From 3bd7c7bf6d1b68e44756014dc56a2adc1b73f53e Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Tue, 6 Feb 2024 18:01:11 +0100 Subject: [PATCH] feat: improved webhook tracing --- courier/template/load_template.go | 6 +- courier/template/template.go | 8 +- driver/registry_default.go | 12 +- go.mod | 14 +-- go.sum | 28 ++--- persistence/sql/batch/create.go | 5 +- .../sql/identity/persister_identity.go | 106 +++++++++++++----- persistence/sql/persister.go | 5 +- persistence/sql/persister_code.go | 6 +- persistence/sql/persister_continuity.go | 19 ++-- persistence/sql/persister_courier.go | 30 ++--- persistence/sql/persister_login.go | 23 ++-- persistence/sql/persister_login_code.go | 17 +-- persistence/sql/persister_recovery.go | 31 ++--- persistence/sql/persister_recovery_code.go | 13 ++- persistence/sql/persister_registration.go | 19 ++-- .../sql/persister_registration_code.go | 17 +-- persistence/sql/persister_settings.go | 21 ++-- persistence/sql/persister_verification.go | 31 ++--- .../sql/persister_verification_code.go | 13 ++- persistence/sql/update/update.go | 5 +- request/builder.go | 4 +- selfservice/hook/web_hook.go | 14 ++- selfservice/strategy/code/code_sender.go | 4 +- selfservice/strategy/link/sender.go | 6 +- .../strategy/oidc/provider_linkedin_test.go | 15 ++- selfservice/strategy/oidc/strategy_login.go | 3 +- x/http.go | 2 +- 28 files changed, 276 insertions(+), 201 deletions(-) diff --git a/courier/template/load_template.go b/courier/template/load_template.go index 8ecb7ba9fbae..a34427949e95 100644 --- a/courier/template/load_template.go +++ b/courier/template/load_template.go @@ -13,10 +13,8 @@ import ( "path/filepath" "text/template" - "github.com/hashicorp/go-retryablehttp" - + "github.com/ory/kratos/x" "github.com/ory/x/fetcher" - "github.com/ory/x/httpx" "github.com/Masterminds/sprig/v3" lru "github.com/hashicorp/golang-lru" @@ -33,7 +31,7 @@ type Template interface { } type templateDependencies interface { - HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client + x.HTTPClientProvider } func loadBuiltInTemplate(filesystem fs.FS, name string, html bool) (Template, error) { diff --git a/courier/template/template.go b/courier/template/template.go index bf7074990253..e1cd68f8c180 100644 --- a/courier/template/template.go +++ b/courier/template/template.go @@ -4,15 +4,11 @@ package template import ( - "context" - - "github.com/hashicorp/go-retryablehttp" - "github.com/ory/kratos/driver/config" - "github.com/ory/x/httpx" + "github.com/ory/kratos/x" ) type Dependencies interface { CourierConfig() config.CourierConfigs - HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client + x.HTTPClientProvider } diff --git a/driver/registry_default.go b/driver/registry_default.go index 890fb7d2f5eb..9317846d81f0 100644 --- a/driver/registry_default.go +++ b/driver/registry_default.go @@ -19,6 +19,7 @@ import ( "github.com/hashicorp/go-retryablehttp" "github.com/luna-duclos/instrumentedsql" "github.com/pkg/errors" + "go.opentelemetry.io/otel/trace/noop" "github.com/ory/herodot" "github.com/ory/kratos/cipher" @@ -815,16 +816,13 @@ func (m *RegistryDefault) PrometheusManager() *prometheus.MetricsManager { return m.pmm } -func (m *RegistryDefault) HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client { +func (m *RegistryDefault) HTTPClient(_ context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client { opts = append(opts, httpx.ResilientClientWithLogger(m.Logger()), httpx.ResilientClientWithMaxRetry(2), - httpx.ResilientClientWithConnectionTimeout(30*time.Second)) - - tracer := m.Tracer(ctx) - if tracer.IsLoaded() { - opts = append(opts, httpx.ResilientClientWithTracer(tracer.Tracer())) - } + httpx.ResilientClientWithConnectionTimeout(30*time.Second), + httpx.ResilientClientWithTracer(noop.NewTracerProvider().Tracer("Ory Kratos")), // will use the tracer from a context if available + ) // One of the few exceptions, this usually should not be hot reloaded. if m.Config().ClientHTTPNoPrivateIPRanges(contextx.RootContext) { diff --git a/go.mod b/go.mod index d0399c35b47b..22e8187de37e 100644 --- a/go.mod +++ b/go.mod @@ -74,7 +74,7 @@ require ( github.com/ory/jsonschema/v3 v3.0.8 github.com/ory/mail/v3 v3.0.0 github.com/ory/nosurf v1.2.7 - github.com/ory/x v0.0.613 + github.com/ory/x v0.0.614 github.com/peterhellberg/link v1.2.0 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 github.com/pkg/errors v0.9.1 @@ -92,10 +92,10 @@ require ( github.com/tidwall/sjson v1.2.5 github.com/urfave/negroni v1.0.0 github.com/zmb3/spotify/v2 v2.4.0 - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 - go.opentelemetry.io/otel v1.21.0 + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 + go.opentelemetry.io/otel v1.22.0 go.opentelemetry.io/otel/sdk v1.21.0 - go.opentelemetry.io/otel/trace v1.21.0 + go.opentelemetry.io/otel/trace v1.22.0 golang.org/x/crypto v0.18.0 golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa golang.org/x/net v0.20.0 @@ -145,7 +145,7 @@ require ( github.com/fxamacker/cbor/v2 v2.4.0 // indirect github.com/go-crypt/x v0.2.1 // indirect github.com/go-jose/go-jose/v3 v3.0.1 // indirect - github.com/go-logr/logr v1.3.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.21.4 // indirect github.com/go-openapi/errors v0.20.4 // indirect @@ -294,7 +294,7 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xtgo/uuid v0.0.0-20140804021211-a0b114877d4c // indirect go.mongodb.org/mongo-driver v1.11.3 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.46.1 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.47.0 // indirect go.opentelemetry.io/contrib/propagators/b3 v1.21.0 // indirect go.opentelemetry.io/contrib/propagators/jaeger v1.21.1 // indirect go.opentelemetry.io/contrib/samplers/jaegerremote v0.15.1 // indirect @@ -302,7 +302,7 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.21.0 // indirect; / indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.21.0 // indirect; / indirect go.opentelemetry.io/otel/exporters/zipkin v1.21.0 // indirect; / indirect - go.opentelemetry.io/otel/metric v1.21.0 // indirect + go.opentelemetry.io/otel/metric v1.22.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/sys v0.16.0 // indirect diff --git a/go.sum b/go.sum index 4bd6bd41d159..d559b4b6ef35 100644 --- a/go.sum +++ b/go.sum @@ -215,8 +215,8 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= @@ -819,8 +819,8 @@ github.com/ory/nosurf v1.2.7 h1:YrHrbSensQyU6r6HT/V5+HPdVEgrOTMJiLoJABSBOp4= github.com/ory/nosurf v1.2.7/go.mod h1:d4L3ZBa7Amv55bqxCBtCs63wSlyaiCkWVl4vKf3OUxA= github.com/ory/sessions v1.2.2-0.20220110165800-b09c17334dc2 h1:zm6sDvHy/U9XrGpixwHiuAwpp0Ock6khSVHkrv6lQQU= github.com/ory/sessions v1.2.2-0.20220110165800-b09c17334dc2/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= -github.com/ory/x v0.0.613 h1:MHT0scH7hcrOkc3aH7qqYLzXVJkjhB0szWTwpD2lh8Q= -github.com/ory/x v0.0.613/go.mod h1:uH065puz8neija0neqwIN3PmXXfDsB9VbZTZ20Znoos= +github.com/ory/x v0.0.614 h1:amqUBxoY5Z0fN+WqH1sLLtGuJa5GYOBo76LyrwJC0dc= +github.com/ory/x v0.0.614/go.mod h1:uH065puz8neija0neqwIN3PmXXfDsB9VbZTZ20Znoos= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -1039,18 +1039,18 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.46.1 h1:gbhw/u49SS3gkPWiYweQNJGm/uJN5GkI/FrosxSHT7A= -go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.46.1/go.mod h1:GnOaBaFQ2we3b9AGWJpsBa7v1S5RlQzlC3O7dRMxZhM= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo= +go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.47.0 h1:rw+yB4sMhufNzbVHGG9SDMSrw1CKSnRqfjJnMpAH4dE= +go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.47.0/go.mod h1:2NonlJyJNVbDK/hCwiLsu5gsD2bVtmIzQ/tGzWq58us= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw= go.opentelemetry.io/contrib/propagators/b3 v1.21.0 h1:uGdgDPNzwQWRwCXJgw/7h29JaRqcq9B87Iv4hJDKAZw= go.opentelemetry.io/contrib/propagators/b3 v1.21.0/go.mod h1:D9GQXvVGT2pzyTfp1QBOnD1rzKEWzKjjwu5q2mslCUI= go.opentelemetry.io/contrib/propagators/jaeger v1.21.1 