Adding http trace logging (#2272)

Author: mathewc

src/WebJobs.Script.WebHost/Middleware/FunctionInvocationMiddleware.cs

@@ -1,5 +1,6 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
+
 using System;
 using System.Collections.Generic;
 using System.Diagnostics;
@@ -42,7 +43,6 @@ public async Task Invoke(HttpContext context)
             //    // downstream middleware and filters rely on this
             //    context.Items[ScriptConstants.AzureFunctionsHostKey] = scriptHost;
             //}
-            SetRequestId(context.Request);
 
             if (_next != null)
             {
@@ -204,11 +204,5 @@ private async Task<bool> AuthenticateAndAuthorizeAsync(HttpContext context, Func
                 return true;
             }
         }
-
-        internal static void SetRequestId(HttpRequest request)
-        {
-            string requestID = request.GetHeaderValueOrDefault(ScriptConstants.AntaresLogIdHeaderName) ?? Guid.NewGuid().ToString();
-            request.HttpContext.Items[ScriptConstants.AzureFunctionsRequestIdKey] = requestID;
-        }
     }
 }

src/WebJobs.Script.WebHost/Middleware/SystemTraceMiddleware.cs

@@ -0,0 +1,84 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Azure.WebJobs.Script.Extensions;
+using Microsoft.Azure.WebJobs.Script.WebHost.Security.Authentication;
+using Microsoft.Extensions.Logging;
+using Newtonsoft.Json.Linq;
+
+namespace Microsoft.Azure.WebJobs.Script.WebHost.Middleware
+{
+    internal class SystemTraceMiddleware
+    {
+        private readonly ILogger _logger;
+        private readonly RequestDelegate _next;
+
+        public SystemTraceMiddleware(RequestDelegate next, ILogger<SystemTraceMiddleware> logger)
+        {
+            _logger = logger;
+            _next = next;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            SetRequestId(context.Request);
+
+            var sw = new Stopwatch();
+            sw.Start();
+            var request = context.Request;
+            var details = new JObject
+            {
+                { "requestId", request.GetRequestId() },
+                { "method", request.Method.ToString() },
+                { "uri", request.Path.ToString() }
+            };
+            var logData = new Dictionary<string, object>
+            {
+                [ScriptConstants.LogPropertyActivityIdKey] = request.GetRequestId()
+            };
+            _logger.Log(LogLevel.Information, 0, logData, null, (s, e) => $"Executing HTTP request: {details}");
+
+            await _next.Invoke(context);
+
+            sw.Stop();
+            details["identities"] = GetIdentities(context);
+            details["status"] = context.Response.StatusCode;
+            details["duration"] = sw.ElapsedMilliseconds;
+            _logger.Log(LogLevel.Information, 0, logData, null, (s, e) => $"Executed HTTP request: {details}");
+        }
+
+        internal static void SetRequestId(HttpRequest request)
+        {
+            string requestID = request.GetHeaderValueOrDefault(ScriptConstants.AntaresLogIdHeaderName) ?? Guid.NewGuid().ToString();
+            request.HttpContext.Items[ScriptConstants.AzureFunctionsRequestIdKey] = requestID;
+        }
+
+        private static JArray GetIdentities(HttpContext context)
+        {
+            JArray identities = new JArray();
+            foreach (var identity in context.User.Identities.Where(p => p.IsAuthenticated))
+            {
+                var formattedIdentity = new JObject
+                {
+                    { "type", identity.AuthenticationType }
+                };
+
+                var claim = identity.Claims.FirstOrDefault(p => p.Type == SecurityConstants.AuthLevelClaimType);
+                if (claim != null)
+                {
+                    formattedIdentity.Add("level", claim.Value);
+                }
+
+                identities.Add(formattedIdentity);
+            }
+
+            return identities;
+        }
+    }
+}

src/WebJobs.Script.WebHost/WebJobsApplicationBuilderExtension.cs

@@ -23,6 +23,7 @@ public static IApplicationBuilder UseWebJobsScriptHost(this IApplicationBuilder
         {
             IEnvironment environment = builder.ApplicationServices.GetService<IEnvironment>() ?? SystemEnvironment.Instance;
 
+            builder.UseMiddleware<SystemTraceMiddleware>();
             builder.UseMiddleware<EnvironmentReadyCheckMiddleware>();
 
             if (environment.IsPlaceholderModeEnabled())

src/WebJobs.Script/Extensions/HttpRequestExtensions.cs

@@ -17,11 +17,6 @@ public static bool IsAdminRequest(this HttpRequest request)
             return request.Path.StartsWithSegments("/admin");
         }
 
-        public static AuthorizationLevel GetAuthorizationLevel(this HttpRequest request)
-        {
-            return request.GetRequestPropertyOrDefault<AuthorizationLevel>(ScriptConstants.AzureFunctionsHttpRequestAuthorizationLevelKey);
-        }
-
         public static TValue GetRequestPropertyOrDefault<TValue>(this HttpRequest request, string key)
         {
             if (request.HttpContext != null &&

