chore(logging): improve logging around passportjs strategies (#2593)

- ensures the request logger, containing request details, is used
2024-08-07 13:34:49 +01:00
parent 47bd4cd4bc
commit b03e79ae44
4 changed files with 25 additions and 8 deletions
@@ -83,15 +83,21 @@ const azureAdStrategyBuilder: AuthStrategyBuilder = async (
    passportAuthenticate('azuread-openidconnect'),
    async (req, _res, next) => {
      const serverInfo = await getServerInfo()
+      let logger = req.log.child({
+        authStrategy: 'entraId',
+        serverVersion: serverInfo.version
+      })

      try {
        // This is the only strategy that does its own type for req.user - easier to force type cast for now
        // than to refactor everything
        const profile = req.user as Optional<IProfile>
        if (!profile) {
-          throw new Error('No profile provided by Azure AD')
+          throw new Error('No profile provided by Entra ID')
        }

+        logger = logger.child({ profileId: profile.oid })
+
        const user = {
          email: profile._json.email,
          name: profile._json.name || profile.displayName
@@ -194,18 +200,18 @@ const azureAdStrategyBuilder: AuthStrategyBuilder = async (
      } catch (err) {
        const e = ensureError(
          err,
-          'Unexpected issue occured while authenticating with Azure AD'
+          'Unexpected issue occured while authenticating with Entra ID'
        )

        switch (e.constructor) {
          case UserInputError:
-            req.log.info(
+            logger.info(
              { e },
-              'User input error during Azure AD authentication callback.'
+              'User input error during Entra ID authentication callback.'
            )
            break
          default:
-            req.log.error(e, 'Error during Azure AD authentication callback.')
+            logger.error(e, 'Error during Entra ID authentication callback.')
        }
        return next()
      }
@@ -11,7 +11,6 @@ import {
  resolveAuthRedirectPathFactory
 } from '@/modules/serverinvites/services/processing'
 import { passportAuthenticate } from '@/modules/auth/services/passportService'
-import { logger } from '@/logging/logging'
 import {
  UserInputError,
  UnverifiedEmailSSOLoginError
@@ -69,6 +68,11 @@ const githubStrategyBuilder: AuthStrategyBuilder = async (
      done: VerifyCallback
    ) => {
      const serverInfo = await getServerInfo()
+      const logger = req.log.child({
+        authStrategy: 'github',
+        profileId: profile.id,
+        serverVersion: serverInfo.version
+      })

      try {
        const email = profile.emails?.[0].value
@@ -9,7 +9,6 @@ import {
  resolveAuthRedirectPathFactory
 } from '@/modules/serverinvites/services/processing'
 import { passportAuthenticate } from '@/modules/auth/services/passportService'
-import { logger } from '@/logging/logging'
 import {
  UserInputError,
  UnverifiedEmailSSOLoginError
@@ -54,6 +53,11 @@ const googleStrategyBuilder: AuthStrategyBuilder = async (
    },
    async (req, _accessToken, _refreshToken, profile, done) => {
      const serverInfo = await getServerInfo()
+      const logger = req.log.child({
+        authStrategy: 'google',
+        profileId: profile.id,
+        serverVersion: serverInfo.version
+      })

      try {
        const email = profile.emails?.[0].value
@@ -8,7 +8,6 @@ import {
  finalizeInvitedServerRegistrationFactory,
  resolveAuthRedirectPathFactory
 } from '@/modules/serverinvites/services/processing'
-import { logger } from '@/logging/logging'
 import {
  getOidcDiscoveryUrl,
  getOidcClientId,
@@ -60,6 +59,10 @@ const oidcStrategyBuilder: AuthStrategyBuilder = async (
        req.session.userinfo = userinfo

        const serverInfo = await getServerInfo()
+        const logger = req.log.child({
+          authStrategy: 'oidc',
+          serverVersion: serverInfo.version
+        })

        // TODO: req.session.inviteId doesn't appear to exist, but i'm not removing it to not break things
        const token: Optional<string> =