h1:f4beMGDKiVzg9IcX7/VuWVy+oGdjx3dNJ72YehmtY5k= go.opentelemetry.io/contrib/propagators/jaeger v1.21.1/go.mod h1:U9jhkEl8d1LL+QXY7q3kneJWJugiN3kZJV2OWz3hkBY= go.opentelemetry.io/contrib/samplers/jaegerremote v0.15.1 h1:Qb+5A+JbIjXwO7l4HkRUhgIn4Bzz0GNS2q+qdmSx+0c= go.opentelemetry.io/contrib/samplers/jaegerremote v0.15.1/go.mod h1:G4vNCm7fRk0kjZ6pGNLo5SpLxAUvOfSrcaegnT8TPck= -go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= -go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= +go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y= +go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI= go.opentelemetry.io/otel/exporters/jaeger v1.17.0 h1:D7UpUy2Xc2wsi1Ras6V40q806WM07rqoCWzXu7Sqy+4= go.opentelemetry.io/otel/exporters/jaeger v1.17.0/go.mod h1:nPCqOnEH9rNLKqH/+rrUjiMzHJdV1BlpKcTwRTyKkKI= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.21.0 h1:cl5P5/GIfFh4t6xyruOgJP5QiA1pw4fYYdv6nc6CBWw= @@ -1059,12 +1059,12 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.21.0 h1:digkE go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.21.0/go.mod h1:/OpE/y70qVkndM0TrxT4KBoN3RsFZP0QaofcfYrj76I= go.opentelemetry.io/otel/exporters/zipkin v1.21.0 h1:D+Gv6lSfrFBWmQYyxKjDd0Zuld9SRXpIrEsKZvE4DO4= go.opentelemetry.io/otel/exporters/zipkin v1.21.0/go.mod h1:83oMKR6DzmHisFOW3I+yIMGZUTjxiWaiBI8M8+TU5zE= -go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= -go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= +go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg= +go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY= go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8= go.opentelemetry.io/otel/sdk v1.21.0/go.mod h1:Nna6Yv7PWTdgJHVRD9hIYywQBRx7pbox6nwBnZIxl/E= -go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= -go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= +go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0= +go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= diff --git a/persistence/sql/batch/create.go b/persistence/sql/batch/create.go index 801dcbdd96b5..38254a3b2a80 100644 --- a/persistence/sql/batch/create.go +++ b/persistence/sql/batch/create.go @@ -13,6 +13,8 @@ import ( "time" "github.com/jmoiron/sqlx/reflectx" + "go.opentelemetry.io/otel/attribute" + "go.opentelemetry.io/otel/trace" "github.com/ory/x/dbal" @@ -168,7 +170,8 @@ func buildInsertQueryValues[T any](dialect string, mapper *reflectx.Mapper, colu // Create batch-inserts the given models into the database using a single INSERT statement. // The models are either all created or none. func Create[T any](ctx context.Context, p *TracerConnection, models []*T) (err error) { - ctx, span := p.Tracer.Tracer().Start(ctx, "persistence.sql.batch.Create") + ctx, span := p.Tracer.Tracer().Start(ctx, "persistence.sql.batch.Create", + trace.WithAttributes(attribute.Int("count", len(models)))) defer otelx.End(span, &err) if len(models) == 0 { diff --git a/persistence/sql/identity/persister_identity.go b/persistence/sql/identity/persister_identity.go index 00f3a22d38dd..b07275918e17 100644 --- a/persistence/sql/identity/persister_identity.go +++ b/persistence/sql/identity/persister_identity.go @@ -89,7 +89,10 @@ func (p *IdentityPersister) GetConnection(ctx context.Context) *pop.Connection { } func (p *IdentityPersister) ListVerifiableAddresses(ctx context.Context, page, itemsPerPage int) (a []identity.VerifiableAddress, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListVerifiableAddresses") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListVerifiableAddresses", + trace.WithAttributes( + attribute.Int("per_page", itemsPerPage), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) if err := p.GetConnection(ctx).Where("nid = ?", p.NetworkID(ctx)).Order("id DESC").Paginate(page, x.MaxItemsPerPage(itemsPerPage)).All(&a); err != nil { @@ -100,7 +103,10 @@ func (p *IdentityPersister) ListVerifiableAddresses(ctx context.Context, page, i } func (p *IdentityPersister) ListRecoveryAddresses(ctx context.Context, page, itemsPerPage int) (a []identity.RecoveryAddress, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListRecoveryAddresses") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListRecoveryAddresses", + trace.WithAttributes( + attribute.Int("per_page", itemsPerPage), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) if err := p.GetConnection(ctx).Where("nid = ?", p.NetworkID(ctx)).Order("id DESC").Paginate(page, x.MaxItemsPerPage(itemsPerPage)).All(&a); err != nil { @@ -136,7 +142,9 @@ func NormalizeIdentifier(ct identity.CredentialsType, match string) string { } func (p *IdentityPersister) FindIdentityByCredentialIdentifier(ctx context.Context, identifier string, caseSensitive bool) (_ *identity.Identity, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindIdentityByCredentialIdentifier") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindIdentityByCredentialIdentifier", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) var find struct { @@ -167,6 +175,7 @@ LIMIT 1`, return nil, sqlcon.HandleError(err) } + span.SetAttributes(attribute.Stringer("identity.id", find.IdentityID)) i, err := p.GetIdentity(ctx, find.IdentityID, identity.ExpandDefault) if err != nil { @@ -178,7 +187,9 @@ LIMIT 1`, } func (p *IdentityPersister) FindByCredentialsIdentifier(ctx context.Context, ct identity.CredentialsType, match string) (_ *identity.Identity, _ *identity.Credentials, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindByCredentialsIdentifier") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindByCredentialsIdentifier", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) nid := p.NetworkID(ctx) @@ -215,6 +226,8 @@ func (p *IdentityPersister) FindByCredentialsIdentifier(ctx context.Context, ct return nil, nil, sqlcon.HandleError(err) } + span.SetAttributes(attribute.String("identity.id", find.IdentityID.String())) + i, err := p.GetIdentityConfidential(ctx, find.IdentityID) if err != nil { return nil, nil, err @@ -259,7 +272,10 @@ func (p *IdentityPersister) findIdentityCredentialsType(ctx context.Context, ct } func (p *IdentityPersister) createIdentityCredentials(ctx context.Context, conn *pop.Connection, identities ...*identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createIdentityCredentials") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createIdentityCredentials", + trace.WithAttributes( + attribute.Int("num_identities", len(identities)), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) var ( @@ -330,7 +346,10 @@ func (p *IdentityPersister) createIdentityCredentials(ctx context.Context, conn } func (p *IdentityPersister) createVerifiableAddresses(ctx context.Context, conn *pop.Connection, identities ...*identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createVerifiableAddresses") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createVerifiableAddresses", + trace.WithAttributes( + attribute.Int("num_identities", len(identities)), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) work := make([]*identity.VerifiableAddress, 0, len(identities)) @@ -347,7 +366,10 @@ func updateAssociation[T interface { Hash() string }](ctx context.Context, p *IdentityPersister, i *identity.Identity, inID []T, ) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.updateAssociation") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.updateAssociation", + trace.WithAttributes( + attribute.Stringer("identity.id", i.ID), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) var inDB []T @@ -431,7 +453,10 @@ func (p *IdentityPersister) normalizeRecoveryAddresses(ctx context.Context, id * } func (p *IdentityPersister) createRecoveryAddresses(ctx context.Context, conn *pop.Connection, identities ...*identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createRecoveryAddresses") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.createRecoveryAddresses", + trace.WithAttributes( + attribute.Int("num_identities", len(identities)), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) // https://go.dev/play/p/b1kU5Bme2Fr @@ -446,25 +471,33 @@ func (p *IdentityPersister) createRecoveryAddresses(ctx context.Context, conn *p } func (p *IdentityPersister) CountIdentities(ctx context.Context) (n int64, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CountIdentities") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CountIdentities", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) count, err := p.c.WithContext(ctx).Where("nid = ?", p.NetworkID(ctx)).Count(new(identity.Identity)) if err != nil { return 0, sqlcon.HandleError(err) } + span.SetAttributes(attribute.Int("num_identities", count)) return int64(count), nil } func (p *IdentityPersister) CreateIdentity(ctx context.Context, ident *identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateIdentity") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateIdentity", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) return p.CreateIdentities(ctx, ident) } func (p *IdentityPersister) CreateIdentities(ctx context.Context, identities ...*identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateIdentities") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateIdentities", + trace.WithAttributes( + attribute.Int("num_identities", len(identities)), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) for _, ident := range identities { @@ -519,7 +552,10 @@ func (p *IdentityPersister) CreateIdentities(ctx context.Context, identities ... } func (p *IdentityPersister) HydrateIdentityAssociations(ctx context.Context, i *identity.Identity, expand identity.Expandables) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.HydrateIdentityAssociations") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.HydrateIdentityAssociations", + trace.WithAttributes( + attribute.Stringer("identity.id", i.ID), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) var ( @@ -718,7 +754,7 @@ func (p *IdentityPersister) ListIdentities(ctx context.Context, params identity. ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListIdentities", trace.WithAttributes(append( paginationAttributes(¶ms, paginator), - attribute.String("network.id", p.NetworkID(ctx).String()))...)) + attribute.Stringer("network.id", p.NetworkID(ctx)))...)) defer otelx.End(span, &err) nid := p.NetworkID(ctx) @@ -878,7 +914,10 @@ func (p *IdentityPersister) ListIdentities(ctx context.Context, params identity. } func (p *IdentityPersister) UpdateIdentity(ctx context.Context, i *identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateIdentity") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateIdentity", + trace.WithAttributes( + attribute.Stringer("identity.id", i.ID), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) if err := p.validateIdentity(ctx, i); err != nil { @@ -915,7 +954,10 @@ func (p *IdentityPersister) UpdateIdentity(ctx context.Context, i *identity.Iden } func (p *IdentityPersister) DeleteIdentity(ctx context.Context, id uuid.UUID) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteIdentity") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteIdentity", + trace.WithAttributes( + attribute.Stringer("identity.id", id), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) nid := p.NetworkID(ctx) @@ -933,15 +975,13 @@ func (p *IdentityPersister) DeleteIdentity(ctx context.Context, id uuid.UUID) (e } func (p *IdentityPersister) GetIdentity(ctx context.Context, id uuid.UUID, expand identity.Expandables) (_ *identity.Identity, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetIdentity") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetIdentity", + trace.WithAttributes( + attribute.Stringer("identity.id", id), + attribute.Stringer("network.id", p.NetworkID(ctx)), + attribute.StringSlice("expand", expand.ToEager()))) defer otelx.End(span, &err) - span.SetAttributes( - attribute.String("identity.id", id.String()), - attribute.StringSlice("expand", expand.ToEager()), - attribute.String("network.id", p.NetworkID(ctx).String()), - ) - var i identity.Identity if err := p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&i); err != nil { return nil, sqlcon.HandleError(err) @@ -962,7 +1002,9 @@ func (p *IdentityPersister) GetIdentityConfidential(ctx context.Context, id uuid } func (p *IdentityPersister) FindVerifiableAddressByValue(ctx context.Context, via string, value string) (_ *identity.VerifiableAddress, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindVerifiableAddressByValue") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindVerifiableAddressByValue", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) otelx.End(span, &err) var address identity.VerifiableAddress @@ -974,7 +1016,9 @@ func (p *IdentityPersister) FindVerifiableAddressByValue(ctx context.Context, vi } func (p *IdentityPersister) FindRecoveryAddressByValue(ctx context.Context, via identity.RecoveryAddressType, value string) (_ *identity.RecoveryAddress, err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindRecoveryAddressByValue") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FindRecoveryAddressByValue", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) var address identity.RecoveryAddress @@ -986,7 +1030,9 @@ func (p *IdentityPersister) FindRecoveryAddressByValue(ctx context.Context, via } func (p *IdentityPersister) VerifyAddress(ctx context.Context, code string) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.VerifyAddress") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.VerifyAddress", + trace.WithAttributes( + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) newCode, err := otp.New() @@ -1019,7 +1065,10 @@ func (p *IdentityPersister) VerifyAddress(ctx context.Context, code string) (err } func (p *IdentityPersister) UpdateVerifiableAddress(ctx context.Context, address *identity.VerifiableAddress) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateVerifiableAddress") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateVerifiableAddress", + trace.WithAttributes( + attribute.Stringer("identity.id", address.IdentityID), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) address.NID = p.NetworkID(ctx) @@ -1028,7 +1077,10 @@ func (p *IdentityPersister) UpdateVerifiableAddress(ctx context.Context, address } func (p *IdentityPersister) validateIdentity(ctx context.Context, i *identity.Identity) (err error) { - ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.validateIdentity") + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.validateIdentity", + trace.WithAttributes( + attribute.Stringer("identity.id", i.ID), + attribute.Stringer("network.id", p.NetworkID(ctx)))) defer otelx.End(span, &err) if err := p.r.IdentityValidator().ValidateWithRunner(ctx, i); err != nil { diff --git a/persistence/sql/persister.go b/persistence/sql/persister.go index fa553cd559f5..99990b7ace91 100644 --- a/persistence/sql/persister.go +++ b/persistence/sql/persister.go @@ -25,6 +25,7 @@ import ( "github.com/ory/kratos/x" "github.com/ory/x/contextx" "github.com/ory/x/networkx" + "github.com/ory/x/otelx" "github.com/ory/x/popx" ) @@ -136,9 +137,9 @@ func (p *Persister) Connection(ctx context.Context) *pop.Connection { return p.c.WithContext(ctx) } -func (p *Persister) MigrationStatus(ctx context.Context) (popx.MigrationStatuses, error) { +func (p *Persister) MigrationStatus(ctx context.Context) (_ popx.MigrationStatuses, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.MigrationStatus") - defer span.End() + defer otelx.End(span, &err) if p.mbs != nil { return p.mbs, nil diff --git a/persistence/sql/persister_code.go b/persistence/sql/persister_code.go index 3b8103a36361..31e0b80dc2d2 100644 --- a/persistence/sql/persister_code.go +++ b/persistence/sql/persister_code.go @@ -14,6 +14,7 @@ import ( "github.com/pkg/errors" "github.com/ory/kratos/selfservice/strategy/code" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) @@ -39,9 +40,10 @@ func withCheckIdentityID(id uuid.UUID) codeOption { func useOneTimeCode[P any, U interface { *P