Move RealClientIP code to IP packages

oauthproxy.go

@@ -19,11 +19,12 @@ import (
 
 	"github.com/coreos/go-oidc"
 	"github.com/mbland/hmacauth"
-	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/logging"
+	ipapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/ip"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/options"
 	sessionsapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/sessions"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/cookies"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/encryption"
+	"github.com/oauth2-proxy/oauth2-proxy/pkg/ip"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
 	"github.com/oauth2-proxy/oauth2-proxy/providers"
 	"github.com/yhat/wsutil"
@@ -114,7 +115,7 @@ type OAuthProxy struct {
 	jwtBearerVerifiers   []*oidc.IDTokenVerifier
 	compiledRegex        []*regexp.Regexp
 	templates            *template.Template
-	realClientIPParser   logging.RealClientIPParser
+	realClientIPParser   ipapi.RealClientIPParser
 	Banner               string
 	Footer               string
 }
@@ -762,7 +763,7 @@ func (p *OAuthProxy) OAuthStart(rw http.ResponseWriter, req *http.Request) {
 // OAuthCallback is the OAuth2 authentication flow callback that finishes the
 // OAuth2 authentication flow
 func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
-	remoteAddr := logging.GetClientString(p.realClientIPParser, req, true)
+	remoteAddr := ip.GetClientString(p.realClientIPParser, req, true)
 
 	// finish the oauth cycle
 	err := req.ParseForm()
@@ -890,7 +891,7 @@ func (p *OAuthProxy) getAuthenticatedSession(rw http.ResponseWriter, req *http.R
 		}
 	}
 
-	remoteAddr := logging.GetClientString(p.realClientIPParser, req, true)
+	remoteAddr := ip.GetClientString(p.realClientIPParser, req, true)
 	if session == nil {
 		session, err = p.LoadCookiedSession(req)
 		if err != nil {

pkg/apis/ip/interfaces.go

@@ -0,0 +1,11 @@
+package ip
+
+import (
+	"net"
+	"net/http"
+)
+
+// RealClientIPParser is an interface for a getting the client's real IP to be used for logging.
+type RealClientIPParser interface {
+	GetRealClientIP(http.Header) (net.IP, error)
+}

pkg/apis/options/options.go

@@ -7,7 +7,7 @@ import (
 	"time"
 
 	oidc "github.com/coreos/go-oidc"
-	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/logging"
+	ipapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/ip"
 	sessionsapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/sessions"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
 	"github.com/oauth2-proxy/oauth2-proxy/providers"
@@ -132,30 +132,30 @@ type Options struct {
 	signatureData      *SignatureData
 	oidcVerifier       *oidc.IDTokenVerifier
 	jwtBearerVerifiers []*oidc.IDTokenVerifier
-	realClientIPParser logging.RealClientIPParser
+	realClientIPParser ipapi.RealClientIPParser
 }
 
 // Options for Getting internal values
-func (o *Options) GetRedirectURL() *url.URL                          { return o.redirectURL }
-func (o *Options) GetProxyURLs() []*url.URL                          { return o.proxyURLs }
-func (o *Options) GetCompiledRegex() []*regexp.Regexp                { return o.compiledRegex }
-func (o *Options) GetProvider() providers.Provider                   { return o.provider }
-func (o *Options) GetSessionStore() sessionsapi.SessionStore         { return o.sessionStore }
-func (o *Options) GetSignatureData() *SignatureData                  { return o.signatureData }
-func (o *Options) GetOIDCVerifier() *oidc.IDTokenVerifier            { return o.oidcVerifier }
-func (o *Options) GetJWTBearerVerifiers() []*oidc.IDTokenVerifier    { return o.jwtBearerVerifiers }
-func (o *Options) GetRealClientIPParser() logging.RealClientIPParser { return o.realClientIPParser }
+func (o *Options) GetRedirectURL() *url.URL                        { return o.redirectURL }
+func (o *Options) GetProxyURLs() []*url.URL                        { return o.proxyURLs }
+func (o *Options) GetCompiledRegex() []*regexp.Regexp              { return o.compiledRegex }
+func (o *Options) GetProvider() providers.Provider                 { return o.provider }
+func (o *Options) GetSessionStore() sessionsapi.SessionStore       { return o.sessionStore }
+func (o *Options) GetSignatureData() *SignatureData                { return o.signatureData }
+func (o *Options) GetOIDCVerifier() *oidc.IDTokenVerifier          { return o.oidcVerifier }
+func (o *Options) GetJWTBearerVerifiers() []*oidc.IDTokenVerifier  { return o.jwtBearerVerifiers }
+func (o *Options) GetRealClientIPParser() ipapi.RealClientIPParser { return o.realClientIPParser }
 
