diff --git a/server/email/email.go b/server/email/email.go index 7b423d2..fdb5cc0 100644 --- a/server/email/email.go +++ b/server/email/email.go @@ -4,13 +4,14 @@ import ( "bytes" "crypto/tls" "encoding/json" - "log" "strconv" "text/template" + log "github.com/sirupsen/logrus" + gomail "gopkg.in/mail.v2" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/envstore" - gomail "gopkg.in/mail.v2" ) // addEmailTemplate is used to add html template in email body @@ -46,7 +47,7 @@ func SendMail(to []string, Subject, bodyMessage string) error { d.TLSConfig = &tls.Config{InsecureSkipVerify: true} } if err := d.DialAndSend(m); err != nil { - log.Printf("smtp error: %s", err) + log.Debug("SMTP Failed:", err) return err } return nil diff --git a/server/env/env.go b/server/env/env.go index 6cf1e41..a6850f0 100644 --- a/server/env/env.go +++ b/server/env/env.go @@ -33,7 +33,7 @@ func InitRequiredEnv() error { err := godotenv.Load(envPath) if err != nil { - log.Printf("using OS env instead of %s file", envPath) + log.Info("using OS env instead of %s file", envPath) } dbURL := os.Getenv(constants.EnvKeyDatabaseURL) diff --git a/server/env/persist_env.go b/server/env/persist_env.go index 9a3a0d5..c0fb0ca 100644 --- a/server/env/persist_env.go +++ b/server/env/persist_env.go @@ -183,7 +183,7 @@ func PersistEnv() error { env.EnvData = encryptedConfig _, err = db.Provider.UpdateEnv(env) if err != nil { - log.Debug("error updating config in db:", err) + log.Debug("Failed to Update Config:", err) return err } } diff --git a/server/handlers/app.go b/server/handlers/app.go index 9300eda..d9548c9 100644 --- a/server/handlers/app.go +++ b/server/handlers/app.go @@ -1,14 +1,15 @@ package handlers import ( - "log" "net/http" "strings" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/utils" - "github.com/gin-gonic/gin" ) // State is the struct that holds authorizer url and redirect url @@ -23,6 +24,7 @@ func AppHandler() gin.HandlerFunc { return func(c *gin.Context) { hostname := utils.GetHost(c) if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) { + log.Debug("Login page is disabled") c.JSON(400, gin.H{"error": "login page is not enabled"}) return } @@ -43,6 +45,7 @@ func AppHandler() gin.HandlerFunc { } else { // validate redirect url with allowed origins if !utils.IsValidOrigin(redirect_uri) { + log.Debug("Invalid redirect_uri") c.JSON(400, gin.H{"error": "invalid redirect url"}) return } @@ -52,7 +55,7 @@ func AppHandler() gin.HandlerFunc { if pusher := c.Writer.Pusher(); pusher != nil { // use pusher.Push() to do server push if err := pusher.Push("/app/build/bundle.js", nil); err != nil { - log.Printf("Failed to push: %v", err) + log.Debug("Failed to push file path", err) } } c.HTML(http.StatusOK, "app.tmpl", gin.H{ diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go index 572ebae..7e8bc7d 100644 --- a/server/handlers/authorize.go +++ b/server/handlers/authorize.go @@ -6,14 +6,16 @@ import ( "strings" "time" + "github.com/gin-gonic/gin" + "github.com/google/uuid" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/token" - "github.com/gin-gonic/gin" - "github.com/google/uuid" ) // AuthorizeHandler is the handler for the /authorize route @@ -48,6 +50,7 @@ func AuthorizeHandler() gin.HandlerFunc { } if responseMode != "query" && responseMode != "web_message" { + log.Debug("Invalid response_mode") gc.JSON(400, gin.H{"error": "invalid response mode"}) } @@ -63,6 +66,7 @@ func AuthorizeHandler() gin.HandlerFunc { if isQuery { gc.Redirect(http.StatusFound, loginURL) } else { + log.Debug("Failed to get client_id") gc.HTML(http.StatusOK, template, gin.H{ "target_origin": redirectURI, "authorization_response": map[string]interface{}{ @@ -80,6 +84,7 @@ func AuthorizeHandler() gin.HandlerFunc { if isQuery { gc.Redirect(http.StatusFound, loginURL) } else { + log.Debug("Invalid client_id") gc.HTML(http.StatusOK, template, gin.H{ "target_origin": redirectURI, "authorization_response": map[string]interface{}{ @@ -97,6 +102,7 @@ func AuthorizeHandler() gin.HandlerFunc { if isQuery { gc.Redirect(http.StatusFound, loginURL) } else { + log.Debug("Failed to get state") gc.HTML(http.StatusOK, template, gin.H{ "target_origin": redirectURI, "authorization_response": map[string]interface{}{ @@ -121,6 +127,7 @@ func AuthorizeHandler() gin.HandlerFunc { if isQuery { gc.Redirect(http.StatusFound, loginURL) } else { + log.Debug("Invalid response_type") gc.HTML(http.StatusOK, template, gin.H{ "target_origin": redirectURI, "authorization_response": map[string]interface{}{ @@ -139,6 +146,7 @@ func AuthorizeHandler() gin.HandlerFunc { if isQuery { gc.Redirect(http.StatusFound, loginURL) } else { + log.Debug("Failed to get code_challenge") gc.HTML(http.StatusBadRequest, template, gin.H{ "target_origin": redirectURI, "authorization_response": map[string]interface{}{ diff --git a/server/handlers/jwks.go b/server/handlers/jwks.go index cbcec38..ad1c400 100644 --- a/server/handlers/jwks.go +++ b/server/handlers/jwks.go @@ -3,9 +3,11 @@ package handlers import ( "encoding/json" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/envstore" - "github.com/gin-gonic/gin" ) func JWKsHandler() gin.HandlerFunc { @@ -14,6 +16,7 @@ func JWKsHandler() gin.HandlerFunc { jwk := envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK) err := json.Unmarshal([]byte(jwk), &data) if err != nil { + log.Debug("Failed to parse JWK", err) c.JSON(500, gin.H{ "error": err.Error(), }) diff --git a/server/handlers/logout.go b/server/handlers/logout.go index 7c7b756..b578a12 100644 --- a/server/handlers/logout.go +++ b/server/handlers/logout.go @@ -4,10 +4,12 @@ import ( "net/http" "strings" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/crypto" "github.com/authorizerdev/authorizer/server/sessionstore" - "github.com/gin-gonic/gin" ) // Handler to logout user @@ -17,6 +19,7 @@ func LogoutHandler() gin.HandlerFunc { // get fingerprint hash fingerprintHash, err := cookie.GetSession(gc) if err != nil { + log.Debug("Failed to get session", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": err.Error(), }) @@ -25,6 +28,7 @@ func LogoutHandler() gin.HandlerFunc { decryptedFingerPrint, err := crypto.DecryptAES(fingerprintHash) if err != nil { + log.Debug("Failed to decrypt fingerprint", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": err.Error(), }) diff --git a/server/handlers/oauth_callback.go b/server/handlers/oauth_callback.go index 3fdf7f6..33233b8 100644 --- a/server/handlers/oauth_callback.go +++ b/server/handlers/oauth_callback.go @@ -5,12 +5,16 @@ import ( "encoding/json" "fmt" "io/ioutil" - "log" "net/http" "strconv" "strings" "time" + "github.com/coreos/go-oidc/v3/oidc" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "golang.org/x/oauth2" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/db" @@ -20,9 +24,6 @@ import ( "github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/utils" - "github.com/coreos/go-oidc/v3/oidc" - "github.com/gin-gonic/gin" - "golang.org/x/oauth2" ) // OAuthCallbackHandler handles the OAuth callback for various oauth providers @@ -33,6 +34,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { sessionState := sessionstore.GetState(state) if sessionState == "" { + log.Debug("Invalid oauth state") c.JSON(400, gin.H{"error": "invalid oauth state"}) } sessionstore.GetState(state) @@ -40,6 +42,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { sessionSplit := strings.Split(state, "___") if len(sessionSplit) < 3 { + log.Debug("Invalid redirect url") c.JSON(400, gin.H{"error": "invalid redirect url"}) return } @@ -60,18 +63,22 @@ func OAuthCallbackHandler() gin.HandlerFunc { case constants.SignupMethodFacebook: user, err = processFacebookUserInfo(code) default: + log.Info("Invalid oauth provider") err = fmt.Errorf(`invalid oauth provider`) } if err != nil { + log.Debug("Failed to process user info: ", err) c.JSON(400, gin.H{"error": err.Error()}) return } existingUser, err := db.Provider.GetUserByEmail(user.Email) + log := log.WithField("user", user.Email) if err != nil { if envstore.EnvStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableSignUp) { + log.Debug("Failed to signup as