Skip to content

Commit

Permalink
feat: basic tracing instrumentation with OpenTelemetry (#761)
Browse files Browse the repository at this point in the history
  • Loading branch information
alnr authored Aug 4, 2023
1 parent 039746c commit 198f913
Show file tree
Hide file tree
Showing 55 changed files with 409 additions and 2,014 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/format.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 1.19
go-version: "1.20"
- run: make format
- name: Indicate formatting issues
run: git diff HEAD --exit-code --color
2 changes: 1 addition & 1 deletion .github/workflows/licenses.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: "1.18"
go-version: "1.20"
- uses: actions/setup-node@v2
with:
node-version: "18"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/oidc-conformity-master.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
ref: master
- uses: actions/setup-go@v2
with:
go-version: "^1.19.0"
go-version: "1.20"
- name: Update fosite
run: |
go mod edit -replace github.com/ory/fosite=github.com/ory/fosite@${{ github.sha }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/oidc-conformity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
ref: master
- uses: actions/setup-go@v2
with:
go-version: "^1.19.0"
go-version: "1.20"
- name: Update fosite
run: |
go mod edit -replace github.com/ory/fosite=github.com/${{ github.event.pull_request.head.repo.full_name }}@${{ github.event.pull_request.head.sha }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 1.19
go-version: "1.20"
- run: make test
7 changes: 6 additions & 1 deletion access_request_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ import (

"github.com/ory/fosite/i18n"
"github.com/ory/x/errorsx"
"github.com/ory/x/otelx"
"go.opentelemetry.io/otel/trace"

"github.com/pkg/errors"
)
Expand Down Expand Up @@ -39,7 +41,10 @@ import (
// credentials (or assigned other authentication requirements), the
// client MUST authenticate with the authorization server as described
// in Section 3.2.1.
func (f *Fosite) NewAccessRequest(ctx context.Context, r *http.Request, session Session) (AccessRequester, error) {
func (f *Fosite) NewAccessRequest(ctx context.Context, r *http.Request, session Session) (_ AccessRequester, err error) {
ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("github.com/ory/fosite").Start(ctx, "Fosite.NewAccessRequest")
defer otelx.End(span, &err)

accessRequest := NewAccessRequest(session)
accessRequest.Request.Lang = i18n.GetLangFromRequest(f.Config.GetMessageCatalog(ctx), r)

Expand Down
15 changes: 5 additions & 10 deletions access_request_handler_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
package fosite_test

import (
"context"
"encoding/base64"
"fmt"
"net/http"
Expand All @@ -29,8 +28,6 @@ func TestNewAccessRequest(t *testing.T) {
hasher := internal.NewMockHasher(ctrl)
defer ctrl.Finish()

ctx := gomock.AssignableToTypeOf(context.WithValue(context.TODO(), ContextKey("test"), nil))

client := &DefaultClient{}
config := &Config{ClientSecretsHasher: hasher, AudienceMatchingStrategy: DefaultAudienceMatchingStrategy}
fosite := &Fosite{Store: store, Config: config}
Expand Down Expand Up @@ -121,7 +118,7 @@ func TestNewAccessRequest(t *testing.T) {
store.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil)
client.Public = false
client.Secret = []byte("foo")
hasher.EXPECT().Compare(ctx, gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(errors.New(""))
hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(errors.New(""))
},
handlers: TokenEndpointHandlers{handler},
},
Expand All @@ -138,7 +135,7 @@ func TestNewAccessRequest(t *testing.T) {
store.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil)
client.Public = false
client.Secret = []byte("foo")
hasher.EXPECT().Compare(ctx, gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
handler.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(ErrServerError)
},
handlers: TokenEndpointHandlers{handler},
Expand All @@ -155,7 +152,7 @@ func TestNewAccessRequest(t *testing.T) {
store.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil)
client.Public = false
client.Secret = []byte("foo")
hasher.EXPECT().Compare(ctx, gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
handler.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(nil)
},
handlers: TokenEndpointHandlers{handler},
Expand Down Expand Up @@ -355,8 +352,6 @@ func TestNewAccessRequestWithMixedClientAuth(t *testing.T) {
hasher := internal.NewMockHasher(ctrl)
defer ctrl.Finish()

ctx := gomock.AssignableToTypeOf(context.WithValue(context.TODO(), ContextKey("test"), nil))

client := &DefaultClient{}
config := &Config{ClientSecretsHasher: hasher, AudienceMatchingStrategy: DefaultAudienceMatchingStrategy}
fosite := &Fosite{Store: store, Config: config}
Expand All @@ -380,7 +375,7 @@ func TestNewAccessRequestWithMixedClientAuth(t *testing.T) {
store.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil)
client.Public = false
client.Secret = []byte("foo")
hasher.EXPECT().Compare(ctx, gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(errors.New("hash err"))
hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(errors.New("hash err"))
handlerWithoutClientAuth.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(nil)
},
method: "POST",
Expand All @@ -398,7 +393,7 @@ func TestNewAccessRequestWithMixedClientAuth(t *testing.T) {
store.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil)
client.Public = false
client.Secret = []byte("foo")
hasher.EXPECT().Compare(ctx, gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(nil)
handlerWithoutClientAuth.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(nil)
handlerWithClientAuth.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(nil)
},
Expand Down
8 changes: 6 additions & 2 deletions access_response_writer.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,16 @@ import (
"context"

