Merge branch 'master' into LoggingAPIImpl_Update

genexuslabs · Sep 25, 2023 · 8ff31b0 · 8ff31b0
2 parents c2c9445 + 4310766
commit 8ff31b0
Show file tree

Hide file tree

Showing 17 changed files with 345 additions and 161 deletions.
diff --git a/dotnet/src/dotnetcore/GxNetCoreStartup/CsrfHelper.cs b/dotnet/src/dotnetcore/GxNetCoreStartup/CsrfHelper.cs
@@ -0,0 +1,65 @@
+
+
+using System;
+using System.Threading.Tasks;
+using GeneXus.Configuration;
+using GeneXus.Http;
+using log4net;
+using Microsoft.AspNetCore.Antiforgery;
+using Microsoft.AspNetCore.Http;
+namespace GeneXus.Application
+{
+	public class ValidateAntiForgeryTokenMiddleware
+	{
+		static readonly ILog log = log4net.LogManager.GetLogger(typeof(ValidateAntiForgeryTokenMiddleware));
+
+		private readonly RequestDelegate _next;
+		private readonly IAntiforgery _antiforgery;
+		private string _basePath;
+
+		public ValidateAntiForgeryTokenMiddleware(RequestDelegate next, IAntiforgery antiforgery, String basePath)
+		{
+			_next = next;
+			_antiforgery = antiforgery;
+			_basePath = "/" + basePath;
+		}
+
+		public async Task Invoke(HttpContext context)
+		{
+			if (context.Request.Path.HasValue && context.Request.Path.Value.StartsWith(_basePath))
+			{
+				if (HttpMethods.IsPost(context.Request.Method) ||
+				HttpMethods.IsDelete(context.Request.Method) ||
+				HttpMethods.IsPut(context.Request.Method))
+				{
+					string cookieToken = context.Request.Cookies[HttpHeader.X_CSRF_TOKEN_COOKIE];
+					string headerToken = context.Request.Headers[HttpHeader.X_CSRF_TOKEN_HEADER];
+					GXLogging.Debug(log, $"Antiforgery validation, cookieToken:{cookieToken}, headerToken:{headerToken}");
+
+					await _antiforgery.ValidateRequestAsync(context);
+					GXLogging.Debug(log, $"Antiforgery validation OK");
+				}
+				else if (HttpMethods.IsGet(context.Request.Method))
+				{
+					SetAntiForgeryTokens(_antiforgery, context);
+				}
+			}
+			if (!context.Request.Path.Value.EndsWith(_basePath)) //VerificationToken
+				await _next(context);
+		}
+		internal static void SetAntiForgeryTokens(IAntiforgery _antiforgery, HttpContext context)
+		{
+			AntiforgeryTokenSet tokenSet = _antiforgery.GetAndStoreTokens(context);
+			string sameSite;
+			CookieOptions cookieOptions = new CookieOptions { HttpOnly = false, Secure = GxContext.GetHttpSecure(context) == 1 };
+			SameSiteMode sameSiteMode = SameSiteMode.Unspecified;
+			if (Config.GetValueOf("SAMESITE_COOKIE", out sameSite) && Enum.TryParse(sameSite, out sameSiteMode))
+			{
+				cookieOptions.SameSite = sameSiteMode;
+			}
+			context.Response.Cookies.Append(HttpHeader.X_CSRF_TOKEN_COOKIE, tokenSet.RequestToken, cookieOptions);
+			GXLogging.Debug(log, $"Setting cookie ", HttpHeader.X_CSRF_TOKEN_COOKIE, "=", tokenSet.RequestToken, " samesite:" + sameSiteMode);
+		}
+
+	}
+}
diff --git a/dotnet/src/dotnetcore/GxNetCoreStartup/GxNetCoreStartup.csproj b/dotnet/src/dotnetcore/GxNetCoreStartup/GxNetCoreStartup.csproj
@@ -17,6 +17,11 @@
 		<PackageReference Include="Microsoft.Extensions.Caching.StackExchangeRedis" Version="3.1.7" />
 		<PackageReference Include="Swashbuckle.AspNetCore.SwaggerUI" Version="6.5.0" />
 		<PackageReference Include="System.Diagnostics.DiagnosticSource" Version="7.0.0" />
+
+		<PackageReference Include="Azure.Identity" Version="1.9.0" PrivateAssets ="All"/>
+		<PackageReference Include="Azure.Monitor.OpenTelemetry.Exporter" Version="1.0.0-beta.13" NoWarn="NU5104" PrivateAssets ="All"/>
+		<PackageReference Include="OpenTelemetry" Version="1.5.1" PrivateAssets ="All"/>
+		<PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.5.1" PrivateAssets ="All"/>
 	</ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\GxClasses.Web\GxClasses.Web.csproj" />

