robmellett / http-logging
A small lightweight package to log all Guzzle http request and responses.
Installs: 9 719
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 10
Requires
- php: ^8.2
- guzzlehttp/guzzle: ^7.7
- illuminate/contracts: ^10.0||^11.0
- spatie/laravel-package-tools: ^1.16
Requires (Dev)
- larastan/larastan: ^2.9
- laravel/pint: ^1.14
- nunomaduro/collision: ^8.1.1||^7.10.0
- orchestra/testbench: ^9.0.0||^8.22.0
- pestphp/pest: ^2.34
- pestphp/pest-plugin-arch: ^2.7
- pestphp/pest-plugin-laravel: ^2.3
- phpstan/extension-installer: ^1.3
- phpstan/phpstan-deprecation-rules: ^1.1
- phpstan/phpstan-phpunit: ^1.3
- spatie/laravel-ray: ^1.35
- dev-main
- 2.0.1
- 2.0.0
- 1.0.1
- 0.0.5
- 0.0.4
- 0.0.3
- 0.0.2
- 0.0.1
- dev-renovate/major-phpstan-packages
- dev-renovate/pestphp-pest-3.x
- dev-renovate/pestphp-pest-plugin-laravel-3.x
- dev-renovate/pestphp-pest-plugin-arch-3.x
- dev-renovate/dependabot-fetch-metadata-2.x
- dev-feature/simplify-secure-headers
- dev-renovate/actions-checkout-4.x
- dev-dependabot/github_actions/stefanzweifel/git-auto-commit-action-5
- dev-renovate/stefanzweifel-git-auto-commit-action-5.x
- dev-dependabot/github_actions/actions/checkout-4
This package is auto-updated.
Last update: 2024-11-16 08:14:35 UTC
README
A small lightweight package to log all Guzzle http request and responses.
Installation
You can install the package via composer:
composer require robmellett/http-logging
You can publish the config file with:
php artisan vendor:publish --tag="http-logging-config"
This is the contents of the published config file:
<?php // config for RobMellett/HttpLogging return [ /* * The Laravel Log Channel to send logs to. */ 'channel' => 'http_logs', /* * Customize how the Secure Json Formatter redacts secrets. */ 'secure_json_formatter' => [ /* * Secret Values will be replaced with this value. */ 'redacted_value' => '[--REDACTED--]', /* * By default, we will attempt to look for secrets in the Laravel 'config/services.php'. * * Any values that contain the following words will be redacted: * "key", "secret", "password", "hash", "token" */ 'extract_service_secrets' => true, /* * Specific values to redact from the logs. */ 'secrets' => [ // e.g // env('API_SECRET'), ], /* * Regular expressions to redact from the logs. */ 'regexes' => [ // e.g // '/Bearer\s\w+/', ], ], ];
Usage
You can add this middleware to the Laravel Http Client or Guzzle in the following way.
use RobMellett\HttpLogging\HttpLogging; Http::withMiddleware(new HttpLogging()) ->asJson() ->get('https://jsonplaceholder.typicode.com/posts');
You can configure the Log Formatter by adding the following to the Laravel logging config file.
// config/logging.php 'channels' => [ // ...Previous config 'http_logs' => [ 'driver' => 'single', 'path' => storage_path('logs/laravel.log'), 'level' => 'debug', // This will remove sensitive values such as "key", "secret", "hash", "token" from the logs 'formatter' => RobMellett\HttpLogging\Support\SecureJsonFormatter::class // Or if you would prefer to send sensitive data to the logs //'formatter' => Monolog\Formatter\JsonFormatter::class, ], ]
Which will send the following http request/response info to the logs.
