Add HTTP signature keyId to request log (#11591)
parent
2b4e2616ea
commit
1bc077dc74
|
@ -23,6 +23,19 @@ module SignatureVerification
|
||||||
@signature_verification_failure_code || 401
|
@signature_verification_failure_code || 401
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def signature_key_id
|
||||||
|
raw_signature = request.headers['Signature']
|
||||||
|
signature_params = {}
|
||||||
|
|
||||||
|
raw_signature.split(',').each do |part|
|
||||||
|
parsed_parts = part.match(/([a-z]+)="([^"]+)"/i)
|
||||||
|
next if parsed_parts.nil? || parsed_parts.size != 3
|
||||||
|
signature_params[parsed_parts[1]] = parsed_parts[2]
|
||||||
|
end
|
||||||
|
|
||||||
|
signature_params['keyId']
|
||||||
|
end
|
||||||
|
|
||||||
def signed_request_account
|
def signed_request_account
|
||||||
return @signed_request_account if defined?(@signed_request_account)
|
return @signed_request_account if defined?(@signed_request_account)
|
||||||
|
|
||||||
|
@ -154,7 +167,7 @@ module SignatureVerification
|
||||||
.with_fallback { nil }
|
.with_fallback { nil }
|
||||||
.with_threshold(1)
|
.with_threshold(1)
|
||||||
.with_cool_off_time(5.minutes.seconds)
|
.with_cool_off_time(5.minutes.seconds)
|
||||||
.with_error_handler { |error, handle| error.is_a?(HTTP::Error) ? handle.call(error) : raise(error) }
|
.with_error_handler { |error, handle| error.is_a?(HTTP::Error) || error.is_a?(OpenSSL::SSL::SSLError) ? handle.call(error) : raise(error) }
|
||||||
.run
|
.run
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -71,6 +71,12 @@ Rails.application.configure do
|
||||||
# Better log formatting
|
# Better log formatting
|
||||||
config.lograge.enabled = true
|
config.lograge.enabled = true
|
||||||
|
|
||||||
|
config.lograge.custom_payload do |controller|
|
||||||
|
if controller.respond_to?(:signed_request?) && controller.signed_request?
|
||||||
|
{ key: controller.signature_key_id }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# Do not dump schema after migrations.
|
# Do not dump schema after migrations.
|
||||||
config.active_record.dump_schema_after_migration = false
|
config.active_record.dump_schema_after_migration = false
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue