outpost/proxy: improve error logging

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-07 23:33:48 +02:00 · 2021-09-07 23:33:48 +02:00 · 631b0a1819
parent 6662dcc4b0
commit 631b0a1819
2 changed files with 6 additions and 6 deletions
--- a/internal/outpost/proxy/oauth.go
+++ b/internal/outpost/proxy/oauth.go
@ -195,13 +195,13 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 	redirect := s[1]
 	c, err := req.Cookie(p.CSRFCookieName)
 	if err != nil {
-		p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: unable to obtain CSRF cookie")
+		p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: unable to obtain CSRF cookie")
 		p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", err.Error())
 		return
 	}
 	p.ClearCSRFCookie(rw, req)
 	if c.Value != nonce {
-		p.logger.WithField("is", c.Value).WithField("should", nonce).WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: CSRF token mismatch, potential attack")
+		p.logger.WithField("is", c.Value).WithField("should", nonce).WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: CSRF token mismatch, potential attack")
 		p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", "CSRF Failed")
 		return
 	}
@ -215,13 +215,13 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 		p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Infof("Authenticated via OAuth2: %s", session)
 		err := p.SaveSession(rw, req, session)
 		if err != nil {
-			p.logger.Printf("Error saving session state for client %v", err)
+			p.logger.Errorf("Error saving session state for client %v", err)
 			p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error())
 			return
 		}
 		http.Redirect(rw, req, redirect, http.StatusFound)
 	} else {
-		p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Info("Invalid authentication via OAuth2: unauthorized")
+		p.logger.WithField("user", session.Email).WithField("status", "AuthFailure").Errorf("Invalid authentication via OAuth2: unauthorized")
 		p.ErrorPage(rw, http.StatusForbidden, "Permission Denied", "Invalid Account")
 	}
 }
--- a/internal/outpost/proxy/proxy.go
+++ b/internal/outpost/proxy/proxy.go
@ -192,7 +192,7 @@ func buildSessionChain(opts *options.Options, sessionStore sessionsapi.SessionSt
 func (p *OAuthProxy) RobotsTxt(rw http.ResponseWriter) {
 	_, err := fmt.Fprintf(rw, "User-agent: *\nDisallow: /")
 	if err != nil {
-		p.logger.Printf("Error writing robots.txt: %v", err)
+		p.logger.Errorf("Error writing robots.txt: %v", err)
 		p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error())
 		return
 	}
@ -287,7 +287,7 @@ func (p *OAuthProxy) UserInfo(rw http.ResponseWriter, req *http.Request) {
 	rw.WriteHeader(http.StatusOK)
 	err = json.NewEncoder(rw).Encode(userInfo)
 	if err != nil {
-		p.logger.Printf("Error encoding user info: %v", err)
+		p.logger.Errorf("Error encoding user info: %v", err)
 		p.ErrorPage(rw, http.StatusInternalServerError, "Internal Server Error", err.Error())
 	}
 }