/
web.go
115 lines (99 loc) · 3.94 KB
/
web.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package web
import (
"net/http"
"net/http/httputil"
"regexp"
"github.com/voicera/gooseberry/log"
)
const (
strippedOutHeaderValue = "*******STRIPPED OUT*******"
tokenReplacement = `token":"` + strippedOutHeaderValue + `"`
)
var (
tokenReplacer = regexp.MustCompile(`token":".*?"`)
sensitiveDataHeaderKeys = []string{"Authorization", "Cookie"}
)
// NewBasicAuthRoundTripper creates a RoundTripper that decorates another
// round tripper by adding basic auth using the specified username and password.
func NewBasicAuthRoundTripper(roundTripper http.RoundTripper, username, password string) http.RoundTripper {
return &basicAuthRoundTripper{innerRoundTripper: roundTripper, username: username, password: password}
}
type basicAuthRoundTripper struct {
innerRoundTripper http.RoundTripper
username string
password string
}
func (roundTripper *basicAuthRoundTripper) RoundTrip(request *http.Request) (*http.Response, error) {
request.SetBasicAuth(roundTripper.username, roundTripper.password)
return roundTripper.innerRoundTripper.RoundTrip(request)
}
// NewCustomHeadersRoundTripper creates a RoundTripper that decorates another
// round tripper by adding custom headers.
func NewCustomHeadersRoundTripper(roundTripper http.RoundTripper, headers map[string]string) http.RoundTripper {
return &customHeadersRoundTripper{innerRoundTripper: roundTripper, headers: headers}
}
type customHeadersRoundTripper struct {
innerRoundTripper http.RoundTripper
headers map[string]string
}
func (roundTripper *customHeadersRoundTripper) RoundTrip(request *http.Request) (*http.Response, error) {
for key, value := range roundTripper.headers {
request.Header.Add(key, value)
}
return roundTripper.innerRoundTripper.RoundTrip(request)
}
// NewLeveledLoggerRoundTripper creates a RoundTripper that decorates another
// round tripper by using the specified leveled logger to log requests
// and responses only in the debug log level; and errors in all logging levels.
func NewLeveledLoggerRoundTripper(roundTripper http.RoundTripper, logger log.LeveledLogger) http.RoundTripper {
return &loggingRoundTripper{innerRoundTripper: roundTripper, logger: logger}
}
type loggingRoundTripper struct {
innerRoundTripper http.RoundTripper
logger log.LeveledLogger
}
func (roundTripper *loggingRoundTripper) RoundTrip(request *http.Request) (*http.Response, error) {
roundTripper.debugLogRequest(request)
response, err := roundTripper.innerRoundTripper.RoundTrip(request)
roundTripper.debugLogResponse(response, err)
return response, err
}
func (roundTripper *loggingRoundTripper) debugLogRequest(request *http.Request) {
if roundTripper.logger.IsDebugEnabled() {
censoredHeaders := map[string]string{}
for _, headerKey := range sensitiveDataHeaderKeys {
headerValue := request.Header.Get(headerKey)
if headerValue != "" {
request.Header.Set(headerKey, strippedOutHeaderValue)
censoredHeaders[headerKey] = headerValue
}
}
dump, err := httputil.DumpRequestOut(request, true)
for key, value := range censoredHeaders { // restore censored headers
request.Header.Set(key, value)
}
if err == nil {
roundTripper.logger.Debug("Request", "request", string(dump))
}
}
}
func (roundTripper *loggingRoundTripper) debugLogResponse(response *http.Response, responseError error) {
if responseError != nil {
if response != nil {
dump, err := httputil.DumpResponse(response, true)
if err == nil {
roundTripper.logger.Error("Response error", "responseError", responseError, "response", string(dump))
}
} else {
roundTripper.logger.Error("Response error", "responseError", responseError)
}
} else if roundTripper.logger.IsDebugEnabled() {
dump, err := httputil.DumpResponse(response, true)
if err == nil {
roundTripper.logger.Debug("Response", "response", stripOutSensitiveData(string(dump)))
}
}
}
func stripOutSensitiveData(s string) string {
return tokenReplacer.ReplaceAllString(s, tokenReplacement)
}