
Родитель 3c51c914ac
Коммит 9341dcbf79
3 изменённых файлов: 75 добавлений и 44 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

78
logging_handler.go
Просмотреть файл

@ -9,9 +9,14 @@ import (
"net" "net"
"net/http" "net/http"
"net/url" "net/url"
"text/template"
"time" "time"
) )
const (
defaultRequestLoggingFormat = "{{.Client}} - {{.Username}} [{{.Timestamp}}] {{.Host}} {{.RequestMethod}} {{.Upstream}} {{.RequestURI}} {{.Protocol}} {{.UserAgent}} {{.StatusCode}} {{.ResponseSize}} {{.RequestDuration}}"
)
// responseLogger is wrapper of http.ResponseWriter that keeps track of its HTTP status // responseLogger is wrapper of http.ResponseWriter that keeps track of its HTTP status
// code and body size // code and body size
type responseLogger struct { type responseLogger struct {
@ -64,15 +69,38 @@ func (l *responseLogger) Size() int {
return l.size return l.size
} }
// loggingHandler is the http.Handler implementation for LoggingHandlerTo and its friends // logMessageData is the container for all values that are available as variables in the request logging format.
type loggingHandler struct { // All values are pre-formatted strings so it is easy to use them in the format string.
writer io.Writer type logMessageData struct {
handler http.Handler Client,
enabled bool Host,
Protocol,
RequestDuration,
RequestMethod,
RequestURI,
ResponseSize,
StatusCode,
Timestamp,
Upstream,
UserAgent,
Username string
} }
func LoggingHandler(out io.Writer, h http.Handler, v bool) http.Handler { // loggingHandler is the http.Handler implementation for LoggingHandlerTo and its friends
return loggingHandler{out, h, v} type loggingHandler struct {
writer io.Writer
handler http.Handler
enabled bool
logTemplate *template.Template
}
func LoggingHandler(out io.Writer, h http.Handler, v bool, requestLoggingTpl string) http.Handler {
return loggingHandler{
writer: out,
handler: h,
enabled: v,
logTemplate: template.Must(template.New("request-log").Parse(requestLoggingTpl)),
}
} }
func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) { func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
@ -83,14 +111,13 @@ func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
if !h.enabled { if !h.enabled {
return return
} }
logLine := buildLogLine(logger.authInfo, logger.upstream, req, url, t, logger.Status(), logger.Size()) h.writeLogLine(logger.authInfo, logger.upstream, req, url, t, logger.Status(), logger.Size())
h.writer.Write(logLine)
} }
// Log entry for req similar to Apache Common Log Format. // Log entry for req similar to Apache Common Log Format.
// ts is the timestamp with which the entry should be logged. // ts is the timestamp with which the entry should be logged.
// status, size are used to provide the response HTTP status and size. // status, size are used to provide the response HTTP status and size.
func buildLogLine(username, upstream string, req *http.Request, url url.URL, ts time.Time, status int, size int) []byte { func (h loggingHandler) writeLogLine(username, upstream string, req *http.Request, url url.URL, ts time.Time, status int, size int) {
if username == "" { if username == "" {
username = "-" username = "-"
} }
@ -114,19 +141,20 @@ func buildLogLine(username, upstream string, req *http.Request, url url.URL, ts
duration := float64(time.Now().Sub(ts)) / float64(time.Second) duration := float64(time.Now().Sub(ts)) / float64(time.Second)
logLine := fmt.Sprintf("%s - %s [%s] %s %s %s %q %s %q %d %d %0.3f\n", h.logTemplate.Execute(h.writer, logMessageData{
client, Client: client,
username, Host: req.Host,
ts.Format("02/Jan/2006:15:04:05 -0700"), Protocol: req.Proto,
req.Host, RequestDuration: fmt.Sprintf("%0.3f", duration),
req.Method, RequestMethod: req.Method,
upstream, RequestURI: fmt.Sprintf("%q", url.RequestURI()),
url.RequestURI(), ResponseSize: fmt.Sprintf("%d", size),
req.Proto, StatusCode: fmt.Sprintf("%d", status),
req.UserAgent(), Timestamp: ts.Format("02/Jan/2006:15:04:05 -0700"),
status, Upstream: upstream,
size, UserAgent: fmt.Sprintf("%q", req.UserAgent()),
duration, Username: username,
) })
return []byte(logLine)
h.writer.Write([]byte("\n"))
} }