diff --git a/dotnet/src/dotnetcore/GxNetCoreStartup/Startup.cs b/dotnet/src/dotnetcore/GxNetCoreStartup/Startup.cs
@@ -1,10 +1,10 @@
-
-
 using System;
 using System.Collections.Generic;
 using System.IO;
 using System.Net;
 using System.Threading.Tasks;
+using Azure.Identity;
+using Azure.Monitor.OpenTelemetry.Exporter;
 using GeneXus.Configuration;
 using GeneXus.Http;
 using GeneXus.HttpHandlerFactory;
@@ -31,6 +31,8 @@
 using Microsoft.Extensions.FileProviders;
 using Microsoft.Extensions.Logging;
 using NUglify.JavaScript.Syntax;
+using OpenTelemetry.Logs;
+using OpenTelemetry.Resources;
 using StackExchange.Redis;
 
 
@@ -40,6 +42,10 @@ public class Program
 	{
 		const string DEFAULT_PORT = "80";
 		static string DEFAULT_SCHEMA = Uri.UriSchemeHttp;
+
+		private static string OPENTELEMETRY_SERVICE = "Observability";
+		private static string OPENTELEMETRY_AZURE_DISTRO = "GeneXus.OpenTelemetry.Azure.AzureAppInsights";
+		private static string APPLICATIONINSIGHTS_CONNECTION_STRING = "APPLICATIONINSIGHTS_CONNECTION_STRING";
 		public static void Main(string[] args)
 		{
 			try
@@ -77,25 +83,59 @@ public static void Main(string[] args)
 		}
 