 // Options for Setting internal values
-func (o *Options) SetRedirectURL(s *url.URL)                          { o.redirectURL = s }
-func (o *Options) SetProxyURLs(s []*url.URL)                          { o.proxyURLs = s }
-func (o *Options) SetCompiledRegex(s []*regexp.Regexp)                { o.compiledRegex = s }
-func (o *Options) SetProvider(s providers.Provider)                   { o.provider = s }
-func (o *Options) SetSessionStore(s sessionsapi.SessionStore)         { o.sessionStore = s }
-func (o *Options) SetSignatureData(s *SignatureData)                  { o.signatureData = s }
-func (o *Options) SetOIDCVerifier(s *oidc.IDTokenVerifier)            { o.oidcVerifier = s }
-func (o *Options) SetJWTBearerVerifiers(s []*oidc.IDTokenVerifier)    { o.jwtBearerVerifiers = s }
-func (o *Options) SetRealClientIPParser(s logging.RealClientIPParser) { o.realClientIPParser = s }
+func (o *Options) SetRedirectURL(s *url.URL)                        { o.redirectURL = s }
+func (o *Options) SetProxyURLs(s []*url.URL)                        { o.proxyURLs = s }
+func (o *Options) SetCompiledRegex(s []*regexp.Regexp)              { o.compiledRegex = s }
+func (o *Options) SetProvider(s providers.Provider)                 { o.provider = s }
+func (o *Options) SetSessionStore(s sessionsapi.SessionStore)       { o.sessionStore = s }
+func (o *Options) SetSignatureData(s *SignatureData)                { o.signatureData = s }
+func (o *Options) SetOIDCVerifier(s *oidc.IDTokenVerifier)          { o.oidcVerifier = s }
+func (o *Options) SetJWTBearerVerifiers(s []*oidc.IDTokenVerifier)  { o.jwtBearerVerifiers = s }
+func (o *Options) SetRealClientIPParser(s ipapi.RealClientIPParser) { o.realClientIPParser = s }
 
 // NewOptions constructs a new Options with defaulted values
 func NewOptions() *Options {

pkg/ip/realclientip.go

@@ -1,18 +1,15 @@
-package logging
+package ip
 
 import (
 	"fmt"
 	"net"
 	"net/http"
 	"strings"
+
+	ipapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/ip"
 )
 
-// RealClientIPParser is an interface for a getting the client's real IP to be used for logging.
-type RealClientIPParser interface {
-	GetRealClientIP(http.Header) (net.IP, error)
-}
-
-func GetRealClientIPParser(headerKey string) (RealClientIPParser, error) {
+func GetRealClientIPParser(headerKey string) (ipapi.RealClientIPParser, error) {
 	headerKey = http.CanonicalHeaderKey(headerKey)
 
 	switch headerKey {
@@ -73,7 +70,7 @@ func getRemoteIP(req *http.Request) (net.IP, error) {
 }
 
 // GetClientString obtains the human readable string of the remote IP and optionally the real client IP if available
-func GetClientString(p RealClientIPParser, req *http.Request, full bool) (s string) {
+func GetClientString(p ipapi.RealClientIPParser, req *http.Request, full bool) (s string) {
 	var realClientIPStr string
 	if p != nil {
 		if realClientIP, err := p.GetRealClientIP(req.Header); err == nil && realClientIP != nil {

pkg/ip/realclientip_test.go

@@ -1,4 +1,4 @@
-package logging
+package ip
 
 import (
 	"net"
@@ -6,6 +6,7 @@ import (
 	"reflect"
 	"testing"
 
+	ipapi "github.com/oauth2-proxy/oauth2-proxy/pkg/apis/ip"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -144,7 +145,7 @@ func TestGetClientString(t *testing.T) {
 	p := &xForwardedForClientIPParser{header: http.CanonicalHeaderKey("X-Forwarded-For")}
 
 	tests := []struct {
-		parser             RealClientIPParser
+		parser             ipapi.RealClientIPParser
 		remoteAddr         string
 		headerValue        string
 		expectedClient     string

pkg/validation/options.go

@@ -17,9 +17,9 @@ import (
 	"github.com/coreos/go-oidc"
 	"github.com/dgrijalva/jwt-go"
 	"github.com/mbland/hmacauth"
-	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/logging"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/apis/options"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/encryption"
+	"github.com/oauth2-proxy/oauth2-proxy/pkg/ip"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/requests"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/sessions"
@@ -272,7 +272,7 @@ func Validate(o *options.Options) error {
 	msgs = setupLogger(o, msgs)
 
 	if o.ReverseProxy {
-		parser, err := logging.GetRealClientIPParser(o.RealClientIPHeader)
+		parser, err := ip.GetRealClientIPParser(o.RealClientIPHeader)
 		if err != nil {
 			msgs = append(msgs, fmt.Sprintf("real_client_ip_header (%s) not accepted parameter value: %v", o.RealClientIPHeader, err))
 		}
@@ -496,7 +496,7 @@ func setupLogger(o *options.Options, msgs []string) []string {
 	logger.SetAuthTemplate(o.AuthLoggingFormat)
 	logger.SetReqTemplate(o.RequestLoggingFormat)
 	logger.SetGetClientFunc(func(r *http.Request) string {
-		return logging.GetClientString(o.GetRealClientIPParser(), r, false)
+		return ip.GetClientString(o.GetRealClientIPParser(), r, false)
 	})
 
 	excludePaths := make([]string, 0)