internal: cleanup duplicate and redundant code, properly set sentry SDK scope settings
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
@ -60,6 +60,7 @@ type FlowExecutor struct {
|
||||
|
||||
func NewFlowExecutor(ctx context.Context, flowSlug string, refConfig *api.Configuration, logFields log.Fields) *FlowExecutor {
|
||||
rsp := sentry.StartSpan(ctx, "authentik.outposts.flow_executor")
|
||||
rsp.Description = flowSlug
|
||||
|
||||
l := log.WithField("flow", flowSlug).WithFields(logFields)
|
||||
jar, err := cookiejar.New(nil)
|
||||
@ -153,8 +154,8 @@ func (fe *FlowExecutor) solveFlowChallenge(depth int) (bool, error) {
|
||||
}
|
||||
ch := challenge.GetActualInstance().(ChallengeInt)
|
||||
fe.log.WithField("component", ch.GetComponent()).WithField("type", ch.GetType()).Debug("Got challenge")
|
||||
gcsp.SetTag("ak_challenge", string(ch.GetType()))
|
||||
gcsp.SetTag("ak_component", ch.GetComponent())
|
||||
gcsp.SetTag("authentik.flow.challenge", string(ch.GetType()))
|
||||
gcsp.SetTag("authentik.flow.component", ch.GetComponent())
|
||||
gcsp.Finish()
|
||||
FlowTimingGet.With(prometheus.Labels{
|
||||
"stage": ch.GetComponent(),
|
||||
@ -202,8 +203,8 @@ func (fe *FlowExecutor) solveFlowChallenge(depth int) (bool, error) {
|
||||
response, _, err := responseReq.Execute()
|
||||
ch = response.GetActualInstance().(ChallengeInt)
|
||||
fe.log.WithField("component", ch.GetComponent()).WithField("type", ch.GetType()).Debug("Got response")
|
||||
scsp.SetTag("ak_challenge", string(ch.GetType()))
|
||||
scsp.SetTag("ak_component", ch.GetComponent())
|
||||
scsp.SetTag("authentik.flow.challenge", string(ch.GetType()))
|
||||
scsp.SetTag("authentik.flow.component", ch.GetComponent())
|
||||
scsp.Finish()
|
||||
|
||||
switch ch.GetComponent() {
|
||||
|
||||
@ -23,9 +23,14 @@ type Request struct {
|
||||
func NewRequest(bindDN string, bindPW string, conn net.Conn) (*Request, *sentry.Span) {
|
||||
span := sentry.StartSpan(context.TODO(), "authentik.providers.ldap.bind",
|
||||
sentry.TransactionName("authentik.providers.ldap.bind"))
|
||||
span.Description = bindDN
|
||||
rid := uuid.New().String()
|
||||
span.SetTag("request_uid", rid)
|
||||
span.SetTag("user.username", bindDN)
|
||||
sentry.GetHubFromContext(span.Context()).Scope().SetUser(sentry.User{
|
||||
Username: bindDN,
|
||||
ID: bindDN,
|
||||
IPAddress: utils.GetIP(conn.RemoteAddr()),
|
||||
})
|
||||
|
||||
bindDN = strings.ToLower(bindDN)
|
||||
return &Request{
|
||||
|
||||
@ -2,6 +2,7 @@ package search
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net"
|
||||
"strings"
|
||||
|
||||
@ -27,10 +28,15 @@ func NewRequest(bindDN string, searchReq ldap.SearchRequest, conn net.Conn) (*Re
|
||||
bindDN = strings.ToLower(bindDN)
|
||||
searchReq.BaseDN = strings.ToLower(searchReq.BaseDN)
|
||||
span := sentry.StartSpan(context.TODO(), "authentik.providers.ldap.search", sentry.TransactionName("authentik.providers.ldap.search"))
|
||||
span.Description = fmt.Sprintf("%s (%s)", searchReq.BaseDN, ldap.ScopeMap[searchReq.Scope])
|
||||
span.SetTag("request_uid", rid)
|
||||
span.SetTag("user.username", bindDN)
|
||||
span.SetTag("ak_filter", searchReq.Filter)
|
||||
span.SetTag("ak_base_dn", searchReq.BaseDN)
|
||||
sentry.GetHubFromContext(span.Context()).Scope().SetUser(sentry.User{
|
||||
Username: bindDN,
|
||||
ID: bindDN,
|
||||
IPAddress: utils.GetIP(conn.RemoteAddr()),
|
||||
})
|
||||
span.SetTag("ldap_filter", searchReq.Filter)
|
||||
span.SetTag("ldap_base_dn", searchReq.BaseDN)
|
||||
return &Request{
|
||||
SearchRequest: searchReq,
|
||||
BindDN: bindDN,
|
||||
|
||||
@ -12,6 +12,8 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/coreos/go-oidc"
|
||||
"github.com/getsentry/sentry-go"
|
||||
sentryhttp "github.com/getsentry/sentry-go/http"
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/gorilla/sessions"
|
||||
"github.com/pkg/errors"
|
||||
@ -109,6 +111,11 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
|
||||
user := ""
|
||||
if c != nil {
|
||||
user = c.PreferredUsername
|
||||
sentry.GetHubFromContext(r.Context()).Scope().SetUser(sentry.User{
|
||||
Username: user,
|
||||
ID: c.Sub,
|
||||
IPAddress: r.RemoteAddr,
|
||||
})
|
||||
}
|
||||
before := time.Now()
|
||||
inner.ServeHTTP(rw, r)
|
||||
@ -124,6 +131,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
|
||||
}).Observe(float64(after))
|
||||
})
|
||||
})
|
||||
mux.Use(sentryhttp.New(sentryhttp.Options{}).Handle)
|
||||
|
||||
// Support /start and /sign_in for backwards compatibility
|
||||
mux.HandleFunc("/akprox/start", a.handleRedirect)
|
||||
|
||||
@ -10,6 +10,7 @@ import (
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
sentryhttp "github.com/getsentry/sentry-go/http"
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/pires/go-proxyproto"
|
||||
log "github.com/sirupsen/logrus"
|
||||
@ -52,6 +53,7 @@ func NewProxyServer(ac *ak.APIController, portOffset int) *ProxyServer {
|
||||
|
||||
globalMux := rootMux.NewRoute().Subrouter()
|
||||
globalMux.Use(web.NewLoggingHandler(l.WithField("logger", "authentik.outpost.proxyv2.http"), nil))
|
||||
globalMux.Use(sentryhttp.New(sentryhttp.Options{}).Handle)
|
||||
s := &ProxyServer{
|
||||
Listen: "0.0.0.0:%d",
|
||||
PortOffset: portOffset,
|
||||
|
||||
Reference in New Issue
Block a user