oneTimeCodeProvider -}](ctx context.Context, p *Persister, flowID uuid.UUID, userProvidedCode string, flowTableName string, foreignKeyName string, opts ...codeOption) (U, error) { +}](ctx context.Context, p *Persister, flowID uuid.UUID, userProvidedCode string, flowTableName string, foreignKeyName string, opts ...codeOption, +) (_ U, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.useOneTimeCode") - defer span.End() + defer otelx.End(span, &err) o := new(codeOptions) for _, opt := range opts { diff --git a/persistence/sql/persister_continuity.go b/persistence/sql/persister_continuity.go index a8759f56d8bd..73078784766c 100644 --- a/persistence/sql/persister_continuity.go +++ b/persistence/sql/persister_continuity.go @@ -12,6 +12,7 @@ import ( "github.com/gofrs/uuid" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/continuity" @@ -19,17 +20,17 @@ import ( var _ continuity.Persister = new(Persister) -func (p *Persister) SaveContinuitySession(ctx context.Context, c *continuity.Container) error { +func (p *Persister) SaveContinuitySession(ctx context.Context, c *continuity.Container) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.SaveContinuitySession") - defer span.End() + defer otelx.End(span, &err) c.NID = p.NetworkID(ctx) return sqlcon.HandleError(p.GetConnection(ctx).Create(c)) } -func (p *Persister) GetContinuitySession(ctx context.Context, id uuid.UUID) (*continuity.Container, error) { +func (p *Persister) GetContinuitySession(ctx context.Context, id uuid.UUID) (_ *continuity.Container, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetContinuitySession") - defer span.End() + defer otelx.End(span, &err) var c continuity.Container if err := p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&c); err != nil { @@ -38,9 +39,9 @@ func (p *Persister) GetContinuitySession(ctx context.Context, id uuid.UUID) (*co return &c, nil } -func (p *Persister) DeleteContinuitySession(ctx context.Context, id uuid.UUID) error { +func (p *Persister) DeleteContinuitySession(ctx context.Context, id uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteContinuitySession") - defer span.End() + defer otelx.End(span, &err) if count, err := p.GetConnection(ctx).RawQuery( //#nosec G201 -- TableName is static @@ -53,9 +54,11 @@ func (p *Persister) DeleteContinuitySession(ctx context.Context, id uuid.UUID) e return nil } -func (p *Persister) DeleteExpiredContinuitySessions(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredContinuitySessions(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredContinuitySessions") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(continuity.Container).TableName(ctx), new(continuity.Container).TableName(ctx), diff --git a/persistence/sql/persister_courier.go b/persistence/sql/persister_courier.go index 437d9132e1d0..456efea4fe70 100644 --- a/persistence/sql/persister_courier.go +++ b/persistence/sql/persister_courier.go @@ -13,6 +13,7 @@ import ( "github.com/pkg/errors" "github.com/ory/herodot" + "github.com/ory/x/otelx" "github.com/ory/x/pagination/keysetpagination" "github.com/ory/x/sqlcon" "github.com/ory/x/uuidx" @@ -23,18 +24,18 @@ import ( var _ courier.Persister = new(Persister) -func (p *Persister) AddMessage(ctx context.Context, m *courier.Message) error { +func (p *Persister) AddMessage(ctx context.Context, m *courier.Message) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.AddMessage") - defer span.End() + defer otelx.End(span, &err) m.NID = p.NetworkID(ctx) m.Status = courier.MessageStatusQueued return sqlcon.HandleError(p.GetConnection(ctx).Create(m)) // do not create eager to avoid identity injection. } -func (p *Persister) ListMessages(ctx context.Context, filter courier.ListCourierMessagesParameters, opts []keysetpagination.Option) ([]courier.Message, int64, *keysetpagination.Paginator, error) { +func (p *Persister) ListMessages(ctx context.Context, filter courier.ListCourierMessagesParameters, opts []keysetpagination.Option) (_ []courier.Message, _ int64, _ *keysetpagination.Paginator, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ListMessages") - defer span.End() + defer otelx.End(span, &err) q := p.GetConnection(ctx).Where("nid=?", p.NetworkID(ctx)) @@ -68,7 +69,7 @@ func (p *Persister) ListMessages(ctx context.Context, filter courier.ListCourier func (p *Persister) NextMessages(ctx context.Context, limit uint8) (messages []courier.Message, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.NextMessages") - defer span.End() + defer otelx.End(span, &err) if err := p.Transaction(ctx, func(ctx context.Context, tx *pop.Connection) error { var m []courier.Message @@ -111,9 +112,9 @@ func (p *Persister) NextMessages(ctx context.Context, limit uint8) (messages []c return messages, nil } -func (p *Persister) LatestQueuedMessage(ctx context.Context) (*courier.Message, error) { +func (p *Persister) LatestQueuedMessage(ctx context.Context) (_ *courier.Message, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.LatestQueuedMessage") - defer span.End() + defer otelx.End(span, &err) var m courier.Message if err := p.GetConnection(ctx). @@ -132,9 +133,9 @@ func (p *Persister) LatestQueuedMessage(ctx context.Context) (*courier.Message, return &m, nil } -func (p *Persister) SetMessageStatus(ctx context.Context, id uuid.UUID, ms courier.MessageStatus) error { +func (p *Persister) SetMessageStatus(ctx context.Context, id uuid.UUID, ms courier.MessageStatus) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.SetMessageStatus") - defer span.End() + defer otelx.End(span, &err) count, err := p.GetConnection(ctx).RawQuery( "UPDATE courier_messages SET status = ? WHERE id = ? AND nid = ?", @@ -153,16 +154,15 @@ func (p *Persister) SetMessageStatus(ctx context.Context, id uuid.UUID, ms couri return nil } -func (p *Persister) IncrementMessageSendCount(ctx context.Context, id uuid.UUID) error { +func (p *Persister) IncrementMessageSendCount(ctx context.Context, id uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.SetMessageStatus") - defer span.End() + defer otelx.End(span, &err) count, err := p.GetConnection(ctx).RawQuery( "UPDATE courier_messages SET send_count = send_count + 1 WHERE id = ? AND nid = ?", id, p.NetworkID(ctx), ).ExecWithCount() - if err != nil { return sqlcon.HandleError(err) } @@ -174,9 +174,9 @@ func (p *Persister) IncrementMessageSendCount(ctx context.Context, id uuid.UUID) return nil } -func (p *Persister) FetchMessage(ctx context.Context, msgID uuid.UUID) (*courier.Message, error) { +func (p *Persister) FetchMessage(ctx context.Context, msgID uuid.UUID) (_ *courier.Message, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.FetchMessage") - defer span.End() + defer otelx.End(span, &err) var message courier.Message if err := p.GetConnection(ctx). @@ -191,7 +191,7 @@ func (p *Persister) FetchMessage(ctx context.Context, msgID uuid.UUID) (*courier func (p *Persister) RecordDispatch(ctx context.Context, msgID uuid.UUID, status courier.CourierMessageDispatchStatus, err error) error { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.RecordDispatch") - defer span.End() + defer otelx.End(span, &err) dispatch := courier.MessageDispatch{ ID: uuidx.NewV4(), diff --git a/persistence/sql/persister_login.go b/persistence/sql/persister_login.go index ec1da55babbb..ec3bf522ef7d 100644 --- a/persistence/sql/persister_login.go +++ b/persistence/sql/persister_login.go @@ -11,6 +11,7 @@ import ( "github.com/gobuffalo/pop/v6" "github.com/gofrs/uuid" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/persistence/sql/update" @@ -19,18 +20,18 @@ import ( var _ login.FlowPersister = new(Persister) -func (p *Persister) CreateLoginFlow(ctx context.Context, r *login.Flow) error { +func (p *Persister) CreateLoginFlow(ctx context.Context, r *login.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateLoginFlow") - defer span.End() + defer otelx.End(span, &err) r.NID = p.NetworkID(ctx) r.EnsureInternalContext() return p.GetConnection(ctx).Create(r) } -func (p *Persister) UpdateLoginFlow(ctx context.Context, r *login.Flow) error { +func (p *Persister) UpdateLoginFlow(ctx context.Context, r *login.