3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-06 10:21:05 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/log/authorize.go
Caleb Doxsey aa4ed135ae config: add customization options for logging
2023-07-21 15:45:35 -06:00

62 lines
2.3 KiB
Go
Raw Blame History

package log
import "strings"
// An AuthorizeLogField is a field in the authorize logs.
type AuthorizeLogField string
// known authorize log fields
const (
AuthorizeLogFieldCheckRequestID AuthorizeLogField = "check-request-id"
AuthorizeLogFieldEmail AuthorizeLogField = "email"
AuthorizeLogFieldHeaders AuthorizeLogField = "headers"
AuthorizeLogFieldHost AuthorizeLogField = "host"
AuthorizeLogFieldImpersonateEmail AuthorizeLogField = "impersonate-email"
AuthorizeLogFieldImpersonateSessionID AuthorizeLogField = "impersonate-session-id"
AuthorizeLogFieldImpersonateUserID AuthorizeLogField = "impersonate-user-id"
AuthorizeLogFieldIP AuthorizeLogField = "ip"
AuthorizeLogFieldMethod AuthorizeLogField = "method"
AuthorizeLogFieldPath AuthorizeLogField = "path"
AuthorizeLogFieldQuery AuthorizeLogField = "query"
AuthorizeLogFieldRequestID AuthorizeLogField = "request-id"
AuthorizeLogFieldServiceAccountID AuthorizeLogField = "service-account-id"
AuthorizeLogFieldSessionID AuthorizeLogField = "session-id"
AuthorizeLogFieldUser AuthorizeLogField = "user"
)
// DefaultAuthorizeLogFields are the default authorize log fields to log.
var DefaultAuthorizeLogFields = []AuthorizeLogField{
AuthorizeLogFieldRequestID,
AuthorizeLogFieldCheckRequestID,
AuthorizeLogFieldMethod,
AuthorizeLogFieldPath,
AuthorizeLogFieldHost,
AuthorizeLogFieldQuery,
AuthorizeLogFieldIP,
AuthorizeLogFieldSessionID,
AuthorizeLogFieldImpersonateSessionID,
AuthorizeLogFieldImpersonateUserID,
AuthorizeLogFieldImpersonateEmail,
AuthorizeLogFieldServiceAccountID,
AuthorizeLogFieldUser,
AuthorizeLogFieldEmail,
AuthorizeLogFieldHeaders.ForDebugOnly(),
}
const debugOnlyPrefix = "debug."
// IsForDebugOnly returns an authorize log field that's intended to only be logged in debug mode.
func (field AuthorizeLogField) IsForDebugOnly() (AuthorizeLogField, bool) {
if strings.HasPrefix(string(field), debugOnlyPrefix) {
return field[len(debugOnlyPrefix):], true
}
return field, false
}
// ForDebugOnly returns the authorize log field that will only be logged in debug mode.
func (field AuthorizeLogField) ForDebugOnly() AuthorizeLogField {
if _, ok := field.IsForDebugOnly(); ok {
return field
}
return debugOnlyPrefix + field
}
Reference in a new issue View git blame Copy permalink