From 631b0a18197f6c49efdd702fd34f9d043f357618 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 7 Sep 2021 23:33:48 +0200 Subject: [PATCH] outpost/proxy: improve error logging Signed-off-by: Jens Langhammer --- internal/outpost/proxy/oauth.go | 8 ++++---- internal/outpost/proxy/proxy.go | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/internal/outpost/proxy/oauth.go b/internal/outpost/proxy/oauth.go index 86b64f9bf..deb2bad6c 100644 --- a/internal/outpost/proxy/oauth.go +++ b/internal/outpost/proxy/oauth.go @@ -195,13 +195,13 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) { redirect := s[1] c, err := req.Cookie(p.CSRFCookieName) if err != nil { - p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: unable to obtain CSRF cookie") + p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: unable to obtain CSRF cookie") p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", err.Error()) return } p.ClearCSRFCookie(rw, req) if c.Value != nonce { - p.logger.WithField("is", c.Value).WithField("should", nonce).WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: CSRF token mismatch, potential attack") + p.logger.WithField("is", c.Value).WithField("should", nonce).WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: CSRF token mismatch, potential attack") p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", "CSRF Failed") return } @@ -215,13 +215,13 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) { p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Infof("Authenticated via OAuth2: %s", session) err := p.SaveSession(rw, req, session) if err != nil { - p.logger.Printf("Error saving session state for client %v", err) + p.logger.Errorf("Error saving session state for client %v", err) p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error()) return } http.Redirect(rw, req, redirect, http.StatusFound) } else { - p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: unauthorized") + p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: unauthorized") p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", "Invalid Account") } } diff --git a/internal/outpost/proxy/proxy.go b/internal/outpost/proxy/proxy.go index e8343d903..81b8b8ecd 100644 --- a/internal/outpost/proxy/proxy.go +++ b/internal/outpost/proxy/proxy.go @@ -192,7 +192,7 @@ func buildSessionChain(opts *options.Options, sessionStore sessionsapi.SessionSt func (p *OAuthProxy) RobotsTxt(rw http.ResponseWriter) { _, err := fmt.Fprintf(rw, "User-agent: *\nDisallow: /") if err != nil { - p.logger.Printf("Error writing robots.txt: %v", err) + p.logger.Errorf("Error writing robots.txt: %v", err) p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error()) return } @@ -287,7 +287,7 @@ func (p *OAuthProxy) UserInfo(rw http.ResponseWriter, req *http.Request) { rw.WriteHeader(http.StatusOK) err = json.NewEncoder(rw).Encode(userInfo) if err != nil { - p.logger.Printf("Error encoding user info: %v", err) + p.logger.Errorf("Error encoding user info: %v", err) p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error()) } }