From 01b01b6e3a4166fc5bc42940b1879ac950792942 Mon Sep 17 00:00:00 2001 From: Ishank Arora Date: Thu, 29 Apr 2021 19:27:11 +0200 Subject: [PATCH] Remove extra logs --- internal/grpc/interceptors/auth/auth.go | 13 +++---------- internal/grpc/services/authprovider/authprovider.go | 1 - internal/grpc/services/gateway/authprovider.go | 4 +--- internal/http/interceptors/auth/auth.go | 2 -- pkg/auth/manager/publicshares/publicshares.go | 3 --- pkg/publicshare/manager/json/json.go | 3 --- pkg/token/manager/jwt/jwt.go | 4 ---- 7 files changed, 4 insertions(+), 26 deletions(-) diff --git a/internal/grpc/interceptors/auth/auth.go b/internal/grpc/interceptors/auth/auth.go index 84d18efb201..8132a9b9112 100644 --- a/internal/grpc/interceptors/auth/auth.go +++ b/internal/grpc/interceptors/auth/auth.go @@ -108,8 +108,6 @@ func NewUnary(m map[string]interface{}, unprotected []string) (grpc.UnaryServerI return handler(ctx, req) } - log.Info().Msgf("GRPC unary interceptor %s, %+v", info.FullMethod, req) - span.AddAttributes(trace.BoolAttribute("auth_enabled", true)) tkn, ok := token.ContextGetToken(ctx) @@ -165,7 +163,6 @@ func NewStream(m map[string]interface{}, unprotected []string) (grpc.StreamServe interceptor := func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error { ctx := ss.Context() log := appctx.GetLogger(ctx) - log.Info().Msgf("GRPC stream interceptor %s, %+v", info.FullMethod, unprotected) if utils.Skip(info.FullMethod, unprotected) { log.Debug().Str("method", info.FullMethod).Msg("skipping auth") @@ -221,12 +218,9 @@ func (ss *wrappedServerStream) Context() context.Context { func dismantleToken(ctx context.Context, tkn string, req interface{}, mgr token.Manager, gatewayAddr string) (*userpb.User, error) { u, scope, err := mgr.DismantleToken(ctx, tkn, req) - log := appctx.GetLogger(ctx) - log.Info().Msgf("scope: %+v, req: %+v", scope["publicshare"], req) // Check if the err returned is PermissionDenied if _, ok := err.(errtypes.PermissionDenied); ok { - log.Info().Msgf("resolving ref %+v", req) // Check if req is of type *provider.Reference_Path // If yes, the request might be coming from a share where the accessor is // trying to impersonate the owner, since the share manager doesn't know the @@ -237,6 +231,8 @@ func dismantleToken(ctx context.Context, tkn string, req interface{}, mgr token. // Try to extract the resource ID from the scope resource. // Currently, we only check for public shares, but this will be extended // for OCM shares, guest accounts, etc. + log := appctx.GetLogger(ctx) + log.Info().Msgf("resolving path reference to ID to check token scope %+v", ref.GetPath()) var share link.PublicShare err = utils.UnmarshalJSONToProtoV1(scope["publicshare"].Resource.Value, &share) if err != nil { @@ -280,10 +276,7 @@ func dismantleToken(ctx context.Context, tkn string, req interface{}, mgr token. if err != nil { return nil, err } - u, _, err = mgr.DismantleToken(ctx, tkn, req) - if err != nil { - return nil, err - } + return dismantleToken(ctx, tkn, req, mgr, gatewayAddr) } } } diff --git a/internal/grpc/services/authprovider/authprovider.go b/internal/grpc/services/authprovider/authprovider.go index aaa5b4629a3..bb4d179b8e9 100644 --- a/internal/grpc/services/authprovider/authprovider.go +++ b/internal/grpc/services/authprovider/authprovider.go @@ -112,7 +112,6 @@ func (s *service) Authenticate(ctx context.Context, req *provider.AuthenticateRe switch v := err.