From 153bd3aaf1519eef7a7699e8b314b5652dbc8df1 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens@goauthentik.io>
Date: Fri, 17 Feb 2023 13:22:41 +0100
Subject: [PATCH] sources/oauth: fix not all token errors being logged with
 response

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/sources/oauth/clients/base.py   |  6 +++++-
 authentik/sources/oauth/clients/oauth1.py | 10 ++++++++--
 authentik/sources/oauth/clients/oauth2.py | 12 ++++++++++--
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/authentik/sources/oauth/clients/base.py b/authentik/sources/oauth/clients/base.py
index af2269fd4..25ff64e0e 100644
--- a/authentik/sources/oauth/clients/base.py
+++ b/authentik/sources/oauth/clients/base.py
@@ -43,7 +43,11 @@ class BaseOAuthClient:
         try:
             response.raise_for_status()
         except RequestException as exc:
-            self.logger.warning("Unable to fetch user profile", exc=exc, body=response.text)
+            self.logger.warning(
+                "Unable to fetch user profile",
+                exc=exc,
+                response=exc.response.text if exc.response else str(exc),
+            )
             return None
         return response.json()
 
diff --git a/authentik/sources/oauth/clients/oauth1.py b/authentik/sources/oauth/clients/oauth1.py
index 07d3da1fb..d7099fee6 100644
--- a/authentik/sources/oauth/clients/oauth1.py
+++ b/authentik/sources/oauth/clients/oauth1.py
@@ -41,7 +41,11 @@ class OAuthClient(BaseOAuthClient):
                 )
                 response.raise_for_status()
             except RequestException as exc:
-                LOGGER.warning("Unable to fetch access token", exc=exc)
+                LOGGER.warning(
+                    "Unable to fetch access token",
+                    exc=exc,
+                    response=exc.response.text if exc.response else str(exc),
+                )
                 return None
             return self.parse_raw_token(response.text)
         return None
@@ -61,7 +65,9 @@ class OAuthClient(BaseOAuthClient):
             )
             response.raise_for_status()
         except RequestException as exc:
-            raise OAuthSourceException from exc
+            raise OAuthSourceException(
+                response=exc.response.text if exc.response else str(exc),
+            ) from exc
         return response.text
 
     def get_redirect_args(self) -> dict[str, Any]:
diff --git a/authentik/sources/oauth/clients/oauth2.py b/authentik/sources/oauth/clients/oauth2.py
index 30293da54..9e1235253 100644
--- a/authentik/sources/oauth/clients/oauth2.py
+++ b/authentik/sources/oauth/clients/oauth2.py
@@ -84,7 +84,11 @@ class OAuth2Client(BaseOAuthClient):
             )
             response.raise_for_status()
         except RequestException as exc:
-            LOGGER.warning("Unable to fetch access token", exc=exc)
+            LOGGER.warning(
+                "Unable to fetch access token",
+                exc=exc,
+                response=exc.response.text if exc.response else str(exc),
+            )
             return None
         return response.json()
 
@@ -147,6 +151,10 @@ class UserprofileHeaderAuthClient(OAuth2Client):
         try:
             response.raise_for_status()
         except RequestException as exc:
-            LOGGER.warning("Unable to fetch user profile", exc=exc, body=response.text)
+            LOGGER.warning(
+                "Unable to fetch user profile",
+                exc=exc,
+                response=exc.response.text if exc.response else str(exc),
+            )
             return None
         return response.json()