Obtain oidc user info from lua and write to nginx access log
Question
I am trying to log the users who accessed our nginx site and are authenticated via lua. The current nginx access log has a variable $remote_user but that does not expose the real user who logged in via lua.
I think to achieve this there may be 2 steps:
- obtain authenticated user info from lua (does lua has any native method for this?)
- write the obtained user info to nginx access.log, ideally replace the original $remote_user in log format.
Can anyone share some thoughts on how to achieve these? Any help is appreciated!
1 answers
solution1
0 2023-01-28 18:02:48
It depends on what LUA plugin(s) you are using and how the user is represented in HTTP requests. This might be via various types of token or cookie, so there is no out-of-the-box solution.
A common option is to write some custom LUA script:
location /mylocation {
access_by_lua_block {
ngx.log(ngx.INFO, 'My info')
}
...
}
Where the info is retrieved in LUA, by reading the HTTP header that contains the user credential. The required value may be available in variables such as these:
ngx.var.http_authorization
ngx.var['cookie_mycookiename']
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.