Log API errors in server log

and hide error details from client in order not to expose secrets

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2023-06-14 15:20:14 +02:00
parent f0fd162b4e
commit 777aad5483
Signed by: luzifer
GPG key ID: D91C3E91E4CAD6F5
5 changed files with 23 additions and 13 deletions

24
api.go
View file

@ -2,11 +2,14 @@ package main
import ( import (
"encoding/json" "encoding/json"
"errors"
"net/http" "net/http"
"strings" "strings"
"time" "time"
"github.com/gofrs/uuid"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"github.com/sirupsen/logrus"
) )
type apiServer struct { type apiServer struct {
@ -41,7 +44,7 @@ func (a apiServer) handleCreate(res http.ResponseWriter, r *http.Request) {
if strings.HasPrefix(r.Header.Get("Content-Type"), "application/json") { if strings.HasPrefix(r.Header.Get("Content-Type"), "application/json") {
tmp := apiRequest{} tmp := apiRequest{}
if err := json.NewDecoder(r.Body).Decode(&tmp); err != nil { if err := json.NewDecoder(r.Body).Decode(&tmp); err != nil {
a.errorResponse(res, http.StatusBadRequest, err.Error()) a.errorResponse(res, http.StatusBadRequest, err, "decoding request body")
return return
} }
secret = tmp.Secret secret = tmp.Secret
@ -50,13 +53,13 @@ func (a apiServer) handleCreate(res http.ResponseWriter, r *http.Request) {
} }
if secret == "" { if secret == "" {
a.errorResponse(res, http.StatusBadRequest, "Secret missing") a.errorResponse(res, http.StatusBadRequest, errors.New("secret missing"), "")
return return
} }
id, err := a.store.Create(secret, time.Duration(cfg.SecretExpiry)*time.Second) id, err := a.store.Create(secret, time.Duration(cfg.SecretExpiry)*time.Second)
if err != nil { if err != nil {
a.errorResponse(res, http.StatusInternalServerError, err.Error()) a.errorResponse(res, http.StatusInternalServerError, err, "creating secret")
return return
} }
@ -70,7 +73,7 @@ func (a apiServer) handleRead(res http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r) vars := mux.Vars(r)
id := vars["id"] id := vars["id"]
if id == "" { if id == "" {
a.errorResponse(res, http.StatusBadRequest, "ID missing") a.errorResponse(res, http.StatusBadRequest, errors.New("id missing"), "")
return return
} }
@ -80,7 +83,7 @@ func (a apiServer) handleRead(res http.ResponseWriter, r *http.Request) {
if err == errSecretNotFound { if err == errSecretNotFound {
status = http.StatusNotFound status = http.StatusNotFound
} }
a.errorResponse(res, status, err.Error()) a.errorResponse(res, status, err, "reading & destroying secret")
return return
} }
@ -90,9 +93,16 @@ func (a apiServer) handleRead(res http.ResponseWriter, r *http.Request) {
}) })
} }
func (a apiServer) errorResponse(res http.ResponseWriter, status int, msg string) { func (a apiServer) errorResponse(res http.ResponseWriter, status int, err error, desc string) {
errID := uuid.Must(uuid.NewV4()).String()
if desc != "" {
// No description: Nothing interesting for the server log
logrus.WithField("err_id", errID).WithError(err).Error(desc)
}
a.jsonResponse(res, status, apiResponse{ a.jsonResponse(res, status, apiResponse{
Error: msg, Error: errID,
}) })
} }

4
go.mod
View file

@ -5,11 +5,12 @@ go 1.20
require ( require (
github.com/Luzifer/go_helpers/v2 v2.18.0 github.com/Luzifer/go_helpers/v2 v2.18.0
github.com/Luzifer/rconfig/v2 v2.4.0 github.com/Luzifer/rconfig/v2 v2.4.0
github.com/gofrs/uuid/v3 v3.1.2 github.com/gofrs/uuid v4.4.0+incompatible
github.com/gorilla/mux v1.8.0 github.com/gorilla/mux v1.8.0
github.com/pkg/errors v0.9.1 github.com/pkg/errors v0.9.1
github.com/redis/go-redis/v9 v9.0.5 github.com/redis/go-redis/v9 v9.0.5
github.com/sirupsen/logrus v1.9.3 github.com/sirupsen/logrus v1.9.3
gopkg.in/yaml.v2 v2.4.0
) )
require ( require (
@ -18,5 +19,4 @@ require (
github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/pflag v1.0.5 // indirect
golang.org/x/sys v0.8.0 // indirect golang.org/x/sys v0.8.0 // indirect
gopkg.in/validator.v2 v2.0.1 // indirect gopkg.in/validator.v2 v2.0.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
) )

4
go.sum
View file

@ -12,8 +12,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
github.com/gofrs/uuid/v3 v3.1.2 h1:V3IBv1oU82x6YIr5txe3azVHgmOKYdyKQTowm9moBlY= github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA=
github.com/gofrs/uuid/v3 v3.1.2/go.mod h1:xPwMqoocQ1L5G6pXX5BcE7N5jlzn2o19oqAKxwZW/kI= github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=

View file

@ -3,7 +3,7 @@ package main
import ( import (
"time" "time"
"github.com/gofrs/uuid/v3" "github.com/gofrs/uuid"
) )
type memStorageSecret struct { type memStorageSecret struct {

View file

@ -7,7 +7,7 @@ import (
"strings" "strings"
"time" "time"
"github.com/gofrs/uuid/v3" "github.com/gofrs/uuid"
"github.com/pkg/errors" "github.com/pkg/errors"
redis "github.com/redis/go-redis/v9" redis "github.com/redis/go-redis/v9"
) )