3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-30 15:00:51 +02:00
Code Issues Projects Releases Packages Wiki Activity

proxy: add support for logging http request headers (#4388)

Browse source 
* config: add customization options for logging

* config: validate log fields

* proxy: add support for logging http request headers

* log subset of headers

* fix test name

* dont use log.HTTPHeaders for access logs

* canonicalize http/2 headers
This commit is contained in:
Caleb Doxsey 2023-07-25 09:46:42 -06:00 committed by GitHub
parent 4698e4661a
commit 638d9f3d6c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 172 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

6
internal/log/authorize.go
View file

@ -14,7 +14,7 @@ type AuthorizeLogField string
const (
AuthorizeLogFieldCheckRequestID AuthorizeLogField = "check-request-id"
AuthorizeLogFieldEmail AuthorizeLogField = "email"
AuthorizeLogFieldHeaders AuthorizeLogField = "headers"
AuthorizeLogFieldHeaders = AuthorizeLogField(headersFieldName)
AuthorizeLogFieldHost AuthorizeLogField = "host"
AuthorizeLogFieldImpersonateEmail AuthorizeLogField = "impersonate-email"
AuthorizeLogFieldImpersonateSessionID AuthorizeLogField = "impersonate-session-id"
@ -79,6 +79,10 @@ var authorizeLogFieldLookup = map[AuthorizeLogField]struct{}{
// Validate returns an error if the authorize log field is invalid.
func (field AuthorizeLogField) Validate() error {
if _, ok := GetHeaderField(field); ok {
return nil
}
_, ok := authorizeLogFieldLookup[field]
if !ok {
return fmt.Errorf("%w: %s", ErrUnknownAuthorizeLogField, field)