scimgateway 5.4.1 → 5.4.3

package/README.md

@@ -394,7 +394,7 @@ Definitions in `endpoint` object are customized according to our plugin code. Pl
 
 - **log.loglevel.console** - off, debug, info, warn or error. Default off. Output to stdout and errors to stderr
 
-- **log.loglevel.push** - off, debug, info, warn or error. Default info. Push to stream used by remote real-time log subscription
+- **log.loglevel.push** - debug, info, warn or error. Default info. Push to stream used by remote real-time log subscription
 
 - **log.logDirectory** - custom defined log directory e.g. `/var/log/scimgateway` that will override default `<scimgateway path>/logs`. If not exist it will be created.
 
@@ -746,13 +746,18 @@ Please see code editor method HelperRest doRequest() IntelliSense for type and o
 ### Configuration notes - Remote real-time log subscription
 Using remote real-time log subscription we may implement custom logic like monitoring and centralized logging
 
-- using browser and url: https://host/logger  
-- curl -Ns https://host/logger -u gwread:password | sed 's/\xE2\x80\x8B//g'  
-- curl -Ns https://host/logger -H "Authorization: Bearer secret" | sed 's/\xE2\x80\x8B//g'  
-	(-s and sed to ignore keep-alive character)
+- browser and url: https://host/logger  
+- curl with -u or -H "Authorization: Bearer secret"
+	```
+	curl -Ns http://localhost:8880/logger -u gwadmin:password | awk '
+	/^data: / {sub(/^data: /,""); printf "%s", $0; last=1; next}
+	/^$/ {if (last) print ""; last=0}
+	'
+	```
 - custom client API (see example below)
 - not supported by Azure Relay
 
+
 We may configure read-only user/secret for log collection purpose    
 
 	"auth": {
@@ -792,67 +797,57 @@ Example using debug loglevel:
 Example code implementing remote real-time log subscription and custom message handling  
 
 ```
-// startup: bun <scriptname.ts>
-// update url (ws or wss) and the auth according to environment used
-const url = 'ws://localhost:8880/logger'
-const auth = 'Basic ' + btoa('gwadmin' + ':' + 'password') // const auth = 'Bearer ' + 'secret'
-
-const tls: any = {}
-if (url.startsWith('wss:')) {
-  tls.ca = [Bun.file('/path/to/self-signed-cert.pem')], // only needed for self-signed certs
-  tls.rejectUnauthorized = false
-}
-
-// messageHandler implements message handling and custom logic
-// could also use JSON.parse(message) and granular filtering on log "level"
+//
+// usage: bun <scriptname.ts>
+// update url and the auth according to environment used
+//
+const username = "gwadmin"
+const password = "password"
+const url = "http://localhost:8880/logger"
+
+const headers = new Headers({
+  Authorization: "Basic " + btoa(`${username}:${password}`),
+  Accept: "text/event-stream"
+})
+
+// message handling and custom logic
+// we could also do JSON.parse(message) and granular filtering on log "level"
 const messageHandler = async (message: string) => {
   console.log(message)
 }
 
-const startWebSocket = async () => {
-  try {
-    const ws = new WebSocket(url, {
-      headers: {
-      Authorization: auth,
-      },
-      tls,
-    })
-
-    // message is received
-    ws.addEventListener("message", event => {
-      messageHandler(event.data)
-    })
-
-    // socket opened
-    ws.addEventListener("open", event => {
+async function startSSE() {
+  while (true) {
+    try {
+      const resp = await fetch(url, { headers });
+      if (!resp.ok || !resp.body) {
+        console.error(`❌ Response error: ${resp.status} ${resp.statusText}`)
+        await Bun.sleep(10_000)
+        continue
+      }
       console.log('✅ Now awaiting log events...\n')
-    })
-
-    // socket closed
-    ws.addEventListener("close", event => {
-      let addInfo = ''
-      if (event.code === 1002) addInfo = ' => most likely authentication failure?'
-      console.warn(`⚠️ Connection closed (${event.code}): ${event.reason || 'no reason'}${addInfo}`)
-      retry()
-    })
-
-    // error handler
-    ws.addEventListener("error", event => {
-      // console.error('❌ WebSocket error:', event.message)
-    })
-
-  } catch (err: any) {
-    console.error('❌ Unexpected error:', err)
-  }
-}
 
-const retry = async () => {
-    console.log('🔁 Retry in 10 seconds...')
-    await Bun.sleep(10 * 1000)
-    startWebSocket()
+      const reader = resp.body.pipeThrough(new TextDecoderStream()).getReader()
+
+      while (true) {
+        const { value, done } = await reader.read()
+        if (done) break
+        if (!value.startsWith('data: ')) continue
+        const i = value.indexOf("\n\n")
+        if (i < 1) continue
+        const msg = value.slice(6, i)
+        messageHandler(msg)
+      }
+      console.error("⚠️ Connection closed");
+      await Bun.sleep(10_000)
+    } catch (err: any) {
+      console.error("❌ Connection error:", err?.message || err)
+      await Bun.sleep(10_000)
+    }
+  }
 }
 
-startWebSocket()
+startSSE()
 ```
 