disabled") c.JSON(400, gin.H{"error": "signup is disabled for this instance"}) return } @@ -86,6 +93,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { } if hasProtectedRole { + log.Debug("Invalid role") c.JSON(400, gin.H{"error": "invalid role"}) return } @@ -96,6 +104,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { user, _ = db.Provider.AddUser(user) } else { if user.RevokedTimestamp != nil { + log.Debug("User access revoked") c.JSON(400, gin.H{"error": "user access has been revoked"}) } @@ -137,6 +146,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { } if hasProtectedRole { + log.Debug("Invalid role. User is using protected unassigned role") c.JSON(400, gin.H{"error": "invalid role"}) return } else { @@ -148,6 +158,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { user, err = db.Provider.UpdateUser(user) if err != nil { + log.Debug("Failed to update user: ", err) c.JSON(500, gin.H{"error": err.Error()}) return } @@ -155,6 +166,7 @@ func OAuthCallbackHandler() gin.HandlerFunc { authToken, err := token.CreateAuthToken(c, user, inputRoles, scopes) if err != nil { + log.Debug("Failed to create auth token: ", err) c.JSON(500, gin.H{"error": err.Error()}) } @@ -194,6 +206,7 @@ func processGoogleUserInfo(code string) (models.User, error) { ctx := context.Background() oauth2Token, err := oauth.OAuthProviders.GoogleConfig.Exchange(ctx, code) if err != nil { + log.Debug("Failed to exchange code for token: ", err) return user, fmt.Errorf("invalid google exchange code: %s", err.Error()) } @@ -202,16 +215,19 @@ func processGoogleUserInfo(code string) (models.User, error) { // Extract the ID Token from OAuth2 token. rawIDToken, ok := oauth2Token.Extra("id_token").(string) if !ok { + log.Debug("Failed to extract ID Token from OAuth2 token.") return user, fmt.Errorf("unable to extract id_token") } // Parse and verify ID Token payload. idToken, err := verifier.Verify(ctx, rawIDToken) if err != nil { + log.Debug("Failed to verify ID Token: ", err) return user, fmt.Errorf("unable to verify id_token: %s", err.Error()) } if err := idToken.Claims(&user); err != nil { + log.Debug("Failed to parse ID Token claims: ", err) return user, fmt.Errorf("unable to extract claims") } @@ -222,11 +238,13 @@ func processGithubUserInfo(code string) (models.User, error) { user := models.User{} token, err := oauth.OAuthProviders.GithubConfig.Exchange(oauth2.NoContext, code) if err != nil { + log.Debug("Failed to exchange code for token:", err) return user, fmt.Errorf("invalid github exchange code: %s", err.Error()) } client := http.Client{} req, err := http.NewRequest("GET", constants.GithubUserInfoURL, nil) if err != nil { + log.Debug("Failed to create github user info request:", err) return user, fmt.Errorf("error creating github user info request: %s", err.Error()) } req.Header = http.Header{ @@ -235,12 +253,14 @@ func processGithubUserInfo(code string) (models.User, error) { response, err := client.Do(req) if err != nil { + log.Debug("Failed to request github user info:", err) return user, err } defer response.Body.Close() body, err := ioutil.ReadAll(response.Body) if err != nil { + log.Debug("Failed to read github user info response body:", err) return user, fmt.Errorf("failed to read github response body: %s", err.Error()) } @@ -273,23 +293,26 @@ func processFacebookUserInfo(code string) (models.User, error) { user := models.User{} token, err := oauth.OAuthProviders.FacebookConfig.Exchange(oauth2.NoContext, code) if err != nil { + log.Debug("Invalid facebook exchange code:", err) return user, fmt.Errorf("invalid facebook exchange code: %s", err.Error()) } client := http.Client{} req, err := http.NewRequest("GET", constants.FacebookUserInfoURL+token.AccessToken, nil) if err != nil { + log.Debug("Error creating facebook user info request:", err) return user, fmt.Errorf("error creating facebook user info request: %s", err.Error()) } response, err := client.Do(req) if err != nil { - log.Println("error processing facebook user info:", err) + log.Debug("Failed to process facebook user:", err) return user, err } defer