kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

worksmobile 연동 & ory stack 26.2.0으로 업그레이드

Browse Source
This commit is contained in:
admin-bot
2026-05-06 09:30:00 +09:00
parent 3dcdd97882
commit 2495fcb13d
74 changed files with 8698 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
docker/ory/vector/vector.toml
View File

@@ -7,56 +7,60 @@
type = "remap"
inputs = ["oathkeeper_file"]
source = '''
.raw = .message
parsed = parse_json(.message) ?? {}
.timestamp = to_timestamp(.timestamp) ?? now()
.request_id = parsed.request_id ?? parsed.req_id ?? ""
request_method = get(parsed, ["request", "method"]) ?? ""
request_path = get(parsed, ["request", "path"]) ?? ""
request_url = get(parsed, ["request", "url"]) ?? ""
request_host = get(parsed, ["request", "host"]) ?? ""
request_scheme = get(parsed, ["request", "scheme"]) ?? ""
request_query = get(parsed, ["request", "query"]) ?? ""
.method = parsed.method ?? parsed.http_method ?? request_method ?? ""
.path = parsed.path ?? parsed.http_path ?? request_path ?? request_url ?? ""
raw = to_string(.message) ?? ""
parsed = parse_json(raw) ?? {}
request_method = to_string(get(parsed, ["request", "method"]) ?? "") ?? ""
request_path = to_string(get(parsed, ["request", "path"]) ?? "") ?? ""
request_url = to_string(get(parsed, ["request", "url"]) ?? "") ?? ""
request_host = to_string(get(parsed, ["request", "host"]) ?? "") ?? ""
request_scheme = to_string(get(parsed, ["request", "scheme"]) ?? "") ?? ""
request_query = to_string(get(parsed, ["request", "query"]) ?? "") ?? ""
response_status = get(parsed, ["response", "status"]) ?? 0
.status = to_int(parsed.status ?? parsed.status_code ?? response_status ?? 0) ?? 0
.latency_ms = to_int(parsed.latency_ms ?? parsed.duration_ms ?? parsed.took ?? 0) ?? 0
identity_id = get(parsed, ["identity", "id"]) ?? ""
.subject = parsed.subject ?? identity_id ?? ""
.client_ip = parsed.client_ip ?? parsed.remote_ip ?? parsed.ip ?? ""
identity_id = to_string(get(parsed, ["identity", "id"]) ?? "") ?? ""
headers = get(parsed, ["headers"]) ?? {}
.user_agent = parsed.user_agent
if is_null(.user_agent) { .user_agent = get(headers, ["User-Agent"]) }
if is_null(.user_agent) { .user_agent = "" }
.referer = get(headers, ["Referer"]) ?? ""
.decision = parsed.decision
if is_null(.decision) { .decision = parsed.result }
if is_null(.decision) { .decision = "" }
.trace_id = parsed.trace_id
if is_null(.trace_id) { .trace_id = "" }
.span_id = parsed.span_id
if is_null(.span_id) { .span_id = "" }
.rp = parsed.rp ?? ""
.action = parsed.action ?? ""
.target = parsed.target ?? ""
.rule_id = parsed.rule_id ?? get(parsed, ["rule", "id"]) ?? ""
parsed_url = {}
if request_url != "" { parsed_url = parse_url(request_url) ?? {} }
user_agent = to_string(get(headers, ["User-Agent"]) ?? "") ?? ""
referer = to_string(get(headers, ["Referer"]) ?? "") ?? ""
rule_id = to_string(get(parsed, ["rule", "id"]) ?? "") ?? ""
upstream_url = to_string(get(parsed, ["upstream", "url"]) ?? "") ?? ""
client_id = to_string(get(parsed, ["client", "id"]) ?? "") ?? ""
parent_session_id = to_string(get(parsed, ["extra", "parent_session_id"]) ?? "") ?? ""
parsed_url = parse_url(request_url) ?? {}
query_params = get(parsed_url, ["query"]) ?? {}
.client_id = parsed.client_id ?? get(parsed, ["client", "id"]) ?? get(query_params, ["client_id"]) ?? get(query_params, ["clientId"]) ?? ""
.parent_session_id = parsed.parent_session_id ?? get(parsed, ["extra", "parent_session_id"]) ?? ""
.host = parsed.host ?? request_host ?? ""
.scheme = parsed.scheme ?? request_scheme ?? ""
.query = parsed.query ?? request_query ?? ""
.upstream_url = parsed.upstream_url ?? get(parsed, ["upstream", "url"]) ?? ""
.bytes_in = to_int(parsed.bytes_in ?? parsed.request_bytes ?? 0) ?? 0
.bytes_out = to_int(parsed.bytes_out ?? parsed.response_bytes ?? 0) ?? 0
event_path = to_string(parsed.path) ?? to_string(parsed.http_path) ?? ""
if event_path == "" { event_path = request_path }
if event_path == "" { event_path = request_url }
event_client_id = to_string(parsed.client_id) ?? ""
if event_client_id == "" { event_client_id = client_id }
if event_client_id == "" { event_client_id = to_string(get(query_params, ["client_id"]) ?? "") ?? "" }
if event_client_id == "" { event_client_id = to_string(get(query_params, ["clientId"]) ?? "") ?? "" }
. = {
"request_id": to_string(parsed.request_id) ?? to_string(parsed.req_id) ?? "",
"method": to_string(parsed.method) ?? to_string(parsed.http_method) ?? request_method,
"path": event_path,
"status": to_int(parsed.status) ?? to_int(parsed.status_code) ?? to_int(response_status) ?? 0,
"latency_ms": to_int(parsed.latency_ms) ?? to_int(parsed.duration_ms) ?? to_int(parsed.took) ?? 0,
"client_id": event_client_id,
"rp": to_string(parsed.rp) ?? "",
"action": to_string(parsed.action) ?? "",
"target": to_string(parsed.target) ?? "",
"rule_id": to_string(parsed.rule_id) ?? rule_id,
"host": to_string(parsed.host) ?? request_host,
"scheme": to_string(parsed.scheme) ?? request_scheme,
"query": to_string(parsed.query) ?? request_query,
"upstream_url": to_string(parsed.upstream_url) ?? upstream_url,
"subject": to_string(parsed.subject) ?? identity_id,
"parent_session_id": to_string(parsed.parent_session_id) ?? parent_session_id,
"client_ip": to_string(parsed.client_ip) ?? to_string(parsed.remote_ip) ?? to_string(parsed.ip) ?? "",
"user_agent": to_string(parsed.user_agent) ?? user_agent,
"referer": referer,
"decision": to_string(parsed.decision) ?? to_string(parsed.result) ?? "",
"bytes_in": to_int(parsed.bytes_in) ?? to_int(parsed.request_bytes) ?? 0,
"bytes_out": to_int(parsed.bytes_out) ?? to_int(parsed.response_bytes) ?? 0,
"trace_id": to_string(parsed.trace_id) ?? "",
"span_id": to_string(parsed.span_id) ?? "",
"raw": raw
}
'''
[sinks.clickhouse]
@@ -66,3 +70,6 @@
database = "ory"
table = "oathkeeper_access_logs"
compression = "gzip"
auth.strategy = "basic"
auth.user = "${ORY_CLICKHOUSE_USER}"
auth.password = "${ORY_CLICKHOUSE_PASSWORD}"