From 3404c81b8c223cd57f7ef0fcd0954a5fbbbfb9f9 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 27 Mar 2020 15:29:53 +0100 Subject: [PATCH] auth_fc: log transport format/errors as errors (#40862) --- src/authentic2_auth_fc/views.py | 33 ++++++++++++++++----------------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/src/authentic2_auth_fc/views.py b/src/authentic2_auth_fc/views.py index eae16585..128dc944 100644 --- a/src/authentic2_auth_fc/views.py +++ b/src/authentic2_auth_fc/views.py @@ -111,22 +111,22 @@ def resolve_access_token(authorization_code, redirect_uri, logger): if response.status_code != 200: try: data = response.json() - logger.warning(u'oauth2 error on access token retrieval: %r', data) + logger.error(u'oauth2 error on access token retrieval: %r', data) except ValueError: data = {} - logger.warning(u'oauth2 error on access token retrieval: %r', response.content) + logger.error(u'oauth2 error on access token retrieval: %r', response.content[:1024]) return except requests.exceptions.RequestException as e: - logger.warning(u'unable to retrieve access token {}'.format(e)) + logger.error(u'unable to retrieve access token {}'.format(e)) else: try: response = response.json() - logger.debug('token resolved : {}'.format(response)) + logger.debug('token resolved : %s', response) return response except ValueError: - logger.warning( - "no JSON object can be decoded from the data received from {} : '{}'".format( - app_settings.token_url, response.content)) + logger.error( + 'no JSON object can be decoded from the data received from %s: %r', + app_settings.token_url, response.content[:1024]) def access_token_from_request(request, logger): @@ -216,16 +216,16 @@ class FcOAuthSessionViewMixin(LoggerMixin): data = self.oauth_session().get(url, verify=verify, allow_redirects=False, timeout=3) data.raise_for_status() except requests.exceptions.RequestException as e: - self.logger.warning(u'unable to retrieve ressource from {} due to {}'.format(url, e)) + self.logger.error('unable to retrieve ressource from %s due to %s', url, e) else: try: data = data.json() - self.logger.debug('ressource resolved : {}'.format(data)) + self.logger.debug('ressource resolved: %s', data) return data except ValueError: - self.logger.warning( - "no JSON object can be decoded from the data received from {} : '{}'".format( - url, data.content)) + self.logger.error( + 'no JSON object can be decoded from the data received from %s: %r', + url, data.content) def get_user_info(self): return self.get_ressource(app_settings.userinfo_url + '?schema=openid', @@ -282,14 +282,14 @@ class FcOAuthSessionViewMixin(LoggerMixin): self.id_token, error = models.parse_id_token( self.token['id_token'], client_id=app_settings.client_id, client_secret=key) if not self.id_token: - self.logger.warning(u'validation of id_token failed: %s', error) + self.logger.error(u'validation of id_token failed: %s', error) messages.warning(request, _('Unable to connect to FranceConnect.')) return self.redirect(request) nonce = self.id_token.get('nonce') states = request.session.get('fc_states', {}) if not nonce or nonce not in states: - self.logger.warning(u'invalid nonce in id_token %s, known ones %s', nonce, - u', '.join(states.keys())) + self.logger.error(u'invalid nonce in id_token %s, known ones %s', nonce, + u', '.join(states.keys())) messages.warning(request, _('Unable to connect to FranceConnect.')) return self.redirect(request) self.logger.debug('fc id_token %s', self.id_token) @@ -300,8 +300,7 @@ class FcOAuthSessionViewMixin(LoggerMixin): app_settings.client_id, token=self.token)) self.user_info = self.get_user_info() if not self.user_info: - msg = 'userinfo resolution failed : {}'.format(self.token) - self.logger.warning(msg) + self.logger.error('userinfo resolution failed: %s', self.token) messages.warning(request, _('Unable to connect to FranceConnect.')) return self.redirect(request) self.logger.debug('fc user_info %s', self.user_info) -- 2.24.0