response.Body.Close() body, err := ioutil.ReadAll(response.Body) if err != nil { + log.Debug("Failed to read facebook response:", err) return user, fmt.Errorf("failed to read facebook response body: %s", err.Error()) } diff --git a/server/handlers/oauth_login.go b/server/handlers/oauth_login.go index a2ce229..3b42eb8 100644 --- a/server/handlers/oauth_login.go +++ b/server/handlers/oauth_login.go @@ -4,12 +4,14 @@ import ( "net/http" "strings" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/oauth" "github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/utils" - "github.com/gin-gonic/gin" ) // OAuthLoginHandler set host in the oauth state that is useful for redirecting to oauth_callback @@ -26,6 +28,7 @@ func OAuthLoginHandler() gin.HandlerFunc { scopeString := strings.TrimSpace(c.Query("scope")) if redirectURI == "" { + log.Debug("redirect_uri is empty") c.JSON(400, gin.H{ "error": "invalid redirect uri", }) @@ -33,6 +36,7 @@ func OAuthLoginHandler() gin.HandlerFunc { } if state == "" { + log.Debug("state is empty") c.JSON(400, gin.H{ "error": "invalid state", }) @@ -53,6 +57,7 @@ func OAuthLoginHandler() gin.HandlerFunc { // use protected roles verification for admin login only. // though if not associated with user, it will be rejected from oauth_callback if !utils.IsValidRoles(append([]string{}, append(envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyRoles), envstore.EnvStoreObj.GetSliceStoreEnvVariable(constants.EnvKeyProtectedRoles)...)...), rolesSplit) { + log.Debug("Invalid roles: ", roles) c.JSON(400, gin.H{ "error": "invalid role", }) @@ -69,6 +74,7 @@ func OAuthLoginHandler() gin.HandlerFunc { switch provider { case constants.SignupMethodGoogle: if oauth.OAuthProviders.GoogleConfig == nil { + log.Debug("Google OAuth provider is not configured") isProviderConfigured = false break } @@ -79,6 +85,7 @@ func OAuthLoginHandler() gin.HandlerFunc { c.Redirect(http.StatusTemporaryRedirect, url) case constants.SignupMethodGithub: if oauth.OAuthProviders.GithubConfig == nil { + log.Debug("Github OAuth provider is not configured") isProviderConfigured = false break } @@ -88,6 +95,7 @@ func OAuthLoginHandler() gin.HandlerFunc { c.Redirect(http.StatusTemporaryRedirect, url) case constants.SignupMethodFacebook: if oauth.OAuthProviders.FacebookConfig == nil { + log.Debug("Facebook OAuth provider is not configured") isProviderConfigured = false break } @@ -96,6 +104,7 @@ func OAuthLoginHandler() gin.HandlerFunc { url := oauth.OAuthProviders.FacebookConfig.AuthCodeURL(oauthStateString) c.Redirect(http.StatusTemporaryRedirect, url) default: + log.Debug("Invalid oauth provider: ", provider) c.JSON(422, gin.H{ "message": "Invalid oauth provider", }) diff --git a/server/handlers/revoke.go b/server/handlers/revoke.go index 6dc79db..0e6bca2 100644 --- a/server/handlers/revoke.go +++ b/server/handlers/revoke.go @@ -4,10 +4,12 @@ import ( "net/http" "strings" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/sessionstore" - "github.com/gin-gonic/gin" ) // Revoke handler to revoke refresh token @@ -15,6 +17,7 @@ func RevokeHandler() gin.HandlerFunc { return func(gc *gin.Context) { var reqBody map[string]string if err := gc.BindJSON(&reqBody); err != nil { + log.Debug("Error binding JSON: ", err) gc.JSON(http.StatusBadRequest, gin.H{ "error": "error_binding_json", "error_description": err.Error(), @@ -26,6 +29,7 @@ func RevokeHandler() gin.HandlerFunc { clientID := strings.TrimSpace(reqBody["client_id"]) if clientID == "" { + log.Debug("Client ID is empty") gc.JSON(http.StatusBadRequest, gin.H{ "error": "client_id_required", "error_description": "The client id is required", @@ -34,6 +38,7 @@ func RevokeHandler() gin.HandlerFunc { } if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) { + log.Debug("Client ID is invalid") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_client_id", "error_description": "The client id is invalid", diff --git a/server/handlers/token.go b/server/handlers/token.go index 516aafe..8807d43 100644 --- a/server/handlers/token.go +++ b/server/handlers/token.go @@ -7,13 +7,15 @@ import ( "strings" "time" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/constants" "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/envstore" "github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/token" - "github.com/gin-gonic/gin" ) // TokenHandler to handle /oauth/token requests @@ -22,6 +24,7 @@ func TokenHandler() gin.HandlerFunc { return func(gc *gin.Context) { var reqBody map[string]string if err := gc.BindJSON(&reqBody); err != nil { + log.Debug("Error binding JSON: ", err) gc.JSON(http.StatusBadRequest, gin.H{ "error": "error_binding_json", "error_description": err.Error(), @@ -43,6 +46,7 @@ func TokenHandler() gin.HandlerFunc { isAuthorizationCodeGrant := grantType == "authorization_code" if !isRefreshTokenGrant && !isAuthorizationCodeGrant { + log.Debug("Invalid grant type") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_grant_type", "error_description": "grant_type is invalid", @@ -50,6 +54,7 @@ func TokenHandler() gin.HandlerFunc { } if clientID == "" { + log.Debug("Client ID is empty") gc.JSON(http.StatusBadRequest, gin.H{ "error": "client_id_required", "error_description": "The client id is required", @@ -58,6 +63,7 @@ func TokenHandler() gin.HandlerFunc { } if clientID != envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyClientID) { + log.Debug("Client ID is invalid") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_client_id", "error_description": "The client id is invalid", @@ -70,6 +76,7 @@ func TokenHandler() gin.HandlerFunc { if isAuthorizationCodeGrant { if codeVerifier == "" { + log.Debug("Code verifier is empty") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_code_verifier", "error_description": "The code verifier is required", @@ -78,6 +85,7 @@ func TokenHandler() gin.HandlerFunc { } if code == "" { + log.Debug("Code is empty") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_code", "error_description": "The code is required", @@ -92,6 +100,7 @@ func TokenHandler() gin.HandlerFunc { encryptedCode = strings.ReplaceAll(encryptedCode, "=", "") sessionData := sessionstore.GetState(encryptedCode) if sessionData == "" { + log.Debug("Invalid code verifier") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_code_verifier", "error_description": "The code verifier is invalid", @@ -104,6 +113,7 @@ func TokenHandler() gin.HandlerFunc { sessionDataSplit := strings.Split(sessionData, "@") if sessionDataSplit[0] != code { + log.Debug("Invalid code verifier.Unable to split session data") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_code_verifier", "error_description": "The code verifier is invalid", @@ -114,6 +124,7 @@ func TokenHandler() gin.HandlerFunc { // validate session claims, err := token.ValidateBrowserSession(gc, sessionDataSplit[1]) if err != nil { + log.Debug("Error validating session: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": "unauthorized", "error_description": "Invalid session data", @@ -128,6 +139,7 @@ func TokenHandler() gin.HandlerFunc { } else { // validate refresh token if refreshToken == "" { + log.Debug("Refresh token is empty") gc.JSON(http.StatusBadRequest, gin.H{ "error": "invalid_refresh_token", "error_description": "The refresh token is invalid", @@ -136,6 +148,7 @@ func TokenHandler() gin.HandlerFunc { claims, err := token.ValidateRefreshToken(gc, refreshToken) if err != nil { + log.Debug("Error validating refresh token: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": "unauthorized", "error_description": err.Error(), @@ -156,6 +169,7 @@ func TokenHandler() gin.HandlerFunc { user, err := db.Provider.GetUserByID(userID) if err != nil { + log.Debug("Error getting user: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": "unauthorized", "error_description": "User not found", @@ -165,6 +179,7 @@ func TokenHandler() gin.HandlerFunc { authToken, err := token.CreateAuthToken(gc, user, roles, scope) if err != nil { + log.Debug("Error creating auth token: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": "unauthorized", "error_description": "User not found", diff --git