 ### Configuration notes - Azure Relay
@@ -1473,6 +1468,25 @@ MIT © [Jarle Elshaug](https://www.elshaug.xyz)
 
 ## Change log  
 
+### v5.4.3
+
+[Fixed]
+
+- helper-rest, fixed an issue introduced in v5.3.8 that caused problems using OAuth
+
+[Improved]
+
+- Remote real-time logger
+
+### v5.4.2
+
+[Improved]
+
+- baseEntity included as json-key in logs
+- Remote real-time logger now supports baseEntity. `http(s)://host/logger` gives all log entries for plugin. `http(s)://host/<baseEntity>/logger` gives only log entries for the baseEntity used.
+
+Note, using `baseEntity` is optional. This is a parameter used for multi tenant or multi endpoint solutions. We could create several endpoint configurations having unique baseEntity. Also note that we can configure auth linked to baseEntity including readOnly.
+
 ### v5.4.1
 
 [Improved]

package/lib/helper-rest.ts

@@ -578,7 +578,7 @@ export class HelperRest {
         options.headers['Authorization'] = 'Basic ' + Buffer.from(`${o.auth?.options?.username}:${o.auth?.options?.password}`).toString('base64')
         delete o.auth
       }
-      options = utils.extendObj(o?.connection?.options, options)
+      options = utils.extendObj(options, o)
     }
 
     const cli: any = {}

package/lib/logger.ts

@@ -294,32 +294,33 @@ export class Logger {
   * @param level log level
   * @param message the message that will be logged
   */
-  private async log(level: 'debug' | 'info' | 'warn' | 'error', message: string) {
+  private async log(level: 'debug' | 'info' | 'warn' | 'error', message: string, obj?: Record<string, any>) {
     const time = new Date().toISOString()
     message = this.maskSecret(message)
     const msgObj: Record<string, any> = {
       time,
-      category: this.category,
       level,
+      category: this.category,
+      ...(obj || {}),
       message,
     }
     this.logChannel.publish(msgObj)
   }
 
-  public debug(message: string) {
-    this.log('debug', message)
+  public debug(message: string, obj?: Record<string, any>) {
+    this.log('debug', message, obj)
   }
 
-  public info(message: string) {
-    this.log('info', message)
+  public info(message: string, obj?: Record<string, any>) {
+    this.log('info', message, obj)
   }
 
-  public warn(message: string) {
-    this.log('warn', message)
+  public warn(message: string, obj?: Record<string, any>) {
+    this.log('warn', message, obj)
   }
 
-  public error(message: string) {
-    this.log('error', message)
+  public error(message: string, obj?: Record<string, any>) {
+    this.log('error', message, obj)
   }
 
   /**

package/lib/scimgateway.ts

@@ -586,11 +586,11 @@ export class ScimGateway {
 
       if (ctx.response.status && (ctx.response.status < 200 || ctx.response.status > 299)) {
         if (ctx.response.status === 412 || ctx.response.status === 304) {
-          logger.info(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`)
+          logger.info(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`, { baseEntity: ctx?.routeObj?.baseEntity })
         } else if (ctx.response.status === 404) {
-          logger.warn(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`)
-        } else logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`)
-      } else logger.info(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${ctx.response.status} ${userName} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`)
+          logger.warn(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`, { baseEntity: ctx?.routeObj?.baseEntity })
+        } else logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${userName} ${ctx.response.status} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`, { baseEntity: ctx?.routeObj?.baseEntity })
+      } else logger.info(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ellapsed} ${ctx.ip} ${ctx.response.status} ${userName} ${ctx.request.method} ${ctx.request.url} Inbound=${JSON.stringify(ctx.request.body)} Outbound=${outbound}`, { baseEntity: ctx?.routeObj?.baseEntity })
     }
 
     // start auth methods - used by auth
@@ -793,12 +793,12 @@ export class ScimGateway {
         if (authType.length < 1) err = new Error(`${ctx.request.url} request is missing authentication information`)
         else {
           err = new Error(`${ctx.request.url} request having unsupported authentication or plugin configuration is missing`)
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] request authToken = ${authToken}`)
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] request jwt.decode(authToken) = ${JSON.stringify(jwt.decode(authToken))}`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] request authToken = ${authToken}`, { baseEntity: ctx?.routeObj?.baseEntity })
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] request jwt.decode(authToken) = ${JSON.stringify(jwt.decode(authToken))}`, { baseEntity: ctx?.routeObj?.baseEntity })
         }
         if (authType === 'Bearer') ctx.response.headers.set('WWW-Authenticate', 'Bearer realm=""')
         else if (found.Basic) ctx.response.headers.set('WWW-Authenticate', 'Basic realm=""')
-        if (ctx.request.url !== '/favicon.ico' && !ctx.request.url.startsWith('/apple-touch-icon')) logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${err.message}`)
+        if (ctx.request.url !== '/favicon.ico' && !ctx.request.url.startsWith('/apple-touch-icon')) logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         return false
       } catch (err: any) {
         if (authType === 'Bearer') {
@@ -818,9 +818,9 @@ export class ScimGateway {
         } else ctx.response.headers.set('WWW-Authenticate', 'Basic realm=""')
         if (pwErrCount < 3) {
           pwErrCount += 1
-          logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ctx.request.url} ${err.message}`)
+          logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ctx.request.url} ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         } else { // delay brute force attempts
-          logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ctx.request.url} ${err.message} => delaying response with 2 minutes to prevent brute force`)
+          logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] ${ctx.request.url} ${err.message} => delaying response with 2 minutes to prevent brute force`, { baseEntity: ctx?.routeObj?.baseEntity })
           await new Promise((resolve) => {
             setTimeout(() => { resolve(null) }, 1000 * 60 * 2)
           })
@@ -833,7 +833,6 @@ export class ScimGateway {
     const ipAllowList = (ipAddr: string): boolean => {
       if (ipAllowListChecker === undefined) return true
       if (ipAllowListChecker(ipAddr) === true) return true // if proxy, prereq: request includes header X-Forwarded-For
-      logger.debug(`${gwName}[${pluginName}] client ip ${ipAddr} not in ipAllowList`)
       return false
     }
 
