cmd/cue: enable HTTP logging for cue login

The `cue login` command invokes oauth2 logic without hooking up the httplog transport. It seems consistent to enable HTTP logging whenever HTTP requests are made, so pass in the logging client in the context in `cue login` too. Make sure to elide bodies so we don't log the actual acquired tokens. Using a consistent HTTP transport everywhere will also make it easier to add a User-Agent header for all requests. Signed-off-by: Roger Peppe <rogpeppe@gmail.com> Change-Id: I698052c9047f183ab06de474efdadec02623e7cd Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/1178022 Reviewed-by: Daniel Martí <mvdan@mvdan.cc> TryBot-Result: CUEcueckoo <cueckoo@gmail.com> Unity-Result: CUE porcuepine <cue.porcuepine@gmail.com>
cue-lang · Mar 12, 2024 · 9f556fe · 9f556fe
1 parent 9789ee6
commit 9f556fe
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 12 deletions.
diff --git a/cmd/cue/cmd/login.go b/cmd/cue/cmd/login.go
@@ -15,11 +15,16 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
+	"net/http"
 	"os"
 
-	"cuelang.org/go/internal/cueconfig"
 	"github.com/spf13/cobra"
+	"golang.org/x/oauth2"
+
+	"cuelang.org/go/internal/cueconfig"
+	"cuelang.org/go/internal/httplog"
 )
 
 // TODO: We need a testscript to cover "cue login" with its oauth2 device flow.
@@ -56,6 +61,13 @@ inside your user's config directory, such as $XDG_CONFIG_HOME or %AppData%.
 		Args: cobra.MaximumNArgs(1),
 		RunE: mkRunE(c, func(cmd *Command, args []string) error {
 			ctx := backgroundContext()
+			// Cause the oauth2 logic to log HTTP requests when logging is enabled.
+			ctx = context.WithValue(ctx, oauth2.HTTPClient, &http.Client{
+				Transport: httpTransport(),
+			})
+			// Elide request and response bodies because they're likely to include sensitive information.
+			ctx = httplog.RedactRequestBody(ctx, "request body can contain sensitive data when logging in")
+			ctx = httplog.RedactResponseBody(ctx, "response body can contain sensitive data when logging in")
 
 			resolver, err := getRegistryResolver()
 			if err != nil {

diff --git a/cmd/cue/cmd/registry.go b/cmd/cue/cmd/registry.go
@@ -3,6 +3,7 @@ package cmd
 import (
 	"fmt"
 	"log/slog"
+	"net/http"
 	"os"
 	"sync"
 
@@ -35,19 +36,23 @@ func getCachedRegistry() (modload.Registry, error) {
 }
 
 func newModConfig() *modconfig.Config {
-	if !cuedebug.Flags.HTTP {
-		return nil
-	}
 	return &modconfig.Config{
-		Transport: httplog.Transport(&httplog.TransportConfig{
-			// It would be nice to use the default slog logger,
-			// but that does a terrible job of printing structured
-			// values, so use JSON output instead.
-			Logger: httplog.SlogLogger{
-				Logger: slog.New(slog.NewJSONHandler(os.Stderr, nil)),
-			},
-		}),
+		Transport: httpTransport(),
+	}
+}
+
+func httpTransport() http.RoundTripper {
+	if !cuedebug.Flags.HTTP {
+		return http.DefaultTransport
 	}
+	return httplog.Transport(&httplog.TransportConfig{
+		// It would be nice to use the default slog logger,
+		// but that does a terrible job of printing structured
+		// values, so use JSON output instead.
+		Logger: httplog.SlogLogger{
+			Logger: slog.New(slog.NewJSONHandler(os.Stderr, nil)),
+		},
+	})
 }
 
 func modulesExperimentEnabled() bool {