scimgateway 5.2.0 → 5.2.1

package/README.md

@@ -15,15 +15,14 @@ Validated through IdP's:
 - SailPoint/IdentityNow  
 
 Latest news:  
-
-- Centralized logging and monitoring through online log subscription    
+ 
+- Remote real-time log subscription for monitoring and centralized logging  
 using browser and url: https://host/logger  
 curl -N https://host/logger -u gwread:password  
-curl -N https://host/logger -H "Authorization: Bearer secret"  
 custom client API, see configuration notes  
 - By configuring the chainingBaseUrl, it is now possible to chain multiple gateways in sequence, such as `gateway1->gateway2->gateway3->endpoint`. In this setup, gateway beave much like a reverse proxy, validating authorization at each step unless PassThrough mode is enabled. Chaining is also supported in stream subscriber mode
 - Email, onError and sendMail() supports more secure RESTful OAuth for Microsoft Exchange Online (ExO) and Google Workspace Gmail, alongside traditional SMTP Auth for all mail systems. HelperRest supports a wide range of common authentication methods, including basicAuth, bearerAuth, tokenAuth, oauth, oauthSamlBearer, oauthJwtBearer and Auth PassTrough 
-- Major version **v5.0.0** marks a shift to native TypeScript support and prioritizes [Bun](https://bun.sh/) over Node.js. This upgrade requires some modifications to existing plugins.  
+- Major version **v5.0.0** marks a shift from JavaScript to native TypeScript and prioritizes [Bun](https://bun.sh/) over Node.js. This upgrade requires some modifications to existing plugins.  
 - **BREAKING**: [SCIM Stream](https://elshaug.xyz/docs/scim-stream) is the modern way of user provisioning letting clients subscribe to messages instead of traditional IGA top-down provisioning. SCIM Gateway now offers enhanced functionality with support for message subscription and automated provisioning using SCIM Stream
 - Authentication PassThrough letting plugin pass authentication directly to endpoint for avoid maintaining secrets at the gateway. E.g., using Entra ID application OAuth
 - Supports OAuth Client Credentials authentication
@@ -735,8 +734,8 @@ Example using general OAuth:
 
 Please see code editor method HelperRest doRequest() IntelliSense for type and option details
 
-### Configuration notes - Centralized logging and monitoring
-We may subscribe for online log events using `GET /logger` e.g.: 
+### Configuration notes - Remote real-time log subscription
+We may have monitoring and centralized logging through remote real-time log subscription
 
 - using browser and url: https://host/logger  
 - curl -N https://host/logger -u gwread:password  
@@ -804,11 +803,11 @@ Example code using custom subscriber API for log collection and monitoring
 	    console.log('Now awaiting log events..\n')
 	
 	    while (true) {
-	      const { value, done } = await reader.read();
+	      const { value, done } = await reader.read()
 	      if (done) break;
 	      if (value.at(-1) !== '\n') continue
 	      const message = value.slice(0, -1)
-	      await messageHandler(message)
+	      messageHandler(message)
 	    }
 	
 	    // shouldn't be here... authentication failure?
@@ -1402,6 +1401,12 @@ MIT © [Jarle Elshaug](https://www.elshaug.xyz)
 
 ## Change log  
 
+### v5.2.1
+
+[Fixed]
+
+- Logger did not use the correct plugin rollover filename when the gateway ran multiple plugins
+
 ### v5.2.0
 
 [Improved]
@@ -1409,12 +1414,12 @@ MIT © [Jarle Elshaug](https://www.elshaug.xyz)
 - Logger have been redesigned
 
 	Supports console, file and push (client subscriber) logging  
-	Centralized logging and monitoring through online log subscription, see configuration notes  
+	Remote real-time log subscription, see configuration notes  
 	JSON formatted log messages  
 	UTC (Coordinated Universal Time)  
 	File logging will rotate on startup  
 	File logging now includes configuration options for maxFiles and maxSize  
-	Console using default colorized and minimized output, if redirected to stdout/stderr standard JSON will be used and no color encoding  
+	Console using default colorized and minimized output. If redirecting stdout/stderr, standard JSON will be used and no color encoding  
 
 
 ### v5.1.8

package/lib/logger.ts

@@ -8,15 +8,6 @@ import { existsSync, renameSync, readdirSync, unlinkSync, mkdirSync, createWrite
 import { join } from 'node:path'
 import diagnostics_channel from 'node:diagnostics_channel'
 