A Http Request
{ "message": "Request 0b65fca7-a768-4832-8401-da52aa2885a9", "context": { "request_id": "0b65fca7-a768-4832-8401-da52aa2885a9", "method": "GET", "uri": { "scheme": "https", "host": "jsonplaceholder.typicode.com", "path": "/posts", "query": "userId=1" }, "headers": { "User-Agent": [ "GuzzleHttp/7" ], "Host": [ "jsonplaceholder.typicode.com" ], "Authorization": [ "Bearer [--REDACTED--]" ], "Content-Type": [ "application/json" ] } }, "level": 100, "level_name": "DEBUG", "channel": "testing", "datetime": "2023-08-16T10:13:41.356030+00:00", "extra": {} }
A Http Response
{ "message": "Response 0b65fca7-a768-4832-8401-da52aa2885a9", "context": { "response_id": "0b65fca7-a768-4832-8401-da52aa2885a9", "status_code": 200, "headers": { "Date": ["Wed, 16 Aug 2023 00:41:13 GMT"], "Content-Type": ["application/json; charset=utf-8"], "Transfer-Encoding": ["chunked"], "Connection": ["keep-alive"], "X-Powered-By": ["Express"], "X-Ratelimit-Limit": ["1000"], "X-Ratelimit-Remaining": ["999"], "X-Ratelimit-Reset": ["1691921646"], "Vary": ["Origin, Accept-Encoding"], "Access-Control-Allow-Credentials": ["true"], "Cache-Control": ["max-age=43200"], "Pragma": ["no-cache"], "Expires": ["-1"], "X-Content-Type-Options": ["nosniff"], "Etag": ["W/\"aa6-j2NSH739l9uq40OywFMn7Y0C/iY\""], "Via": ["1.1 vegur"], "CF-Cache-Status": ["HIT"], "Age": ["18801"], "Report-To": [ "{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=gRUkX3pH6GRGwHCE%2BqKF%2ByJRGZs9MkqF8BqXa0nlmYSVzgrcmQkIGfD9lC8IlSXKvSiiyZHxrzgLy8pcOCSMRv5xFh2LyXWOkXDEtFcSr1FINwhjxRwYTZQZIaFzTulP4lUnjlrXdERp57lEXT3C\"}],\"group\":\"cf-nel\",\"max_age\":604800}" ], "NEL": [ "{\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}" ], "Server": ["cloudflare"], "CF-RAY": ["7f75a160dc9991c0-SIN"], "alt-svc": ["h3=\":443\"; ma=86400"] }, "body": [ { "userId": 1, "id": 1, "title": "sunt aut facere repellat provident occaecati excepturi optio reprehenderit", "body": "quia et suscipit\nsuscipit recusandae consequuntur expedita et cum\nreprehenderit molestiae ut ut quas totam\nnostrum rerum est autem sunt rem eveniet architecto" } ] }, "level": 100, "level_name": "DEBUG", "channel": "testing", "datetime": "2023-08-16T00:41:13.037161+00:00", "extra": {} }
Secure Json Formatter
By default, we will attempt to flatten the Laravel config/services.php
array and find any keys that contain the words key
, secret
, password
, hash
, token
and exclude them from the logs.
You can disable this functionality by setting the secure_json_formatter.extract_service_secrets
config option to false
.
<?php return [ /* * Customize how the Secure Json Formatter redacts secrets. */ 'secure_json_formatter' => [ // ...previous values 'extract_service_secrets' => false, ], ];
You can optionally add your own keys to the secure_json_formatter.secrets
config option.
<?php return [ /* * Customize how the Secure Json Formatter redacts secrets. */ 'secure_json_formatter' => [ // ...previous values /* * Specific values to redact from the logs. */ 'secrets' => [ env('SERVICE_API_SECRET'), ], ], ];
You can optionally add your own regular expressions to the secure_json_formatter.regexes
config option.
<?php return [ /* * Customize how the Secure Json Formatter redacts secrets. */ 'secure_json_formatter' => [ // ...previous values /* * Regular expressions to redact from the logs. */ 'regexes' => [ // e.g '/Bearer\s\w+/', ], ], ];
Note: If you are using Laravel 9x, you need to use the LegacySecureJsonFormatter
class instead.
// config/logging.php 'channels' => [ // ...Previous config 'http_logs' => [ 'driver' => 'single', 'path' => storage_path('logs/laravel.log'), 'level' => 'debug', // This will remove sensitive values such as "key", "secret", "hash", "token" from the logs 'formatter' => RobMellett\HttpLogging\Support\LegacySecureJsonFormatter::class ], ]
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.