github.com/avenga/couper@v1.12.2/server/testdata/integration/logs/01_couper.hcl (about) 1 server "logs" { 2 files { 3 document_root = "./" 4 custom_log_fields = { 5 files = request.method 6 } 7 } 8 9 spa { 10 bootstrap_file = "./file.html" 11 paths = ["/spa/**"] 12 custom_log_fields = { 13 spa = request.method 14 } 15 } 16 17 custom_log_fields = { 18 server = backend_responses.default.headers.server 19 } 20 21 endpoint "/secure" { 22 access_control = ["BA"] 23 24 proxy { 25 backend = "BE" 26 } 27 } 28 29 endpoint "/jwt-valid" { 30 access_control = ["JWT"] 31 32 proxy { 33 backend = "BE" 34 } 35 } 36 37 endpoint "/jwt" { 38 access_control = ["JWT"] 39 40 proxy { 41 backend = "BE" 42 } 43 } 44 45 endpoint "/jwt-wildcard" { 46 access_control = ["JWT-WILDCARD"] 47 48 proxy { 49 backend = "BE" 50 } 51 } 52 53 api { 54 custom_log_fields = { 55 api = backend_responses.default.headers.server 56 } 57 58 endpoint "/" { 59 custom_log_fields = { 60 endpoint = backend_responses.default.headers.server 61 } 62 63 proxy { 64 backend "BE" { 65 custom_log_fields = { 66 bool = true 67 int = 123 68 float = 1.23 69 string = backend_responses.default.headers.server 70 req = request.method 71 72 array = [ 73 1, 74 backend_responses.default.headers.server, 75 [ 76 2, 77 backend_responses.default.headers.server 78 ], 79 { 80 x = "X" 81 } 82 ] 83 84 object = { 85 a = "A" 86 b = "B" 87 c = 123 88 } 89 } 90 } 91 } 92 } 93 94 endpoint "/backend" { 95 proxy { 96 backend = "BE" 97 } 98 } 99 100 endpoint "/oauth2cb" { 101 access_control = ["oauth2-regular"] 102 proxy { 103 backend = "BE" 104 } 105 } 106 107 endpoint "/oauth2cb-wildcard" { 108 access_control = ["oauth2-wildcard"] 109 proxy { 110 backend = "BE" 111 } 112 } 113 114 endpoint "/saml-saml2/acs" { 115 access_control = ["SSO-saml2"] 116 117 response { 118 status = 418 119 } 120 } 121 122 endpoint "/saml-saml/acs" { 123 access_control = ["SSO-saml"] 124 125 response { 126 status = 418 127 } 128 } 129 130 endpoint "/saml-wildcard/acs" { 131 access_control = ["SSO-wildcard"] 132 133 response { 134 status = 418 135 } 136 } 137 138 endpoint "/oidc/cb" { 139 access_control = ["oidc"] 140 141 response { 142 status = 204 143 } 144 } 145 146 endpoint "/oidc-wildcard/cb" { 147 access_control = ["oidc-wildcard"] 148 149 response { 150 status = 204 151 } 152 } 153 } 154 155 api { 156 endpoint "/error-handler/endpoint" { 157 access_control = ["JWT"] 158 159 required_permission = "required" 160 161 response { 162 status = 204 163 } 164 165 error_handler "insufficient_permissions" { 166 custom_log_fields = { 167 error_handler = request.method 168 } 169 } 170 } 171 } 172 173 endpoint "/standard" { 174 request "resolve" { 175 backend = "BE" 176 } 177 178 proxy { 179 backend = "BE" 180 } 181 182 custom_log_fields = { 183 item-1 = backend_responses.resolve.json_body.JSON.list[0] 184 item-2 = backend_responses.default.json_body.JSON.list[0] 185 } 186 } 187 188 endpoint "/sequence" { 189 request "resolve" { 190 backend = "BE" 191 } 192 193 proxy { 194 backend = "BE" 195 set_request_headers = { 196 x-status = backend_responses.resolve.status 197 } 198 } 199 200 custom_log_fields = { 201 seq-item-1 = backend_responses.resolve.json_body.JSON.list[0] 202 seq-item-2 = backend_responses.default.json_body.JSON.list[0] 203 } 204 } 205 206 } 207 208 definitions { 209 backend "BE" { 210 origin = env.COUPER_TEST_BACKEND_ADDR 211 path = "/anything" 212 213 custom_log_fields = { 214 backend = backend_response.headers.server 215 } 216 } 217 218 basic_auth "BA" { 219 password = "secret" 220 221 error_handler "basic_auth" { 222 custom_log_fields = { 223 error_handler = request.method 224 } 225 } 226 } 227 228 jwt "JWT" { 229 header = "Authorization" 230 signature_algorithm = "HS256" 231 key = "y0urS3cretT08eU5edF0rC0uPerInThe3xamp1e" 232 233 custom_log_fields = { 234 jwt_regular = request.method 235 } 236 237 error_handler "jwt_token_missing" "jwt" { 238 custom_log_fields = { 239 jwt_error = request.method 240 } 241 } 242 } 243 244 jwt "JWT-WILDCARD" { 245 header = "Authorization" 246 signature_algorithm = "HS256" 247 key = "y0urS3cretT08eU5edF0rC0uPerInThe3xamp1e" 248 249 custom_log_fields = { 250 jwt_regular = request.method 251 } 252 253 error_handler { 254 custom_log_fields = { 255 jwt_error_wildcard = request.method 256 } 257 } 258 } 259 260 beta_oauth2 "oauth2-regular" { 261 grant_type = "authorization_code" 262 redirect_uri = "http://localhost:8080/oauth2cb" # value is not checked 263 authorization_endpoint = "https://authorization.server/oauth2/authorize" 264 token_endpoint = "not.checked/token" 265 token_endpoint_auth_method = "client_secret_post" 266 verifier_method = "ccm_s256" 267 verifier_value = request.query.pkcecv 268 client_id = "foo" 269 client_secret = "etbinbp4in" 270 custom_log_fields = { 271 oauth2_regular = request.method 272 } 273 274 error_handler "oauth2" { 275 custom_log_fields = { 276 oauth2_error = request.method 277 } 278 } 279 } 280 281 beta_oauth2 "oauth2-wildcard" { 282 grant_type = "authorization_code" 283 redirect_uri = "http://localhost:8080/oauth2cb-wildcard" # value is not checked 284 authorization_endpoint = "https://authorization.server/oauth2/authorize" 285 token_endpoint = "not.checked/token" 286 token_endpoint_auth_method = "client_secret_post" 287 verifier_method = "ccm_s256" 288 verifier_value = request.query.pkcecv 289 client_id = "foo" 290 client_secret = "etbinbp4in" 291 custom_log_fields = { 292 oauth2_regular = request.method 293 } 294 295 error_handler { 296 custom_log_fields = { 297 oauth2_wildcard_error = request.method 298 } 299 } 300 } 301 302 saml "SSO-saml2" { 303 idp_metadata_file = "../../../../accesscontrol/testdata/idp-metadata.xml" 304 sp_acs_url = "http://localhost:8080/saml/acs" 305 sp_entity_id = "local-test" 306 array_attributes = ["memberOf"] 307 308 custom_log_fields = { 309 saml_regular = request.method 310 } 311 312 error_handler "saml2" { 313 custom_log_fields = { 314 saml_saml2_error = request.method 315 } 316 } 317 } 318 319 saml "SSO-saml" { 320 idp_metadata_file = "../../../../accesscontrol/testdata/idp-metadata.xml" 321 sp_acs_url = "http://localhost:8080/saml/acs" 322 sp_entity_id = "local-test" 323 array_attributes = ["memberOf"] 324 325 custom_log_fields = { 326 saml_regular = request.method 327 } 328 329 error_handler "saml" { 330 custom_log_fields = { 331 saml_saml_error = request.method 332 } 333 } 334 } 335 336 saml "SSO-wildcard" { 337 idp_metadata_file = "../../../../accesscontrol/testdata/idp-metadata.xml" 338 sp_acs_url = "http://localhost:8080/saml/acs" 339 sp_entity_id = "local-test" 340 array_attributes = ["memberOf"] 341 342 custom_log_fields = { 343 saml_regular = request.method 344 } 345 346 error_handler { 347 custom_log_fields = { 348 saml_wildcard_error = request.method 349 } 350 } 351 } 352 353 oidc "oidc" { 354 configuration_url = "${env.COUPER_TEST_BACKEND_ADDR}/.well-known/openid-configuration" 355 configuration_ttl = "1h" 356 client_id = "foo" 357 client_secret = "custom-logs-3344" 358 redirect_uri = "http://localhost:8080/oidc/cb" # value is not checked 359 scope = "profile email" 360 verifier_method = "nonce" 361 verifier_value = request.query.nnc 362 363 custom_log_fields = { 364 oidc_regular = request.method 365 } 366 367 error_handler "oauth2" { 368 custom_log_fields = { 369 oidc_error = request.method 370 } 371 } 372 } 373 374 oidc "oidc-wildcard" { 375 configuration_url = "${env.COUPER_TEST_BACKEND_ADDR}/.well-known/openid-configuration" 376 configuration_ttl = "1h" 377 client_id = "foo" 378 client_secret = "custom-logs-3344" 379 redirect_uri = "http://localhost:8080/oidc/cb" # value is not checked 380 scope = "profile email" 381 verifier_method = "nonce" 382 verifier_value = request.query.nnc 383 384 custom_log_fields = { 385 oidc_regular = request.method 386 } 387 388 error_handler { 389 custom_log_fields = { 390 oidc_wildcard_error = request.method 391 } 392 } 393 } 394 }