[#1590] Added http-auth logger

12 files changed, 137 insertions, 40 deletions

diff --git a/src/lib/http/Makefile.am b/src/lib/http/Makefile.am
index 08c492daf6..ccca75b558 100644
--- a/src/lib/http/Makefile.am
+++ b/src/lib/http/Makefile.am
@@ -38,9 +38,11 @@ libkea_http_la_SOURCES += response_creator.cc response_creator.h
 libkea_http_la_SOURCES += response_creator_factory.h
 libkea_http_la_SOURCES += response_json.cc response_json.h
 libkea_http_la_SOURCES += url.cc url.h
-libkea_http_la_SOURCES += basic_auth.cc basic_auth.h
 libkea_http_la_SOURCES += auth_config.h
+libkea_http_la_SOURCES += auth_log.cc auth_log.h
+libkea_http_la_SOURCES += auth_messages.cc auth_messages.h
 libkea_http_la_SOURCES += basic_auth_config.cc basic_auth_config.h
+libkea_http_la_SOURCES += basic_auth.cc basic_auth.h
 
 libkea_http_la_CXXFLAGS = $(AM_CXXFLAGS)
 libkea_http_la_CPPFLAGS = $(AM_CPPFLAGS)
@@ -63,6 +65,7 @@ libkea_http_la_LIBADD += $(LOG4CPLUS_LIBS) $(BOOST_LIBS) $(CRYPTO_LIBS)
 # is required.  To make it easy to rebuild messages without going through
 # reconfigure, a new target messages-clean has been added.
 maintainer-clean-local:
+	rm -f auth_messages.cc auth_messages.h
 	rm -f http_messages.h http_messages.cc
 
 # To regenerate messages files, one can do:
@@ -76,9 +79,12 @@ messages-clean: maintainer-clean-local
 if GENERATE_MESSAGES
 
 # Define rule to build logging source files from message file
-messages: http_messages.h http_messages.cc
+messages: auth_messages.cc auth_messages.h http_messages.h http_messages.cc
 	@echo Message files regenerated
 
+auth_messages.cc auth_messages.h: auth_messages.mes
+	$(top_builddir)/src/lib/log/compiler/kea-msg-compiler $(top_srcdir)/src/lib/http/auth_messages.mes
+
 http_messages.h http_messages.cc: http_messages.mes
 	$(top_builddir)/src/lib/log/compiler/kea-msg-compiler $(top_srcdir)/src/lib/http/http_messages.mes
 
