Use pino-http in http-handler

oada/services/http-handler/package.json

@@ -45,6 +45,7 @@
     "jsonpointer": "^4.1.0",
     "ksuid": "^2.0.0",
     "oada-error": "^1.1.1",
+    "pino-http": "^5.5.0",
     "type-is": "^1.6.18",
     "uuid": "^8.3.2",
     "well-known-json": "^0.2.0",
@@ -54,6 +55,7 @@
     "@types/debug": "^4.1.5",
     "@types/helmet": "^4",
     "@types/node": "^14.14.31",
+    "@types/pino-http": "^5",
     "@types/ws": "^7.4.0"
   }
 }

oada/services/http-handler/src/authorizations.js

@@ -5,30 +5,26 @@ const express = require('express');
 const { v4: uuid } = require('uuid');
 const cloneDeep = require('clone-deep');
 
-const debug = require('debug');
-const trace = debug('http-handler#authorizations:trace');
-const info = debug('http-handler#authorizations:info');
-
 const { authorizations, clients } = require('@oada/lib-arangodb');
 const { OADAError } = require('oada-error');
 
 const router = express.Router(); // eslint-disable-line new-cap
 
-function addClientToAuth(auth) {
+function addClientToAuth(req, auth) {
   if (auth && auth.clientId) {
-    trace('GET /%s: authorization has a client, retrieving', auth._id);
+    req.log.trace('GET /%s: authorization has a client, retrieving', auth._id);
     return clients
       .findById(auth.clientId)
       .then((client) => {
         auth.client = client; // store client from db into authorization object
         return auth;
       })
       .catch((err) => {
-        debug.error('ERROR: authorization clientId not found in DB');
+        req.log.error('ERROR: authorization clientId not found in DB');
         throw err;
       });
   } else {
-    trace('GET /%s: authorization DOES NOT have a clientId', auth._id);
+    req.log.trace('GET /%s: authorization DOES NOT have a clientId', auth._id);
     return auth;
   }
 }
@@ -41,7 +37,7 @@ router.get('/', function (req, res, next) {
     .reduce(async (o, i) => {
       const k = i['_id'].replace(/^authorizations\//, '');
       // returns either a promise or the same auth object
-      i = await addClientToAuth(i);
+      i = await addClientToAuth(req, i);
       o[k] = i;
       return o;
     }, {})
@@ -65,7 +61,7 @@ router.get('/:authId', function (req, res, next) {
       // Get the full client out of the DB to send out with this auth document
       // That way anybody listing authorizations can print the name, etc. of the client
     })
-    .then(addClientToAuth)
+    .then((auth) => addClientToAuth(req, auth))
     .then(res.json)
     .catch(next);
 });
@@ -108,7 +104,7 @@ router.post('/', function (req, res, next) {
       }
 
       // otherwise, token has admin scope so allow it (check user too?)
-      info(
+      req.log.info(
         'Posted authorization for a different user, but token has admin.user scope so we are allowing it'
       );
     }

oada/services/http-handler/src/resources.js

@@ -11,11 +11,6 @@ const { pipeline } = require('stream');
 const pipelineAsync = Bluebird.promisify(pipeline);
 const cacache = require('cacache');
 