@@ -879,27 +878,31 @@ export class ScimGateway {
     const getHandlerLoggerSSE = async (ctx: Context) => {
       const levelInt = logger.levelToInt(this.config?.scimgateway?.log?.loglevel?.push || 'info')
       const encoder = new TextEncoder()
+      logger.info(`${gwName}[${pluginName}] remote logger connected from ip address ${ctx.ip}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       return new Response(
         new ReadableStream({
           start(controller) {
-            controller.enqueue(encoder.encode(`\u200B`))
+            controller.enqueue(encoder.encode(`: keep-alive\n\n`))
 
             const sub = async (msgObj: Record<string, any>) => {
               if (logger.levelToInt(msgObj.level) < levelInt) return
-              controller.enqueue(encoder.encode(`${JSON.stringify(msgObj)}\n`))
+              if (ctx?.routeObj?.baseEntity !== 'undefined') { // if using baseEntity e.g. <host>/company1/logger, only include corresponding baseEntity logentries
+                if (ctx?.routeObj?.baseEntity !== msgObj.baseEntity) return
+              }
+              controller.enqueue(encoder.encode(`data: ${JSON.stringify(msgObj)}\n\n`))
             }
             logger.subscribe(sub)
 
             const keepAliveInterval = setInterval(() => {
-              controller.enqueue(encoder.encode(`\u200B`)) // invisible keep-alive
+              controller.enqueue(encoder.encode(`: keep-alive\n\n`))
             }, 10000)
 
             const cleanup = () => {
               clearInterval(keepAliveInterval)
               logger.unsubscribe(sub)
               controller.close()
-              logger.info(`${gwName}[${pluginName}] remote logger disconnected from ip address ${ctx.ip}`)
+              logger.info(`${gwName}[${pluginName}] remote logger disconnected from ip address ${ctx.ip}`, { baseEntity: ctx?.routeObj?.baseEntity })
             }
 
             ctx.request.signal.onabort = cleanup // Bun
@@ -921,9 +924,9 @@ export class ScimGateway {
 
     // oauth token request, POST /oauth/token
     const postHandlerOauthToken = async (ctx: Context) => {
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request`, { baseEntity: ctx?.routeObj?.baseEntity })
       if (!found.BearerOAuth) {
-        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request, but plugin is missing auth.bearerOAuth configuration`)
+        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request, but plugin is missing auth.bearerOAuth configuration`, { baseEntity: ctx?.routeObj?.baseEntity })
         ctx.response.status = 500
         return
       }
@@ -931,7 +934,7 @@ export class ScimGateway {
       try {
         if (!jsonBody) throw new Error('missing body')
         if (typeof jsonBody !== 'object') { // might have application/x-www-form-urlencoded or multipart/form-data body, but incorrect Content-Type header
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] continue request validation even though incorrect body vs header Content-Type: ${ctx.request.headers.get('content-type')}`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] continue request validation even though incorrect body vs header Content-Type: ${ctx.request.headers.get('content-type')}`, { baseEntity: ctx?.routeObj?.baseEntity })
           let body = utils.formUrlEncodedToJSON(jsonBody)
           if (Object.keys(body).length < 1) {
             body = utils.formDataMultipartToJSON(jsonBody)
@@ -942,7 +945,7 @@ export class ScimGateway {
         }
         jsonBody = utils.copyObj(jsonBody) // no changes to original
       } catch (err: any) {
-        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request error: ${err.message}`)
+        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request error: ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         ctx.response.status = 401
         return
       }
@@ -1001,7 +1004,7 @@ export class ScimGateway {
       }
 
       if (err) {
-        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request client_id: ${jsonBody ? jsonBody.client_id : ''} error: ${errDescr}`)
+        logger.error(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [oauth] token request client_id: ${jsonBody ? jsonBody.client_id : ''} error: ${errDescr}`, { baseEntity: ctx?.routeObj?.baseEntity })
         ctx.response.status = 401
         const errMsg = {
           error: err,
@@ -1063,12 +1066,12 @@ export class ScimGateway {
         value: id,
       }
 