@@ -93,6 +99,8 @@ endif
 libkea_http_includedir = $(pkgincludedir)/http
 libkea_http_include_HEADERS = \
 	auth_config.h \
+	auth_log.h \
+	auth_messages.h \
 	basic_auth.h \
 	basic_auth_config.h \
 	client.h \
diff --git a/src/lib/http/auth_log.cc b/src/lib/http/auth_log.cc
new file mode 100644
index 0000000000..cc5f9f9a5f
--- /dev/null
+++ b/src/lib/http/auth_log.cc
@@ -0,0 +1,21 @@
+// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC")
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+/// Defines the logger used by the HTTP authentication.
+
+#include <config.h>
+
+#include <http/auth_log.h>
+
+namespace isc {
+namespace http {
+
+/// @brief Defines the logger used by the HTTP authentication.
+isc::log::Logger auth_logger("http-auth");
+
+} // namespace http
+} // namespace isc
+
diff --git a/src/lib/http/auth_log.h b/src/lib/http/auth_log.h
new file mode 100644
index 0000000000..8ebf5c3cc7
--- /dev/null
+++ b/src/lib/http/auth_log.h
@@ -0,0 +1,23 @@
+// Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC")
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+#ifndef AUTH_LOG_H
+#define AUTH_LOG_H
+
+#include <log/logger_support.h>
+#include <log/macros.h>
+#include <http/auth_messages.h>
+
+namespace isc {
+namespace http {
+
+/// Define the HTTP authentication logger.
+extern isc::log::Logger auth_logger;
+
+} // namespace http
+} // namespace isc
+
+#endif // AUTH_LOG_H
diff --git a/src/lib/http/auth_messages.cc b/src/lib/http/auth_messages.cc
new file mode 100644
index 0000000000..ebf9da5bab
--- /dev/null
+++ b/src/lib/http/auth_messages.cc
@@ -0,0 +1,31 @@
+// File created from ../../../src/lib/http/auth_messages.mes
+
+#include <cstddef>
+#include <log/message_types.h>
+#include <log/message_initializer.h>
+
+namespace isc {
+namespace http {
+
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_AUTHORIZED = "HTTP_CLIENT_REQUEST_AUTHORIZED";
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER = "HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER";
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NOT_AUTHORIZED = "HTTP_CLIENT_REQUEST_NOT_AUTHORIZED";
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NO_AUTH_HEADER = "HTTP_CLIENT_REQUEST_NO_AUTH_HEADER";
+
+} // namespace http
+} // namespace isc
+
+namespace {
+
+const char* values[] = {
+    "HTTP_CLIENT_REQUEST_AUTHORIZED", "received HTTP request authorized for '%1'",
+    "HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER", "received HTTP request with malformed authentication header: %1",
+    "HTTP_CLIENT_REQUEST_NOT_AUTHORIZED", "received HTTP request with not matching authentication header",
+    "HTTP_CLIENT_REQUEST_NO_AUTH_HEADER", "received HTTP request without required authentication header",
+    NULL
+};
+
+const isc::log::MessageInitializer initializer(values);
+
+} // Anonymous namespace
+
diff --git a/src/lib/http/auth_messages.h b/src/lib/http/auth_messages.h
new file mode 100644
index 0000000000..ff02ef529a
--- /dev/null
+++ b/src/lib/http/auth_messages.h
@@ -0,0 +1,19 @@
+// File created from ../../../src/lib/http/auth_messages.mes
+
+#ifndef AUTH_MESSAGES_H
+#define AUTH_MESSAGES_H
+
+#include <log/message_types.h>
+
+namespace isc {
+namespace http {
+
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_AUTHORIZED;
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER;
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NOT_AUTHORIZED;
+extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NO_AUTH_HEADER;
+
+} // namespace http
+} // namespace isc
+
+#endif // AUTH_MESSAGES_H
diff --git a/src/lib/http/auth_messages.mes b/src/lib/http/auth_messages.mes
new file mode 100644
index 0000000000..685bdb3596
--- /dev/null
+++ b/src/lib/http/auth_messages.mes
@@ -0,0 +1,24 @@
+# Copyright (C) 2021 Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+$NAMESPACE isc::http
+
+% HTTP_CLIENT_REQUEST_AUTHORIZED received HTTP request authorized for '%1'
+This information message is issued when the server receives with a matching
+authentication header. The argument provides the user id.
+
+% HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER received HTTP request with malformed authentication header: %1
+This information message is issued when the server receives a request with
+a malformed authentication header. The argument explains the problem.
+
+% HTTP_CLIENT_REQUEST_NOT_AUTHORIZED received HTTP request with not matching authentication header
+This information message is issued when the server receives a request with
+authentication header carrying not recognized credential: the user
+provided incorrect user id and/or password.
+
+% HTTP_CLIENT_REQUEST_NO_AUTH_HEADER received HTTP request without required authentication header
+This information message is issued when the server receives a request without
+a required authentication header.
diff --git a/src/lib/http/basic_auth_config.cc b/src/lib/http/basic_auth_config.cc
index 87106663aa..5530cf8c50 100644
--- a/src/lib/http/basic_auth_config.cc
+++ b/src/lib/http/basic_auth_config.cc
@@ -1,4 +1,4 @@
-// Copyright (C) 2020 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2020-2021 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -6,8 +6,8 @@
 
