Skip to content

Commit

Permalink
refactor(google-cloud-logging): unify google-cloud-oauth.lua file (#1…
Browse files Browse the repository at this point in the history 
…1596)
  • Loading branch information
@HuanXin-Chen
HuanXin-Chen authored Oct 3, 2024
1 parent 63046a8 commit 561e8e8
Show file tree
Hide file tree
Showing 10 changed files with 32 additions and 159 deletions.
3 changes: 0 additions & 3 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -305,9 +305,6 @@ install: runtime
$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/plugins/ext-plugin
$(ENV_INSTALL) apisix/plugins/ext-plugin/*.lua $(ENV_INST_LUADIR)/apisix/plugins/ext-plugin/

$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/plugins/google-cloud-logging
$(ENV_INSTALL) apisix/plugins/google-cloud-logging/*.lua $(ENV_INST_LUADIR)/apisix/plugins/google-cloud-logging/

$(ENV_INSTALL) -d $(ENV_INST_LUADIR)/apisix/plugins/grpc-transcode
$(ENV_INSTALL) apisix/plugins/grpc-transcode/*.lua $(ENV_INST_LUADIR)/apisix/plugins/grpc-transcode/

Expand Down
17 changes: 14 additions & 3 deletions apisix/plugins/google-cloud-logging.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ local tostring = tostring
local http = require("resty.http")
local log_util = require("apisix.utils.log-util")
local bp_manager_mod = require("apisix.utils.batch-processor-manager")
local google_oauth = require("apisix.plugins.google-cloud-logging.oauth")
local google_oauth = require("apisix.utils.google-cloud-oauth")


local lrucache = core.lrucache.new({
Expand All @@ -43,7 +43,7 @@ local schema = {
default = "https://oauth2.googleapis.com/token"
},
-- https://developers.google.com/identity/protocols/oauth2/scopes#logging
scopes = {
scope = {
type = "array",
items = {
description = "Google OAuth2 Authorization Scopes",
Expand All @@ -58,6 +58,15 @@ local schema = {
"https://www.googleapis.com/auth/cloud-platform"
}
},
scopes = {
type = "array",
items = {
description = "Google OAuth2 Authorization Scopes",
type = "string",
},
minItems = 1,
uniqueItems = true
},
entries_uri = {
type = "string",
default = "https://logging.googleapis.com/v2/entries:write"
Expand Down Expand Up @@ -168,7 +177,9 @@ local function create_oauth_object(conf)
return nil, err
end

return google_oauth:new(auth_conf, conf.ssl_verify)
auth_conf.scope = auth_conf.scopes or auth_conf.scope

return google_oauth.new(auth_conf, conf.ssl_verify)
end


Expand Down
137 changes: 0 additions & 137 deletions apisix/plugins/google-cloud-logging/oauth.lua
View file

This file was deleted.

