Add in ability to load DEBUG middleware
This change adds a new config group ``[wsgi]`` with the ability to load in the oslo.middleware Debug middleware. The DEBUG middleware is placed as the first middleware in the chain printing out raw request/response data closest to the edge of the applciation. The new option is ``debug_middleware`` and is boolean. It defaults to "False". This option should never be set in production as it can and will leak sensitive information via the printed data. Change-Id: I013e38f3578e6ea8e5bad3123fe47bf93b840b43
This commit is contained in:
parent
4ec6bc5a44
commit
81caf3eb71
|
@ -49,6 +49,7 @@ from keystone.conf import token
|
|||
from keystone.conf import tokenless_auth
|
||||
from keystone.conf import trust
|
||||
from keystone.conf import unified_limit
|
||||
from keystone.conf import wsgi
|
||||
|
||||
CONF = cfg.CONF
|
||||
|
||||
|
@ -84,6 +85,7 @@ conf_modules = [
|
|||
tokenless_auth,
|
||||
trust,
|
||||
unified_limit,
|
||||
wsgi
|
||||
]
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,45 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
|
||||
from keystone.conf import utils
|
||||
|
||||
|
||||
debug_middlware = cfg.BoolOpt(
|
||||
'debug_middleware',
|
||||
default=False,
|
||||
help=utils.fmt("""
|
||||
If set to true, this enables the oslo debug middleware in Keystone. This
|
||||
Middleware prints a lot of information about the request and the response. It
|
||||
is useful for getting information about the data on the wire (decoded) and
|
||||
passed to the WSGI application pipeline.
|
||||
|
||||
This middleware is inserted as the first element in the middleware chain
|
||||
and will show the data closest to the wire.
|
||||
|
||||
WARNING: NOT INTENDED FOR USE IN PRODUCTION. THIS MIDDLEWARE CAN AND WILL EMIT
|
||||
SENSITIVE/PRIVILEGED DATA.
|
||||
"""))
|
||||
|
||||
GROUP_NAME = __name__.split('.')[-1]
|
||||
ALL_OPTS = [
|
||||
debug_middlware,
|
||||
]
|
||||
|
||||
|
||||
def register_opts(conf):
|
||||
conf.register_opts(ALL_OPTS, group=GROUP_NAME)
|
||||
|
||||
|
||||
def list_opts():
|
||||
return {GROUP_NAME: ALL_OPTS}
|
|
@ -90,7 +90,19 @@ def setup_app_middleware(application):
|
|||
# explicitly; reverse order to ensure the first element in _APP_MIDDLEWARE
|
||||
# processes the request first.
|
||||
|
||||
for mw in reversed(_APP_MIDDLEWARE):
|
||||
MW = _APP_MIDDLEWARE
|
||||
|
||||
# Add in optional (config-based) middleware
|
||||
# NOTE(morgan): Each of these may need to be in a specific location
|
||||
# within the pipeline therefore cannot be magically appended/prepended
|
||||
if CONF.wsgi.debug_middleware:
|
||||
# Add in the Debug Middleware
|
||||
MW = (_Middleware(namespace='keystone.server_middleware',
|
||||
ep='debug',
|
||||
conf={}),) + _APP_MIDDLEWARE
|
||||
|
||||
# Apply the middleware to the application.
|
||||
for mw in reversed(MW):
|
||||
# TODO(morgan): Explore moving this to ExtensionManager, but we
|
||||
# want to be super careful about what middleware we load and in
|
||||
# what order. DriverManager gives us that capability and only loads
|
||||
|
|
Loading…
Reference in New Issue