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Get ${handle.description}] ${getObj.attribute}=${getObj.value}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Get ${handle.description}] ${getObj.attribute}=${getObj.value}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       try {
         const ob = utils.copyObj(getObj)
         const attributes = ctx.query.attributes ? ctx.query.attributes.split(',').map((item: string) => item.trim()) : []
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         let res = await (this as any)[handle.getMethod](baseEntity, ob, [], ctx.passThrough)
 
         let scimdata: { [key: string]: any } = {
@@ -1273,7 +1276,7 @@ export class ScimGateway {
 
       let info = ''
       if (getObj.operator === 'eq' && ['id', 'userName', 'externalId', 'displayName', 'members.value'].includes(getObj.attribute)) info = ` ${getObj.attribute}=${getObj.value}`
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Get ${handle.description}s]${info}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Get ${handle.description}s]${info}`, { baseEntity: ctx?.routeObj?.baseEntity })
       try {
         getObj.startIndex = ctx.query.startIndex ? parseInt(ctx.query.startIndex) : undefined
         getObj.count = ctx.query.count ? parseInt(ctx.query.count) : undefined
@@ -1309,7 +1312,7 @@ export class ScimGateway {
             }
             const chunk = 5
             const chunkRes: Record<string, any>[] = []
-            logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} with chunks and awaiting result`)
+            logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} with chunks and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
             do {
               const arrChunk = getObjArr.splice(0, chunk)
               const results = await Promise.allSettled(arrChunk.map(o => getObj(o))) as { status: 'fulfilled' | 'rejected', reason: any, value: any }[] // processing max chunk async              
@@ -1328,7 +1331,7 @@ export class ScimGateway {
         }
 
         if (!res) { // standard
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
           res = await (this as any)[handle.getMethod](baseEntity, obj, [], ctx.passThrough)
         }
         // check for user attribute groups and include if needed
@@ -1392,7 +1395,7 @@ export class ScimGateway {
     const postHandler = async (ctx: Context) => {
       const handle = handler[ctx.routeObj.handle]
       const baseEntity = ctx.routeObj.baseEntity
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Create ${handle.description}]`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Create ${handle.description}]`, { baseEntity: ctx?.routeObj?.baseEntity })
       let jsonBody = ctx.request.body
       try {
         if (!jsonBody) throw new Error('missing body')
@@ -1422,9 +1425,9 @@ export class ScimGateway {
         return
       }
 
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] POST ${ctx.origin + ctx.path} body=${JSON.stringify(jsonBody)}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] POST ${ctx.origin + ctx.path} body=${JSON.stringify(jsonBody)}`, { baseEntity: ctx?.routeObj?.baseEntity })
       const [scimdata, err] = utilsScim.convertedScim(jsonBody, this.multiValueTypes)
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] convertedBody=${JSON.stringify(scimdata)}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] convertedBody=${JSON.stringify(scimdata)}`, { baseEntity: ctx?.routeObj?.baseEntity })
       if (err) {
         ctx.response.status = 500
         const [e, customErrorCode] = utilsScim.jsonErr(this.config.scimgateway.scim.version, pluginName, ctx.response.status, err)
@@ -1444,7 +1447,7 @@ export class ScimGateway {
             delete scimdata.groups
           }
         }
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.createMethod} and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.createMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         const res = await (this as any)[handle.createMethod](baseEntity, scimdata, ctx.passThrough)
         for (const key in res) { // merge any result e.g: {'id': 'xxxx'}
           jsonBody[key] = res[key]
@@ -1531,7 +1534,7 @@ export class ScimGateway {
         ctx.response.body = JSON.stringify(e)
         return
       }
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Delete ${handle.description}] id=${id}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Delete ${handle.description}] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       try {
         if (handle.deleteMethod === 'deleteUser') {
@@ -1547,7 +1550,7 @@ export class ScimGateway {
             })) // result not handled - ignore any failures
           }
         }
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.deleteMethod} and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.deleteMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         await (this as any)[handle.deleteMethod](baseEntity, id, ctx.passThrough)
         ctx.response.status = 204
       } catch (err: any) {
@@ -1589,7 +1592,7 @@ export class ScimGateway {
         return
       }
 
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Modify ${handle.description}] id=${id}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Modify ${handle.description}] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       const eTagIfMatch = ctx.request.headers.get('if-match')?.split(',').map((item: string) => item.trim()).filter(Boolean)
       const eTagIfNoneMatch = ctx.request.headers.get('if-none-match')?.split(',').map((item: string) => item.trim()).filter(Boolean)
@@ -1597,7 +1600,7 @@ export class ScimGateway {
         let eTag = ''
         if (handle.getMethod === handler.users.getMethod || handle.getMethod === handler.groups.getMethod) { // getUsers or getGroups implemented
           const ob = { attribute: 'id', operator: 'eq', value: id }
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
           const res = await (this as any)[handle.getMethod](baseEntity, ob, [], ctx.passThrough)
           if (res) {
             if (res.Resources && Array.isArray(res.Resources)) {
@@ -1629,7 +1632,7 @@ export class ScimGateway {
       let scimdata: any, err: any
       if (jsonBody.Operations) [scimdata, err] = utilsScim.convertedScim20(jsonBody, this.multiValueTypes) // v2.0
       else [scimdata, err] = utilsScim.convertedScim(jsonBody, this.multiValueTypes) // v1.1
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] convertedBody=${JSON.stringify(scimdata)}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] convertedBody=${JSON.stringify(scimdata)}`, { baseEntity: ctx?.routeObj?.baseEntity })
       if (err) {
         ctx.response.status = 500
         const [e, customErrorCode] = utilsScim.jsonErr(this.config.scimgateway.scim.version, pluginName, ctx.response.status, err)
@@ -1655,7 +1658,7 @@ export class ScimGateway {
         if (Array.isArray(scimdata.members) && scimdata.members.length === 0 && handle.modifyMethod === 'modifyGroup') {
           res = await replaceUsrGrp(ctx.routeObj.handle, baseEntity, id, scimdata, this.config.scimgateway.scim.usePutSoftSync, ctx.passThrough, undefined)
         } else {
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.modifyMethod} and awaiting result`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.modifyMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
           res = await (this as any)[handle.modifyMethod](baseEntity, id, scimdata, ctx.passThrough)
         }
 
