ayo/gocommon
8
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
Files
085d0bb740f50946e154d1b7aa39f5ffa8edea9d
gocommon/opensearch/client.go
mountain 085d0bb740 로그 추가
2025-09-10 11:42:57 +09:00

370 lines
7.9 KiB
Go
Raw Blame History

package opensearch
import (
"context"
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"encoding/json"
"fmt"
"io"
"net"
"net/http"
"slices"
"strings"
"time"
osg "github.com/opensearch-project/opensearch-go/v4"
osapi "github.com/opensearch-project/opensearch-go/v4/opensearchapi"
"repositories.action2quare.com/ayo/gocommon/logger"
)
type Config struct {
osg.Config `json:",inline"`
IndexPrefix string `json:"IndexPrefix"`
SigningKey string `json:"SigningKey"`
}
type Client struct {
*osg.Client
cfg Config
signingKey []byte
indexTemplatePattern string
bulkHeader http.Header
singleHeader http.Header
bulkChan chan *LogDocument
}
type LogDocument struct {
Type string `json:"type"`
Body any `json:"body"`
Timestamp string `json:"@timestamp"`
Country string `json:"country"`
Ip string `json:"ip"`
Uid string `json:"uid"`
Auth struct {
Type string `json:"type"`
Id string `json:"id"`
} `json:"auth"`
}
func NewLogDocument(logType string, body any) *LogDocument {
return &LogDocument{
Type: strings.ToLower(logType),
Timestamp: time.Now().UTC().Format("2006-01-02T15:04:05Z"),
Body: body,
}
}
func (c *Client) Send(ld *LogDocument) {
if c.Client == nil {
return
}
c.bulkChan <- ld
}
func (c *Client) SendBulk(ds map[string]*LogDocument) {
if c == nil {
return
}
for _, d := range ds {
c.bulkChan <- d
}
}
type stringSliceReader struct {
src [][]byte
sent [][]byte
}
func (b *stringSliceReader) Read(p []byte) (n int, err error) {
n = 0
err = nil
for len(b.src) > 0 {
sbt := b.src[0]
copied := copy(p, sbt)
n += copied
b.sent = append(b.sent, sbt[:copied])
if copied < len(sbt) {
b.src[0] = sbt[copied:]
return
}
p = p[copied:]
b.src = b.src[1:]
}
err = io.EOF
return
}
func (b *stringSliceReader) printSent() {
for _, r := range b.sent {
fmt.Print(string(r))
}
fmt.Print("\n")
}
func (c *Client) sendLoop(ctx context.Context) {
defer func() {
r := recover()
if r != nil {
logger.Error(r)
}
}()
failChan := make(chan [][]byte)
contentsSize := 0
var contents [][]byte
sendTick := time.After(time.Minute)
sendfunc := func() {
// 2mb가 넘지 않게 조절.
// 실패한 로그가 다시 되돌아 오면 contents가 커질 수 있다.
sendingSize := 0
cut := 0
for ; cut < len(contents); cut++ {
thisSize := len(contents[cut])
if thisSize+sendingSize > 2*1024*1024 {
break
}
sendingSize += thisSize
}
sending := contents[:cut]
contents = contents[cut:]
contentsSize -= sendingSize
sendTick = time.After(time.Minute)
go func(sending [][]byte) {
defer func() {
r := recover()
if r != nil {
logger.Println(r)
}
}()
reader := &stringSliceReader{src: sending}
req := osapi.BulkReq{
Body: reader,
Header: c.bulkHeader,
}
resp, err := c.Do(context.Background(), req, nil)
logger.Println("[LogStream] process BulkReq :", err)
if err != nil {
if netoperr, ok := err.(*net.OpError); ok && netoperr.Op == "dial" {
// 접속 안됨. 재시도 안함
logger.Println("[LogStream] send bulk failed. no retry :", err)
reader.printSent()
} else {
// 재시도
logger.Println("[LogStream] send bulk failed. retry :", err)
failChan <- sending
}
return
}
if resp.Body == nil {
logger.Println("[LogStream] send bulk failed. empty response")
return
}
defer resp.Body.Close()
var respbody struct {
Errors bool `json:"errors"`
Items []struct {
Create struct {
Status int `json:"status"`
} `json:"create"`
} `json:"items"`
}
if err := json.NewDecoder(resp.Body).Decode(&respbody); err != nil {
logger.Println("[LogStream] decode response body failed :", err)
return
}
if !respbody.Errors {
logger.Println("[LogStream] process BulkReq success", respbody)
return
}
var retry [][]byte
for i, item := range respbody.Items {
if item.Create.Status < 400 {
// 재시도
retry = append(retry, sending[i])
}
}
logger.Println("[LogStream] send bulk failed. retry :", len(retry))
if len(retry) > 0 {
failChan <- retry
}
}(sending)
}
for {
select {
case <-ctx.Done():
return
case ret := <-failChan:
// 순서는 중요하지 않음.