 		public static IWebHost BuildWebHost(string[] args) =>
-		   WebHost.CreateDefaultBuilder(args)
-			.ConfigureLogging(logging => logging.AddConsole())
-			.UseStartup<Startup>()
-			.UseContentRoot(Startup.LocalPath)
-			.Build();
-
+		  WebHost.CreateDefaultBuilder(args)
+		   .ConfigureLogging(WebHostConfigureLogging)
+		   .UseStartup<Startup>()
+		   .UseContentRoot(Startup.LocalPath)
+		   .Build();
+		
 		public static IWebHost BuildWebHostPort(string[] args, string port)
 		{
 			return BuildWebHostPort(args, port, DEFAULT_SCHEMA);
 		}
 		static IWebHost BuildWebHostPort(string[] args, string port, string schema)
 		{
 			return WebHost.CreateDefaultBuilder(args)
-				 .ConfigureLogging(logging => logging.AddConsole())
+				 .ConfigureLogging(WebHostConfigureLogging)
 				 .UseUrls($"{schema}://*:{port}")
 				.UseStartup<Startup>()
 				.UseContentRoot(Startup.LocalPath)
 				.Build();
 		}
+
+		private static void WebHostConfigureLogging(WebHostBuilderContext hostingContext, ILoggingBuilder loggingBuilder)
+		{
+			loggingBuilder.AddConsole();
+			GXService providerService = GXServices.Instance?.Get(OPENTELEMETRY_SERVICE);
+			if (providerService != null && providerService.ClassName.StartsWith(OPENTELEMETRY_AZURE_DISTRO))
+			{
+				ConfigureAzureOpentelemetry(loggingBuilder);
+			}
+		}
+		private static void ConfigureAzureOpentelemetry(ILoggingBuilder loggingBuilder)
+		{
+			string endpoint = Environment.GetEnvironmentVariable(APPLICATIONINSIGHTS_CONNECTION_STRING);
+			var resourceBuilder = ResourceBuilder.CreateDefault()
+			.AddTelemetrySdk();
+
+			loggingBuilder.AddOpenTelemetry(loggerOptions =>
+			{
+				loggerOptions
+					.SetResourceBuilder(resourceBuilder)
+					.AddAzureMonitorLogExporter(options =>
+					{
+						if (!string.IsNullOrEmpty(endpoint))
+							options.ConnectionString = endpoint;
+						else
+							options.Credential = new DefaultAzureCredential();
+					})
+					.AddConsoleExporter();
+
+				loggerOptions.IncludeFormattedMessage = true;
+				loggerOptions.IncludeScopes = true;
+				loggerOptions.ParseStateValues = true;
+			});
+		}
 		private static void LocatePhysicalLocalPath()
 		{
 			string startup = FileUtil.GetStartupDirectory();
@@ -216,7 +256,7 @@ public void ConfigureServices(IServiceCollection services)
 			{
 				services.AddAntiforgery(options =>
 				{
-					options.HeaderName = HttpHeader.X_GXCSRF_TOKEN;
+					options.HeaderName = HttpHeader.X_CSRF_TOKEN_HEADER;
 					options.SuppressXFrameOptionsHeader = false;
 				});
 			}
@@ -427,20 +467,10 @@ public void Configure(IApplicationBuilder app, Microsoft.AspNetCore.Hosting.IHos
 						routes.MapRoute($"{s}", new RequestDelegate(gxRouting.ProcessRestRequest));
 					}
 				}
-				routes.MapRoute($"{restBasePath}VerificationToken", (context) =>
-				{
-					string requestPath = context.Request.Path.Value;
-
-					if (string.Equals(requestPath, $"/{restBasePath}VerificationToken", StringComparison.OrdinalIgnoreCase) && antiforgery!=null)
-					{
-						ValidateAntiForgeryTokenMiddleware.SetAntiForgeryTokens(antiforgery, context);
-					}
-					return Task.CompletedTask;
-				});
 				routes.MapRoute($"{restBasePath}{{*{UrlTemplateControllerWithParms}}}", new RequestDelegate(gxRouting.ProcessRestRequest));
 				routes.MapRoute("Default", VirtualPath, new { controller = "Home", action = "Index" });
 			});
-
+			
 			app.UseWebSockets();
 			string basePath = string.IsNullOrEmpty(VirtualPath) ? string.Empty : $"/{VirtualPath}";
 			Config.ScriptPath = basePath;
@@ -597,54 +627,4 @@ public IActionResult Index()
 			return Redirect(defaultFiles[0]);
 		}
 	}
-	public class ValidateAntiForgeryTokenMiddleware
-	{
-		static readonly IGXLogger log = GXLoggerFactory.GetLogger<ValidateAntiForgeryTokenMiddleware>();
-
-		private readonly RequestDelegate _next;
-		private readonly IAntiforgery _antiforgery;
-		private string _basePath;
-
-		public ValidateAntiForgeryTokenMiddleware(RequestDelegate next, IAntiforgery antiforgery, String basePath)
-		{
-			_next = next;
-			_antiforgery = antiforgery;
-			_basePath = "/" + basePath;
-		}
-
-		public async Task Invoke(HttpContext context)
-		{
-			if (context.Request.Path.HasValue && context.Request.Path.Value.StartsWith(_basePath))
-			{
-				if (HttpMethods.IsPost(context.Request.Method) ||
-				HttpMethods.IsDelete(context.Request.Method) ||
-				HttpMethods.IsPut(context.Request.Method))
-				{
-					string cookieToken = context.Request.Cookies[HttpHeader.X_GXCSRF_TOKEN];
-					string headerToken = context.Request.Headers[HttpHeader.X_GXCSRF_TOKEN];
-					GXLogging.Debug(log, $"Antiforgery validation, cookieToken:{cookieToken}, headerToken:{headerToken}");
-
-					await _antiforgery.ValidateRequestAsync(context);
-					GXLogging.Debug(log, $"Antiforgery validation OK");
-				}
-				else if (HttpMethods.IsGet(context.Request.Method))
-				{
-					string tokens = context.Request.Cookies[HttpHeader.X_GXCSRF_TOKEN];
-					if (string.IsNullOrEmpty(tokens))
-					{
-						SetAntiForgeryTokens(_antiforgery, context);
-					}
-				}
-			}
-			await _next(context);
-		}
-		internal static void SetAntiForgeryTokens(IAntiforgery _antiforgery, HttpContext context)
-		{
-			AntiforgeryTokenSet tokenSet = _antiforgery.GetAndStoreTokens(context);
-			context.Response.Cookies.Append(HttpHeader.X_GXCSRF_TOKEN, tokenSet.RequestToken,
-				new CookieOptions { HttpOnly = false, Secure = GxContext.GetHttpSecure(context) == 1 });
-			GXLogging.Debug(log, $"Setting cookie ", HttpHeader.X_GXCSRF_TOKEN, "=", tokenSet.RequestToken);
-		}
-
-	}
 }
diff --git a/dotnet/src/dotnetcore/Providers/OpenTelemetry/OpenTelemetryAzureMonitor/AzureAppInsights.cs b/dotnet/src/dotnetcore/Providers/OpenTelemetry/OpenTelemetryAzureMonitor/AzureAppInsights.cs
@@ -1,10 +1,15 @@
 using System;
-using Azure.Monitor.OpenTelemetry.AspNetCore;
+using Azure.Identity;
+using Azure.Monitor.OpenTelemetry.Exporter;
 using GeneXus.Services;
 using GeneXus.Services.OpenTelemetry;
 using log4net;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Logging;
+using OpenTelemetry;
+using OpenTelemetry.Logs;
+using OpenTelemetry.Metrics;
+using OpenTelemetry.Resources;
+using OpenTelemetry.Trace;
 
