Merge pull request #11 from rarimo/fix/log-with-body

add: request data to log in create-identity
rarimo · May 16, 2024 · 4f8ce46 · 4f8ce46
2 parents d9d0481 + bcb7c5d
commit 4f8ce46
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 24 deletions.
diff --git a/internal/service/api/handlers/create_identity.go b/internal/service/api/handlers/create_identity.go
@@ -9,6 +9,7 @@ import (
 	"crypto/sha256"
 	"encoding/asn1"
 	"encoding/hex"
+	"encoding/json"
 	"encoding/pem"
 	"fmt"
 	"math/big"
@@ -62,42 +63,50 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	rawReqData, err := json.Marshal(req.Data)
+	if err != nil {
+		Log(r).WithError(err).Error("failed to marshal create identity request")
+		ape.RenderErr(w, problems.InternalError())
+		return
+	}
+	log := Log(r).WithField("request_data", string(rawReqData))
+
 	algorithm := signatureAlgorithm(req.Data.DocumentSOD.Algorithm)
 	if algorithm == "" {
-		Log(r).WithError(fmt.Errorf("%s is not a valid algorithm", req.Data.DocumentSOD.Algorithm)).Error("failed to select signature algorithm")
+		log.WithError(fmt.Errorf("%s is not a valid algorithm", req.Data.DocumentSOD.Algorithm)).Error("failed to select signature algorithm")
 		ape.RenderErr(w, problems.BadRequest(fmt.Errorf("%s is not a valid algorithm", req.Data.DocumentSOD.Algorithm))...)
 		return
 	}
 
 	signedAttributes, err := hex.DecodeString(req.Data.DocumentSOD.SignedAttributes)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to decode hex string")
+		log.WithError(err).Error("failed to decode hex string")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
 
 	encapsulatedContent, err := hex.DecodeString(req.Data.DocumentSOD.EncapsulatedContent)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to decode hex string")
+		log.WithError(err).Error("failed to decode hex string")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
 
 	if err := validateSignedAttributes(signedAttributes, encapsulatedContent, algorithm); err != nil {
-		Log(r).WithError(err).Error("failed to validate signed attributes")
+		log.WithError(err).Error("failed to validate signed attributes")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	cert, err := parseCertificate([]byte(req.Data.DocumentSOD.PemFile))
 	if err != nil {
-		Log(r).WithError(err).Error("failed to parse certificate")
+		log.WithError(err).Error("failed to parse certificate")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	if err := verifySignature(req, cert, signedAttributes, algorithm); err != nil {
-		Log(r).WithError(err).Error("failed to verify signature")
+		log.WithError(err).Error("failed to verify signature")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
@@ -107,51 +116,51 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 	switch algorithm {
 	case SHA1withECDSA:
 		if err := verifier.VerifyGroth16(req.Data.ZKProof, cfg.VerificationKeys[SHA1]); err != nil {
-			Log(r).WithError(err).Error("failed to verify Groth16")
+			log.WithError(err).Error("failed to verify Groth16")
 			ape.RenderErr(w, problems.BadRequest(err)...)
 			return
 		}
 	case SHA256withRSA, SHA256withECDSA:
 		if err := verifier.VerifyGroth16(req.Data.ZKProof, cfg.VerificationKeys[SHA256]); err != nil {
-			Log(r).WithError(err).Error("failed to verify Groth16")
+			log.WithError(err).Error("failed to verify Groth16")
 			ape.RenderErr(w, problems.BadRequest(err)...)
 			return
 		}
 	default:
-		Log(r).WithField("algorithm", req.Data.DocumentSOD.Algorithm).Debug("invalid signature algorithm")
+		log.WithField("algorithm", req.Data.DocumentSOD.Algorithm).Debug("invalid signature algorithm")
 		ape.RenderErr(w, problems.BadRequest(errors.New("invalid signature algorithm"))...)
 		return
 	}
 