for _, r := range ret {
contentsSize += len(r)
}
contents = append(ret, contents...)
sendfunc()
case <-sendTick:
if len(contents) > 0 {
sendfunc()
} else {
sendTick = time.After(time.Minute)
}
case logDoc := <-c.bulkChan:
b, _ := json.Marshal(logDoc)
e := fmt.Appendf(nil, `{"create":{"_index":"%s%s"}}`+"\n"+`%s`+"\n", c.indexTemplatePattern, logDoc.Type, string(b))
contentsSize += len(e)
contents = append(contents, e)
if contentsSize > 1024*1024 {
sendfunc()
}
}
}
}
var jwtHeader string
var encoding = base64.RawURLEncoding
func init() {
src := []byte(`{"alg": "HS256","typ": "JWT"}`)
dst := make([]byte, len(src)*2)
encoding.Encode(dst, src)
enclen := encoding.EncodedLen(len(src))
jwtHeader = string(dst[:enclen])
}
func (c *Client) MakeJWT(subject string, role string, ttl time.Duration) string {
if len(c.signingKey) == 0 {
return ""
}
now := time.Now().Add(ttl).Unix()
src := []byte(fmt.Sprintf(`{"exp":%d,"sub":"%s","roles":"%s"}`, now, subject, role))
payload := make([]byte, encoding.EncodedLen(len(src)))
encoding.Encode(payload, src)
encoded := jwtHeader + "." + string(payload)
mac := hmac.New(sha256.New, c.signingKey)
mac.Write([]byte(encoded))
signature := mac.Sum(nil)
sigenc := make([]byte, encoding.EncodedLen(len(signature)))
encoding.Encode(sigenc, signature)
return encoded + "." + string(sigenc)
}
func (c *Client) VerifyJWT(token string) (subject string, role string) {
dot := strings.LastIndex(token, ".")
if dot < 0 {
return
}
encoded := token[:dot]
sigenc := token[dot+1:]
signature := make([]byte, encoding.DecodedLen(len(sigenc)))
encoding.Decode(signature, []byte(sigenc))
mac := hmac.New(sha256.New, c.signingKey)
mac.Write([]byte(encoded))
calsig := mac.Sum(nil)
if slices.Compare(calsig, signature) != 0 {
return
}
_, payload, ok := strings.Cut(encoded, ".")
if !ok {
return
}
srcjson, err := encoding.DecodeString(payload)
if err != nil {
return
}
var src struct {
Exp int64 `json:"exp"`
Sub string `json:"sub"`
Roles string `json:"roles"`
}
if json.Unmarshal([]byte(srcjson), &src) != nil {
return
}
if src.Exp < time.Now().Unix() {
return
}
return src.Sub, src.Roles
}
func NewClient(ctx context.Context, cfg Config) (Client, error) {
if len(cfg.Addresses) == 0 {
return Client{}, nil
}
client, err := osg.NewClient(cfg.Config)
if err != nil {
return Client{}, err
}
var signingKey []byte
if len(cfg.SigningKey) > 0 {
dst := make([]byte, len(cfg.SigningKey)*2)
dstlen, _ := base64.StdEncoding.Decode(dst, []byte(cfg.SigningKey))
signingKey = dst[:dstlen]
}
indexPrefix := cfg.IndexPrefix
if !strings.HasSuffix(indexPrefix, "-") && len(indexPrefix) > 0 {
indexPrefix += "-"
}
if !strings.HasSuffix(indexPrefix, "ds-logs-") {
indexPrefix = "ds-logs-" + indexPrefix
}
logger.Println("[LogStream] stream indexPrefix :", indexPrefix)
bulkHeader := make(http.Header)
singleHeader := make(http.Header)
if len(cfg.Username) > 0 && len(cfg.Password) > 0 {
authHeader := fmt.Sprintf("Basic %s", base64.RawURLEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", cfg.Username, cfg.Password))))
bulkHeader.Set("Authorization", authHeader)
singleHeader.Set("Authorization", authHeader)
}
out := Client{
Client: client,
cfg: cfg,
signingKey: signingKey,
indexTemplatePattern: indexPrefix,
bulkHeader: bulkHeader,
singleHeader: singleHeader,
bulkChan: make(chan *LogDocument, 1000),
}
go func() {
for {
out.sendLoop(ctx)
if ctx.Err() != nil {
return
}
}
}()
return out, nil
}
Reference in New Issue View Git Blame Copy Permalink