 namespace GeneXus.OpenTelemetry.Azure
 {
@@ -17,20 +22,45 @@ public AzureAppInsights(GXService s)
 		{
 		}
 
-		public bool InstrumentAspNetCoreApplication(IServiceCollection services)
+		public bool InstrumentAspNetCoreApplication(IServiceCollection _)
 		{
 			string oltpEndpoint = Environment.GetEnvironmentVariable(APPLICATIONINSIGHTS_CONNECTION_STRING);
-
-			if (!string.IsNullOrEmpty(oltpEndpoint))
+			try
 			{
-				services.AddOpenTelemetry()
-				.UseAzureMonitor( o =>
-					{
+				var resourceBuilder = ResourceBuilder.CreateDefault()
+					.AddTelemetrySdk();
+
+				Sdk.CreateTracerProviderBuilder()
+				.SetResourceBuilder(resourceBuilder)
+				.AddAzureMonitorTraceExporter(o =>
+				{
+					if (!string.IsNullOrEmpty(oltpEndpoint))
 						o.ConnectionString = oltpEndpoint;
-					});
+					else
+					{
+						o.Credential = new DefaultAzureCredential();
+						log.Debug("Connect to Azure monitor Opentelemetry Trace exporter using Default Azure credential");
+					}
+				})
+				.AddGxAspNetInstrumentation()
+				.Build();
 
+				Sdk.CreateMeterProviderBuilder()
+				.SetResourceBuilder(resourceBuilder)
+				.AddAzureMonitorMetricExporter(o =>
+				{
+					if (!string.IsNullOrEmpty(oltpEndpoint))
+						o.ConnectionString = oltpEndpoint;
+					else
+					{
+						o.Credential = new DefaultAzureCredential();
+						log.Debug("Connect to Azure monitor Opentelemetry Metrics exporter using Default Azure credential");
+					}
+				})
+				.Build();
 				return true;
 			}
+
 			else
 			{
 				GXLogging.Warn(log, "OpenTelemetry Azure Monitor was not initialized due to missing 'APPLICATIONINSIGHTS_CONNECTION_STRING' Environment Variable");

diff --git a/...rs/OpenTelemetry/OpenTelemetryAzureMonitor/GeneXus.OpenTelemetry.Azure.AppInsights.csproj b/...rs/OpenTelemetry/OpenTelemetryAzureMonitor/GeneXus.OpenTelemetry.Azure.AppInsights.csproj
@@ -10,7 +10,15 @@
 		<NoWarn>NU1605</NoWarn>
 	</PropertyGroup>
 	<ItemGroup>
-		<PackageReference Include="Azure.Monitor.OpenTelemetry.AspNetCore" Version="1.0.0-beta.4" NoWarn="NU5104"/>
+
+		<PackageReference Include="Azure.Identity" Version="1.9.0" />
+		<PackageReference Include="Azure.Monitor.OpenTelemetry.Exporter" Version="1.0.0-beta.13" NoWarn="NU5104" />
+		<PackageReference Include="log4net.Ext.Json" Version="2.0.10.1" />
+		<PackageReference Include="Microsoft.ApplicationInsights.Log4NetAppender" Version="2.21.0" />
+
+		<PackageReference Include="OpenTelemetry" Version="1.5.1" />
+		<PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.5.1" />
+
 	</ItemGroup>
 	<ItemGroup>
 		<ProjectReference Include="..\..\..\GxClasses\GxClasses.csproj" />