chore: unify span names

driver/configuration/provider_koanf_public_test.go

@@ -248,7 +248,7 @@ func TestKoanfProvider(t *testing.T) {
 		})
 
 		t.Run("authenticator=cookie_session", func(t *testing.T) {
-			a := authn.NewAuthenticatorCookieSession(p, nil)
+			a := authn.NewAuthenticatorCookieSession(p, trace.NewNoopTracerProvider())
 			assert.True(t, p.AuthenticatorIsEnabled(a.GetID()))
 			require.NoError(t, a.Validate(nil))
 

middleware/grpc_middleware.go

@@ -17,6 +17,7 @@ import (
 	"google.golang.org/grpc/metadata"
 
 	"github.com/ory/herodot"
+	"github.com/ory/x/otelx"
 
 	"github.com/ory/oathkeeper/rule"
 )
@@ -73,8 +74,8 @@ func (m *middleware) UnaryInterceptor() grpc.UnaryServerInterceptor {
 }
 
 func (m *middleware) unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
-	traceCtx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("oathkeeper/middleware").Start(ctx, "Oathkeeper.UnaryInterceptor")
-	defer span.End()
+	traceCtx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("oathkeeper/middleware").Start(ctx, "middleware.UnaryInterceptor")
+	defer otelx.End(span, &err)
 
 	log := m.Logger().WithField("middleware", "oathkeeper")
 
@@ -122,8 +123,8 @@ func (m *middleware) streamInterceptor(
 	info *grpc.StreamServerInfo,
 	handler grpc.StreamHandler) (err error) {
 	ctx := stream.Context()
-	ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("oathkeeper/middleware").Start(ctx, "Oathkeeper.UnaryInterceptor")
-	defer span.End()
+	ctx, span := trace.SpanFromContext(ctx).TracerProvider().Tracer("oathkeeper/middleware").Start(ctx, "middleware.StreamInterceptor")
+	otelx.End(span, &err)
 
 	log := m.Logger().WithField("middleware", "oathkeeper")
 

pipeline/authn/authenticator_bearer_token.go

@@ -17,6 +17,7 @@ import (
 	"github.com/ory/oathkeeper/helper"
 	"github.com/ory/oathkeeper/pipeline"
 	"github.com/ory/oathkeeper/x/header"
+	"github.com/ory/x/otelx"
 	"github.com/ory/x/stringsx"
 )
 
@@ -74,6 +75,7 @@ func (a *AuthenticatorBearerTokenConfiguration) GetForceMethod() string {
 type AuthenticatorBearerToken struct {
 	c      configuration.Provider
 	client *http.Client
+	tracer trace.Tracer
 }
 
 var _ AuthenticatorForwardConfig = new(AuthenticatorBearerTokenConfiguration)
@@ -85,8 +87,9 @@ func NewAuthenticatorBearerToken(c configuration.Provider, provider trace.Tracer
 			Transport: otelhttp.NewTransport(
 				http.DefaultTransport,
 				otelhttp.WithTracerProvider(provider),
-				otelhttp.WithSpanNameFormatter(func(operation string, r *http.Request) string { return "authn.bearer_token" })),
+			),
 		},
+		tracer: provider.Tracer("oauthkeeper/pipeline/authn"),
 	}
 }
 
@@ -123,7 +126,11 @@ func (a *AuthenticatorBearerToken) Config(config json.RawMessage) (*Authenticato
 	return &c, nil
 }
 
-func (a *AuthenticatorBearerToken) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error {
+func (a *AuthenticatorBearerToken) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
+	ctx, span := a.tracer.Start(r.Context(), "pipeline.authn.AuthenticatorBearerToken.Authenticate")
+	defer otelx.End(span, &err)
+	r = r.WithContext(ctx)
+
 	cf, err := a.Config(config)
 	if err != nil {
 		return err

pipeline/authn/authenticator_cookie_session.go

@@ -16,6 +16,7 @@ import (
 	"github.com/tidwall/gjson"
 
 	"github.com/ory/oathkeeper/x/header"
+	"github.com/ory/x/otelx"
 	"github.com/ory/x/stringsx"
 
