fix: improve interceptor handling (#3578)

* fix: improve interceptor handling * fix: improve interceptor handling Co-authored-by: Florian Forster <florian@caos.ch>
2025-08-11 21:17:32 +00:00 · 2022-05-02 17:26:54 +02:00
parent 20f275f178
commit 06a1b52adf
9 changed files with 81 additions and 28 deletions
--- a/internal/api/grpc/server/middleware/instance_interceptor.go
+++ b/internal/api/grpc/server/middleware/instance_interceptor.go
@@ -11,6 +11,7 @@ import (
 	"google.golang.org/grpc/status"

 	"github.com/zitadel/zitadel/internal/api/authz"
+	"github.com/zitadel/zitadel/internal/telemetry/tracing"
 )

 type InstanceVerifier interface {
@@ -24,20 +25,23 @@ func InstanceInterceptor(verifier authz.InstanceVerifier, headerName string, ign
 }

 func setInstance(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler, verifier authz.InstanceVerifier, headerName string, ignoredServices ...string) (_ interface{}, err error) {
+	interceptorCtx, span := tracing.NewServerInterceptorSpan(ctx)
+	defer func() { span.EndWithError(err) }()
 	for _, service := range ignoredServices {
 		if strings.HasPrefix(info.FullMethod, service) {
 			return handler(ctx, req)
 		}
 	}

-	host, err := hostNameFromContext(ctx, headerName)
+	host, err := hostNameFromContext(interceptorCtx, headerName)
 	if err != nil {
 		return nil, status.Error(codes.PermissionDenied, err.Error())
 	}
-	instance, err := verifier.InstanceByHost(ctx, host)
+	instance, err := verifier.InstanceByHost(interceptorCtx, host)
 	if err != nil {
 		return nil, status.Error(codes.PermissionDenied, err.Error())
 	}
+	span.End()
 	return handler(authz.WithInstance(ctx, instance), req)
 }