"github.com/ory/x/errorsx"
"github.com/ory/x/otelx"
"go.opentelemetry.io/otel/trace"

"github.com/pkg/errors"
)

func (f *Fosite) NewAccessResponse(ctx context.Context, requester AccessRequester) (AccessResponder, error) {
var err error
func (f *Fosite) NewAccessResponse(ctx context.Context, requester AccessRequester) (_ AccessResponder, err error) {
ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("github.com/ory/fosite").Start(ctx, "Fosite.NewAccessResponse")
defer otelx.End(span, &err)

var tk TokenEndpointHandler

response := NewAccessResponse()
Expand Down
4 changes: 2 additions & 2 deletions authorize_helper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ package fosite_test
import (
"bytes"
"context"
"io/ioutil"
"io"
"net/url"
"strings"
"testing"
Expand Down Expand Up @@ -284,7 +284,7 @@ func TestWriteAuthorizeFormPostResponse(t *testing.T) {
redirectURL := "https://localhost:8080/cb"
//parameters :=
fosite.WriteAuthorizeFormPostResponse(redirectURL, c.parameters, fosite.DefaultFormPostTemplate, &responseBuffer)
code, state, _, _, customParams, _, err := internal.ParseFormPostResponse(redirectURL, ioutil.NopCloser(bytes.NewReader(responseBuffer.Bytes())))
code, state, _, _, customParams, _, err := internal.ParseFormPostResponse(redirectURL, io.NopCloser(bytes.NewReader(responseBuffer.Bytes())))
assert.NoError(t, err, "case %d", d)
c.check(code, state, customParams, d)

Expand Down
11 changes: 8 additions & 3 deletions authorize_request_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,17 @@ package fosite
import (
"context"
"fmt"
"io/ioutil"
"io"
"net/http"
"strings"

"github.com/go-jose/go-jose/v3"
"go.opentelemetry.io/otel/trace"

"github.com/ory/fosite/i18n"
"github.com/ory/fosite/token/jwt"
"github.com/ory/x/errorsx"
"github.com/ory/x/otelx"

"github.com/pkg/errors"

Expand Down Expand Up @@ -74,7 +76,7 @@ func (f *Fosite) authorizeRequestParametersFromOpenIDConnectRequest(ctx context.
return errorsx.WithStack(ErrInvalidRequestURI.WithHintf("Unable to fetch OpenID Connect request parameters from 'request_uri' because status code '%d' was expected, but got '%d'.", http.StatusOK, response.StatusCode))
}

body, err := ioutil.ReadAll(response.Body)
body, err := io.ReadAll(response.Body)
if err != nil {
return errorsx.WithStack(ErrInvalidRequestURI.WithHintf("Unable to fetch OpenID Connect request parameters from 'request_uri' because body parsing failed with: %s.", err).WithWrap(err).WithDebug(err.Error()))
}
Expand Down Expand Up @@ -306,7 +308,10 @@ func (f *Fosite) authorizeRequestFromPAR(ctx context.Context, r *http.Request, r
return true, nil
}

func (f *Fosite) NewAuthorizeRequest(ctx context.Context, r *http.Request) (AuthorizeRequester, error) {
func (f *Fosite) NewAuthorizeRequest(ctx context.Context, r *http.Request) (_ AuthorizeRequester, err error) {
ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("github.com/ory/fosite").Start(ctx, "Fosite.NewAuthorizeRequest")
defer otelx.End(span, &err)

return f.newAuthorizeRequest(ctx, r, false)
}

Expand Down
7 changes: 6 additions & 1 deletion authorize_response_writer.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,14 @@ import (
"net/url"

