1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-01-22 05:19:26 +02:00

Move configuration of logger to separate file

This commit is contained in:
Joel Speed 2020-05-12 00:32:30 +01:00
parent 3afcadae76
commit 3cbac6122d
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
2 changed files with 71 additions and 59 deletions

65
pkg/validation/logging.go Normal file
View File

@ -0,0 +1,65 @@
package validation
import (
"os"
"strings"
"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/options"
"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
"gopkg.in/natefinch/lumberjack.v2"
)
// configureLogger is responsible for configuring the logger based on the options given
func configureLogger(o options.Logging, pingPath string, msgs []string) []string {
// Setup the log file
if len(o.File.Filename) > 0 {
// Validate that the file/dir can be written
file, err := os.OpenFile(o.File.Filename, os.O_WRONLY|os.O_CREATE, 0666)
if err != nil {
if os.IsPermission(err) {
return append(msgs, "unable to write to log file: "+o.File.Filename)
}
}
file.Close()
logger.Printf("Redirecting logging to file: %s", o.File.Filename)
logWriter := &lumberjack.Logger{
Filename: o.File.Filename,
MaxSize: o.File.MaxSize, // megabytes
MaxAge: o.File.MaxAge, // days
MaxBackups: o.File.MaxBackups,
LocalTime: o.LocalTime,
Compress: o.File.Compress,
}
logger.SetOutput(logWriter)
}
// Supply a sanity warning to the logger if all logging is disabled
if !o.StandardEnabled && !o.AuthEnabled && !o.RequestEnabled {
logger.Print("Warning: Logging disabled. No further logs will be shown.")
}
// Pass configuration values to the standard logger
logger.SetStandardEnabled(o.StandardEnabled)
logger.SetAuthEnabled(o.AuthEnabled)
logger.SetReqEnabled(o.RequestEnabled)
logger.SetStandardTemplate(o.StandardFormat)
logger.SetAuthTemplate(o.AuthFormat)
logger.SetReqTemplate(o.RequestFormat)
excludePaths := make([]string, 0)
excludePaths = append(excludePaths, strings.Split(o.ExcludePaths, ",")...)
if o.SilencePing {
excludePaths = append(excludePaths, pingPath)
}
logger.SetExcludePaths(excludePaths)
if !o.LocalTime {
logger.SetFlags(logger.Flags() | logger.LUTC)
}
return msgs
}

View File

@ -23,7 +23,6 @@ import (
"github.com/oauth2-proxy/oauth2-proxy/pkg/requests"
"github.com/oauth2-proxy/oauth2-proxy/pkg/sessions"
"github.com/oauth2-proxy/oauth2-proxy/providers"
"gopkg.in/natefinch/lumberjack.v2"
)
// Validate checks that required options are set and validates those that they
@ -265,7 +264,7 @@ func Validate(o *options.Options) error {
msgs = parseSignatureKey(o, msgs)
msgs = validateCookieName(o, msgs)
msgs = setupLogger(o, msgs)
msgs = configureLogger(o.Logging, o.PingPath, msgs)
if o.ReverseProxy {
parser, err := ip.GetRealClientIPParser(o.RealClientIPHeader)
@ -273,6 +272,11 @@ func Validate(o *options.Options) error {
msgs = append(msgs, fmt.Sprintf("real_client_ip_header (%s) not accepted parameter value: %v", o.RealClientIPHeader, err))
}
o.SetRealClientIPParser(parser)
// Allow the logger to get client IPs
logger.SetGetClientFunc(func(r *http.Request) string {
return ip.GetClientString(o.GetRealClientIPParser(), r, false)
})
}
if len(msgs) != 0 {
@ -453,63 +457,6 @@ func validateCookieName(o *options.Options, msgs []string) []string {
return msgs
}
func setupLogger(o *options.Options, msgs []string) []string {
// Setup the log file
if len(o.Logging.File.Filename) > 0 {
// Validate that the file/dir can be written
file, err := os.OpenFile(o.Logging.File.Filename, os.O_WRONLY|os.O_CREATE, 0666)
if err != nil {
if os.IsPermission(err) {
return append(msgs, "unable to write to log file: "+o.Logging.File.Filename)
}
}
file.Close()
logger.Printf("Redirecting logging to file: %s", o.Logging.File.Filename)
logWriter := &lumberjack.Logger{
Filename: o.Logging.File.Filename,
MaxSize: o.Logging.File.MaxSize, // megabytes
MaxAge: o.Logging.File.MaxAge, // days
MaxBackups: o.Logging.File.MaxBackups,
LocalTime: o.Logging.LocalTime,
Compress: o.Logging.File.Compress,
}
logger.SetOutput(logWriter)
}
// Supply a sanity warning to the logger if all logging is disabled
if !o.Logging.StandardEnabled && !o.Logging.AuthEnabled && !o.Logging.RequestEnabled {
logger.Print("Warning: Logging disabled. No further logs will be shown.")
}
// Pass configuration values to the standard logger
logger.SetStandardEnabled(o.Logging.StandardEnabled)
logger.SetAuthEnabled(o.Logging.AuthEnabled)
logger.SetReqEnabled(o.Logging.RequestEnabled)
logger.SetStandardTemplate(o.Logging.StandardFormat)
logger.SetAuthTemplate(o.Logging.AuthFormat)
logger.SetReqTemplate(o.Logging.RequestFormat)
logger.SetGetClientFunc(func(r *http.Request) string {
return ip.GetClientString(o.GetRealClientIPParser(), r, false)
})
excludePaths := make([]string, 0)
excludePaths = append(excludePaths, strings.Split(o.Logging.ExcludePaths, ",")...)
if o.Logging.SilencePing {
excludePaths = append(excludePaths, o.PingPath)
}
logger.SetExcludePaths(excludePaths)
if !o.Logging.LocalTime {
logger.SetFlags(logger.Flags() | logger.LUTC)
}
return msgs
}
// jwtIssuer hold parsed JWT issuer info that's used to construct a verifier.
type jwtIssuer struct {
issuerURI string