 	encapsulatedData := resources.EncapsulatedData{}
 	if _, err = asn1.Unmarshal(encapsulatedContent, &encapsulatedData); err != nil {
-		Log(r).WithError(err).Error("failed to unmarshal ASN.1")
+		log.WithError(err).Error("failed to unmarshal ASN.1")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	privateKey := make([]asn1.RawValue, 0)
 	if _, err = asn1.Unmarshal(encapsulatedData.PrivateKey.FullBytes, &privateKey); err != nil {
-		Log(r).WithError(err).Error("failed to unmarshal ASN.1")
+		log.WithError(err).Error("failed to unmarshal ASN.1")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	privKeyEl := resources.PrivateKeyElement{}
 	if _, err = asn1.Unmarshal(privateKey[0].FullBytes, &privKeyEl); err != nil {
-		Log(r).WithError(err).Error("failed to unmarshal ASN.1")
+		log.WithError(err).Error("failed to unmarshal ASN.1")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	if err := validatePubSignals(cfg, req.Data, privKeyEl.OctetStr.Bytes); err != nil {
-		Log(r).WithError(err).Error("failed to validate pub signals")
+		log.WithError(err).Error("failed to validate pub signals")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
 
 	if err := validateCert(cert, cfg.MasterCerts); err != nil {
-		Log(r).WithError(err).Error("failed to validate certificate")
+		log.WithError(err).Error("failed to validate certificate")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
@@ -162,7 +171,7 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 		FilterBy("user_did", req.Data.ID.String()).
 		Get()
 	if err != nil {
-		Log(r).WithError(err).Error("failed to get claim by user DID")
+		log.WithError(err).Error("failed to get claim by user DID")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
@@ -186,14 +195,14 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 
 	identityExpiration, err := getExpirationTimeFromPubSignals(req.Data.ZKProof.PubSignals)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to get expiration time")
+		log.WithError(err).Error("failed to get expiration time")
 		ape.RenderErr(w, problems.BadRequest(err)...)
 		return
 	}
 
 	issuingAuthority, err := strconv.Atoi(req.Data.ZKProof.PubSignals[2])
 	if err != nil {
-		Log(r).WithError(err).Error("failed to convert string to int")
+		log.WithError(err).Error("failed to convert string to int")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
@@ -204,7 +213,7 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 
 	blinder, err := vaultClient.Blinder()
 	if err != nil {
-		Log(r).WithError(err).Error("failed to get blinder from the vault")
+		log.WithError(err).Error("failed to get blinder from the vault")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
@@ -214,26 +223,26 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 	salt := new(big.Int).SetUint64(uint64(time.Now().UTC().UnixMilli()))
 	documentHash, err := poseidon.HashBytes(signedAttributes)
 	if err != nil {
-		Log(r).WithError(err).Error("failed to hash signed attributes")
+		log.WithError(err).Error("failed to hash signed attributes")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	nullifier, err := poseidon.Hash([]*big.Int{documentHash, blinder, salt})
 	if err != nil {
-		Log(r).WithError(err).Error("failed to build nullifier")
+		log.WithError(err).Error("failed to build nullifier")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 
 	existing, err := masterQ.Claim().FilterBy("document_hash", documentHash.String()).Get()
 	if err != nil {
-		Log(r).WithError(err).Error("failed to get claim by document hash")
+		log.WithError(err).Error("failed to get claim by document hash")
 		ape.RenderErr(w, problems.InternalError())
 		return
 	}
 	if existing != nil {
-		log := Log(r).WithField("document_hash", documentHash.String())
+		log = log.WithField("document_hash", documentHash.String())
 		if existing.IsBanned {
 			log.Info("user of the provided document is banned")
 			ape.RenderErr(w, problems.InternalError())
@@ -288,7 +297,7 @@ func CreateIdentity(w http.ResponseWriter, r *http.Request) {
 
 		return nil
 	}); err != nil {
-		Log(r).WithError(err).Error("failed to execute SQL transaction")
+		log.WithError(err).Error("failed to execute SQL transaction")
 		// error was rendered beforehand
 		return
 	}

diff --git a/internal/service/api/requests/create_identity.go b/internal/service/api/requests/create_identity.go
@@ -2,10 +2,11 @@ package requests
 
 import (
 	"encoding/json"
+	"net/http"
+
 	"github.com/iden3/go-iden3-core/v2/w3c"
 	snarkTypes "github.com/iden3/go-rapidsnark/types"
 	"gitlab.com/distributed_lab/logan/v3/errors"
-	"net/http"
 )
 
 type CreateIdentityRequestData struct {