unified plugin logging

Author: hummerdmag

cmd/config-boltdb.yaml

@@ -72,11 +72,17 @@ keyStorage:
   type: local
   local:
     path: ./jwt/test_artifacts/private.pem
-logger:
-  dumpRequest: false
 adminPanel:
   enabled: true
 loginWebApp:
   type: default
 emailTemplaits:
   type: default
+# logger settings
+logger:
+  # logs format (json, text)
+  format: json
+  # exclude body for HTTP requests that can contain sensitive data
+  logSensitiveData: false
+  common:
+    level: debug

config/configurator.go

@@ -194,7 +194,7 @@ func NewServer(config model.ConfigurationStorage, restartChan chan<- bool) (mode
 
 	sessionS := model.NewSessionManager(settings.SessionStorage.SessionDuration, session)
 
-	impS, err := NewImpersonationProvider(settings.Impersonation)
+	impS, err := NewImpersonationProvider(logger, settings.Impersonation)
 	if err != nil {
 		logger.Error("Error creating impersonation provider", logging.FieldError, err)
 		errs = append(errs, fmt.Errorf("error creating impersonation provider: %v", err))
@@ -237,7 +237,10 @@ func NewTokenService(
 	return tokenService, err
 }
 
-func NewImpersonationProvider(settings model.ImpersonationSettings) (model.ImpersonationProvider, error) {
+func NewImpersonationProvider(
+	logger *slog.Logger,
+	settings model.ImpersonationSettings,
+) (model.ImpersonationProvider, error) {
 	switch settings.Type {
 	case model.ImpersonationServiceTypeNone, "":
 		return nil, nil
@@ -246,7 +249,7 @@ func NewImpersonationProvider(settings model.ImpersonationSettings) (model.Imper
 	case model.ImpersonationServiceTypeScope:
 		return imp.NewScopeImpersonator(settings.Scope.AllowedScopes), nil
 	case model.ImpersonationServiceTypePlugin:
-		return impPlugin.NewImpersonationProvider(settings.Plugin, time.Second)
+		return impPlugin.NewImpersonationProvider(logger, settings.Plugin, time.Second)
 	}
 
 	return nil, nil

impersonation/plugin/provider.go

@@ -1,18 +1,23 @@
 package plugin
 
 import (
+	"log/slog"
 	"os"
 	"os/exec"
 	"time"
 
-	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/go-plugin"
 	grpcShared "github.com/madappgang/identifo/v2/impersonation/grpc/shared"
 	"github.com/madappgang/identifo/v2/impersonation/plugin/shared"
+	"github.com/madappgang/identifo/v2/logging"
 	"github.com/madappgang/identifo/v2/model"
 )
 
-func NewImpersonationProvider(settings model.PluginSettings, timeout time.Duration) (model.ImpersonationProvider, error) {
+func NewImpersonationProvider(
+	logger *slog.Logger,
+	settings model.PluginSettings,
+	timeout time.Duration,
+) (model.ImpersonationProvider, error) {
 	params := []string{}
 	for k, v := range settings.Params {
 		params = append(params, "-"+k)
@@ -24,10 +29,7 @@ func NewImpersonationProvider(settings model.PluginSettings, timeout time.Durati
 		Plugins:          shared.PluginMap,
 		Cmd:              exec.Command(settings.Cmd, params...),
 		AllowedProtocols: []plugin.Protocol{plugin.ProtocolGRPC},
-		Logger: hclog.New(&hclog.LoggerOptions{
-			Level:      hclog.Debug,
-			JSONFormat: true,
-		}),
+		Logger:           logging.NewHCLogger(logger, false),
 	}
 
 	if settings.RedirectStd {

logging/hclog.go

@@ -0,0 +1,128 @@
+package logging
+
+import (
+	"context"
+	"io"
+	"log"
+	"log/slog"
+	"os"
+
+	"github.com/hashicorp/go-hclog"
+)
+
+// check that HCLogger implements hclog.Logger interface
+var _ hclog.Logger = &HCLogger{}
+
+type HCLogger struct {
+	name         string
+	traceEnabled bool
+	logger       *slog.Logger
+}
+
+func NewHCLogger(logger *slog.Logger, traceEnabled bool) *HCLogger {
+	return &HCLogger{
+		logger:       logger,
+		traceEnabled: traceEnabled,
+	}
+}
+
+func (l *HCLogger) Log(level hclog.Level, msg string, args ...interface{}) {
+	switch level {
+	case hclog.Trace:
+		l.Trace(msg, args...)
+	case hclog.Debug:
+		l.Debug(msg, args...)
+	case hclog.Info:
+		l.Info(msg, args...)
+	case hclog.Warn:
+		l.Warn(msg, args...)
+	case hclog.Error:
+		l.Error(msg, args...)
+	}
+}
+
+func (l *HCLogger) Trace(msg string, args ...interface{}) {
+	if !l.traceEnabled {
+		return
+	}
+
+	l.logger.Debug(msg, args...)
+}
+
+func (l *HCLogger) Debug(msg string, args ...interface{}) {
+	l.logger.Debug(msg, args...)
+}
+
+func (l *HCLogger) Info(msg string, args ...interface{}) {
+	l.logger.Info(msg, args...)
+}
+
+func (l *HCLogger) Warn(msg string, args ...interface{}) {
+	l.logger.Warn(msg, args...)
+}
+
+func (l *HCLogger) Error(msg string, args ...interface{}) {
+	l.logger.Error(msg, args...)
+}
+
+func (l *HCLogger) IsTrace() bool {
+	return l.traceEnabled && l.logger.Enabled(context.Background(), slog.LevelDebug)
+}
+
+func (l *HCLogger) IsDebug() bool {
+	return l.logger.Enabled(context.Background(), slog.LevelDebug)
+}
+
+func (l *HCLogger) IsInfo() bool {
+	return l.logger.Enabled(context.Background(), slog.LevelInfo)
+}
+
+func (l *HCLogger) IsWarn() bool {
+	return l.logger.Enabled(context.Background(), slog.LevelWarn)
+}
+
+func (l *HCLogger) IsError() bool {
+	return l.logger.Enabled(context.Background(), slog.LevelError)
+}
+
+func (l *HCLogger) With(args ...interface{}) hclog.Logger {
+	return &HCLogger{
+		name:         l.name,
+		traceEnabled: l.traceEnabled,
+		logger:       l.logger.With(args...),
+	}
+}
+
+func (l *HCLogger) ImpliedArgs() []interface{} {
+	return nil
+}
+func (l *HCLogger) ResetNamed(name string) hclog.Logger {
+	return &HCLogger{
+		name:         name,
+		traceEnabled: l.traceEnabled,
+		logger:       l.logger.With("name", name),
+	}
+}
+
+func (l *HCLogger) Named(name string) hclog.Logger {
+	return &HCLogger{
+		name:         name,
+		traceEnabled: l.traceEnabled,
+		logger:       l.logger.With("name", name),
+	}
+}
+
+func (l *HCLogger) Name() string {
+	return l.name
+}
+
+func (l *HCLogger) SetLevel(level hclog.Level) {
+}
+
+func (l *HCLogger) StandardLogger(opts *hclog.StandardLoggerOptions) *log.Logger {
+	return slog.NewLogLogger(l.logger.Handler(), slog.LevelDebug)
+}
+
+func (l *HCLogger) StandardWriter(opts *hclog.StandardLoggerOptions) io.Writer {
+	return os.Stderr
+}