-let LOG_DIR = './logs'
-let LOG_FILE_PREFIX = 'app'
-let LOG_FILE_SUFFIX = 'log'
-let LOG_FILE_NAME = LOG_FILE_PREFIX + '.' + LOG_FILE_SUFFIX
-let LOG_FILE = LOG_DIR + '/' + LOG_FILE_NAME
-let MAX_LOG_SIZE = 20 * 1024 * 1024 // 20 MB max file size
-let MAX_LOG_FILES = 5 // keep only the last 5 logs - note, new and rotated file on startup
-const HIGH_WATER_MARK = 16 * 1024 // 16KB buffer size before auto-flushing
-
 // Node does not support "export enum LogLevel"
 // instead using LogLevel as object and the type "LogLevel"
 export const LogLevel = {
@@ -57,6 +48,29 @@ interface LoggerOptions {
   colorize?: boolean
 }
 
+/**
+ * Example: 
+  ```
+  const logger = new Logger(
+    'plugin-loki',
+    {
+      type: 'console',
+      level: 'error',
+      customMasking: null,
+      colorize: true,
+    },
+    {
+      type: 'file',
+      level: 'debug',
+      customMasking: null,
+      logDir: '/opt/my-scimgateway/logs',
+      logFileName: 'plugin-loki.log',
+      maxSize: 20,
+      maxFiles: 5,
+    },
+  )
+  ```
+  */
 export class Logger {
   private logStream: any // either Bun's FileSink or Node's WriteStream
   private logChannel: diagnostics_channel.Channel
@@ -69,23 +83,40 @@ export class Logger {
   private reJson: RegExp
   private reXml: RegExp
   private callbacks: Set<(message: any) => Promise<void>> = new Set()
+  private LOG_DIR: string
+  private LOG_FILE_PREFIX: string
+  private LOG_FILE_SUFFIX: string
+  private LOG_FILE_NAME: string
+  private LOG_FILE: string
+  private MAX_LOG_SIZE: number
+  private MAX_LOG_FILES: number
+  private HIGH_WATER_MARK: number
 
   constructor(category: string, ...options: LoggerOptions[]) {
+    this.LOG_DIR = './logs'
+    this.LOG_FILE_PREFIX = 'app'
+    this.LOG_FILE_SUFFIX = 'log'
+    this.LOG_FILE_NAME = this.LOG_FILE_PREFIX + '.' + this.LOG_FILE_SUFFIX
+    this.LOG_FILE = this.LOG_DIR + '/' + this.LOG_FILE_NAME
+    this.MAX_LOG_SIZE = 20 * 1024 * 1024 // 20 MB max file size
+    this.MAX_LOG_FILES = 5 // keep only the last 5 logs - note, new and rotated file on startup
+    this.HIGH_WATER_MARK = 16 * 1024 // 16KB buffer size before auto-flushing
+
     if (!category) throw Error('Logger constructor missing mandatory category')
     this.category = category
     for (const option of options) {
       if (option.type === 'file') {
-        if (option.logDir) LOG_DIR = option.logDir
-        if (option.logFileName) LOG_FILE_NAME = option.logFileName
-        LOG_FILE = LOG_DIR + '/' + LOG_FILE_NAME
-        LOG_FILE_PREFIX = LOG_FILE_NAME.substring(0, LOG_FILE_NAME.lastIndexOf('.'))
-        LOG_FILE_SUFFIX = LOG_FILE_NAME.substring(LOG_FILE_NAME.lastIndexOf('.') + 1)
+        if (option.logDir) this.LOG_DIR = option.logDir
+        if (option.logFileName) this.LOG_FILE_NAME = option.logFileName
+        this.LOG_FILE = this.LOG_DIR + '/' + this.LOG_FILE_NAME
+        this.LOG_FILE_PREFIX = this.LOG_FILE_NAME.substring(0, this.LOG_FILE_NAME.lastIndexOf('.'))
+        this.LOG_FILE_SUFFIX = this.LOG_FILE_NAME.substring(this.LOG_FILE_NAME.lastIndexOf('.') + 1)
 
         this.file = {
           level: option.level || 'off',
           logSize: 0,
-          maxSize: option.maxSize ? option.maxSize * 1024 * 1024 : MAX_LOG_SIZE,
-          maxFiles: option.maxFiles || MAX_LOG_FILES,
+          maxSize: option.maxSize ? option.maxSize * 1024 * 1024 : this.MAX_LOG_SIZE,
+          maxFiles: option.maxFiles || this.MAX_LOG_FILES,
         }
       } else if (option.type === 'console') {
         if (option.colorize === undefined) {
@@ -117,12 +148,12 @@ export class Logger {
     this.logChannel = diagnostics_channel.channel(this.category)
 