src/WebJobs.Script/ScriptConstants.cs

@@ -7,13 +7,12 @@ namespace Microsoft.Azure.WebJobs.Script
 {
     public static class ScriptConstants
     {
-        public const string AzureFunctionsWebHookContextKey = "MS_AzureFunctionsWebHookContext";
         public const string AzureFunctionsHttpResponseKey = "MS_AzureFunctionsHttpResponse";
-        public const string AzureFunctionsHttpRequestAuthorizationLevelKey = "MS_AzureFunctionsAuthorizationLevel";
         public const string AzureFunctionsHttpRequestKeyNameKey = "MS_AzureFunctionsKeyId";
         public const string AzureFunctionsHttpRequestAuthorizationDisabledKey = "MS_AzureFunctionsAuthorizationDisabled";
         public const string AzureFunctionsRequestIdKey = "MS_AzureFunctionsRequestID";
         public const string AzureFunctionsColdStartKey = "MS_AzureFunctionsColdStart";
+        public const string AzureFunctionsRequestTimer = "MS_AzureFunctionsRequestTimer";
         public const string AzureFunctionsHttpRequestKey = "MS_AzureFunctionsHttpRequest";
         public const string AzureProxyFunctionExecutorKey = "MS_AzureProxyFunctionExecutor";
         public const string AzureFunctionsHostKey = "MS_AzureFunctionsHost";

test/WebJobs.Script.Tests/Handlers/SystemTraceHandlerTests.cs

@@ -0,0 +1,110 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http.Features;
+using Microsoft.Azure.WebJobs.Extensions.Http;
+using Microsoft.Azure.WebJobs.Script.WebHost.Authentication;
+using Microsoft.Azure.WebJobs.Script.WebHost.Middleware;
+using Microsoft.Azure.WebJobs.Script.WebHost.Security.Authentication;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Primitives;
+using Microsoft.WebJobs.Script.Tests;
+using Newtonsoft.Json.Linq;
+using Xunit;
+
+namespace Microsoft.Azure.WebJobs.Script.Tests.Handlers
+{
+    public class SystemTraceMiddlewareTests
+    {
+        private readonly TestLoggerProvider _loggerProvider;
+        private readonly SystemTraceMiddleware _middleware;
+
+        public SystemTraceMiddlewareTests()
+        {
+            _loggerProvider = new TestLoggerProvider();
+            var loggerFactory = new LoggerFactory();
+            loggerFactory.AddProvider(_loggerProvider);
+
+            RequestDelegate requestDelegate = async (HttpContext context) =>
+            {
+                await Task.Delay(25);
+            };
+
+            var logger = loggerFactory.CreateLogger<SystemTraceMiddleware>();
+            _middleware = new SystemTraceMiddleware(requestDelegate, logger);
+        }
+
+        [Fact]
+        public async Task SendAsync_WritesExpectedTraces()
+        {
+            string requestId = Guid.NewGuid().ToString();
+            var context = new DefaultHttpContext();
+            Uri uri = new Uri("http://functions.com/api/testfunc?code=123");
+            var requestFeature = context.Request.HttpContext.Features.Get<IHttpRequestFeature>();
+            requestFeature.Method = "GET";
+            requestFeature.Scheme = uri.Scheme;
+            requestFeature.Path = uri.GetComponents(UriComponents.KeepDelimiter | UriComponents.Path, UriFormat.Unescaped);
+            requestFeature.PathBase = string.Empty;
+            requestFeature.QueryString = uri.GetComponents(UriComponents.KeepDelimiter | UriComponents.Query, UriFormat.Unescaped);
+
+            var headers = new HeaderDictionary();
+            headers.Add(ScriptConstants.AntaresLogIdHeaderName, new StringValues(requestId));
+            requestFeature.Headers = headers;
+
+            var claims = new List<Claim>
+            {
+                new Claim(SecurityConstants.AuthLevelClaimType, AuthorizationLevel.Function.ToString())
+            };
+            var identity = new ClaimsIdentity(claims, AuthLevelAuthenticationDefaults.AuthenticationScheme);
+            context.User = new ClaimsPrincipal(identity);
+
+            await _middleware.Invoke(context);
+
+            var logs = _loggerProvider.GetAllLogMessages().ToArray();
+            Assert.Equal(2, logs.Length);
+
+            // validate executing trace
+            var log = logs[0];
+            Assert.Equal(typeof(SystemTraceMiddleware).FullName, log.Category);
+            Assert.Equal(LogLevel.Information, log.Level);
+            var idx = log.FormattedMessage.IndexOf(':');
+            var message = log.FormattedMessage.Substring(0, idx).Trim();
+            Assert.Equal("Executing HTTP request", message);
+            var details = log.FormattedMessage.Substring(idx + 1).Trim();
+            var jo = JObject.Parse(details);
+            Assert.Equal(3, jo.Count);
+            Assert.Equal(requestId, jo["requestId"]);
+            Assert.Equal("GET", jo["method"]);
+            Assert.Equal("/api/testfunc", jo["uri"]);
+
+            // validate executed trace
+            log = logs[1];
+            Assert.Equal(typeof(SystemTraceMiddleware).FullName, log.Category);
+            Assert.Equal(LogLevel.Information, log.Level);
+            idx = log.FormattedMessage.IndexOf(':');
+            message = log.FormattedMessage.Substring(0, idx).Trim();
+            Assert.Equal("Executed HTTP request", message);
+            details = log.FormattedMessage.Substring(idx + 1).Trim();
+            jo = JObject.Parse(details);
+            Assert.Equal(6, jo.Count);
+            Assert.Equal(requestId, jo["requestId"]);
+            Assert.Equal("GET", jo["method"]);
+            Assert.Equal("/api/testfunc", jo["uri"]);
+            Assert.Equal(200, jo["status"]);
+            var duration = (long)jo["duration"];
+            Assert.True(duration > 0);
+
+            var authentication = (JArray)jo["identities"];
+            Assert.Equal(1, authentication.Count);
+            var keyIdentity = authentication.Single();
+            Assert.Equal(AuthLevelAuthenticationDefaults.AuthenticationScheme, keyIdentity["type"]);
+            Assert.Equal("Function", keyIdentity["level"]);
+        }
+    }
+}