 #include <config.h>
 
+#include <http/auth_log.h>
 #include <http/basic_auth_config.h>
-#include <http/http_log.h>
 #include <util/strutil.h>
 
 using namespace isc;
@@ -226,17 +226,17 @@ BasicHttpAuthConfig::checkAuth(const HttpResponseCreator& creator,
         // Verify the credential is in the list.
         const auto it = credentials.find(value);
         if (it != credentials.end()) {
-            LOG_INFO(http_logger, HTTP_CLIENT_REQUEST_AUTHORIZED)
+            LOG_INFO(auth_logger, HTTP_CLIENT_REQUEST_AUTHORIZED)
                 .arg(it->second);
             authentic = true;
         } else {
-            LOG_INFO(http_logger, HTTP_CLIENT_REQUEST_NOT_AUTHORIZED);
+            LOG_INFO(auth_logger, HTTP_CLIENT_REQUEST_NOT_AUTHORIZED);
             authentic = false;
         }
     } catch (const HttpMessageNonExistingHeader&) {
-        LOG_INFO(http_logger, HTTP_CLIENT_REQUEST_NO_AUTH_HEADER);
+        LOG_INFO(auth_logger, HTTP_CLIENT_REQUEST_NO_AUTH_HEADER);
     } catch (const BadValue& ex) {
-        LOG_INFO(http_logger, HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER)
+        LOG_INFO(auth_logger, HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER)
             .arg(ex.what());
     }
     if (authentic) {
diff --git a/src/lib/http/http_log.cc b/src/lib/http/http_log.cc
index a41289f974..8e1994d9ef 100644
--- a/src/lib/http/http_log.cc
+++ b/src/lib/http/http_log.cc
@@ -1,10 +1,10 @@
-// Copyright (C) 2016-2018 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2016-2021 Internet Systems Consortium, Inc. ("ISC")
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
-/// Defines the logger used by the top-level component of kea-dhcp-ddns.
+/// Defines the logger used by the libkea-http library.
 
 #include <config.h>
 
diff --git a/src/lib/http/http_log.h b/src/lib/http/http_log.h
index 4460358e6b..0b7d8ad0c0 100644
--- a/src/lib/http/http_log.h
+++ b/src/lib/http/http_log.h
@@ -14,7 +14,7 @@
 namespace isc {
 namespace http {
 
-/// Define the loggers used within libkea-http library.
+/// Define the logger used within libkea-http library.
 extern isc::log::Logger http_logger;
 