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateLoginFlow") - defer span.End() + defer otelx.End(span, &err) r.EnsureInternalContext() cp := *r @@ -38,9 +39,9 @@ func (p *Persister) UpdateLoginFlow(ctx context.Context, r *login.Flow) error { return update.Generic(ctx, p.GetConnection(ctx), p.r.Tracer(ctx).Tracer(), cp) } -func (p *Persister) GetLoginFlow(ctx context.Context, id uuid.UUID) (*login.Flow, error) { +func (p *Persister) GetLoginFlow(ctx context.Context, id uuid.UUID) (_ *login.Flow, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetLoginFlow") - defer span.End() + defer otelx.End(span, &err) conn := p.GetConnection(ctx) @@ -52,9 +53,9 @@ func (p *Persister) GetLoginFlow(ctx context.Context, id uuid.UUID) (*login.Flow return &r, nil } -func (p *Persister) ForceLoginFlow(ctx context.Context, id uuid.UUID) error { +func (p *Persister) ForceLoginFlow(ctx context.Context, id uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.ForceLoginFlow") - defer span.End() + defer otelx.End(span, &err) return p.Transaction(ctx, func(ctx context.Context, tx *pop.Connection) error { lr, err := p.GetLoginFlow(ctx, id) @@ -67,9 +68,11 @@ func (p *Persister) ForceLoginFlow(ctx context.Context, id uuid.UUID) error { }) } -func (p *Persister) DeleteExpiredLoginFlows(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredLoginFlows(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredLoginFlows") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(login.Flow).TableName(ctx), new(login.Flow).TableName(ctx), diff --git a/persistence/sql/persister_login_code.go b/persistence/sql/persister_login_code.go index 3d5dd027826d..808e65b9d2a4 100644 --- a/persistence/sql/persister_login_code.go +++ b/persistence/sql/persister_login_code.go @@ -11,12 +11,13 @@ import ( "github.com/ory/kratos/selfservice/flow/login" "github.com/ory/kratos/selfservice/strategy/code" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) -func (p *Persister) CreateLoginCode(ctx context.Context, params *code.CreateLoginCodeParams) (*code.LoginCode, error) { +func (p *Persister) CreateLoginCode(ctx context.Context, params *code.CreateLoginCodeParams) (_ *code.LoginCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateLoginCode") - defer span.End() + defer otelx.End(span, &err) now := time.Now().UTC() loginCode := &code.LoginCode{ @@ -38,9 +39,9 @@ func (p *Persister) CreateLoginCode(ctx context.Context, params *code.CreateLogi return loginCode, nil } -func (p *Persister) UseLoginCode(ctx context.Context, flowID uuid.UUID, identityID uuid.UUID, userProvidedCode string) (*code.LoginCode, error) { +func (p *Persister) UseLoginCode(ctx context.Context, flowID uuid.UUID, identityID uuid.UUID, userProvidedCode string) (_ *code.LoginCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseLoginCode") - defer span.End() + defer otelx.End(span, &err) codeRow, err := useOneTimeCode[code.LoginCode, *code.LoginCode](ctx, p, flowID, userProvidedCode, new(login.Flow).TableName(ctx), "selfservice_login_flow_id", withCheckIdentityID(identityID)) if err != nil { @@ -50,9 +51,9 @@ func (p *Persister) UseLoginCode(ctx context.Context, flowID uuid.UUID, identity return codeRow, nil } -func (p *Persister) GetUsedLoginCode(ctx context.Context, flowID uuid.UUID) (*code.LoginCode, error) { +func (p *Persister) GetUsedLoginCode(ctx context.Context, flowID uuid.UUID) (_ *code.LoginCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetUsedLoginCode") - defer span.End() + defer otelx.End(span, &err) var loginCode code.LoginCode if err := p.Connection(ctx).Where("selfservice_login_flow_id = ? AND nid = ? AND used_at IS NOT NULL", flowID, p.NetworkID(ctx)).First(&loginCode); err != nil { @@ -61,9 +62,9 @@ func (p *Persister) GetUsedLoginCode(ctx context.Context, flowID uuid.UUID) (*co return &loginCode, nil } -func (p *Persister) DeleteLoginCodesOfFlow(ctx context.Context, flowID uuid.UUID) error { +func (p *Persister) DeleteLoginCodesOfFlow(ctx context.Context, flowID uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteLoginCodesOfFlow") - defer span.End() + defer otelx.End(span, &err) return p.GetConnection(ctx).Where("selfservice_login_flow_id = ? AND nid = ?", flowID, p.NetworkID(ctx)).Delete(&code.LoginCode{}) } diff --git a/persistence/sql/persister_recovery.go b/persistence/sql/persister_recovery.go index 8ac81cd009a5..468ba5a2b144 100644 --- a/persistence/sql/persister_recovery.go +++ b/persistence/sql/persister_recovery.go @@ -17,6 +17,7 @@ import ( "github.com/ory/kratos/persistence/sql/update" "github.com/ory/kratos/selfservice/flow/recovery" "github.com/ory/kratos/selfservice/strategy/link" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) @@ -25,17 +26,17 @@ var ( _ link.RecoveryTokenPersister = new(Persister) ) -func (p *Persister) CreateRecoveryFlow(ctx context.Context, r *recovery.Flow) error { +func (p *Persister) CreateRecoveryFlow(ctx context.Context, r *recovery.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateRecoveryFlow") - defer span.End() + defer otelx.End(span, &err) r.NID = p.NetworkID(ctx) return p.GetConnection(ctx).Create(r) } -func (p *Persister) GetRecoveryFlow(ctx context.Context, id uuid.UUID) (*recovery.Flow, error) { +func (p *Persister) GetRecoveryFlow(ctx context.Context, id uuid.UUID) (_ *recovery.Flow, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetRecoveryFlow") - defer span.End() + defer otelx.End(span, &err) var r recovery.Flow if err := p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&r); err != nil { @@ -45,18 +46,18 @@ func (p *Persister) GetRecoveryFlow(ctx context.Context, id uuid.UUID) (*recover return &r, nil } -func (p *Persister) UpdateRecoveryFlow(ctx context.Context, r *recovery.Flow) error { +func (p *Persister) UpdateRecoveryFlow(ctx context.Context, r *recovery.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateRecoveryFlow") - defer span.End() + defer otelx.End(span, &err) cp := *r cp.NID = p.NetworkID(ctx) return update.Generic(ctx, p.GetConnection(ctx), p.r.Tracer(ctx).Tracer(), cp) } -func (p *Persister) CreateRecoveryToken(ctx context.Context, token *link.RecoveryToken) error { +func (p *Persister) CreateRecoveryToken(ctx context.Context, token *link.RecoveryToken) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateRecoveryToken") - defer span.End() + defer otelx.End(span, &err) t := token.Token token.Token = p.hmacValue(ctx, t) @@ -72,9 +73,9 @@ func (p *Persister) CreateRecoveryToken(ctx context.Context, token *link.Recover return nil } -func (p *Persister) UseRecoveryToken(ctx context.Context, fID uuid.UUID, token string) (*link.RecoveryToken, error) { +func (p *Persister) UseRecoveryToken(ctx context.Context, fID uuid.UUID, token string) (_ *link.RecoveryToken, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseRecoveryToken") - defer span.End() + defer otelx.End(span, &err) var rt link.RecoveryToken @@ -110,17 +111,19 @@ func (p *Persister) UseRecoveryToken(ctx context.Context, fID uuid.UUID, token s return &rt, nil } -func (p *Persister) DeleteRecoveryToken(ctx context.Context, token string) error { +func (p *Persister) DeleteRecoveryToken(ctx context.Context, token string) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteRecoveryToken") - defer span.End() + defer otelx.End(span, &err) //#nosec G201 -- TableName is static return p.GetConnection(ctx).RawQuery(fmt.Sprintf("DELETE FROM %s WHERE token=? AND nid = ?", new(link.RecoveryToken).TableName(ctx)), token, p.NetworkID(ctx)).Exec() } -func (p *Persister) DeleteExpiredRecoveryFlows(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredRecoveryFlows(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredRecoveryFlows") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(recovery.Flow).TableName(ctx), new(recovery.Flow).TableName(ctx), diff --git a/persistence/sql/persister_recovery_code.go