-
Notifications
You must be signed in to change notification settings - Fork 7
/
log.go
93 lines (85 loc) · 3.12 KB
/
log.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package main
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"github.com/rs/zerolog/log"
)
type requestData struct {
Method string `json:"method"`
URL string `json:"url"`
Header http.Header `json:"header"`
Body string `json:"body"`
}
// loggingMiddleware returns a middleware that logs details of incoming HTTP requests and passes control to the next HTTP handler in the chain.
// If configuration allows for logging tokens, the request body is read and logged.
// Otherwise, the body content is redacted.
func (a *App) loggingMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var bodyBytes []byte
if a.Cfg.Log.LogTokens {
bodyBytes = readBody(r)
} else {
bodyBytes = []byte("[REDACTED]")
}
// log.Trace().Any("Request", r.Headers).Msg("")
logRequestData(r, bodyBytes, a.Cfg.Log.LogTokens)
next.ServeHTTP(w, r)
log.Debug().Str("path", r.URL.Path).Msg("Request complete")
})
}
// readBody reads and returns the entire request body.
// If an error occurs during reading, it logs the error and returns nil.
// Note that this function also resets the request's Body to ensure it can be read again by subsequent handlers.
func readBody(r *http.Request) []byte {
var bodyBytes []byte
var err error
if r.Body != nil {
bodyBytes, err = io.ReadAll(r.Body)
if err != nil {
log.Error().Err(err).Msg("")
return nil
}
r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
}
return bodyBytes
}
// logRequestData logs the specified request's details, including method, headers, and optionally, body content.
// If logToken is false, sensitive headers are cleaned before logging.
// If the request data cannot be marshaled to JSON, an error is logged.
func logRequestData(r *http.Request, bodyBytes []byte, logToken bool) {
rd := requestData{r.Method, r.URL.String(), r.Header, string(bodyBytes)}
if logToken {
rd.Header = cleanSensitiveHeaders(rd.Header)
}
jsonData, err := json.Marshal(rd)
if err != nil {
log.Error().Err(err).Msg("Error while marshalling request")
return
}
log.Debug().Str("verb", r.Method).Str("request", string(jsonData)).Str("path", r.URL.Path).Msg("")
}
// cleanSensitiveHeaders creates and returns a copy of the provided HTTP headers with sensitive headers removed.
// Sensitive headers like "Authorization", "X-Plugin-Id", and "X-Id-Token" are deleted to prevent them from being logged.
func cleanSensitiveHeaders(headers http.Header) http.Header {
copyHeader := make(http.Header)
for k, v := range headers {
copyHeader[k] = v
}
copyHeader.Del("Authorization")
copyHeader.Del("X-Plugin-Id")
copyHeader.Del("X-Id-Token")
return copyHeader
}
// logAndWriteError logs the provided error and message at the Trace level and writes them to the ResponseWriter along with the specified status code.
// If the message is an empty string, the error's message is written instead.
func logAndWriteError(rw http.ResponseWriter, statusCode int, err error, message string) {
if message == "" {
message = fmt.Sprint(err)
}
log.Trace().Err(err).Msg(message)
rw.WriteHeader(statusCode)
_, _ = fmt.Fprint(rw, message+"\n")
}