@@ -1680,7 +1683,7 @@ export class ScimGateway {
             return
           }
           const ob = { attribute: 'id', operator: 'eq', value: id }
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling ${handle.getMethod} and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
           res = await (this as any)[handle.getMethod](baseEntity, ob, [], ctx.passThrough)
         }
 
@@ -1732,9 +1735,9 @@ export class ScimGateway {
       id = decodeURIComponent(id)
 
       // get current object
-      logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handle.getMethod} and awaiting result`)
+      logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handle.getMethod} and awaiting result`, { baseEntity })
       const res = await (this as any)[handle.getMethod](baseEntity, { attribute: 'id', operator: 'eq', value: id }, [], ctxPassThrough)
-      logger.debug(`${gwName}[${pluginName}][${baseEntity}] "${handle.getMethod}" result: ${res ? JSON.stringify(res) : ''}`)
+      logger.debug(`${gwName}[${pluginName}][${baseEntity}] "${handle.getMethod}" result: ${res ? JSON.stringify(res) : ''}`, { baseEntity })
       let currentObj
       if (res && res.Resources && Array.isArray(res.Resources)) {
         if (res.Resources.length === 1) currentObj = res.Resources[0]
@@ -1792,7 +1795,7 @@ export class ScimGateway {
 
       // update object
       if (Object.keys(scimdata).length > 0) {
-        logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handle.modifyMethod} and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handle.modifyMethod} and awaiting result`, { baseEntity })
         await (this as any)[handle.modifyMethod](baseEntity, id, scimdata, ctxPassThrough)
       }
 
@@ -1808,7 +1811,7 @@ export class ScimGateway {
             let res: any
             try {
               res = await (this as any)[handler.groups.getMethod](baseEntity, { attribute: 'members.value', operator: 'eq', value: decodeURIComponent(id) }, ['id', 'displayName'], ctxPassThrough)
-              logger.debug(`${gwName}[${pluginName}][${baseEntity}] "${handler.groups.getMethod}" result: ${res ? JSON.stringify(res) : ''}`)
+              logger.debug(`${gwName}[${pluginName}][${baseEntity}] "${handler.groups.getMethod}" result: ${res ? JSON.stringify(res) : ''}`, { baseEntity })
             } catch (err) { void 0 } // method may be implemented, but throwing error like groups not supported/implemented
             currentGroups = []
             if (res && res.Resources && Array.isArray(res.Resources) && res.Resources.length > 0) {
@@ -1889,7 +1892,7 @@ export class ScimGateway {
       const id = ctx.routeObj.id ? decodeURIComponent(ctx.routeObj.id) : ctx.routeObj.id
       const obj = ctx.request.body
 
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PUT ${handle[0].toUpperCase() + handle.slice(1)}] id=${id} body=${JSON.stringify(obj)}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PUT ${handle[0].toUpperCase() + handle.slice(1)}] id=${id} body=${JSON.stringify(obj)}`, { baseEntity: ctx?.routeObj?.baseEntity })
       try {
         if (!obj) throw new Error('missing body')
         if (typeof obj !== 'object') throw new Error('body is not JSON')
@@ -1946,7 +1949,7 @@ export class ScimGateway {
 
     const postBulkHandler = async (ctx: Context) => {
       const baseEntity = ctx.routeObj.baseEntity
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Bulk Operations]`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [Bulk Operations]`, { baseEntity: ctx?.routeObj?.baseEntity })
       const bulkBody: SCIMBulkRequest = utils.copyObj(ctx.request.body)
       try {
         if (!bulkBody) throw new Error('missing body')
@@ -2098,7 +2101,7 @@ export class ScimGateway {
     const postApiHandler = async (ctx: Context) => {
       const baseEntity = ctx.routeObj.baseEntity
       const obj = ctx.request.body
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [POST ${ctx.routeObj.handle}]`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [POST ${ctx.routeObj.handle}]`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       if (!obj) {
         const err = new Error('missing body')
@@ -2107,7 +2110,7 @@ export class ScimGateway {
         return
       }
       try {
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling postApi and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling postApi and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         let result = await this.postApi(baseEntity, obj, ctx.passThrough)
         if (result) {
           if (typeof result === 'object') result = { result: result }
@@ -2147,7 +2150,7 @@ export class ScimGateway {
       const baseEntity = ctx.routeObj.baseEntity
       const id = ctx.routeObj.id
       const obj = ctx.request.body
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PUT ${ctx.routeObj.handle}] id=${id}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PUT ${ctx.routeObj.handle}] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       try {
         if (!obj) throw new Error('missing body')
@@ -2159,7 +2162,7 @@ export class ScimGateway {
       }
 
