Skip to content
Snippets Groups Projects
Commit 2588093b authored by Dominik František Bučík's avatar Dominik František Bučík
Browse files

chore: merge branch 'log_requests' into 'main'

feat: :guitar: Log incomming requests

See merge request !383
parents 5538a68c b28c941d
No related branches found
No related tags found
1 merge request!383feat: 🎸 Log incomming requests
Pipeline #409382 passed
...@@ -116,6 +116,8 @@ ...@@ -116,6 +116,8 @@
<security:expression-handler ref="oauthExpressionHandler" /> <security:expression-handler ref="oauthExpressionHandler" />
</security:global-method-security> </security:global-method-security>
<bean id="logRequestFilter" class="cz.muni.ics.oidc.web.LogRequestFilter"/>
<!-- Token endpoint --> <!-- Token endpoint -->
<security:http pattern="/token" <security:http pattern="/token"
create-session="stateless" create-session="stateless"
...@@ -127,6 +129,7 @@ ...@@ -127,6 +129,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" /> <security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters --> <!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first --> <security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" /> <security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
...@@ -140,6 +143,7 @@ ...@@ -140,6 +143,7 @@
entry-point-ref="oauthAuthenticationEntryPoint" entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless"> create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" /> <security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" /> <security:expression-handler ref="oauthWebExpressionHandler" />
...@@ -154,6 +158,7 @@ ...@@ -154,6 +158,7 @@
authentication-manager-ref="clientAuthenticationManager"> authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" /> <security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" /> <security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first --> <security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
...@@ -167,6 +172,7 @@ ...@@ -167,6 +172,7 @@
entry-point-ref="oauthAuthenticationEntryPoint" entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless"> create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" /> <security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" /> <security:expression-handler ref="oauthWebExpressionHandler" />
...@@ -181,6 +187,7 @@ ...@@ -181,6 +187,7 @@
authentication-manager-ref="clientAuthenticationManager"> authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" /> <security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" /> <security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first --> <security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
...@@ -197,6 +204,7 @@ ...@@ -197,6 +204,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" /> <security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters --> <!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first --> <security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" /> <security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
...@@ -211,6 +219,7 @@ ...@@ -211,6 +219,7 @@
create-session="stateless"> create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.openid.connect.web.endpoint.JWKSetPublishingEndpoint).URL}**" access="permitAll"/> <security:intercept-url pattern="/#{T(cz.muni.ics.openid.connect.web.endpoint.JWKSetPublishingEndpoint).URL}**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/> <security:csrf disabled="true"/>
</security:http> </security:http>
...@@ -222,6 +231,7 @@ ...@@ -222,6 +231,7 @@
create-session="stateless"> create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" access="permitAll"/> <security:intercept-url pattern="/#{T(cz.muni.ics.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" /> <security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/> <security:csrf disabled="true"/>
</security:http> </security:http>
...@@ -268,6 +278,7 @@ ...@@ -268,6 +278,7 @@
access="permitAll()"/> access="permitAll()"/>
<security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_EXCEPTION')"/> <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_EXCEPTION')"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/> <security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="metadataGeneratorFilter" before="CHANNEL_FILTER"/> <security:custom-filter ref="metadataGeneratorFilter" before="CHANNEL_FILTER"/>
<security:custom-filter ref="clearSessionFilter" after="CHANNEL_FILTER"/> <security:custom-filter ref="clearSessionFilter" after="CHANNEL_FILTER"/>
<security:custom-filter ref="samlFilter" before="CSRF_FILTER"/> <security:custom-filter ref="samlFilter" before="CSRF_FILTER"/>
......
package cz.muni.ics.oidc.web;
import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@Slf4j
public class LogRequestFilter extends OncePerRequestFilter {
public static final String SEPARATOR = "---------------------------------------------------------------------\n";
public static final String WRAPPER = "#####################################################################\n";
public static final String MSG = WRAPPER +
"Incoming request: {} {}\n" +
SEPARATOR +
"PARAMETERS: {}\n" +
SEPARATOR +
"HEADERS: {}" +
WRAPPER;
@Override
protected void doFilterInternal(final HttpServletRequest req,
HttpServletResponse response,
FilterChain filterChain)
throws ServletException, IOException
{
log.trace(MSG, req.getMethod(), req.getRequestURL(),
Collections.list(req.getParameterNames())
.stream()
.collect(
Collectors.toMap(
parameter -> parameter,
parameter -> List.of(req.getParameterValues((String) parameter))
)
),
Collections.list(req.getHeaderNames())
.stream()
.collect(
Collectors.toMap(
header -> header,
header -> List.of(req.getHeaders((String)header))
)
)
);
filterChain.doFilter(req, response);
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment