TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-06 19:36:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
389f908041ba549cb7fdd9fd1b6527e35bb31a02
zitadel/internal/api/http/middleware/instance_interceptor.go
Livio Spring 0f6380b474 fix: use a single translator for middleware (#10633) 
# Which Problems Are Solved

Comparing the v3 and v4 deployments we noticed an increase in memory
usage. A first analysis revealed that it might be related to the
(multiple) initialization of the `i18n.Translator`, partially related

# How the Problems Are Solved

Initialize the tranlator once (apart from the translator interceptor,
which uses context / request specific information) and pass it to all
necessary middleware.

# Additional Changes

Removed unnecessary error return parameter from the translator
initialization.

# Additional Context

- noticed internally
- backport to v4.x

(cherry picked from commit a0c3ccecf7)
2025-09-15 08:30:05 +02:00

101 lines
3.1 KiB
Go
Raw Blame History

package middleware
import (
"context"
"errors"
"fmt"
"net/http"
"strings"
"github.com/zitadel/logging"
"github.com/zitadel/zitadel/internal/api/authz"
zitadel_http "github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/i18n"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
"github.com/zitadel/zitadel/internal/zerrors"
)
type instanceInterceptor struct {
verifier authz.InstanceVerifier
externalDomain string
ignoredPrefixes []string
translator *i18n.Translator
}
func InstanceInterceptor(verifier authz.InstanceVerifier, externalDomain string, translator *i18n.Translator, ignoredPrefixes ...string) *instanceInterceptor {
return &instanceInterceptor{
verifier: verifier,
externalDomain: externalDomain,
ignoredPrefixes: ignoredPrefixes,
translator: translator,
}
}
func (a *instanceInterceptor) Handler(next http.Handler) http.Handler {
return a.HandlerFunc(next)
}
func (a *instanceInterceptor) HandlerFunc(next http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
ctx, err := a.setInstanceIfNeeded(r.Context(), r)
if err == nil {
r = r.WithContext(ctx)
next.ServeHTTP(w, r)
return
}
origin := zitadel_http.DomainContext(r.Context())
logging.WithFields("origin", origin.Origin(), "externalDomain", a.externalDomain).WithError(err).Error("unable to set instance")
zErr := new(zerrors.ZitadelError)
if errors.As(err, &zErr) {
zErr.SetMessage(a.translator.LocalizeFromRequest(r, zErr.GetMessage(), nil))
http.Error(w, fmt.Sprintf("unable to set instance using origin %s (ExternalDomain is %s): %s", origin, a.externalDomain, zErr), http.StatusNotFound)
return
}
http.Error(w, fmt.Sprintf("unable to set instance using origin %s (ExternalDomain is %s)", origin, a.externalDomain), http.StatusNotFound)
}
}
func (a *instanceInterceptor) HandlerFuncWithError(next HandlerFuncWithError) HandlerFuncWithError {
return func(w http.ResponseWriter, r *http.Request) error {
ctx, err := a.setInstanceIfNeeded(r.Context(), r)
if err != nil {
origin := zitadel_http.DomainContext(r.Context())
logging.WithFields("origin", origin.Origin(), "externalDomain", a.externalDomain).WithError(err).Error("unable to set instance")
return err
}
r = r.WithContext(ctx)
return next(w, r)
}
}
func (a *instanceInterceptor) setInstanceIfNeeded(ctx context.Context, r *http.Request) (context.Context, error) {
for _, prefix := range a.ignoredPrefixes {
if strings.HasPrefix(r.URL.Path, prefix) {
return ctx, nil
}
}
return setInstance(ctx, a.verifier)
}
func setInstance(ctx context.Context, verifier authz.InstanceVerifier) (_ context.Context, err error) {
authCtx, span := tracing.NewServerInterceptorSpan(ctx)
defer func() { span.EndWithError(err) }()
requestContext := zitadel_http.DomainContext(ctx)
if requestContext.InstanceHost == "" {
return nil, zerrors.ThrowNotFound(err, "INST-zWq7X", "Errors.IAM.NotFound")
}
instance, err := verifier.InstanceByHost(authCtx, requestContext.InstanceHost, requestContext.PublicHost)
if err != nil {
return nil, err
}
span.End()
return authz.WithInstance(ctx, instance), nil
}
Reference in New Issue View Git Blame Copy Permalink