From 0a08c854a86853b8bd682785cc1752e1ca4c9f2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Mon, 28 Apr 2025 17:18:05 +0200 Subject: [PATCH] fix(oidc): log oidc errors --- internal/api/oidc/error.go | 11 +++++++++++ internal/api/oidc/server.go | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/internal/api/oidc/error.go b/internal/api/oidc/error.go index 781a1d3815..36098682a8 100644 --- a/internal/api/oidc/error.go +++ b/internal/api/oidc/error.go @@ -3,6 +3,8 @@ package oidc import ( "errors" + "github.com/zitadel/logging" + "github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/oidc/v3/pkg/op" @@ -19,6 +21,7 @@ func oidcError(err error) error { if err == nil { return nil } + logging.WithError(err).Warn("OIDC error") if errors.Is(err, op.ErrInvalidRefreshToken) { err = zerrors.ThrowInvalidArgument(err, "OIDCS-ef2Gi", "Errors.User.RefreshToken.Invalid") } @@ -42,6 +45,14 @@ func oidcError(err error) error { if statusCode < 500 { newOidcErr = oidc.ErrInvalidRequest } + + entry := logging.WithError(err).WithField("status_code", statusCode) + if statusCode >= 500 { + entry.Error("OIDC error") + } else { + entry.Warn("OIDC error") + } + return op.NewStatusError( newOidcErr(). WithParent(err). diff --git a/internal/api/oidc/server.go b/internal/api/oidc/server.go index 1a0854e2a6..8bbbe3a005 100644 --- a/internal/api/oidc/server.go +++ b/internal/api/oidc/server.go @@ -207,7 +207,7 @@ func (s *Server) createDiscoveryConfig(ctx context.Context, supportedUILocales o func response(resp any, err error) (*op.Response, error) { if err != nil { - return nil, err + return nil, oidcError(err) } return op.NewResponse(resp), nil }