a/server/handlers/userinfo.go b/server/handlers/userinfo.go index 9e9c6f5..3bc0164 100644 --- a/server/handlers/userinfo.go +++ b/server/handlers/userinfo.go @@ -3,15 +3,18 @@ package handlers import ( "net/http" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/token" - "github.com/gin-gonic/gin" ) func UserInfoHandler() gin.HandlerFunc { return func(gc *gin.Context) { accessToken, err := token.GetAccessToken(gc) if err != nil { + log.Debug("Error getting access token: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": err.Error(), }) @@ -20,6 +23,7 @@ func UserInfoHandler() gin.HandlerFunc { claims, err := token.ValidateAccessToken(gc, accessToken) if err != nil { + log.Debug("Error validating access token: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": err.Error(), }) @@ -29,6 +33,7 @@ func UserInfoHandler() gin.HandlerFunc { userID := claims["sub"].(string) user, err := db.Provider.GetUserByID(userID) if err != nil { + log.Debug("Error getting user: ", err) gc.JSON(http.StatusUnauthorized, gin.H{ "error": err.Error(), }) diff --git a/server/handlers/verify_email.go b/server/handlers/verify_email.go index 319537d..0d34b7d 100644 --- a/server/handlers/verify_email.go +++ b/server/handlers/verify_email.go @@ -6,13 +6,15 @@ import ( "strings" "time" + "github.com/gin-gonic/gin" + log "github.com/sirupsen/logrus" + "github.com/authorizerdev/authorizer/server/cookie" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/db/models" "github.com/authorizerdev/authorizer/server/sessionstore" "github.com/authorizerdev/authorizer/server/token" "github.com/authorizerdev/authorizer/server/utils" - "github.com/gin-gonic/gin" ) // VerifyEmailHandler handles the verify email route. @@ -24,12 +26,14 @@ func VerifyEmailHandler() gin.HandlerFunc { } tokenInQuery := c.Query("token") if tokenInQuery == "" { + log.Debug("Token is empty") c.JSON(400, errorRes) return } verificationRequest, err := db.Provider.GetVerificationRequestByToken(tokenInQuery) if err != nil { + log.Debug("Error getting verification request: ", err) errorRes["error_description"] = err.Error() c.JSON(400, errorRes) return @@ -39,6 +43,7 @@ func VerifyEmailHandler() gin.HandlerFunc { hostname := utils.GetHost(c) claim, err := token.ParseJWTToken(tokenInQuery, hostname, verificationRequest.Nonce, verificationRequest.Email) if err != nil { + log.Debug("Error parsing token: ", err) errorRes["error_description"] = err.Error() c.JSON(400, errorRes) return @@ -46,6 +51,7 @@ func VerifyEmailHandler() gin.HandlerFunc { user, err := db.Provider.GetUserByEmail(claim["sub"].(string)) if err != nil { + log.Debug("Error getting user: ", err) errorRes["error_description"] = err.Error() c.JSON(400, errorRes) return @@ -79,6 +85,7 @@ func VerifyEmailHandler() gin.HandlerFunc { } authToken, err := token.CreateAuthToken(c, user, roles, scope) if err != nil { + log.Debug("Error creating auth token: ", err) errorRes["error_description"] = err.Error() c.JSON(500, errorRes) return diff --git a/server/middlewares/log.go b/server/middlewares/log.go index d196021..97accf5 100644 --- a/server/middlewares/log.go +++ b/server/middlewares/log.go @@ -23,7 +23,7 @@ func (fn GinLogWriteFunc) Write(data []byte) (int, error) { // NewGinLogrusWrite logrus writer for gin func NewGinLogrusWrite() io.Writer { return GinLogWriteFunc(func(data []byte) (int, error) { - log.Debugf("%s", data) + log.Info("%s", data) return 0, nil }) } diff --git a/server/resolvers/delete_user.go b/server/resolvers/delete_user.go index 164c413..c6f84ce 100644 --- a/server/resolvers/delete_user.go +++ b/server/resolvers/delete_user.go @@ -3,7 +3,8 @@ package resolvers import ( "context" "fmt" - "log" + + log "github.com/sirupsen/logrus" "github.com/authorizerdev/authorizer/server/db" "github.com/authorizerdev/authorizer/server/graph/model" @@ -33,7 +34,7 @@ func DeleteUserResolver(ctx context.Context, params model.DeleteUserInput) (*mod err = db.Provider.DeleteUser(user) if err != nil { - log.Println("error deleting user:", err) + log.Debug("Failed Deleting User:", err) return res, err }