3
main.go
Просмотреть файл

@ -67,6 +67,7 @@ func main() {
flagSet.Bool("cookie-httponly", true, "set HttpOnly cookie flag") flagSet.Bool("cookie-httponly", true, "set HttpOnly cookie flag")
flagSet.Bool("request-logging", true, "Log requests to stdout") flagSet.Bool("request-logging", true, "Log requests to stdout")
flagSet.String("request-logging-format", defaultRequestLoggingFormat, "Template for log lines")
flagSet.String("provider", "google", "OAuth provider") flagSet.String("provider", "google", "OAuth provider")
flagSet.String("login-url", "", "Authentication endpoint") flagSet.String("login-url", "", "Authentication endpoint")
@ -124,7 +125,7 @@ func main() {
} }
s := &Server{ s := &Server{
Handler: LoggingHandler(os.Stdout, oauthproxy, opts.RequestLogging), Handler: LoggingHandler(os.Stdout, oauthproxy, opts.RequestLogging, opts.RequestLoggingFormat),
Opts: opts, Opts: opts,
} }
s.ListenAndServe() s.ListenAndServe()

38
options.go
Просмотреть файл

@ -71,7 +71,8 @@ type Options struct {
Scope string `flag:"scope" cfg:"scope"` Scope string `flag:"scope" cfg:"scope"`
ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"` ApprovalPrompt string `flag:"approval-prompt" cfg:"approval_prompt"`
RequestLogging bool `flag:"request-logging" cfg:"request_logging"` RequestLogging bool `flag:"request-logging" cfg:"request_logging"`
RequestLoggingFormat string `flag:"request-logging-format" cfg:"request_logging_format"`
SignatureKey string `flag:"signature-key" cfg:"signature_key" env:"OAUTH2_PROXY_SIGNATURE_KEY"` SignatureKey string `flag:"signature-key" cfg:"signature_key" env:"OAUTH2_PROXY_SIGNATURE_KEY"`
@ -90,23 +91,24 @@ type SignatureData struct {
func NewOptions() *Options { func NewOptions() *Options {
return &Options{ return &Options{
ProxyPrefix: "/oauth2", ProxyPrefix: "/oauth2",
HttpAddress: "127.0.0.1:4180", HttpAddress: "127.0.0.1:4180",
HttpsAddress: ":443", HttpsAddress: ":443",
DisplayHtpasswdForm: true, DisplayHtpasswdForm: true,
CookieName: "_oauth2_proxy", CookieName: "_oauth2_proxy",
CookieSecure: true, CookieSecure: true,
CookieHttpOnly: true, CookieHttpOnly: true,
CookieExpire: time.Duration(168) * time.Hour, CookieExpire: time.Duration(168) * time.Hour,
CookieRefresh: time.Duration(0), CookieRefresh: time.Duration(0),
SetXAuthRequest: false, SetXAuthRequest: false,
SkipAuthPreflight: false, SkipAuthPreflight: false,
PassBasicAuth: true, PassBasicAuth: true,
PassUserHeaders: true, PassUserHeaders: true,
PassAccessToken: false, PassAccessToken: false,
PassHostHeader: true, PassHostHeader: true,
ApprovalPrompt: "force", ApprovalPrompt: "force",
RequestLogging: true, RequestLogging: true,
RequestLoggingFormat: defaultRequestLoggingFormat,
} }
} }