krakend-ce icon indicating copy to clipboard operation
krakend-ce copied to clipboard

Published 20 hours ago verified publisher icon krakend

Add / Concat JWT claims to log messages

Open ReginaldoSantos opened this issue 2 years ago • 1 comments

Environment info: devopsfaith/krakend:2.0.4 successfully deployed with flexible configuration.

Describe what are you trying to do: I'm already propagating some JWT claims as HTTP Headers to the up stream services (backend). However, for tracebility and log filtering reasons, I would also like to concatenate these headers accross all log messages (I'm using EFK stack for logging).

Is this somehow possible?

Your configuration file: krakend.json snippet

{
    "$schema": "https://www.krakend.io/schema/v3.json",
    "version": 3,
    "name": "API Gateway",
    "timeout": "10000ms",
    "cache_ttl": "300s",
    "output_encoding": "no-op",
    "sequential_start": true,
    "extra_config":
    {
        "telemetry/logging":
        {
            "level": "DEBUG",
            "prefix": "[KRAKEND]",
            "syslog": false,
            "stdout": true,
            "format": "logstash"
        }
    },
    "endpoints":
    [
        {
            "endpoint": "/admin/tenants",
            "method": "GET",
            "extra_config":
            {
                "auth/validator":
                {
                    "alg": "RS256",
                    "jwk_url": "http://ms-jwks.backoffice/.well-known/jwks.json",
                    "disable_jwk_security": true,
                    "cache": true,
                    "roles_key_is_nested": true,
                    "roles_key": "resource_access.admin.roles",
                    "roles":
                    [
                        "Admin"
                    ],
                    "scopes_key": "scope",
                    "scopes":
                    [
                        "profile"
                    ],
                    "scopes_matcher": "any",
                    "propagate_claims":
                    [
                        [
                            "realm",
                            "X-TenantId"
                        ]
                    ],
                    "operation_debug": true
                }
            },
            "output_encoding": "no-op",
            "input_headers":
            [
                "*"
            ],
            "input_query_strings":
            [
                "*"
            ],
            "backend":
            [
                {
                    "url_pattern": "/tenants",
                    "method": "GET",
                    "encoding": "no-op",
                    "sd": "static",
                    "disable_host_sanitize": true,
                    "host":
                    [
                        "http://ms-admin.backoffice"
                    ]
                }
            ]
        }
    ]
}

Additional comments:

For example, in the configuration snippet above, I would like to concat JWT.realm to all log messages. Something like:

        "telemetry/logging":
        {
            "level": "DEBUG",
            "prefix": "[ {JWT.realm} ]",
            "syslog": false,
            "stdout": true,
            "format": "logstash"
        }

ReginaldoSantos avatar Jul 22 '22 19:07 ReginaldoSantos

Any news about this?

daniloalexandre avatar Jul 25 '22 21:07 daniloalexandre

This is not possible out of the box. You should create a plugin for a feature like this.

alombarte avatar Sep 29 '22 16:09 alombarte

This issue was marked as resolved a long time ago and now has been automatically locked as there has not been any recent activity after it. You can still open a new issue and reference this link.

github-actions[bot] avatar Dec 29 '22 10:12 github-actions[bot]