b/persistence/sql/persister_recovery_code.go index 725b9578a205..9dc4dd26bb83 100644 --- a/persistence/sql/persister_recovery_code.go +++ b/persistence/sql/persister_recovery_code.go @@ -13,12 +13,13 @@ import ( "github.com/ory/kratos/identity" "github.com/ory/kratos/selfservice/flow/recovery" "github.com/ory/kratos/selfservice/strategy/code" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) -func (p *Persister) CreateRecoveryCode(ctx context.Context, params *code.CreateRecoveryCodeParams) (*code.RecoveryCode, error) { +func (p *Persister) CreateRecoveryCode(ctx context.Context, params *code.CreateRecoveryCodeParams) (_ *code.RecoveryCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateRecoveryCode") - defer span.End() + defer otelx.End(span, &err) now := time.Now() recoveryCode := &code.RecoveryCode{ @@ -53,9 +54,9 @@ func (p *Persister) CreateRecoveryCode(ctx context.Context, params *code.CreateR // // If the supplied code matched a code from the flow, no error is returned // If an invalid code was submitted with this flow more than 5 times, an error is returned -func (p *Persister) UseRecoveryCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string) (*code.RecoveryCode, error) { +func (p *Persister) UseRecoveryCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string) (_ *code.RecoveryCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseRecoveryCode") - defer span.End() + defer otelx.End(span, &err) codeRow, err := useOneTimeCode[code.RecoveryCode, *code.RecoveryCode](ctx, p, flowID, userProvidedCode, new(recovery.Flow).TableName(ctx), "selfservice_recovery_flow_id") if err != nil { @@ -76,9 +77,9 @@ func (p *Persister) UseRecoveryCode(ctx context.Context, flowID uuid.UUID, userP return codeRow, nil } -func (p *Persister) DeleteRecoveryCodesOfFlow(ctx context.Context, flowID uuid.UUID) error { +func (p *Persister) DeleteRecoveryCodesOfFlow(ctx context.Context, flowID uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteRecoveryCodesOfFlow") - defer span.End() + defer otelx.End(span, &err) return p.GetConnection(ctx).Where("selfservice_recovery_flow_id = ? AND nid = ?", flowID, p.NetworkID(ctx)).Delete(&code.RecoveryCode{}) } diff --git a/persistence/sql/persister_registration.go b/persistence/sql/persister_registration.go index fe7e25ceeac3..00eb08780ced 100644 --- a/persistence/sql/persister_registration.go +++ b/persistence/sql/persister_registration.go @@ -10,24 +10,25 @@ import ( "github.com/gofrs/uuid" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/persistence/sql/update" "github.com/ory/kratos/selfservice/flow/registration" ) -func (p *Persister) CreateRegistrationFlow(ctx context.Context, r *registration.Flow) error { +func (p *Persister) CreateRegistrationFlow(ctx context.Context, r *registration.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateRegistrationFlow") - defer span.End() + defer otelx.End(span, &err) r.NID = p.NetworkID(ctx) r.EnsureInternalContext() return p.GetConnection(ctx).Create(r) } -func (p *Persister) UpdateRegistrationFlow(ctx context.Context, r *registration.Flow) error { +func (p *Persister) UpdateRegistrationFlow(ctx context.Context, r *registration.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateRegistrationFlow") - defer span.End() + defer otelx.End(span, &err) r.EnsureInternalContext() cp := *r @@ -35,9 +36,9 @@ func (p *Persister) UpdateRegistrationFlow(ctx context.Context, r *registration. return update.Generic(ctx, p.GetConnection(ctx), p.r.Tracer(ctx).Tracer(), cp) } -func (p *Persister) GetRegistrationFlow(ctx context.Context, id uuid.UUID) (*registration.Flow, error) { +func (p *Persister) GetRegistrationFlow(ctx context.Context, id uuid.UUID) (_ *registration.Flow, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetRegistrationFlow") - defer span.End() + defer otelx.End(span, &err) var r registration.Flow if err := p.GetConnection(ctx).Where("id = ? AND nid = ?", @@ -48,9 +49,11 @@ func (p *Persister) GetRegistrationFlow(ctx context.Context, id uuid.UUID) (*reg return &r, nil } -func (p *Persister) DeleteExpiredRegistrationFlows(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredRegistrationFlows(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredRegistrationFlows") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(registration.Flow).TableName(ctx), new(registration.Flow).TableName(ctx), diff --git a/persistence/sql/persister_registration_code.go b/persistence/sql/persister_registration_code.go index 29d1af549467..095cb45156ba 100644 --- a/persistence/sql/persister_registration_code.go +++ b/persistence/sql/persister_registration_code.go @@ -13,12 +13,13 @@ import ( "github.com/ory/kratos/selfservice/flow/registration" "github.com/ory/kratos/selfservice/strategy/code" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) -func (p *Persister) CreateRegistrationCode(ctx context.Context, params *code.CreateRegistrationCodeParams) (*code.RegistrationCode, error) { +func (p *Persister) CreateRegistrationCode(ctx context.Context, params *code.CreateRegistrationCodeParams) (_ *code.RegistrationCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateRegistrationCode") - defer span.End() + defer otelx.End(span, &err) now := time.Now().UTC() registrationCode := &code.RegistrationCode{ @@ -39,9 +40,9 @@ func (p *Persister) CreateRegistrationCode(ctx context.Context, params *code.Cre return registrationCode, nil } -func (p *Persister) UseRegistrationCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string, addresses ...string) (*code.RegistrationCode, error) { +func (p *Persister) UseRegistrationCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string, addresses ...string) (_ *code.RegistrationCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseRegistrationCode") - defer span.End() + defer otelx.End(span, &err) codeRow, err := useOneTimeCode[code.RegistrationCode, *code.RegistrationCode](ctx, p, flowID, userProvidedCode, new(registration.Flow).TableName(ctx), "selfservice_registration_flow_id") if err != nil { @@ -56,9 +57,9 @@ func (p *Persister) UseRegistrationCode(ctx context.Context, flowID uuid.UUID, u return codeRow, nil } -func (p *Persister) GetUsedRegistrationCode(ctx context.Context, flowID uuid.UUID) (*code.RegistrationCode, error) { +func (p *Persister) GetUsedRegistrationCode(ctx context.Context, flowID uuid.UUID) (_ *code.RegistrationCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetUsedRegistrationCode") - defer span.End() + defer otelx.End(span, &err) var registrationCode code.RegistrationCode if err := p.Connection(ctx).Where("selfservice_registration_flow_id = ? AND used_at IS NOT NULL AND nid = ?", flowID, p.NetworkID(ctx)).First(®istrationCode); err != nil { @@ -68,9 +69,9 @@ func (p *Persister) GetUsedRegistrationCode(ctx context.Context, flowID uuid.UUI return ®istrationCode, nil } -func (p *Persister) DeleteRegistrationCodesOfFlow(ctx context.Context, flowID uuid.UUID) error { +func (p *Persister) DeleteRegistrationCodesOfFlow(ctx context.Context, flowID uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteRegistrationCodesOfFlow") - defer span.End() + defer otelx.End(span, &err) return p.GetConnection(ctx).Where("selfservice_registration_flow_id = ? AND nid = ?", flowID, p.NetworkID(ctx)).Delete(&code.RegistrationCode{}) } diff --git a/persistence/sql/persister_settings.go b/persistence/sql/persister_settings.go index 51be36725cbf..8800d55a26d2 100644 --- a/persistence/sql/persister_settings.go +++ b/persistence/sql/persister_settings.go @@ -13,6 +13,7 @@ import ( "github.com/gofrs/uuid" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/selfservice/flow/settings" @@ -20,22 +21,22 @@ import ( var _ settings.FlowPersister = new(Persister) -func (p *Persister) CreateSettingsFlow(ctx context.Context, r *settings.Flow) error { +func (p *Persister) CreateSettingsFlow(ctx context.Context, r *settings.