diff --git a/audit/format_json.go b/audit/format_json.go index 2850ce2472..bfdd07df5e 100644 --- a/audit/format_json.go +++ b/audit/format_json.go @@ -42,6 +42,7 @@ func (f *FormatJSON) FormatRequest( Request: JSONRequest{ ClientToken: req.ClientToken, + ID: req.ID, Operation: req.Operation, Path: req.Path, Data: req.Data, @@ -112,6 +113,7 @@ func (f *FormatJSON) FormatResponse( Request: JSONRequest{ ClientToken: req.ClientToken, + ID: req.ID, Operation: req.Operation, Path: req.Path, Data: req.Data, @@ -149,6 +151,7 @@ type JSONResponseEntry struct { } type JSONRequest struct { + ID string `json:"id"` Operation logical.Operation `json:"operation"` ClientToken string `json:"client_token"` Path string `json:"path"` diff --git a/http/logical.go b/http/logical.go index c44e790218..503f6877c9 100644 --- a/http/logical.go +++ b/http/logical.go @@ -8,7 +8,6 @@ import ( "strings" "github.com/hashicorp/errwrap" - "github.com/hashicorp/go-uuid" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/vault" ) @@ -65,14 +64,8 @@ func buildLogicalRequest(w http.ResponseWriter, r *http.Request) (*logical.Reque } } - // Generate a unique identifier for the request - requestid, err := uuid.GenerateUUID() - if err != nil { - return nil, http.StatusBadRequest, errwrap.Wrapf("failed to generate identifier for the request: {{err}}", err) - } - + var err error req := requestAuth(r, &logical.Request{ - ID: requestid, Operation: op, Path: path, Data: data, @@ -142,11 +135,11 @@ func handleLogical(core *vault.Core, dataOnly bool, prepareRequestCallback Prepa } // Build the proper response - respondLogical(w, r, req.Path, dataOnly, resp) + respondLogical(w, r, req, dataOnly, resp) }) } -func respondLogical(w http.ResponseWriter, r *http.Request, path string, dataOnly bool, resp *logical.Response) { +func respondLogical(w http.ResponseWriter, r *http.Request, req *logical.Request, dataOnly bool, resp *logical.Response) { var httpResp interface{} if resp != nil { if resp.Redirect != "" { @@ -163,7 +156,7 @@ func respondLogical(w http.ResponseWriter, r *http.Request, path string, dataOnl // Check if this is a raw response if _, ok := resp.Data[logical.HTTPContentType]; ok { - respondRaw(w, r, path, resp) + respondRaw(w, r, req.Path, resp) return } @@ -177,7 +170,9 @@ func respondLogical(w http.ResponseWriter, r *http.Request, path string, dataOnl }, } } else { - httpResp = logical.SanitizeResponse(resp) + sanitizedHttp := logical.SanitizeResponse(resp) + sanitizedHttp.RequestID = req.ID + httpResp = sanitizedHttp } } diff --git a/vault/request_handling.go b/vault/request_handling.go index 92004802c8..d2f99ae92c 100644 --- a/vault/request_handling.go +++ b/vault/request_handling.go @@ -411,6 +411,9 @@ func (c *Core) wrapInCubbyhole(req *logical.Request, resp *logical.Response) (*l httpResponse := logical.SanitizeResponse(resp) + // Add the unique identifier of the original request to the response + httpResponse.RequestID = req.ID + // Because of the way that JSON encodes (likely just in Go) we actually get // mixed-up values for ints if we simply put this object in the response // and encode the whole thing; so instead we marshal it first, then store @@ -424,15 +427,7 @@ func (c *Core) wrapInCubbyhole(req *logical.Request, resp *logical.Response) (*l return nil, ErrInternalError } - var requestid string - requestid, err = uuid.generateUUID() - if err != nil { - c.logger.Printf("[ERR] core: failed to generate unique identifier: %v", err) - return nil, ErrInternalError - } - cubbyReq := &logical.Request{ - ID: requestid, Operation: logical.CreateOperation, Path: "cubbyhole/response", ClientToken: te.ID,