       try {
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling putApi and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling putApi and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         let result = await this.putApi(baseEntity, id, obj, ctx.passThrough)
         if (result) {
           if (typeof result === 'object') result = { result }
@@ -2200,7 +2203,7 @@ export class ScimGateway {
       const id = ctx.routeObj.id as string
       const body = ctx.request.body
 
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PATCH ${handle} ] id=${id}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [PATCH ${handle} ] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
 
       if (!body) {
         const err = new Error('missing body')
@@ -2209,7 +2212,7 @@ export class ScimGateway {
         return
       } else {
         try {
-          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling patchApi and awaiting result`)
+          logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling patchApi and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
           let result = await this.patchApi(baseEntity, id, body, ctx.passThrough)
           if (result) {
             if (typeof result === 'object') result = { result }
@@ -2250,11 +2253,11 @@ export class ScimGateway {
       const id = ctx.routeObj.id as string
       const body = ctx.request.body
 
-      if (id) logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [GET ${handle}] id=${id}`)
+      if (id) logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [GET ${handle}] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
       else logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [GET ${handle}]`)
 
       try {
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling getApi and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling getApi and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         let result = await this.getApi(baseEntity, id, ctx.query, body, ctx.passThrough)
         if (result) {
           if (typeof result === 'object') result = { result }
@@ -2289,10 +2292,10 @@ export class ScimGateway {
     const deleteApiHandler = async (ctx: Context) => {
       const baseEntity = ctx.routeObj.baseEntity
       const id = ctx.routeObj.id
-      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [DELETE ${ctx.routeObj.handle} ] id=${id}`)
+      logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] [DELETE ${ctx.routeObj.handle} ] id=${id}`, { baseEntity: ctx?.routeObj?.baseEntity })
       try {
         if (!id || id.includes('/')) throw new Error('missing id')
-        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling deleteApi and awaiting result`)
+        logger.debug(`${gwName}[${pluginName}][${ctx?.routeObj?.baseEntity}] calling deleteApi and awaiting result`, { baseEntity: ctx?.routeObj?.baseEntity })
         let result = await this.deleteApi(baseEntity, id, ctx.passThrough)
         if (result) {
           if (typeof result === 'object') result = { result: result }
@@ -2334,7 +2337,7 @@ export class ScimGateway {
       try {
         const ob = { attribute: 'members.value', operator: 'eq', value: decodeURIComponent(id) }
         const attributes = ['id', 'displayName']
-        logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handler.groups.getMethod} and awaiting result - groups to be included`)
+        logger.debug(`${gwName}[${pluginName}][${baseEntity}] calling ${handler.groups.getMethod} and awaiting result - groups to be included`, { baseEntity })
         res = await (this as any)[handler.groups.getMethod](baseEntity, ob, attributes, ctxPassThrough)
       } catch (err) { void 0 }
       if (res && res.Resources && Array.isArray(res.Resources) && res.Resources.length > 0) {
@@ -2550,6 +2553,7 @@ export class ScimGateway {
       } else if (!ctx.routeObj.handle) {
         ctx.response.status = 404 // NOT_FOUND
       } else if (!ipAllowList(ctx.ip)) {
+        logger.debug(`${gwName}[${pluginName}] client ip ${ctx.ip} not in ipAllowList`, { baseEntity: ctx?.routeObj?.baseEntity })
         ctx.response.status = 401
       } else if (!await isAuthorized(ctx)) {
         ctx.response.status = 401
@@ -2565,14 +2569,14 @@ export class ScimGateway {
       const chainingBaseUrl = this.config.scimgateway.chainingBaseUrl // http(s)://<host>:<port>
       if (!chainingBaseUrl) {
         ctx.response.status = 500
-        logger.error(`${gwName}[${pluginName}] onChainingHandler error: configuration scimgateway.chainingBaseUrl missing`)
+        logger.error(`${gwName}[${pluginName}] onChainingHandler error: configuration scimgateway.chainingBaseUrl missing`, { baseEntity: ctx?.routeObj?.baseEntity })
         return
       }
       try {
         new URL(chainingBaseUrl)
       } catch (err: any) {
         ctx.response.status = 500
-        logger.error(`${gwName}[${pluginName}] onChainingHandler error: configuration scimgateway.chainingBaseUrl must use correct syntax 'http(s)://host:port' error: ${err.message}`)
+        logger.error(`${gwName}[${pluginName}] onChainingHandler error: configuration scimgateway.chainingBaseUrl must use correct syntax 'http(s)://host:port' error: ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         return
       }
       try {
@@ -2597,7 +2601,7 @@ export class ScimGateway {
           ctx.response.body = jBody.body ? JSON.stringify(jBody.body) : err.message
         } catch (parseErr) {
           ctx.response.status = 500
-          logger.error(`${gwName}[${pluginName}] onChainingHandler error: ${err.message}`)
+          logger.error(`${gwName}[${pluginName}] onChainingHandler error: ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         }
       }
     }
@@ -2605,14 +2609,14 @@ export class ScimGateway {
     const onPublisherHandler = async (ctx: Context) => {
       if (!this.pub) {
         ctx.response.status = 500
-        logger.error(`${gwName}[${pluginName}] onPublisherHandler error: publisher not initialized`)
+        logger.error(`${gwName}[${pluginName}] onPublisherHandler error: publisher not initialized`, { baseEntity: ctx?.routeObj?.baseEntity })
         return
       }
       try {
         ctx.response = await this.pub.publish({ ctx })
       } catch (err: any) {
         ctx.response.status = 500
-        logger.error(`${gwName}[${pluginName}] onPublisherHandler error: ${err.message}`)
+        logger.error(`${gwName}[${pluginName}] onPublisherHandler error: ${err.message}`, { baseEntity: ctx?.routeObj?.baseEntity })
         return
       }
     }
@@ -2702,15 +2706,39 @@ export class ScimGateway {
       const isPublisherEnabled = this.config.scimgateway.stream.publisher.enabled
       const isChainingEnabled = this.config.scimgateway.chainingBaseUrl
 