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateSettingsFlow") - defer span.End() + defer otelx.End(span, &err) r.NID = p.NetworkID(ctx) r.EnsureInternalContext() return sqlcon.HandleError(p.GetConnection(ctx).Create(r)) } -func (p *Persister) GetSettingsFlow(ctx context.Context, id uuid.UUID) (*settings.Flow, error) { +func (p *Persister) GetSettingsFlow(ctx context.Context, id uuid.UUID) (_ *settings.Flow, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetSettingsFlow") - defer span.End() + defer otelx.End(span, &err) var r settings.Flow - err := p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&r) + err = p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&r) if err != nil { return nil, sqlcon.HandleError(err) } @@ -48,9 +49,9 @@ func (p *Persister) GetSettingsFlow(ctx context.Context, id uuid.UUID) (*setting return &r, nil } -func (p *Persister) UpdateSettingsFlow(ctx context.Context, r *settings.Flow) error { +func (p *Persister) UpdateSettingsFlow(ctx context.Context, r *settings.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateSettingsFlow") - defer span.End() + defer otelx.End(span, &err) r.EnsureInternalContext() cp := *r @@ -58,9 +59,11 @@ func (p *Persister) UpdateSettingsFlow(ctx context.Context, r *settings.Flow) er return update.Generic(ctx, p.GetConnection(ctx), p.r.Tracer(ctx).Tracer(), cp) } -func (p *Persister) DeleteExpiredSettingsFlows(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredSettingsFlows(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredSettingsFlows") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(settings.Flow).TableName(ctx), new(settings.Flow).TableName(ctx), diff --git a/persistence/sql/persister_verification.go b/persistence/sql/persister_verification.go index b2f19f94726b..8d983ed1635d 100644 --- a/persistence/sql/persister_verification.go +++ b/persistence/sql/persister_verification.go @@ -16,6 +16,7 @@ import ( "github.com/gobuffalo/pop/v6" "github.com/gofrs/uuid" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/selfservice/flow/verification" @@ -24,9 +25,9 @@ import ( var _ verification.FlowPersister = new(Persister) -func (p *Persister) CreateVerificationFlow(ctx context.Context, r *verification.Flow) error { +func (p *Persister) CreateVerificationFlow(ctx context.Context, r *verification.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateVerificationFlow") - defer span.End() + defer otelx.End(span, &err) r.NID = p.NetworkID(ctx) // This should not create the request eagerly because otherwise we might accidentally create an address @@ -34,9 +35,9 @@ func (p *Persister) CreateVerificationFlow(ctx context.Context, r *verification. return p.GetConnection(ctx).Create(r) } -func (p *Persister) GetVerificationFlow(ctx context.Context, id uuid.UUID) (*verification.Flow, error) { +func (p *Persister) GetVerificationFlow(ctx context.Context, id uuid.UUID) (_ *verification.Flow, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.GetVerificationFlow") - defer span.End() + defer otelx.End(span, &err) var r verification.Flow if err := p.GetConnection(ctx).Where("id = ? AND nid = ?", id, p.NetworkID(ctx)).First(&r); err != nil { @@ -46,18 +47,18 @@ func (p *Persister) GetVerificationFlow(ctx context.Context, id uuid.UUID) (*ver return &r, nil } -func (p *Persister) UpdateVerificationFlow(ctx context.Context, r *verification.Flow) error { +func (p *Persister) UpdateVerificationFlow(ctx context.Context, r *verification.Flow) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UpdateVerificationFlow") - defer span.End() + defer otelx.End(span, &err) cp := *r cp.NID = p.NetworkID(ctx) return update.Generic(ctx, p.GetConnection(ctx), p.r.Tracer(ctx).Tracer(), cp) } -func (p *Persister) CreateVerificationToken(ctx context.Context, token *link.VerificationToken) error { +func (p *Persister) CreateVerificationToken(ctx context.Context, token *link.VerificationToken) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateVerificationToken") - defer span.End() + defer otelx.End(span, &err) t := token.Token token.Token = p.hmacValue(ctx, t) @@ -72,9 +73,9 @@ func (p *Persister) CreateVerificationToken(ctx context.Context, token *link.Ver return nil } -func (p *Persister) UseVerificationToken(ctx context.Context, fID uuid.UUID, token string) (*link.VerificationToken, error) { +func (p *Persister) UseVerificationToken(ctx context.Context, fID uuid.UUID, token string) (_ *link.VerificationToken, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseVerificationToken") - defer span.End() + defer otelx.End(span, &err) var rt link.VerificationToken @@ -109,18 +110,20 @@ func (p *Persister) UseVerificationToken(ctx context.Context, fID uuid.UUID, tok return &rt, nil } -func (p *Persister) DeleteVerificationToken(ctx context.Context, token string) error { +func (p *Persister) DeleteVerificationToken(ctx context.Context, token string) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteVerificationToken") - defer span.End() + defer otelx.End(span, &err) nid := p.NetworkID(ctx) //#nosec G201 -- TableName is static return p.GetConnection(ctx).RawQuery(fmt.Sprintf("DELETE FROM %s WHERE token=? AND nid = ?", new(link.VerificationToken).TableName(ctx)), token, nid).Exec() } -func (p *Persister) DeleteExpiredVerificationFlows(ctx context.Context, expiresAt time.Time, limit int) error { +func (p *Persister) DeleteExpiredVerificationFlows(ctx context.Context, expiresAt time.Time, limit int) (err error) { + ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteExpiredVerificationFlows") + defer otelx.End(span, &err) //#nosec G201 -- TableName is static - err := p.GetConnection(ctx).RawQuery(fmt.Sprintf( + err = p.GetConnection(ctx).RawQuery(fmt.Sprintf( "DELETE FROM %s WHERE id in (SELECT id FROM (SELECT id FROM %s c WHERE expires_at <= ? and nid = ? ORDER BY expires_at ASC LIMIT %d ) AS s )", new(verification.Flow).TableName(ctx), new(verification.Flow).TableName(ctx), diff --git a/persistence/sql/persister_verification_code.go b/persistence/sql/persister_verification_code.go index 0b469bad07ce..3c3fc6d9bed5 100644 --- a/persistence/sql/persister_verification_code.go +++ b/persistence/sql/persister_verification_code.go @@ -14,12 +14,13 @@ import ( "github.com/ory/kratos/identity" "github.com/ory/kratos/selfservice/flow/verification" "github.com/ory/kratos/selfservice/strategy/code" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) -func (p *Persister) CreateVerificationCode(ctx context.Context, params *code.CreateVerificationCodeParams) (*code.VerificationCode, error) { +func (p *Persister) CreateVerificationCode(ctx context.Context, params *code.CreateVerificationCodeParams) (_ *code.VerificationCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.CreateVerificationCode") - defer span.End() + defer otelx.End(span, &err) now := time.Now().UTC() verificationCode := &code.VerificationCode{ @@ -50,9 +51,9 @@ func (p *Persister) CreateVerificationCode(ctx context.Context, params *code.Cre return verificationCode, nil } -func (p *Persister) UseVerificationCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string) (*code.VerificationCode, error) { +func (p *Persister) UseVerificationCode(ctx context.Context, flowID uuid.UUID, userProvidedCode string) (_ *code.VerificationCode, err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.UseVerificationCode") - defer span.End() + defer otelx.End(span, &err) codeRow, err := useOneTimeCode[code.VerificationCode, *code.VerificationCode](ctx, p, flowID, userProvidedCode, new(verification.Flow).TableName(ctx), "selfservice_verification_flow_id") if err != nil { @@ -69,9 +70,9 @@ func (p *Persister) UseVerificationCode(ctx context.Context, flowID uuid.UUID, u return codeRow, nil } -func (p *Persister) DeleteVerificationCodesOfFlow(ctx context.Context, fID uuid.UUID) error { +func (p *Persister) DeleteVerificationCodesOfFlow(ctx context.Context, fID uuid.UUID) (err error) { ctx, span := p.r.Tracer(ctx).Tracer().Start(ctx, "persistence.sql.DeleteVerificationCodesOfFlow") - defer span.End() + defer otelx.End(span, &err) return p.GetConnection(ctx).Where("selfservice_verification_flow_id = ? AND nid = ?", fID, p.NetworkID(ctx)).Delete(&code.VerificationCode{}) } diff --git a/persistence/sql/update/update.go b/persistence/sql/update/update.go index 27bdf2c9cc93..d212b711c684 100644 --- a/persistence/sql/update/update.go +++ b/persistence/sql/update/update.go @@ -13,6 +13,7 @@ import ( "github.com/pkg/errors" "go.opentelemetry.io/otel/trace" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" ) @@ -21,9 +22,9 @@ type Model interface { GetNID() uuid.UUID } -func Generic(ctx context.Context, c *pop.Connection, tracer trace.Tracer, v Model, columnNames ...string) error { +func Generic(ctx context.Context, c *pop.Connection, tracer trace.Tracer, v Model, columnNames ...string) (err error) { ctx, span := tracer.Start(ctx, "persistence.sql.update") - defer span.End() + defer otelx.End(span, &err) quoter, ok := c.Dialect.