-const info = require('debug')('http-handler:resources:info');
-const warn = require('debug')('http-handler:resources:warn');
-const error = require('debug')('http-handler:resources:error');
-const trace = require('debug')('http-handler:resources:trace');
-
 const { resources } = require('@oada/lib-arangodb');
 const { changes } = require('@oada/lib-arangodb');
 const { putBodies } = require('@oada/lib-arangodb');
@@ -44,12 +39,12 @@ router.use(function graphHandler(req, res, next) {
     resources.lookupFromUrl('/resources' + req.url, req.user.user_id)
   )
     .then(function handleGraphRes(resp) {
-      trace('GRAPH LOOKUP RESULT %O', resp);
+      req.log.trace('GRAPH LOOKUP RESULT %O', resp);
       if (resp['resource_id']) {
         // Rewire URL to resource found by graph
-        let url = `${resp['resource_id']}${resp['path_leftover']}`;
+        const url = `${resp['resource_id']}${resp['path_leftover']}`;
         // log
-        info(`Graph lookup: ${req.url} => ${url}`);
+        req.log.info(`Graph lookup: ${req.url} => ${url}`);
         // Remove "/resources" from id
         req.url = url.replace(/^\/?resources\//, '/');
       }
@@ -80,7 +75,7 @@ router.delete('/*', function checkScope(req, res, next) {
         // PUTing non-existant resource
         return;
       } else if (!response.permissions.owner && !response.permissions.write) {
-        warn(
+        req.log.warn(
           req.user['user_id'] +
             ' tried to GET resource without proper permissions'
         );
@@ -120,7 +115,7 @@ router.put('/*', function checkScope(req, res, next) {
         // PUTing non-existant resource
         return;
       } else if (!response.permissions.owner && !response.permissions.write) {
-        warn(
+        req.log.warn(
           req.user['user_id'] +
             ' tried to GET resource without proper permissions'
         );
@@ -155,7 +150,7 @@ router.get('/*', function checkScope(req, res, next) {
       config.get('kafka:topics:permissionsRequest')
     )
     .then(function handlePermissionsRequest(response) {
-      trace('permissions response: %o', response);
+      req.log.trace('permissions response: %o', response);
       if (!response.permissions.owner && !response.permissions.read) {
         warn(
           req.user['user_id'] +
@@ -201,7 +196,7 @@ router.get('/*', async function getChanges(req, res, next) {
     } else if (/^\/_meta\/_changes\/.*?/.test(req.oadaGraph.path_leftover)) {
       let rev = req.oadaGraph.path_leftover.split('/')[3];
       let ch = await changes.getChangeArray(req.oadaGraph.resource_id, rev);
-      trace('CHANGE %O', ch);
+      req.log.trace('CHANGE %O', ch);
       return res.json(ch);
     } else {
       return next();
@@ -229,13 +224,13 @@ router.get('/*', async function getResource(req, res, next) {
     );
 
     return Bluebird.join(doc, function returnDoc(doc) {
-      trace('DOC IS %O', doc);
+      req.log.trace('DOC IS %O', doc);
       // TODO: Allow null values in OADA?
       if (doc === undefined || doc === null) {
-        error('Resource not found');
+        req.log.error('Resource not found');
         throw new OADAError('Not Found', 404);
       } else {
-        info(
+        req.log.info(
           `Resource: ${req.oadaGraph.resource_id}, Rev: ${req.oadaGraph.rev}`
         );
       }
@@ -245,7 +240,7 @@ router.get('/*', async function getResource(req, res, next) {
   } else {
     // get binary
     if (req.oadaGraph['path_leftover']) {
-      trace(req.oadaGraph['path_leftover']);
+      req.log.trace(req.oadaGraph['path_leftover']);
       throw new OADAError('Path Leftover on Binary GEt');
     }
 
@@ -323,7 +318,7 @@ router.put(
 );
 
 router.put('/*', async function putResource(req, res, next) {
-  trace(`Saving PUT body for request ${req.id}`);
+  req.log.trace(`Saving PUT body for request ${req.id}`);
 
   if (
     req.header('content-type') &&
@@ -338,12 +333,12 @@ router.put('/*', async function putResource(req, res, next) {
 
   return putBodies
     .savePutBody(req.body)
-    .tap(() => trace(`PUT body saved for request ${req.id}`))
+    .tap(() => req.log.trace(`PUT body saved for request ${req.id}`))
     .get('_id')
 
     .then((bodyid) => {
-      trace('RESOURCE EXISTS %O', req.oadaGraph);
-      trace('RESOURCE EXISTS %O', req.resourceExists);
+      req.log.trace('RESOURCE EXISTS %O', req.oadaGraph);
+      req.log.trace('RESOURCE EXISTS %O', req.resourceExists);
       let ignoreLinks =
         (req.get('x-oada-ignore-links') || '').toLowerCase() == 'true';
       return requester.send(
@@ -367,7 +362,7 @@ router.put('/*', async function putResource(req, res, next) {
       );
     })
     .tap(function checkWrite(resp) {
-      trace(`Recieved write response for request ${req.id}`);
+      req.log.trace(`Recieved write response for request ${req.id}`);
       switch (resp.code) {
         case 'success':
           return;
@@ -428,7 +423,7 @@ router.delete('/*', function deleteLink(req, res, next) {
 });
 