-      const wssInit = `
+      const sseInit = `
       <!DOCTYPE html>
       <html>
       <head>
         <style>
+          html, body {
+            height: 100%;
+            margin: 0;
+            padding: 0;
+          }
+          body {
+            display: flex;
+            flex-direction: column;
+            height: 100vh;
+            margin-left: 8px;
+          }
           .header-flex {
             display: flex;
             align-items: center;
             gap: 16px;
+            flex-shrink: 0;
+            margin-top: 2px;
+            margin-bottom: 2px;
+          }
+          #log {
+            flex: 1 1 auto;
+            width: 100%;
+            overflow: auto;
+            white-space: pre;
+            margin: 0;
+            min-height: 0;
+            height: auto;
+            box-sizing: border-box;
           }
           #stopBtn {
             padding: 4px 18px;
@@ -2725,42 +2753,41 @@ export class ScimGateway {
       </head>
       <body>
         <div class="header-flex">
-          <h3 style="margin:0;">SCIM Gateway remote logger</h3>
+          <h3>SCIM Gateway remote logger</h3>
           <button id="stopBtn" type="button">Stop</button>
         </div>
         <pre id="log"></pre>
         <script>
           const stopBtn = document.getElementById('stopBtn')
           const logElem = document.getElementById('log')
-          let ws = new WebSocket('{{protocol}}//' + location.host + '/logger')
-          ws.onmessage = function(event) {
-            event.data.split('\\n').forEach(function(line) {
-              if (!line.trim()) return
-              const htmlLine = line.replace(
-                /(level":"\\s*)(debug|info|warn|error)/i,
-                function(match, p1, p2) {
-                  let color = ''
-                  switch (p2.toLowerCase()) {
-                    case 'debug': color = '#888'; break
-                    case 'info':  color = 'blue'; break
-                    case 'warn':  color = 'orange'; break
-                    case 'error': color = 'red'; break
-                    default: color = 'black'
-                  }
-                  return p1 + '<span style="color:' + color + ';font-weight:bold">' + p2 + '</span>'
+          let es = new EventSource(location.pathname)
+
+          es.onmessage = function(event) {
+            if (!event.data.trim()) return
+            const htmlLine = event.data.replace(
+              /(level":"\s*)(debug|info|warn|error)/i,
+              function(match, p1, p2) {
+                let color = ''
+                switch (p2.toLowerCase()) {
+                  case 'debug': color = '#888'; break
+                  case 'info':  color = 'blue'; break
+                  case 'warn':  color = 'orange'; break
+                  case 'error': color = 'red'; break
+                  default: color = 'black'
                 }
-              );
-              logElem.innerHTML += htmlLine + '<br>'
-            })
+                return p1 + '<span style="color:' + color + ';font-weight:bold">' + p2 + '</span>'
+              }
+            )
+            logElem.innerHTML += htmlLine + '<br>'
+            logElem.scrollTop = logElem.scrollHeight
           }
+
           stopBtn.onclick = function() {
-            if (ws) {
-              ws.close()
-              ws = null
+            if (es) {
+              es.close()
+              es = null
               stopBtn.textContent = 'Start'
-              stopBtn.onclick = function() {
-                location.reload()
-              }
+              stopBtn.onclick = function() { location.reload() }
             }
           }
         </script>
@@ -2804,28 +2831,18 @@ export class ScimGateway {
             await getHandlerServiceProviderConfig(ctx)
             return await onAfterHandle(ctx)
           case 'GET logger': // no onAfterHandle
-            if (req.headers.get('upgrade')?.toLowerCase() === 'websocket') { // browser step 2, and other Bun ws(s) clients
-              logger.info(`${gwName}[${pluginName}] remote logger connected from ip address ${ctx.ip}`)
-              return server.upgrade(req, { // after upgrade, the server will handle the WebSocket connection configured in Bun.serve()
-                data: { // passed to WebSocket server Bun open handler
-                  headers: req.headers,
-                  url: req.url,
-                  ip: ctx.ip,
-                  nonce: this.Nonce.createItem(crypto.randomUUID()),
-                },
-              })
-            }
-            if (req.headers.has('sec-fetch-dest') && typeof Bun !== 'undefined') { // client is browser and not supporting WebSocket on Node.js
-              const url = new URL(ctx.origin)
-              const protocol = (url.protocol === 'https:' ? 'wss:' : 'ws:')
-              const js = wssInit.replace('{{protocol}}', protocol)
-              return new Response(js, { // browser step 1 => force WebSocket by sending javascript
-                status: 200,
-                headers: {
-                  'Content-Type': 'text/html; charset=utf-8',
-                },
-              })
-            } else return await getHandlerLoggerSSE(ctx) // using SSE for none WebSocket/wss e.g. curl -Ns http://localhost:8880/logger -u gwadmin:password | sed 's/\xE2\x80\x8B//g'
+            if (req.headers.has('sec-fetch-dest')) { // client is browser
+              if (ctx.request.headers.get('accept')?.includes('text/event-stream')) {
+                return await getHandlerLoggerSSE(ctx)
+              } else {
+                return new Response(sseInit, {
+                  status: 200,
+                  headers: {
+                    'Content-Type': 'text/html; charset=utf-8',
+                  },
+                })
+              }
+            } else return await getHandlerLoggerSSE(ctx)
           case 'PATCH users':
           case 'PATCH groups':
             await patchHandler(ctx)
@@ -2880,44 +2897,9 @@ export class ScimGateway {
             const reqWithRaw = req as Request & { raw: IncomingMessage }
             return await route(reqWithRaw, srv.requestIP(req)?.address || '')
           },
-          websocket: {
-            open: (ws) => {
-              const data = ws.data as { headers: Headers, url: string, ip: string, nonce: string } || {}
-              let isAuthorized = false // client is already authenticated by initial http/https upgrade to websocket, anyhow passing data to be validated
-              if (data?.nonce && this.Nonce.isItemValid(data.nonce)) {
-                if (data.headers.has('authorization')) {
-                  if (data.url.endsWith('/logger')) isAuthorized = true
-                }
-              }
-              if (!isAuthorized) {
-                logger.error(`${gwName}[${pluginName}] remote logger ip address ${data.ip} - WebSocket connection error: invalid nonce`)
-                ws.close(3000, 'Unauthorized')
-                return
-              }
-
-              const levelInt = logger.levelToInt(this.config?.scimgateway?.log?.loglevel?.push || 'info')
-              const sub = async (msgObj: Record<string, any>) => {
-                if (logger.levelToInt(msgObj.level) < levelInt) return
-                ws.send(`${JSON.stringify(msgObj)}`)
-              }
-              logger.subscribe(sub)
-              ;(ws as any)._sub = sub
-              ;(ws as any)._ip = data.ip
-            },
-            close: (ws) => {
-              const sub = (ws as any)._sub
-              const ip = (ws as any)._ip
-              if (sub) {
-                logger.unsubscribe(sub)
-              }
-              logger.info(`${gwName}[${pluginName}] remote logger disconnected from ip address ${ip}`)
-            },
-            message: () => {},
-          },
         })
       } else {
         // using nodejs server either through Bun compability or Node.js
-
         // get body from req
         async function getRequestBody(req: any): Promise<Buffer> {
           return new Promise((resolve, reject) => {
@@ -3185,28 +3167,28 @@ export class ScimGateway {
   * logDebug logs debug message
   **/
   logDebug(baseEntity: string | undefined, msg: string) {
-    this.logger.debug(`${this.pluginName}[${baseEntity}] ${msg}`)
+    this.logger.debug(`${this.pluginName}[${baseEntity}] ${msg}`, { baseEntity })
   }
 
   /**
   * logInfo logs info message
   **/
   logInfo(baseEntity: string | undefined, msg: string) {
-    this.logger.info(`${this.pluginName}[${baseEntity}] ${msg}`)
+    this.logger.info(`${this.pluginName}[${baseEntity}] ${msg}`, { baseEntity })
   }
 
   /**
   * logWarn logs warning message
   **/
   logWarn(baseEntity: string | undefined, msg: string) {
-    this.logger.warn(`${this.pluginName}[${baseEntity}] ${msg}`)
+    this.logger.warn(`${this.pluginName}[${baseEntity}] ${msg}`, { baseEntity })
   }
 
   /**
   * logError logs error message
   **/
   logError(baseEntity: string | undefined, msg: string) {
-    this.logger.error(`${this.pluginName}[${baseEntity}] ${msg}`)
+    this.logger.error(`${this.pluginName}[${baseEntity}] ${msg}`, { baseEntity })
   }
 
   /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "scimgateway",
-  "version": "5.4.1",
+  "version": "5.4.3",
   "type": "module",
   "description": "Using SCIM protocol as a gateway for user provisioning to other endpoints",
   "author": "Jarle Elshaug <jarle.elshaug@gmail.com> (https://elshaug.xyz)",