(interface{ Quote(key string) string }) if !ok { diff --git a/request/builder.go b/request/builder.go index 458a16cef130..4651f64d43e2 100644 --- a/request/builder.go +++ b/request/builder.go @@ -85,9 +85,9 @@ func (b *Builder) addAuth() error { return nil } -func (b *Builder) addBody(ctx context.Context, body interface{}) error { +func (b *Builder) addBody(ctx context.Context, body interface{}) (err error) { ctx, span := b.deps.Tracer(ctx).Tracer().Start(ctx, "request.Builder.addBody") - defer span.End() + defer otelx.End(span, &err) if isNilInterface(body) { return nil diff --git a/selfservice/hook/web_hook.go b/selfservice/hook/web_hook.go index 5c9aa31e92fa..cbb9f0a0b0d4 100644 --- a/selfservice/hook/web_hook.go +++ b/selfservice/hook/web_hook.go @@ -9,7 +9,6 @@ import ( "fmt" "io" "net/http" - "net/http/httputil" "time" "github.com/dgraph-io/ristretto" @@ -516,6 +515,7 @@ func isTimeoutError(err error) bool { } func instrumentHTTPClientForEvents(ctx context.Context, httpClient *retryablehttp.Client) { + // TODO(@alnr): improve this implementation to redact sensitive data var ( attempt = 0 requestID uuid.UUID @@ -525,12 +525,16 @@ func instrumentHTTPClientForEvents(ctx context.Context, httpClient *retryablehtt attempt = retryNumber + 1 requestID = uuid.Must(uuid.NewV4()) req.Header.Set("Ory-Webhook-Request-ID", requestID.String()) - reqBody, _ = httputil.DumpRequestOut(req, true) + // TODO(@alnr): redact sensitive data + // reqBody, _ = httputil.DumpRequestOut(req, true) + reqBody = []byte("") } httpClient.ResponseLogHook = func(_ retryablehttp.Logger, res *http.Response) { - res.Body = io.NopCloser(io.LimitReader(res.Body, 5<<20)) // read at most 5 MB from the response - resBody, _ := httputil.DumpResponse(res, true) - resBody = resBody[:min(len(resBody), 2<<10)] // truncate response body to 2 kB for event + // res.Body = io.NopCloser(io.LimitReader(res.Body, 5<<20)) // read at most 5 MB from the response + // resBody, _ := httputil.DumpResponse(res, true) + // resBody = resBody[:min(len(resBody), 2<<10)] // truncate response body to 2 kB for event + // TODO(@alnr): redact sensitive data + resBody := []byte("") trace.SpanFromContext(ctx).AddEvent(events.NewWebhookDelivered(ctx, res.Request.URL, reqBody, res.StatusCode, resBody, attempt, requestID)) } } diff --git a/selfservice/strategy/code/code_sender.go b/selfservice/strategy/code/code_sender.go index ccc3330f9ba8..dd4e183a0c96 100644 --- a/selfservice/strategy/code/code_sender.go +++ b/selfservice/strategy/code/code_sender.go @@ -8,14 +8,12 @@ import ( "net/url" "github.com/gofrs/uuid" - "github.com/hashicorp/go-retryablehttp" "github.com/pkg/errors" "github.com/ory/herodot" "github.com/ory/kratos/courier/template/email" "github.com/ory/kratos/courier/template/sms" - "github.com/ory/x/httpx" "github.com/ory/x/sqlcon" "github.com/ory/x/stringsx" "github.com/ory/x/urlx" @@ -45,7 +43,7 @@ type ( RegistrationCodePersistenceProvider LoginCodePersistenceProvider - HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client + x.HTTPClientProvider } SenderProvider interface { CodeSender() *Sender diff --git a/selfservice/strategy/link/sender.go b/selfservice/strategy/link/sender.go index d58f167335d7..6660948f6b0d 100644 --- a/selfservice/strategy/link/sender.go +++ b/selfservice/strategy/link/sender.go @@ -7,12 +7,8 @@ import ( "context" "net/url" - "github.com/hashicorp/go-retryablehttp" - "github.com/ory/kratos/courier/template/email" - "github.com/ory/x/httpx" - "github.com/pkg/errors" "github.com/ory/x/sqlcon" @@ -40,7 +36,7 @@ type ( VerificationTokenPersistenceProvider RecoveryTokenPersistenceProvider - HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client + x.HTTPClientProvider } SenderProvider interface { LinkSender() *Sender diff --git a/selfservice/strategy/oidc/provider_linkedin_test.go b/selfservice/strategy/oidc/provider_linkedin_test.go index 501bb38d61ca..5eb7a629c7cc 100644 --- a/selfservice/strategy/oidc/provider_linkedin_test.go +++ b/selfservice/strategy/oidc/provider_linkedin_test.go @@ -10,6 +10,7 @@ import ( "testing" "time" + "github.com/hashicorp/go-retryablehttp" "github.com/jarcoal/httpmock" "github.com/stretchr/testify/assert" @@ -21,8 +22,10 @@ import ( ) func TestProviderLinkedin_Claims(t *testing.T) { - httpmock.Activate() - defer httpmock.DeactivateAndReset() + _, base := internal.NewFastRegistryWithMocks(t) + reg := &mockRegistry{base, retryablehttp.NewClient()} + httpmock.ActivateNonDefault(reg.cl.HTTPClient) + t.Cleanup(httpmock.DeactivateAndReset) httpmock.RegisterResponder("GET", "https://api.linkedin.com/v2/me?projection=(id,localizedFirstName,localizedLastName,profilePicture(displayImage~digitalmediaAsset:playableStreams))", func(req *http.Request) (*http.Response, error) { @@ -101,7 +104,6 @@ func TestProviderLinkedin_Claims(t *testing.T) { }, ) - _, reg := internal.NewFastRegistryWithMocks(t) c := &oidc.Configuration{ ID: "linkedin", Provider: "linkedin", @@ -131,8 +133,10 @@ func TestProviderLinkedin_Claims(t *testing.T) { } func TestProviderLinkedin_No_Picture(t *testing.T) { - httpmock.Activate() - defer httpmock.DeactivateAndReset() + _, base := internal.NewFastRegistryWithMocks(t) + reg := &mockRegistry{base, retryablehttp.NewClient()} + httpmock.ActivateNonDefault(reg.cl.HTTPClient) + t.Cleanup(httpmock.DeactivateAndReset) httpmock.RegisterResponder("GET", "https://api.linkedin.com/v2/me?projection=(id,localizedFirstName,localizedLastName,profilePicture(displayImage~digitalmediaAsset:playableStreams))", func(req *http.Request) (*http.Response, error) { @@ -176,7 +180,6 @@ func TestProviderLinkedin_No_Picture(t *testing.T) { }, ) - _, reg := internal.NewFastRegistryWithMocks(t) c := &oidc.Configuration{ ID: "linkedin", Provider: "linkedin", diff --git a/selfservice/strategy/oidc/strategy_login.go b/selfservice/strategy/oidc/strategy_login.go index 641b3d42b977..be3c6762e3e3 100644 --- a/selfservice/strategy/oidc/strategy_login.go +++ b/selfservice/strategy/oidc/strategy_login.go @@ -16,6 +16,7 @@ import ( "github.com/ory/kratos/session" "github.com/ory/kratos/ui/node" + "github.com/ory/x/otelx" "github.com/ory/x/sqlcon" "github.com/ory/kratos/selfservice/flow/registration" @@ -181,7 +182,7 @@ func (s *Strategy) processLogin(w http.ResponseWriter, r *http.Request, loginFlo func (s *Strategy) Login(w http.ResponseWriter, r *http.Request, f *login.Flow, _ *session.Session) (i *identity.Identity, err error) { ctx, span := s.d.Tracer(r.Context()).Tracer().Start(r.Context(), "selfservice.strategy.oidc.strategy.Login") - defer span.End() + defer otelx.End(span, &err) if err := login.CheckAAL(f, identity.AuthenticatorAssuranceLevel1); err != nil { return nil, err diff --git a/x/http.go b/x/http.go index 380ca14a1034..f0b3a34cd404 100644 --- a/x/http.go +++ b/x/http.go @@ -66,5 +66,5 @@ func AcceptsJSON(r *http.Request) bool { } type HTTPClientProvider interface { - HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client + HTTPClient(context.Context, ...httpx.ResilientOptions) *retryablehttp.Client }