(type) { case nil: log.Info().Msgf("user %s authenticated", u.String()) - log.Info().Msgf("authprovider scope %+v", scope) return &provider.AuthenticateResponse{ Status: status.NewOK(ctx), User: u, diff --git a/internal/grpc/services/gateway/authprovider.go b/internal/grpc/services/gateway/authprovider.go index 7441f2d3d54..6cdd0432dba 100644 --- a/internal/grpc/services/gateway/authprovider.go +++ b/internal/grpc/services/gateway/authprovider.go @@ -84,10 +84,8 @@ func (s *svc) Authenticate(ctx context.Context, req *gateway.AuthenticateRequest Status: status.NewInternal(ctx, err, "user is nil"), }, nil } - log.Info().Msgf("gateway scope %+v", res.TokenScope) - uid := res.User.Id - if uid == nil { + if res.User.Id == nil { err := errors.New("gateway: uid after Authenticate is nil") log.Err(err).Msg("user id is nil") return &gateway.AuthenticateResponse{ diff --git a/internal/http/interceptors/auth/auth.go b/internal/http/interceptors/auth/auth.go index 74015101c44..89d7edddf4d 100644 --- a/internal/http/interceptors/auth/auth.go +++ b/internal/http/interceptors/auth/auth.go @@ -153,7 +153,6 @@ func New(m map[string]interface{}, unprotected []string) (global.Middleware, err } log := appctx.GetLogger(ctx) - log.Info().Msgf("HTTP interceptor %s, %+v", r.URL.Path, unprotected) // skip auth for urls set in the config. // TODO(labkode): maybe use method:url to bypass auth. @@ -234,7 +233,6 @@ func New(m map[string]interface{}, unprotected []string) (global.Middleware, err } // validate token - // TODO(ishank011): resolve resourceID/path and check u, _, err := tokenManager.DismantleToken(r.Context(), tkn, r.URL.Path) if err != nil { log.Error().Err(err).Msg("error dismantling token") diff --git a/pkg/auth/manager/publicshares/publicshares.go b/pkg/auth/manager/publicshares/publicshares.go index 190d5d7c9ff..3dc074f1d38 100644 --- a/pkg/auth/manager/publicshares/publicshares.go +++ b/pkg/auth/manager/publicshares/publicshares.go @@ -29,7 +29,6 @@ import ( rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" link "github.com/cs3org/go-cs3apis/cs3/sharing/link/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" - "github.com/cs3org/reva/pkg/appctx" "github.com/cs3org/reva/pkg/auth" "github.com/cs3org/reva/pkg/auth/manager/registry" "github.com/cs3org/reva/pkg/errtypes" @@ -132,8 +131,6 @@ func (m *manager) Authenticate(ctx context.Context, token, secret string) (*user if err != nil { return nil, nil, err } - log := appctx.GetLogger(ctx) - log.Info().Msgf("publichare scope: %+v", scope) return getUserResponse.GetUser(), scope, nil } diff --git a/pkg/publicshare/manager/json/json.go b/pkg/publicshare/manager/json/json.go index e09242754c1..eb2e17aa4b1 100644 --- a/pkg/publicshare/manager/json/json.go +++ b/pkg/publicshare/manager/json/json.go @@ -508,8 +508,6 @@ func (m *manager) getByToken(ctx context.Context, token string) (*link.PublicSha // GetPublicShareByToken gets a public share by its opaque token. func (m *manager) GetPublicShareByToken(ctx context.Context, token string, auth *link.PublicShareAuthentication, sign bool) (*link.PublicShare, error) { - log := appctx.GetLogger(ctx) - log.Info().Msgf("GetPublicShareByToken %s %+v", token, auth) db, err := m.readDb() if err != nil { return nil, err @@ -524,7 +522,6 @@ func (m *manager) GetPublicShareByToken(ctx context.Context, token string, auth if err := utils.UnmarshalJSONToProtoV1([]byte(v.(map[string]interface{})["share"].(string)), &local); err != nil { return nil, err } - log.Info().Msgf("GetPublicShareByToken listing keys %s", local.Token) if local.Token == token { if !notExpired(&local) { diff --git a/pkg/token/manager/jwt/jwt.go b/pkg/token/manager/jwt/jwt.go index c5b5680bd90..11b1e3d5768 100644 --- a/pkg/token/manager/jwt/jwt.go +++ b/pkg/token/manager/jwt/jwt.go @@ -24,7 +24,6 @@ import ( auth "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1" user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" - "github.com/cs3org/reva/pkg/appctx" "github.com/cs3org/reva/pkg/auth/scope" "github.com/cs3org/reva/pkg/errtypes" "github.com/cs3org/reva/pkg/sharedconf" @@ -120,10 +119,7 @@ func (m *manager) DismantleToken(ctx context.Context, tkn string, resource inter } if claims, ok := token.Claims.(*claims); ok && token.Valid { - log := appctx.GetLogger(ctx) - log.Info().Msgf("jwt scope: %+v", claims.Scope) ok, err = scope.VerifyScope(claims.Scope, resource) - log.Info().Msgf("jwt ok: %+v, err %+v", ok, err) if err != nil { return nil, nil, errtypes.InternalError("error verifying scope of access token") }