"github.com/ory/x/errorsx"
"github.com/ory/x/otelx"
"go.opentelemetry.io/otel/trace"
)

func (f *Fosite) NewAuthorizeResponse(ctx context.Context, ar AuthorizeRequester, session Session) (AuthorizeResponder, error) {
func (f *Fosite) NewAuthorizeResponse(ctx context.Context, ar AuthorizeRequester, session Session) (_ AuthorizeResponder, err error) {
ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("github.com/ory/fosite").Start(ctx, "Fosite.NewAuthorizeResponse")
defer otelx.End(span, &err)

var resp = &AuthorizeResponse{
Header: http.Header{},
Parameters: url.Values{},
Expand Down
7 changes: 3 additions & 4 deletions client_authentication_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -115,8 +115,7 @@ func TestAuthenticateClient(t *testing.T) {
},
}

var h http.HandlerFunc
h = func(w http.ResponseWriter, r *http.Request) {
var h http.HandlerFunc = func(w http.ResponseWriter, r *http.Request) {
require.NoError(t, json.NewEncoder(w).Encode(rsaJwks))
}
ts := httptest.NewServer(h)
Expand Down Expand Up @@ -586,12 +585,12 @@ func TestAuthenticateClientTwice(t *testing.T) {
"aud": "token-url",
}, key, "kid-foo")}, "client_assertion_type": []string{at}}

c, err := f.AuthenticateClient(nil, new(http.Request), formValues)
c, err := f.AuthenticateClient(context.Background(), new(http.Request), formValues)
require.NoError(t, err, "%#v", err)
assert.Equal(t, client, c)

// replay the request and expect it to fail
c, err = f.AuthenticateClient(nil, new(http.Request), formValues)
c, err = f.AuthenticateClient(context.Background(), new(http.Request), formValues)
require.Error(t, err)
assert.EqualError(t, err, ErrJTIKnown.Error())
assert.Nil(t, c)
Expand Down
53 changes: 41 additions & 12 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -23,35 +23,46 @@ require (
github.com/oleiade/reflections v1.0.1
github.com/ory/go-acc v0.2.9-0.20230103102148-6b1c9a70dbbe
github.com/ory/go-convenience v0.1.0
github.com/ory/x v0.0.567
github.com/ory/x v0.0.575
github.com/parnurzeal/gorequest v0.2.15
github.com/pkg/errors v0.9.1
github.com/stretchr/testify v1.8.3
github.com/stretchr/testify v1.8.4
github.com/tidwall/gjson v1.14.3
golang.org/x/crypto v0.10.0
golang.org/x/net v0.11.0
golang.org/x/oauth2 v0.9.0
golang.org/x/text v0.10.0
go.opentelemetry.io/otel/trace v1.16.0
golang.org/x/crypto v0.11.0
golang.org/x/net v0.13.0
golang.org/x/oauth2 v0.10.0
golang.org/x/text v0.11.0
)

require (
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/creasty/defaults v1.7.0 // indirect
github.com/dave/jennifer v1.6.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 // indirect
github.com/fatih/structtag v1.2.0 // indirect
github.com/felixge/httpsnoop v1.0.3 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-logr/logr v1.2.4 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/gobuffalo/pop/v6 v6.0.8 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/glog v1.1.1 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/moul/http2curl v0.0.0-20170919181001-9ac6cf4d929b // indirect
github.com/pelletier/go-toml/v2 v2.0.8 // indirect
github.com/openzipkin/zipkin-go v0.4.1 // indirect
github.com/pelletier/go-toml/v2 v2.0.9 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/seatgeek/logrus-gelf-formatter v0.0.0-20210414080842-5b05eb8ff761 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/smartystreets/goconvey v1.6.4 // indirect
github.com/spf13/afero v1.9.5 // indirect
github.com/spf13/cast v1.5.1 // indirect
Expand All @@ -62,13 +73,31 @@ require (
github.com/subosito/gotenv v1.4.2 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
golang.org/x/mod v0.11.0 // indirect
golang.org/x/sys v0.9.0 // indirect
golang.org/x/tools v0.10.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.42.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0 // indirect
go.opentelemetry.io/contrib/propagators/b3 v1.17.0 // indirect
go.opentelemetry.io/contrib/propagators/jaeger v1.17.0 // indirect
go.opentelemetry.io/contrib/samplers/jaegerremote v0.11.0 // indirect
go.opentelemetry.io/otel v1.16.0 // indirect
go.opentelemetry.io/otel/exporters/jaeger v1.16.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.16.0 // indirect
go.opentelemetry.io/otel/exporters/zipkin v1.16.0 // indirect
go.opentelemetry.io/otel/metric v1.16.0 // indirect
go.opentelemetry.io/otel/sdk v1.16.0 // indirect
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
golang.org/x/mod v0.12.0 // indirect
golang.org/x/sys v0.10.0 // indirect
golang.org/x/tools v0.11.1 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.30.0 // indirect
google.golang.org/genproto v0.0.0-20230731193218-e0aa005b6bdf // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20230731193218-e0aa005b6bdf // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230731193218-e0aa005b6bdf // indirect
google.golang.org/grpc v1.57.0 // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)

go 1.17
go 1.20
Loading

0 comments on commit 198f913

Please sign in to comment.