 	"github.com/ory/herodot"
@@ -78,6 +79,7 @@ func (a *AuthenticatorCookieSessionConfiguration) GetForceMethod() string {
 type AuthenticatorCookieSession struct {
 	c      configuration.Provider
 	client *http.Client
+	tracer trace.Tracer
 }
 
 var _ AuthenticatorForwardConfig = new(AuthenticatorCookieSessionConfiguration)
@@ -89,8 +91,9 @@ func NewAuthenticatorCookieSession(c configuration.Provider, provider trace.Trac
 			Transport: otelhttp.NewTransport(
 				http.DefaultTransport,
 				otelhttp.WithTracerProvider(provider),
-				otelhttp.WithSpanNameFormatter(func(operation string, r *http.Request) string { return "authn.cookie_session" })),
+			),
 		},
+		tracer: provider.Tracer("oauthkeeper/pipeline/authn"),
 	}
 }
 
@@ -127,7 +130,11 @@ func (a *AuthenticatorCookieSession) Config(config json.RawMessage) (*Authentica
 	return &c, nil
 }
 
-func (a *AuthenticatorCookieSession) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error {
+func (a *AuthenticatorCookieSession) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
+	ctx, span := a.tracer.Start(r.Context(), "pipeline.authn.AuthenticatorCookieSession.Authenticate")
+	defer otelx.End(span, &err)
+	r = r.WithContext(ctx)
+
 	cf, err := a.Config(config)
 	if err != nil {
 		return err

pipeline/authn/authenticator_jwt.go

@@ -75,7 +75,7 @@ func (a *AuthenticatorJWT) Config(config json.RawMessage) (*AuthenticatorOAuth2J
 }
 
 func (a *AuthenticatorJWT) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
-	ctx, span := a.r.Tracer().Start(r.Context(), "authn.jwt")
+	ctx, span := a.r.Tracer().Start(r.Context(), "pipeline.authn.AuthenticatorJWT.Authenticate")
 	defer otelx.End(span, &err)
 	r = r.WithContext(ctx)
 

pipeline/authn/authenticator_oauth2_introspection.go

@@ -177,7 +177,7 @@ func (a *AuthenticatorOAuth2Introspection) tokenToCache(config *AuthenticatorOAu
 
 func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, session *AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
 	tp := trace.SpanFromContext(r.Context()).TracerProvider()
-	ctx, span := tp.Tracer("oauthkeeper/pipeline/authn").Start(r.Context(), "authn.oauth2_introspection")
+	ctx, span := tp.Tracer("oauthkeeper/pipeline/authn").Start(r.Context(), "pipeline.authn.AuthenticatorOAuth2Introspection.Authenticate")
 	defer otelx.End(span, &err)
 	r = r.WithContext(ctx)
 

pipeline/authz/keto_engine_acp_ory.go

@@ -97,7 +97,7 @@ func (a *AuthorizerKetoEngineACPORY) WithContextCreator(f authorizerKetoWardenCo
 }
 
 func (a *AuthorizerKetoEngineACPORY) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
-	ctx, span := a.tracer.Start(r.Context(), "authz.keto_engine_acp_ory")
+	ctx, span := a.tracer.Start(r.Context(), "pipeline.authz.AuthorizerKetoEngineACPORY.Authorize")
 	defer otelx.End(span, &err)
 	r = r.WithContext(ctx)
 

pipeline/authz/remote.go

@@ -65,7 +65,7 @@ func (a *AuthorizerRemote) GetID() string {
 
 // Authorize implements the Authorizer interface.
 func (a *AuthorizerRemote) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, rl pipeline.Rule) (err error) {
-	ctx, span := a.tracer.Start(r.Context(), "authz.remote")
+	ctx, span := a.tracer.Start(r.Context(), "pipeline.authz.AuthorizerRemote.Authorize")
 	defer otelx.End(span, &err)
 	r = r.WithContext(ctx)
 

pipeline/authz/remote_json.go

@@ -70,7 +70,7 @@ func (a *AuthorizerRemoteJSON) GetID() string {
 
 // Authorize implements the Authorizer interface.
 func (a *AuthorizerRemoteJSON) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, _ pipeline.Rule) (err error) {
-	ctx, span := a.tracer.Start(r.Context(), "authz.remote_json")
+	ctx, span := a.tracer.Start(r.Context(), "pipeline.authz.AuthorizerRemoteJSON.Authorize")
 	defer otelx.End(span, &err)
 	r = r.WithContext(ctx)