From 21ff3405e45655dd37ae3cee9fe7d9e04da5d9d3 Mon Sep 17 00:00:00 2001 From: sawadashota Date: Fri, 25 Mar 2022 19:25:11 +0900 Subject: [PATCH] feat: trace for upstream request (#931) Closes #928 Signed-off-by: sawadashota --- .../authenticator_oauth2_introspection.go | 29 ++-------------- proxy/proxy.go | 4 +++ x/trace.go | 33 +++++++++++++++++++ 3 files changed, 39 insertions(+), 27 deletions(-) create mode 100644 x/trace.go diff --git a/pipeline/authn/authenticator_oauth2_introspection.go b/pipeline/authn/authenticator_oauth2_introspection.go index 1d823e35dc..5b9f7fa759 100644 --- a/pipeline/authn/authenticator_oauth2_introspection.go +++ b/pipeline/authn/authenticator_oauth2_introspection.go @@ -15,9 +15,6 @@ import ( "github.com/dgraph-io/ristretto" - "github.com/opentracing/opentracing-go" - "github.com/opentracing/opentracing-go/ext" - "github.com/pkg/errors" "golang.org/x/oauth2/clientcredentials" @@ -28,6 +25,7 @@ import ( "github.com/ory/oathkeeper/driver/configuration" "github.com/ory/oathkeeper/helper" "github.com/ory/oathkeeper/pipeline" + "github.com/ory/oathkeeper/x" ) type AuthenticatorOAuth2IntrospectionConfiguration struct { @@ -171,29 +169,6 @@ func (a *AuthenticatorOAuth2Introspection) tokenToCache(config *AuthenticatorOAu } } -func (a *AuthenticatorOAuth2Introspection) traceRequest(ctx context.Context, req *http.Request) func() { - tracer := opentracing.GlobalTracer() - if tracer == nil { - return func() {} - } - - parentSpan := opentracing.SpanFromContext(ctx) - opts := make([]opentracing.StartSpanOption, 0, 1) - if parentSpan != nil { - opts = append(opts, opentracing.ChildOf(parentSpan.Context())) - } - - urlStr := req.URL.String() - clientSpan := tracer.StartSpan(req.Method+" "+urlStr, opts...) - - ext.SpanKindRPCClient.Set(clientSpan) - ext.HTTPUrl.Set(clientSpan, urlStr) - ext.HTTPMethod.Set(clientSpan, req.Method) - - _ = tracer.Inject(clientSpan.Context(), opentracing.HTTPHeaders, opentracing.HTTPHeadersCarrier(req.Header)) - return clientSpan.Finish -} - func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error { cf, client, err := a.Config(config) if err != nil { @@ -229,7 +204,7 @@ func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, session introspectReq.Header.Set("Content-Type", "application/x-www-form-urlencoded") // add tracing - closeSpan := a.traceRequest(r.Context(), introspectReq) + closeSpan := x.TraceRequest(r.Context(), introspectReq) resp, err := client.Do(introspectReq.WithContext(r.Context())) diff --git a/proxy/proxy.go b/proxy/proxy.go index 2d9c65bdf3..98caf41271 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -113,6 +113,10 @@ func (d *Proxy) RoundTrip(r *http.Request) (*http.Response, error) { WithFields(fields). Warn("Unable to type assert context") + // add tracing + closeSpan := x.TraceRequest(r.Context(), r) + defer closeSpan() + d.r.ProxyRequestHandler().HandleError(rw, r, rl, err) return &http.Response{ diff --git a/x/trace.go b/x/trace.go new file mode 100644 index 0000000000..464512fc8b --- /dev/null +++ b/x/trace.go @@ -0,0 +1,33 @@ +package x + +import ( + "context" + "net/http" + + "github.com/opentracing/opentracing-go" + "github.com/opentracing/opentracing-go/ext" +) + +func TraceRequest(ctx context.Context, req *http.Request) func() { + tracer := opentracing.GlobalTracer() + if tracer == nil { + return func() {} + } + + parentSpan := opentracing.SpanFromContext(ctx) + opts := make([]opentracing.StartSpanOption, 0, 2) + opts = append(opts, ext.SpanKindRPCClient) + if parentSpan != nil { + opts = append(opts, opentracing.ChildOf(parentSpan.Context())) + } + + urlStr := req.URL.String() + clientSpan := tracer.StartSpan("HTTP "+req.Method, opts...) + + ext.SpanKindRPCClient.Set(clientSpan) + ext.HTTPUrl.Set(clientSpan, urlStr) + ext.HTTPMethod.Set(clientSpan, req.Method) + + _ = tracer.Inject(clientSpan.Context(), opentracing.HTTPHeaders, opentracing.HTTPHeadersCarrier(req.Header)) + return clientSpan.Finish +}