 } // namespace http
diff --git a/src/lib/http/http_messages.cc b/src/lib/http/http_messages.cc
index d043ad323e..dc24176ead 100644
--- a/src/lib/http/http_messages.cc
+++ b/src/lib/http/http_messages.cc
@@ -13,10 +13,6 @@ extern const isc::log::MessageID HTTP_BAD_CLIENT_REQUEST_RECEIVED_DETAILS = "HTT
 extern const isc::log::MessageID HTTP_BAD_SERVER_RESPONSE_RECEIVED = "HTTP_BAD_SERVER_RESPONSE_RECEIVED";
 extern const isc::log::MessageID HTTP_BAD_SERVER_RESPONSE_RECEIVED_DETAILS = "HTTP_BAD_SERVER_RESPONSE_RECEIVED_DETAILS";
 extern const isc::log::MessageID HTTP_CLIENT_MT_STARTED = "HTTP_CLIENT_MT_STARTED";
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_AUTHORIZED = "HTTP_CLIENT_REQUEST_AUTHORIZED";
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER = "HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER";
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NOT_AUTHORIZED = "HTTP_CLIENT_REQUEST_NOT_AUTHORIZED";
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NO_AUTH_HEADER = "HTTP_CLIENT_REQUEST_NO_AUTH_HEADER";
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_RECEIVED = "HTTP_CLIENT_REQUEST_RECEIVED";
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_RECEIVED_DETAILS = "HTTP_CLIENT_REQUEST_RECEIVED_DETAILS";
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_SEND = "HTTP_CLIENT_REQUEST_SEND";
@@ -50,10 +46,6 @@ const char* values[] = {
     "HTTP_BAD_SERVER_RESPONSE_RECEIVED", "bad response received when communicating with %1: %2",
     "HTTP_BAD_SERVER_RESPONSE_RECEIVED_DETAILS", "detailed information about bad response received from %1:\n%2",
     "HTTP_CLIENT_MT_STARTED", "HttpClient has been started in multi-threaded mode running %1 threads",
-    "HTTP_CLIENT_REQUEST_AUTHORIZED", "received HTTP request authorized for '%1'",
-    "HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER", "received HTTP request with malformed authentication header: %1",
-    "HTTP_CLIENT_REQUEST_NOT_AUTHORIZED", "received HTTP request with not matching authentication header",
-    "HTTP_CLIENT_REQUEST_NO_AUTH_HEADER", "received HTTP request without required authentication header",
     "HTTP_CLIENT_REQUEST_RECEIVED", "received HTTP request from %1",
     "HTTP_CLIENT_REQUEST_RECEIVED_DETAILS", "detailed information about well-formed request received from %1:\n%2",
     "HTTP_CLIENT_REQUEST_SEND", "sending HTTP request %1 to %2",
diff --git a/src/lib/http/http_messages.h b/src/lib/http/http_messages.h
index 5735df006b..d24a6ce4fd 100644
--- a/src/lib/http/http_messages.h
+++ b/src/lib/http/http_messages.h
@@ -14,10 +14,6 @@ extern const isc::log::MessageID HTTP_BAD_CLIENT_REQUEST_RECEIVED_DETAILS;
 extern const isc::log::MessageID HTTP_BAD_SERVER_RESPONSE_RECEIVED;
 extern const isc::log::MessageID HTTP_BAD_SERVER_RESPONSE_RECEIVED_DETAILS;
 extern const isc::log::MessageID HTTP_CLIENT_MT_STARTED;
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_AUTHORIZED;
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER;
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NOT_AUTHORIZED;
-extern const isc::log::MessageID HTTP_CLIENT_REQUEST_NO_AUTH_HEADER;
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_RECEIVED;
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_RECEIVED_DETAILS;
 extern const isc::log::MessageID HTTP_CLIENT_REQUEST_SEND;
diff --git a/src/lib/http/http_messages.mes b/src/lib/http/http_messages.mes
index 389abd6597..7683162ab3 100644
--- a/src/lib/http/http_messages.mes
+++ b/src/lib/http/http_messages.mes
@@ -42,23 +42,6 @@ truncated by the logger if it is too large to be printed.
 This debug message is issued when a multi-threaded HTTP client instance has
 been created.  The argument specifies the maximum number of threads.
 
-% HTTP_CLIENT_REQUEST_AUTHORIZED received HTTP request authorized for '%1'
-This information message is issued when the server receives with a matching
-authentication header. The argument provides the user id.
-
-% HTTP_CLIENT_REQUEST_BAD_AUTH_HEADER received HTTP request with malformed authentication header: %1
-This information message is issued when the server receives a request with
-a malformed authentication header. The argument explains the problem.
-
-% HTTP_CLIENT_REQUEST_NOT_AUTHORIZED received HTTP request with not matching authentication header
-This information message is issued when the server receives a request with
-authentication header carrying not recognized credential: the user
-provided incorrect user id and/or password.
-
-% HTTP_CLIENT_REQUEST_NO_AUTH_HEADER received HTTP request without required authentication header
-This information message is issued when the server receives a request without
-a required authentication header.
-
 % HTTP_CLIENT_REQUEST_RECEIVED received HTTP request from %1
 This debug message is issued when the server finished receiving a HTTP
 request from the remote endpoint. The address of the remote endpoint is