From b08e2f193486ca40e3dfe5a4be4614fc13ac123d Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Wed, 6 Oct 2021 17:29:03 +0100 Subject: [PATCH] Fixup main with Verbose type --- logger.go | 7 +++---- main.go | 4 ++-- oauthproxy.go | 24 ++++++++++++------------ validator.go | 2 +- watcher.go | 8 ++++---- 5 files changed, 22 insertions(+), 23 deletions(-) diff --git a/logger.go b/logger.go index 4285aabe..d0cd0db7 100644 --- a/logger.go +++ b/logger.go @@ -2,11 +2,10 @@ package main import ( "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger" - "k8s.io/klog/v2" ) var ( - infoLogger = func() klog.Verbose { return klog.V(logger.CoreInfo) } - debugLogger = func() klog.Verbose { return klog.V(logger.CoreDebug) } - traceLogger = func() klog.Verbose { return klog.V(logger.CoreTrace) } + infoLogger = logger.Verbose(logger.CoreInfo) + debugLogger = logger.Verbose(logger.CoreDebug) + traceLogger = logger.Verbose(logger.CoreTrace) ) diff --git a/main.go b/main.go index 60f9e528..6030279e 100644 --- a/main.go +++ b/main.go @@ -52,12 +52,12 @@ func main() { // When running with trace logging, start by logging the observed config. // This will help users to determine if they have configured the proxy correctly. // NOTE: This data is not scrubbed and may contain secrets! - if traceLogger().Enabled() { + if traceLogger.Enabled() { config, err := json.Marshal(opts) if err != nil { klog.Fatalf("ERROR: %v", err) } - traceLogger().Infof("Observed configuration: %s", string(config)) + traceLogger.Infof("Observed configuration: %s", string(config)) } if *convertConfig { diff --git a/oauthproxy.go b/oauthproxy.go index 82a4c6d6..de54f2bb 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -106,7 +106,7 @@ func NewOAuthProxy(opts *options.Options, validator func(string) bool) (*OAuthPr var basicAuthValidator basic.Validator if opts.HtpasswdFile != "" { - infoLogger().Infof("using htpasswd file: %s", opts.HtpasswdFile) + infoLogger.Infof("using htpasswd file: %s", opts.HtpasswdFile) var err error basicAuthValidator, err = basic.NewHTPasswdValidator(opts.HtpasswdFile) if err != nil { @@ -135,9 +135,9 @@ func NewOAuthProxy(opts *options.Options, validator func(string) bool) (*OAuthPr } if opts.SkipJwtBearerTokens { - infoLogger().Infof("Skipping JWT tokens from configured OIDC issuer: %q", opts.Providers[0].OIDCConfig.IssuerURL) + infoLogger.Infof("Skipping JWT tokens from configured OIDC issuer: %q", opts.Providers[0].OIDCConfig.IssuerURL) for _, issuer := range opts.ExtraJwtIssuers { - infoLogger().Infof("Skipping JWT tokens from extra JWT issuer: %q", issuer) + infoLogger.Infof("Skipping JWT tokens from extra JWT issuer: %q", issuer) } } redirectURL := opts.GetRedirectURL() @@ -145,13 +145,13 @@ func NewOAuthProxy(opts *options.Options, validator func(string) bool) (*OAuthPr redirectURL.Path = fmt.Sprintf("%s/callback", opts.ProxyPrefix) } - infoLogger().Infof("OAuthProxy configured for %s Client ID: %s", opts.GetProvider().Data().ProviderName, opts.Providers[0].ClientID) + infoLogger.Infof("OAuthProxy configured for %s Client ID: %s", opts.GetProvider().Data().ProviderName, opts.Providers[0].ClientID) refresh := "disabled" if opts.Cookie.Refresh != time.Duration(0) { refresh = fmt.Sprintf("after %s", opts.Cookie.Refresh) } - infoLogger().Infof("Cookie settings: name:%s secure(https):%v httponly:%v expiry:%s domains:%s path:%s samesite:%s refresh:%s", opts.Cookie.Name, opts.Cookie.Secure, opts.Cookie.HTTPOnly, opts.Cookie.Expire, strings.Join(opts.Cookie.Domains, ","), opts.Cookie.Path, opts.Cookie.SameSite, refresh) + infoLogger.Infof("Cookie settings: name:%s secure(https):%v httponly:%v expiry:%s domains:%s path:%s samesite:%s refresh:%s", opts.Cookie.Name, opts.Cookie.Secure, opts.Cookie.HTTPOnly, opts.Cookie.Expire, strings.Join(opts.Cookie.Domains, ","), opts.Cookie.Path, opts.Cookie.SameSite, refresh) trustedIPs := ip.NewNetSet() for _, ipStr := range opts.TrustedIPs { @@ -425,7 +425,7 @@ func buildRoutesAllowlist(opts *options.Options) ([]allowedRoute, error) { if err != nil { return nil, err } - infoLogger().Infof("Skipping auth - Method: ALL | Path: %s", path) + infoLogger.Infof("Skipping auth - Method: ALL | Path: %s", path) routes = append(routes, allowedRoute{ method: "", pathRegex: compiledRegex, @@ -451,7 +451,7 @@ func buildRoutesAllowlist(opts *options.Options) ([]allowedRoute, error) { if err != nil { return nil, err } - infoLogger().Infof("Skipping auth - Method: %s | Path: %s", method, path) + infoLogger.Infof("Skipping auth - Method: %s | Path: %s", method, path) routes = append(routes, allowedRoute{ method: method, pathRegex: compiledRegex, @@ -491,7 +491,7 @@ func (p *OAuthProxy) ErrorPage(rw http.ResponseWriter, req *http.Request, code i redirectURL = "/" } - debugLogger().Infof("Rendering error page (status %d) for application error: %v", code, appError) + debugLogger.Infof("Rendering error page (status %d) for application error: %v", code, appError) scope := middlewareapi.GetRequestScope(req) p.pageWriter.WriteErrorPage(rw, pagewriter.ErrorPageOpts{ @@ -507,7 +507,7 @@ func (p *OAuthProxy) ErrorPage(rw http.ResponseWriter, req *http.Request, code i func (p *OAuthProxy) IsAllowedRequest(req *http.Request) bool { isPreflightRequestAllowed := p.skipAuthPreflight && req.Method == "OPTIONS" if isPreflightRequestAllowed { - traceLogger().Infof("Request %s: Allowed as preflight request", middlewareapi.GetRequestScope(req).RequestID) + traceLogger.Infof("Request %s: Allowed as preflight request", middlewareapi.GetRequestScope(req).RequestID) } return isPreflightRequestAllowed || p.isAllowedRoute(req) || p.isTrustedIP(req) } @@ -516,7 +516,7 @@ func (p *OAuthProxy) IsAllowedRequest(req *http.Request) bool { func (p *OAuthProxy) isAllowedRoute(req *http.Request) bool { for _, route := range p.allowedRoutes { if (route.method == "" || req.Method == route.method) && route.pathRegex.MatchString(req.URL.Path) { - traceLogger().Infof("Request %s: Allowed by route match", middlewareapi.GetRequestScope(req).RequestID) + traceLogger.Infof("Request %s: Allowed by route match", middlewareapi.GetRequestScope(req).RequestID) return true } } @@ -541,7 +541,7 @@ func (p *OAuthProxy) isTrustedIP(req *http.Request) bool { } if p.trustedIPs.Has(remoteAddr) { - traceLogger().Infof("Request %s: allowed by trusted IP", middlewareapi.GetRequestScope(req).RequestID) + traceLogger.Infof("Request %s: allowed by trusted IP", middlewareapi.GetRequestScope(req).RequestID) return true } return false @@ -767,7 +767,7 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) { p.provider.ValidateSession(req.Context(), session) if !p.redirectValidator.IsValidRedirect(appRedirect) { - debugLogger().Infof("Request %s: Rejected invalid redirect: %s", middlewareapi.GetRequestScope(req).RequestID, appRedirect) + debugLogger.Infof("Request %s: Rejected invalid redirect: %s", middlewareapi.GetRequestScope(req).RequestID, appRedirect) appRedirect = "/" } diff --git a/validator.go b/validator.go index ebb75737..4bf7376a 100644 --- a/validator.go +++ b/validator.go @@ -25,7 +25,7 @@ func NewUserMap(usersFile string, done <-chan bool, onUpdate func()) *UserMap { m := make(map[string]bool) atomic.StorePointer(&um.m, unsafe.Pointer(&m)) // #nosec G103 if usersFile != "" { - infoLogger().Infof("Using authenticated emails file %s", usersFile) + infoLogger.Infof("Using authenticated emails file %s", usersFile) WatchForUpdates(usersFile, done, func() { um.LoadAuthenticatedEmailsFile() onUpdate() diff --git a/watcher.go b/watcher.go index adf74d88..cfa4d98c 100644 --- a/watcher.go +++ b/watcher.go @@ -26,7 +26,7 @@ func WaitForReplacement(filename string, op fsnotify.Op, for { if _, err := os.Stat(filename); err == nil { if err := watcher.Add(filename); err == nil { - infoLogger().Infof("watching resumed for %s", filename) + infoLogger.Infof("watching resumed for %s", filename) return } } @@ -51,7 +51,7 @@ func WatchForUpdates(filename string, done <-chan bool, action func()) { for { select { case <-done: - infoLogger().Infof("Shutting down watcher for: %s", filename) + infoLogger.Infof("Shutting down watcher for: %s", filename) return case event := <-watcher.Events: // On Arch Linux, it appears Chmod events precede Remove events, @@ -60,7 +60,7 @@ func WatchForUpdates(filename string, done <-chan bool, action func()) { // UserMap.LoadAuthenticatedEmailsFile()) crashes when the file // can't be opened. if event.Op&(fsnotify.Remove|fsnotify.Rename|fsnotify.Chmod) != 0 { - infoLogger().Infof("Watching interrupted on event: %s", event) + infoLogger.Infof("Watching interrupted on event: %s", event) err = watcher.Remove(filename) if err != nil { klog.Errorf("error removing watcher on %s: %v", filename, err) @@ -77,5 +77,5 @@ func WatchForUpdates(filename string, done <-chan bool, action func()) { if err = watcher.Add(filename); err != nil { klog.Fatalf("Failed to add %s to watcher: %v", filename, err) } - infoLogger().Infof("Watching %s for updates", filename) + infoLogger.Infof("Watching %s for updates", filename) }