5 changes: 3 additions & 2 deletions docs/en/latest/plugins/google-cloud-logging.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@ This plugin also allows to push logs as a batch to your Google Cloud Logging Ser
| auth_config.project_id | True | | Project ID in the Google Cloud service account. |
| auth_config.token_uri | True | https://oauth2.googleapis.com/token | Token URI of the Google Cloud service account. |
| auth_config.entries_uri | False | https://logging.googleapis.com/v2/entries:write | Google Cloud Logging Service API. |
| auth_config.scopes | False | ["https://www.googleapis.com/auth/logging.read", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/logging.admin", "https://www.googleapis.com/auth/cloud-platform"] | Access scopes of the Google Cloud service account. See [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes#logging). |
| auth_config.scope | False | ["https://www.googleapis.com/auth/logging.read", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/logging.admin", "https://www.googleapis.com/auth/cloud-platform"] | Access scopes of the Google Cloud service account. See [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes#logging). |
| auth_config.scopes | Deprecated | ["https://www.googleapis.com/auth/logging.read", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/logging.admin", "https://www.googleapis.com/auth/cloud-platform"] | Access scopes of the Google Cloud service account. Use `auth_config.scope` instead. |
| auth_file | True | | Path to the Google Cloud service account authentication JSON file. Either `auth_config` or `auth_file` must be provided. |
| ssl_verify | False | true | When set to `true`, enables SSL verification as mentioned in [OpenResty docs](https://github.com/openresty/lua-nginx-module#tcpsocksslhandshake). |
| resource | False | {"type": "global"} | Google monitor resource. See [MonitoredResource](https://cloud.google.com/logging/docs/reference/v2/rest/v2/MonitoredResource) for more details. |
Expand Down Expand Up @@ -141,7 +142,7 @@ curl http://127.0.0.1:9180/apisix/admin/routes/1 -H "X-API-KEY: $admin_key" -X P
"client_email":"your service account email@apisix.iam.gserviceaccount.com",
"private_key":"-----BEGIN RSA PRIVATE KEY-----your private key-----END RSA PRIVATE KEY-----",
"token_uri":"https://oauth2.googleapis.com/token",
"scopes":[
"scope":[
"https://www.googleapis.com/auth/logging.admin"
],
"entries_uri":"https://logging.googleapis.com/v2/entries:write"
Expand Down
5 changes: 3 additions & 2 deletions docs/zh/latest/plugins/google-cloud-logging.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@ description: API 网关 Apache APISIX 的 google-cloud-logging 插件可用于
| auth_config.project_id || | 谷歌服务帐号的项目 ID。 |
| auth_config.token_uri || https://oauth2.googleapis.com/token | 请求谷歌服务帐户的令牌的 URI。 |
| auth_config.entries_uri || https://logging.googleapis.com/v2/entries:write | 谷歌日志服务写入日志条目的 API。 |
| auth_config.scopes || | 谷歌服务账号的访问范围,可参考 [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes#logging)。可选项:"https://www.googleapis.com/auth/logging.read"、"https://www.googleapis.com/auth/logging.write"、"https://www.googleapis.com/auth/logging.admin"、"https://www.googleapis.com/auth/cloud-platform"。|
| auth_config.scope || | 谷歌服务账号的访问范围,可参考 [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes#logging)。可选项:"https://www.googleapis.com/auth/logging.read"、"https://www.googleapis.com/auth/logging.write"、"https://www.googleapis.com/auth/logging.admin"、"https://www.googleapis.com/auth/cloud-platform"。|
| auth_config.scopes | 废弃 | | 谷歌服务账号的访问范围,推荐使用 `auth_config.scope` |
| auth_file || | `auth_config``auth_file` 必须配置一个。 |
| ssl_verify || true | 当设置为 `true` 时,启用 `SSL` 验证。 |
| resource || {"type": "global"} | 谷歌监控资源,请参考 [MonitoredResource](https://cloud.google.com/logging/docs/reference/v2/rest/v2/MonitoredResource)|
Expand Down Expand Up @@ -142,7 +143,7 @@ curl http://127.0.0.1:9180/apisix/admin/routes/1 \
"client_email":"your service account email@apisix.iam.gserviceaccount.com",
