From bb531a5f53db7c2c3d57eb93eda4b1ec6ca85fb8 Mon Sep 17 00:00:00 2001
From: Maxime Besson <maxime.besson@worteks.com>
Date: Fri, 8 Oct 2021 11:06:32 +0200
Subject: [PATCH] Call logger->setRequest in PSGI apps (#2565)

---
 .../lib/Lemonldap/NG/Common/PSGI.pm           | 28 +++++++++++++++-
 .../lib/Lemonldap/NG/Handler/Lib/PSGI.pm      | 33 ++++++++++++++++---
 .../lib/Lemonldap/NG/Handler/PSGI/Try.pm      |  5 +--
 .../lib/Lemonldap/NG/Handler/Server.pm        |  2 +-
 .../lib/Lemonldap/NG/Handler/Server/Nginx.pm  |  4 +--
 5 files changed, 62 insertions(+), 10 deletions(-)

diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
index dcf7d8e43..f1038457d 100644
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm
@@ -334,10 +334,36 @@ sub run {
 sub _run {
     my $self = shift;
     return sub {
-        $self->handler( Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
+        $self->_logAndHandle(
+            Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
     };
 }
 
+sub _logAndHandle {
+    my ( $self, $req ) = @_;
+
+    # register the request object to the logging system
+    if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) {
+        $self->logger->setRequestObj($req);
+    }
+    if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) {
+        $self->userLogger->setRequestObj($req);
+    }
+
+    # Call the handler
+    my $res = $self->handler($req);
+
+    # Clear the logging system before the next request
+    if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) {
+        $self->logger->clearRequestObj($req);
+    }
+    if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) {
+        $self->userLogger->clearRequestObj($req);
+    }
+
+    return $res;
+}
+
 1;
 __END__
 
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
index 5b3e6dd15..971f701e8 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm
@@ -38,7 +38,7 @@ sub init {
 
 ## @methodi void _run()
 # Check if protecton is activated then return a code ref that will launch
-# _authAndTrace() if protection in on or handler() else
+# _logAuthTrace() if protection in on or handler() else
 #@return code-ref
 sub _run {
     my $self = shift;
@@ -50,7 +50,7 @@ sub _run {
         # Handle requests
         # Developers, be careful: Only this part is executed at each request
         return sub {
-            return $self->_authAndTrace(
+            return $self->_logAuthTrace(
                 Lemonldap::NG::Common::PSGI::Request->new( $_[0] ) );
         };
     }
@@ -68,7 +68,7 @@ sub _run {
         # Handle unprotected requests
         return sub {
             my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
-            my $res = $self->handler($req);
+            my $res = $self->_logAndHandle($req);
             push @{ $res->[1] }, $req->spliceHdrs;
             return $res;
         };
@@ -111,6 +111,31 @@ sub reload {
     };
 }
 
+sub _logAuthTrace {
+    my ( $self, $req, $noCall ) = @_;
+
+    # register the request object to the logging system
+    if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) {
+        $self->logger->setRequestObj($req);
+    }
+    if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) {
+        $self->userLogger->setRequestObj($req);
+    }
+
+    # Call the handler
+    my $res = $self->_authAndTrace( $req, $noCall );
+
+    # Clear the logging system before the next request
+    if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) {
+        $self->logger->clearRequestObj($req);
+    }
+    if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) {
+        $self->userLogger->clearRequestObj($req);
+    }
+
+    return $res;
+}
+
 ## @method private PSGI-Response _authAndTrace($req)
 # Launch $self->api::run() and then handler() if
 # response is 200.
@@ -138,7 +163,7 @@ sub _authAndTrace {
         }
         else {
             $self->logger->debug('User authenticated, calling handler()');
-            $res = $self->handler($req);
+            $res = $self->_logAndHandle($req);
             push @{ $res->[1] }, $req->spliceHdrs;
             return $res;
         }
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
index f2735b979..0a4046d03 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/PSGI/Try.pm
@@ -85,7 +85,7 @@ sub _run {
 
     return sub {
         my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
-        my $res = $self->_authAndTrace( $req, 1 );
+        my $res = $self->_logAuthTrace( $req, 1 );
         if ( $res->[0] < 300 ) {
             $self->routes( $self->authRoutes );
             $req->userData( $self->api->data );
@@ -103,10 +103,11 @@ sub _run {
         else {
             return $res;
         }
-        $res = $self->handler($req);
+        $res = $self->_logAndHandle($req);
         push @{ $res->[1] }, $req->spliceHdrs;
         return $res;
     };
+
 }
 
 1;
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server.pm
index 005bd7ef6..0e04c9c0f 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server.pm
@@ -25,7 +25,7 @@ sub _run {
     my ($self) = @_;
     return sub {
         my $req = Lemonldap::NG::Common::PSGI::Request->new( $_[0] );
-        my $res = $self->_authAndTrace($req);
+        my $res = $self->_logAuthTrace($req);
         push @{ $res->[1] }, $req->spliceHdrs,
           Cookie => ( $req->{Cookie} // '' );
         return $res;
diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/Nginx.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/Nginx.pm
index 8bcfbd4ad..6d5fa6872 100644
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/Nginx.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Server/Nginx.pm
@@ -17,7 +17,7 @@ sub init {
 }
 
 ## @method void _run()
-# Return a subroutine that call _authAndTrace() and tranform redirection
+# Return a subroutine that call _logAuthTrace() and tranform redirection
 # response code from 302 to 401 (not authenticated) ones. This is required
 # because Nginx "auth_request" parameter does not accept it. The Nginx
 # configuration file should transform them back to 302 using:
@@ -31,7 +31,7 @@ sub _run {
     return sub {
         my $req = $_[0];
         $self->logger->debug('New request');
-        my $res = $self->_authAndTrace(
+        my $res = $self->_logAuthTrace(
             Lemonldap::NG::Common::PSGI::Request->new($req) );
 
         # Transform 302 responses in 401 since Nginx refuse it