Allow giving Logrus to EndpointRolesVerifier

cmd/microauth2sqld/main.go

@@ -241,7 +241,9 @@ func main() {
 				ilogger.Logrus().Fatal(err)
 			}
 
-			authVerifier := endpointroles.NewVerifier()
+			authVerifier := endpointroles.NewVerifier(
+				endpointroles.WithLogrus(ilogger.Logrus()),
+			)
 			authVerifier.AddRules(
 				endpointroles.RouterRule,
 				endpointroles.NewRule(

plugins/verifier/endpointroles/options.go

@@ -1,7 +1,10 @@
 package endpointroles
 
+import "github.com/sirupsen/logrus"
+
 type Options struct {
 	DefaultDeny bool
+	Logrus      *logrus.Logger
 }
 
 type Option func(o *Options)
@@ -12,6 +15,12 @@ func NoDefaultDeny() Option {
 	}
 }
 
+func WithLogrus(n *logrus.Logger) Option {
+	return func(o *Options) {
+		o.Logrus = n
+	}
+}
+
 func NewOptions(opts ...Option) Options {
 	options := Options{
 		DefaultDeny: true,

plugins/verifier/endpointroles/verifier.go

@@ -6,7 +6,8 @@ import (
 	"go-micro.dev/v4/errors"
 	"go-micro.dev/v4/server"
 	"jochum.dev/jo-micro/auth2"
-	"jochum.dev/jo-micro/auth2/internal/ilogger"
+
+	"github.com/sirupsen/logrus"
 )
 
 type EndpointRolesVerifier struct {
@@ -29,29 +30,37 @@ func (v *EndpointRolesVerifier) AddRules(rules ...Rule) {
 	}
 }
 
+func (v *EndpointRolesVerifier) logrus() *logrus.Logger {
+	if v.options.Logrus == nil {
+		return logrus.StandardLogger()
+	}
+
+	return v.options.Logrus
+}
+
 func (v *EndpointRolesVerifier) Verify(ctx context.Context, u *auth2.User, req server.Request) error {
 	if ep, ok := v.rules[req.Endpoint()]; ok {
 		if auth2.IntersectsRoles(u, ep.RolesDeny...) {
-			ilogger.Logrus().WithField("endpoint", req.Endpoint()).WithField("rolesDeny", ep.RolesDeny).WithField("userRoles", u.Roles).Debug("Unauthorized")
+			v.logrus().WithField("endpoint", req.Endpoint()).WithField("rolesDeny", ep.RolesDeny).WithField("userRoles", u.Roles).Debug("Unauthorized")
 			return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|Denied by rule", "Unauthorized")
 		}
 		if auth2.IntersectsRoles(u, ep.RolesAllow...) {
-			ilogger.Logrus().WithField("endpoint", req.Endpoint()).WithField("rolesAllow", ep.RolesAllow).WithField("userRoles", u.Roles).Trace("Authorized")
+			v.logrus().WithField("endpoint", req.Endpoint()).WithField("rolesAllow", ep.RolesAllow).WithField("userRoles", u.Roles).Trace("Authorized")
 			// Allowed by role
 			return nil
 		}
 
 		if v.options.DefaultDeny {
-			ilogger.Logrus().WithField("endpoint", req.Endpoint()).Debug("DefaultDeny: not in RolesAllow/Deny")
+			v.logrus().WithField("endpoint", req.Endpoint()).Debug("DefaultDeny: not in RolesAllow/Deny")
 			return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|No matching Role", "Unauthorized")
 		}
 	}
 
 	if !v.options.DefaultDeny {
-		ilogger.Logrus().WithField("endpoint", req.Endpoint()).Trace("DefaultAllow: no rule")
+		v.logrus().WithField("endpoint", req.Endpoint()).Trace("DefaultAllow: no rule")
 		return nil
 	}
 
-	ilogger.Logrus().WithField("endpoint", req.Endpoint()).Debug("DefaultDeny: no rule")
+	v.logrus().WithField("endpoint", req.Endpoint()).Debug("DefaultDeny: no rule")
 	return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|No rule for EP", "Unauthorized")
 }