 router.delete('/*', function deleteResource(req, res, next) {
-  trace(`Sending DELETE request for request ${req.id}`);
+  req.log.trace(`Sending DELETE request for request ${req.id}`);
   return requester
     .send(
       {
@@ -449,7 +444,7 @@ router.delete('/*', function deleteResource(req, res, next) {
       config.get('kafka:topics:writeRequest')
     )
     .tap(function checkDelete(resp) {
-      trace(`Recieved delete response for request ${req.id}`);
+      req.log.trace(`Recieved delete response for request ${req.id}`);
       switch (resp.code) {
         case 'success':
           return;

oada/services/http-handler/src/server.js

@@ -7,28 +7,30 @@ const ksuid = require('ksuid');
 const cors = require('cors');
 const wellKnownJson = require('well-known-json');
 const helmet = require('helmet');
+const pinoHttp = require('pino-http');
 const oadaError = require('oada-error');
 const { OADAError } = oadaError;
 
-const info = require('debug')('http-handler:server:info');
-const warn = require('debug')('http-handler:server:warn');
-const error = require('debug')('http-handler:server:error');
-const trace = require('debug')('http-handler:server:trace');
+const { pino } = require('@oada/pino-debug');
 
-var config = require('./config');
+const config = require('./config');
 
 /////////////////////////////////////////////////////////////////
 // Setup express:
 const http = require('http');
-var app = express();
-var server = http.createServer(app);
+const app = express();
+const server = http.createServer(app);
 const tokenLookup = require('./tokenLookup');
-var resources = require('./resources');
-var authorizations = require('./authorizations');
-var users = require('./users');
+const resources = require('./resources');
+const authorizations = require('./authorizations');
+const users = require('./users');
 require('./websockets')(server);
 
-var requester = require('./requester');
+const requester = require('./requester');
+
+// Use pino/pino-http for logging
+const logger = pino();
+app.use(pinoHttp({ logger }));
 
 app.use(helmet());
 
@@ -39,22 +41,15 @@ app.get('/favicon.ico', (req, res) => res.end());
 
 function start() {
   return Bluebird.fromCallback(function (done) {
-    info('Starting server...');
+    logger.info('Starting server...');
     server.listen(config.get('server:port'), done);
   }).tap(() => {
-    info('OADA Server started on port %d', config.get('server:port'));
+    logger.info('OADA Server started on port %d', config.get('server:port'));
   });
 }
 // Allow route handlers to return promises:
 app.use(expressPromise());
 
-// Log all requests before anything else gets them for debugging:
-app.use(function (req, res, next) {
-  trace('Received request: ' + req.method + ' ' + req.url);
-  trace('req.headers = %O' + req.headers);
-  trace('req.body = %O', req.body);
-  next();
-});
 // Turn on CORS for all domains, allow the necessary headers
 app.use(
   cors({
@@ -84,7 +79,7 @@ app.use(function requestId(req, res, next) {
   }
   res.set('X-Request-ID', req.id);
 
-  res.on('finish', () => trace(`finished request ${req.id}`));
+  res.on('finish', () => req.log.trace(`finished request ${req.id}`));
   next();
 });
 
@@ -103,11 +98,11 @@ app.use(function tokenHandler(req, res, next) {
   })
     .tap(function checkTok(tok) {
       if (!tok['token_exists']) {
-        info('Token does not exist');
+        req.log.info('Token does not exist');
         throw new OADAError('Unauthorized', 401);
       }
       if (tok.doc.expired) {
-        info('Token expired');
+        req.log.info('Token expired');
         throw new OADAError('Unauthorized', 401);
       }
     })
@@ -158,10 +153,6 @@ app.use(function (req) {
   );
 });
 
-///////////////////////////////////////////////////
-// Use OADA middleware to catch errors and respond
-app.use(oadaError.middleware(error));
-
 if (require.main === module) {
   start();
 }