     if (this.file && LEVEL_TO_INT[this.file.level] > 0) {
-      if (!existsSync(LOG_DIR)) mkdirSync(LOG_DIR, { recursive: true })
-      else if (existsSync(LOG_FILE)) this.rotateExistingLog()
+      if (!existsSync(this.LOG_DIR)) mkdirSync(this.LOG_DIR, { recursive: true })
+      else if (existsSync(this.LOG_FILE)) this.rotateExistingLog()
       if (typeof Bun !== 'undefined') { // Bun
-        this.logStream = Bun.file(LOG_FILE).writer({ highWaterMark: HIGH_WATER_MARK })
+        this.logStream = Bun.file(this.LOG_FILE).writer({ highWaterMark: this.HIGH_WATER_MARK })
       } else { // Node.js
-        this.logStream = createWriteStream(LOG_FILE, { flags: 'a' })
+        this.logStream = createWriteStream(this.LOG_FILE, { flags: 'a' })
       }
       this.subscribe(this.logToFile)
     }
@@ -151,8 +182,8 @@ export class Logger {
 
   private async rotateExistingLog() {
     const timestamp = new Date().toISOString().replace(/[:.]/g, '-')
-    const archivedFile = `${LOG_DIR}/${LOG_FILE_PREFIX}-${timestamp}.${LOG_FILE_SUFFIX}`
-    renameSync(LOG_FILE, archivedFile)
+    const archivedFile = `${this.LOG_DIR}/${this.LOG_FILE_PREFIX}-${timestamp}.${this.LOG_FILE_SUFFIX}`
+    renameSync(this.LOG_FILE, archivedFile)
     this.cleanupOldLogs()
   }
 
@@ -165,9 +196,9 @@ export class Logger {
       }
       await this.rotateExistingLog()
       if (typeof Bun !== 'undefined') {
-        this.logStream = Bun.file(LOG_FILE).writer({ highWaterMark: HIGH_WATER_MARK })
+        this.logStream = Bun.file(this.LOG_FILE).writer({ highWaterMark: this.HIGH_WATER_MARK })
       } else {
-        this.logStream = createWriteStream(LOG_FILE, { flags: 'a' })
+        this.logStream = createWriteStream(this.LOG_FILE, { flags: 'a' })
       }
       this.flushBuffer()
     } catch (error) {
@@ -179,12 +210,12 @@ export class Logger {
 
   private cleanupOldLogs() {
     if (!this.file) return
-    const logFiles = readdirSync(LOG_DIR)
-      .filter(file => file.startsWith(`${LOG_FILE_PREFIX}-`) && file.endsWith(`.${LOG_FILE_SUFFIX}`))
+    const logFiles = readdirSync(this.LOG_DIR)
+      .filter(file => file.startsWith(`${this.LOG_FILE_PREFIX}-`) && file.endsWith(`.${this.LOG_FILE_SUFFIX}`))
       .sort((a, b) => b.localeCompare(a))
 
     if (logFiles.length > this.file.maxFiles) {
-      logFiles.slice(this.file.maxFiles).forEach(file => unlinkSync(join(LOG_DIR, file)))
+      logFiles.slice(this.file.maxFiles).forEach(file => unlinkSync(join(this.LOG_DIR, file)))
     }
   }
 

package/lib/scimgateway.ts

@@ -867,7 +867,7 @@ export class ScimGateway {
               controller.enqueue(encoder.encode(`\u200B`)) // invisible keep-alive
             }, 10000)
 
-            function cleanup() {
+            const cleanup = () => {
               clearInterval(keepAliveInterval)
               logger.unsubscribe(sub)
               controller.close()
@@ -2649,13 +2649,13 @@ export class ScimGateway {
     }
 
     const gracefulShutdown = async function () {
+      logger.info(`${gwName}[${pluginName}] now stopping...`)
+      await logger.close()
       if (server) {
         if (typeof Bun !== 'undefined') {
           server.stop(true)
         }
       }
-      logger.debug(`${gwName}[${pluginName}] received terminate/kill signal - closing connections and exit`)
-      logger.close()
       if (server) {
         if (typeof Bun !== 'undefined') {
           await Bun.sleep(400) // give in-flight requests a chance to complete, also plugins may use SIGTERM/SIGINT

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scimgateway",
-  "version": "5.2.0",
+  "version": "5.2.1",
   "type": "module",
   "description": "Using SCIM protocol as a gateway for user provisioning to other endpoints",
   "author": "Jarle Elshaug <jarle.elshaug@gmail.com> (https://elshaug.xyz)",