"private_key":"-----BEGIN RSA PRIVATE KEY-----your private key-----END RSA PRIVATE KEY-----",
"token_uri":"https://oauth2.googleapis.com/token",
"scopes":[
"scope":[
"https://www.googleapis.com/auth/logging.admin"
],
"entries_uri":"https://logging.googleapis.com/v2/entries:write"
Expand Down
12 changes: 6 additions & 6 deletions t/plugin/google-cloud-logging.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ __DATA__
resource = {
type = "global"
},
scopes = {
scope = {
"https://www.googleapis.com/auth/logging.admin"
},
log_id = "syslog",
Expand Down Expand Up @@ -82,7 +82,7 @@ passed
resource = {
type = "global"
},
scopes = {
scope = {
"https://www.googleapis.com/auth/logging.admin"
},
log_id = "syslog",
Expand Down Expand Up @@ -205,7 +205,7 @@ tBXLQH7fw5H8RaxBN91yQUZombw6JnRBXKKohWHZ3Q==
-----END RSA PRIVATE KEY-----]],
project_id = "apisix",
token_uri = "http://127.0.0.1:1980/google/logging/token",
scopes = {
scope = {
"https://apisix.apache.org/logs:admin"
},
entries_uri = "http://127.0.0.1:1980/google/logging/entries",
Expand Down Expand Up @@ -382,7 +382,7 @@ kEJQcmfVew5mFXyxuEn3zA==
-----END PRIVATE KEY-----]],
project_id = "apisix",
token_uri = "http://127.0.0.1:1980/google/logging/token",
scopes = {
scope = {
"https://apisix.apache.org/logs:admin"
},
entries_uri = "http://127.0.0.1:1980/google/logging/entries",
Expand Down Expand Up @@ -465,7 +465,7 @@ kEJQcmfVew5mFXyxuEn3zA==
-----END PRIVATE KEY-----]],
project_id = "apisix",
token_uri = "http://127.0.0.1:1980/google/logging/token?token_type=Basic",
scopes = {
scope = {
"https://apisix.apache.org/logs:admin"
},
entries_uri = "http://127.0.0.1:1980/google/logging/entries?token_type=Basic",
Expand Down Expand Up @@ -548,7 +548,7 @@ kEJQcmfVew5mFXyxuEn3zA==
-----END PRIVATE KEY-----]],
project_id = "apisix",
token_uri = "http://127.0.0.1:1980/google/logging/token?token_type=Basic",
scopes = {
scope = {
"https://apisix.apache.org/logs:admin"
},
entries_uri = "http://127.0.0.1:1980/google/logging/entries",
Expand Down
2 changes: 1 addition & 1 deletion t/plugin/google-cloud-logging/config-https-domain.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDDzrFwnA3EvYyR\naeMgaLD3hBjvxKrz10uox1X8q7YYhf2ViRtLRUMa2bEMYksE5hbhwpNf6mKAnLOC\nUuAT6cPPdUl/agKpJXviBPIR2LuzD17WsLJHp1HxUDssSkgfCaGcOGGNfLUhhIpF\n2JUctLmxiZoAZySlSjcwupSuDJ0aPm0XO8r9H8Qu5kF2Vkz5e5bFivLTmvzrQTe4\nv5V1UI6hThElCSeUmdNF3uG3wopxlvq4zXgLTnuLbrNf/Gc4mlpV+UDgTISj32Ep\nAB2vxKEbvQw4ti8YJnGXWjxLerhfrszFw+V8lpeduiDYA44ZFoVqvzxeIsVZNtcw\nIu7PvEPNAgMBAAECggEAVpyN9m7A1F631/aLheFpLgMbeKt4puV7zQtnaJ2XrZ9P\nPR7pmNDpTu4uF3k/D8qrIm+L+uhVa+hkquf3wDct6w1JVnfQ93riImbnoKdK13ic\nDcEZCwLjByfjFMNCxZ/gAZca55fbExlqhFy6EHmMjhB8s2LsXcTHRuGxNI/Vyi49\nsxECibe0U53aqdJbVWrphIS67cpwl4TUkN6mrHsNuDYNJ9dgkpapoqp4FTFQsBqC\nafOK5qgJ68dWZ47FBUng+AZjdCncqAIuJxxItGVQP6YPsFs+OXcivIVHJr363TpC\nl85FfdvqWV5OGBbwSKhNwiTNUVvfSQVmtURGWG/HbQKBgQD4gZ1z9+Lx19kT9WTz\nlw93lxso++uhAPDTKviyWSRoEe5aN3LCd4My+/Aj+sk4ON/s2BV3ska5Im93j+vC\nrCv3uPn1n2jUhWuJ3bDqipeTW4n/CQA2m/8vd26TMk22yOkkqw2MIA8sjJ//SD7g\ntdG7up6DgGMP4hgbO89uGU7DAwKBgQDJtkKd0grh3u52Foeh9YaiAgYRwc65IE16\nUyD1OJxIuX/dYQDLlo5KyyngFa1ZhWIs7qC7r3xXH+10kfJY+Q+5YMjmZjlL8SR1\nUjqd02R9F2//6OeswyReachJZbZdtiEw3lPa4jVFYfhSe0M2ZPxMwvoXb25eyCNI\n1lYjSKq87wKBgHnLTNghjeDp4UKe6rNYPgRm0rDrhziJtX5JeUov1mALKb6dnmkh\nGfRK9g8sQqKDfXwfC6Z2gaMK9YaryujGaWYoCpoPXtmJ6oLPXH4XHuLh4mhUiP46\nxn8FEfSimuQS4/FMxH8A128GHQSI7AhGFFzlwfrBWcvXC+mNDsTvMmLxAoGARc+4\nupppfccETQZ7JsitMgD1TMwA2f2eEwoWTAitvlXFNT9PYSbYVHaAJbga6PLLCbYF\nFzAjHpxEOKYSdEyu7n/ayDL0/Z2V+qzc8KarDsg/0RgwppBbU/nUgeKb/U79qcYo\ny4ai3UKNCS70Ei1dTMvmdpnwXwlxfNIBufB6dy0CgYBMYq9Lc31GkC6PcGEEbx6W\nvjImOadWZbuOVnvEQjb5XCdcOsWsMcg96PtoeuyyHmhnEF1GsMzcIdQv/PHrvYpK\nYp8D0aqsLEgwGrJQER26FPpKmyIwvcL+nm6q5W31PnU9AOC/WEkB6Zs58hsMzD2S\nkEJQcmfVew5mFXyxuEn3zA==\n-----END PRIVATE KEY-----",
"project_id": "apisix",
"token_uri": "https://test.com:1983/google/logging/token",
"scopes": [
"scope": [
"https://apisix.apache.org/logs:admin"
],
"entries_uri": "https://test.com:1983/google/logging/entries"
Expand Down
Loading

0 comments on commit 561e8e8

Please sign in to comment.