Skip to content
Snippets Groups Projects
Verified Commit b28c941d authored by Dominik Frantisek Bucik's avatar Dominik Frantisek Bucik
Browse files

feat: :guitar: Log incomming requests

parent 5538a68c
No related branches found
No related tags found
1 merge request!383feat: 🎸 Log incomming requests
Pipeline #409371 passed
......@@ -116,6 +116,8 @@
<security:expression-handler ref="oauthExpressionHandler" />
</security:global-method-security>
<bean id="logRequestFilter" class="cz.muni.ics.oidc.web.LogRequestFilter"/>
<!-- Token endpoint -->
<security:http pattern="/token"
create-session="stateless"
......@@ -127,6 +129,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -140,6 +143,7 @@
entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" />
......@@ -154,6 +158,7 @@
authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -167,6 +172,7 @@
entry-point-ref="oauthAuthenticationEntryPoint"
create-session="stateless">
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:expression-handler ref="oauthWebExpressionHandler" />
......@@ -181,6 +187,7 @@
authentication-manager-ref="clientAuthenticationManager">
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -197,6 +204,7 @@
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request parameters -->
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
......@@ -211,6 +219,7 @@
create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.openid.connect.web.endpoint.JWKSetPublishingEndpoint).URL}**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/>
</security:http>
......@@ -222,6 +231,7 @@
create-session="stateless">
<security:intercept-url pattern="/#{T(cz.muni.ics.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" access="permitAll"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
<security:csrf disabled="true"/>
</security:http>
......@@ -268,6 +278,7 @@
access="permitAll()"/>
<security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER','ROLE_EXCEPTION')"/>
<security:custom-filter ref="mdcFilter" before="FIRST"/>
<security:custom-filter ref="logRequestFilter" after="FIRST"/>
<security:custom-filter ref="metadataGeneratorFilter" before="CHANNEL_FILTER"/>
<security:custom-filter ref="clearSessionFilter" after="CHANNEL_FILTER"/>
<security:custom-filter ref="samlFilter" before="CSRF_FILTER"/>
......
package cz.muni.ics.oidc.web;
import cz.muni.ics.oidc.server.configurations.PerunOidcConfig;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@Slf4j
public class LogRequestFilter extends OncePerRequestFilter {
public static final String SEPARATOR = "---------------------------------------------------------------------\n";
public static final String WRAPPER = "#####################################################################\n";
public static final String MSG = WRAPPER +
"Incoming request: {} {}\n" +
SEPARATOR +
"PARAMETERS: {}\n" +
SEPARATOR +
"HEADERS: {}" +
WRAPPER;
@Override
protected void doFilterInternal(final HttpServletRequest req,
HttpServletResponse response,
FilterChain filterChain)
throws ServletException, IOException
{
log.trace(MSG, req.getMethod(), req.getRequestURL(),
Collections.list(req.getParameterNames())
.stream()
.collect(
Collectors.toMap(
parameter -> parameter,
parameter -> List.of(req.getParameterValues((String) parameter))
)
),
Collections.list(req.getHeaderNames())
.stream()
.collect(
Collectors.toMap(
header -> header,
header -> List.of(req.getHeaders((String)header))
)
)
);
filterChain.doFilter(req, response);
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment