fix(logging): correct log levels for error types from auth flow (#3934)

specklesystems · Feb 4, 2025 · 9bbd6be · 9bbd6be
1 parent 8934179
commit 9bbd6be
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 13 deletions.
diff --git a/packages/server/modules/auth/middleware.ts b/packages/server/modules/auth/middleware.ts
@@ -5,16 +5,15 @@ import { createRedisClient } from '@/modules/shared/redis/redis'
 import {
   isSSLServer,
   getRedisUrl,
-  getFrontendOrigin
+  getFrontendOrigin,
+  getSessionSecret
 } from '@/modules/shared/helpers/envHelper'
-import { getSessionSecret } from '@/modules/shared/helpers/envHelper'
 import { isString, noop } from 'lodash'
 import { CreateAuthorizationCode } from '@/modules/auth/domain/operations'
-
-import { authLogger } from '@/logging/logging'
 import { ensureError } from '@speckle/shared'
 import { LegacyGetUser } from '@/modules/core/domain/users/operations'
 import { ForbiddenError } from '@/modules/shared/errors'
+import { UserInputError } from '@/modules/core/errors/userinput'
 
 export const sessionMiddlewareFactory = (): RequestHandler => {
   const RedisStore = ConnectRedis(ExpressSession)
@@ -93,10 +92,22 @@ export const finalizeAuthMiddlewareFactory =
 
       return res.redirect(redirectUrl)
     } catch (err) {
-      authLogger.error(err, 'Could not finalize auth')
+      const e = ensureError(err, 'Unexpected issue arose while finalizing auth')
+      switch (e.constructor) {
+        case ForbiddenError:
+          req.log.debug({ err: e }, 'Could not finalize auth')
+          break
+        case UserInputError:
+          req.log.info({ err: e }, 'Could not finalize auth')
+          break
+        default:
+          req.log.error({ err: e }, 'Could not finalize auth')
+          break
+      }
+
       if (req.session) req.session.destroy(noop)
       return res.status(401).send({
-        err: ensureError(err, 'Unexpected issue arose while finalizing auth').message
+        err: e.message
       })
     }
   }
diff --git a/packages/server/modules/auth/strategies/azureAd.ts b/packages/server/modules/auth/strategies/azureAd.ts
@@ -32,6 +32,7 @@ import {
 } from '@/modules/core/domain/users/operations'
 import { GetServerInfo } from '@/modules/core/domain/server/operations'
 import { EnvironmentResourceError } from '@/modules/shared/errors'
+import { InviteNotFoundError } from '@/modules/serverinvites/errors'
 
 const azureAdStrategyBuilderFactory =
   (deps: {
@@ -195,6 +196,8 @@ const azureAdStrategyBuilderFactory =
 
           switch (e.constructor) {
             case UserInputError:
+            case UnverifiedEmailSSOLoginError:
+            case InviteNotFoundError:
               logger.info(
                 { e },
                 'User input error during Entra ID authentication callback.'

diff --git a/packages/server/modules/auth/strategies/github.ts b/packages/server/modules/auth/strategies/github.ts
@@ -33,6 +33,7 @@ import {
 import crs from 'crypto-random-string'
 import { GetServerInfo } from '@/modules/core/domain/server/operations'
 import { EnvironmentResourceError } from '@/modules/shared/errors'
+import { InviteNotFoundError } from '@/modules/serverinvites/errors'
 
 const githubStrategyBuilderFactory =
   (deps: {
@@ -160,6 +161,8 @@ const githubStrategyBuilderFactory =
           )
           switch (e.constructor) {
             case UserInputError:
+            case InviteNotFoundError:
+            case UnverifiedEmailSSOLoginError:
               logger.info(err)
               break
             default:

diff --git a/packages/server/modules/auth/strategies/google.ts b/packages/server/modules/auth/strategies/google.ts
@@ -28,6 +28,7 @@ import {
 } from '@/modules/core/domain/users/operations'
 import { GetServerInfo } from '@/modules/core/domain/server/operations'
 import { EnvironmentResourceError } from '@/modules/shared/errors'
+import { InviteNotFoundError } from '@/modules/serverinvites/errors'
 
 const googleStrategyBuilderFactory =
   (deps: {
@@ -142,13 +143,15 @@ const googleStrategyBuilderFactory =
             'Unexpected issue occured while authenticating with Google'
           )
           switch (e.constructor) {
+            case UnverifiedEmailSSOLoginError:
             case UserInputError:
-              logger.info(err)
+            case InviteNotFoundError:
+              logger.info({ err: e })
               break
             default:
-              logger.error(err)
+              logger.error({ err: e })
           }
-          return done(err, false, { message: e.message })
+          return done(e, false, { message: e.message })
         }
       }
     )

diff --git a/packages/server/modules/auth/strategies/oidc.ts b/packages/server/modules/auth/strategies/oidc.ts
@@ -8,13 +8,16 @@ import {
   getOidcName,
   getServerOrigin
 } from '@/modules/shared/helpers/envHelper'
-import { UnverifiedEmailSSOLoginError } from '@/modules/core/errors/userinput'
+import {
+  UnverifiedEmailSSOLoginError,
+  UserInputError
+} from '@/modules/core/errors/userinput'
 import { getNameFromUserInfo } from '@/modules/auth/helpers/oidc'
 import { ServerInviteResourceType } from '@/modules/serverinvites/domain/constants'
 import { getResourceTypeRole } from '@/modules/serverinvites/helpers/core'
 import { AuthStrategyBuilder } from '@/modules/auth/helpers/types'
 import { get } from 'lodash'
-import { Optional } from '@speckle/shared'
+import { ensureError, Optional } from '@speckle/shared'
 import { ServerInviteRecord } from '@/modules/serverinvites/domain/types'
 import {
   FinalizeInvitedServerRegistration,
@@ -28,6 +31,7 @@ import {
 } from '@/modules/core/domain/users/operations'
 import { GetServerInfo } from '@/modules/core/domain/server/operations'
 import { EnvironmentResourceError } from '@/modules/shared/errors'
+import { InviteNotFoundError } from '@/modules/serverinvites/errors'
 
 const oidcStrategyBuilderFactory =
   (deps: {
@@ -149,8 +153,20 @@ const oidcStrategyBuilderFactory =
               isInvite: !!invite
             })
           } catch (err) {
-            logger.error(err)
-            return done(err, undefined)
+            const e = ensureError(
+              err,
+              'Unexpected issue occured while authenticating with Google'
+            )
+            switch (e.constructor) {
+              case UnverifiedEmailSSOLoginError:
+              case UserInputError:
+              case InviteNotFoundError:
+                logger.info({ err: e })
+                break
+              default:
+                logger.error({ err: e })
+            }
+            return done(e, undefined)
           }
         }
       )