storage/plugin/user.go

@@ -1,18 +1,19 @@
 package plugin
 
 import (
+	"log/slog"
 	"os"
 	"os/exec"
 
-	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/go-plugin"
+	"github.com/madappgang/identifo/v2/logging"
 	"github.com/madappgang/identifo/v2/model"
 	grpcShared "github.com/madappgang/identifo/v2/storage/grpc/shared"
 	"github.com/madappgang/identifo/v2/storage/plugin/shared"
 )
 
 // NewUserStorage creates and inits plugin user storage.
-func NewUserStorage(settings model.PluginSettings) (model.UserStorage, error) {
+func NewUserStorage(logger *slog.Logger, settings model.PluginSettings) (model.UserStorage, error) {
 	params := []string{}
 	for k, v := range settings.Params {
 		params = append(params, "-"+k)
@@ -24,10 +25,7 @@ func NewUserStorage(settings model.PluginSettings) (model.UserStorage, error) {
 		Plugins:          shared.PluginMap,
 		Cmd:              exec.Command(settings.Cmd, params...),
 		AllowedProtocols: []plugin.Protocol{plugin.ProtocolGRPC},
-		Logger: hclog.New(&hclog.LoggerOptions{
-			Level:      hclog.Debug,
-			JSONFormat: true,
-		}),
+		Logger:           logging.NewHCLogger(logger, false),
 	}
 
 	if settings.RedirectStd {

storage/user.go

@@ -29,7 +29,7 @@ func NewUserStorage(
 	case model.DBTypeMem:
 		return mem.NewUserStorage()
 	case model.DBTypePlugin:
-		return plugin.NewUserStorage(settings.Plugin)
+		return plugin.NewUserStorage(logger, settings.Plugin)
 	case model.DBTypeGRPC:
 		return grpc.NewUserStorage(settings.GRPC)
 	default:

user_payload_provider/plugin/provider.go

@@ -1,19 +1,24 @@
 package plugin
 
 import (
+	"log/slog"
 	"os"
 	"os/exec"
 	"time"
 
-	"github.com/hashicorp/go-hclog"
 	"github.com/hashicorp/go-plugin"
+	"github.com/madappgang/identifo/v2/logging"
 	"github.com/madappgang/identifo/v2/model"
 	grpcShared "github.com/madappgang/identifo/v2/user_payload_provider/grpc/shared"
 	"github.com/madappgang/identifo/v2/user_payload_provider/plugin/shared"
 )
 
 // NewTokenPayloadProvider creates and inits plugin for payload provider.
-func NewTokenPayloadProvider(settings model.PluginSettings, timeout time.Duration) (model.TokenPayloadProvider, error) {
+func NewTokenPayloadProvider(
+	logger *slog.Logger,
+	settings model.PluginSettings,
+	timeout time.Duration,
+) (model.TokenPayloadProvider, error) {
 	params := []string{}
 	for k, v := range settings.Params {
 		params = append(params, "-"+k)
@@ -25,10 +30,7 @@ func NewTokenPayloadProvider(settings model.PluginSettings, timeout time.Duratio
 		Plugins:          shared.PluginMap,
 		Cmd:              exec.Command(settings.Cmd, params...),
 		AllowedProtocols: []plugin.Protocol{plugin.ProtocolGRPC},
-		Logger: hclog.New(&hclog.LoggerOptions{
-			Level:      hclog.Debug,
-			JSONFormat: true,
-		}),
+		Logger:           logging.NewHCLogger(logger, false),
 	}
 
 	if settings.RedirectStd {

web/api/login.go

@@ -291,6 +291,7 @@ func (ar *Router) getTokenPayloadService(app model.AppData) (model.TokenPayloadP
 
 	case model.TokenPayloadServicePlugin:
 		ps, err = plugin.NewTokenPayloadProvider(
+			ar.logger,
 			model.PluginSettings{
 				Cmd:         app.TokenPayloadServicePluginSettings.Cmd,
 				Params:      app.TokenPayloadServicePluginSettings.Params,