Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 Filter: Adding response_code_details for 401 cases #37933

Open
denniskniep opened this issue Jan 8, 2025 · 1 comment
Open

OAuth2 Filter: Adding response_code_details for 401 cases #37933

denniskniep opened this issue Jan 8, 2025 · 1 comment
Assignees
@denniskniep
Labels
area/oauth enhancement Feature requests. Not bugs or questions.

Comments

@denniskniep
Copy link
Contributor

Description:
There are a lot scenarios where OAuth2 Filter returns 401 status code. But in AccessLog there is no further detail why it was a 401. That makes troubleshooting hard. You have to switch to debug logging if you want more insights.

Example:
"response_code":"401","response_flags":"-","response_code_details":""

We should enrich it with a short explainer:

envoy/source/extensions/filters/http/oauth2/filter.cc

Lines 859 to 863 in 2425431

void OAuth2Filter::sendUnauthorizedResponse() {
config_->stats().oauth_failure_.inc();
decoder_callbacks_->sendLocalReply(Http::Code::Unauthorized, UnauthorizedBodyMessage, nullptr,
absl::nullopt, EMPTY_STRING);

Like this:

envoy/source/extensions/filters/http/oauth2/filter.cc

Line 759 in 2425431

decoder_callbacks_->encodeHeaders(std::move(response_headers), true, REDIRECT_LOGGED_IN);

results in "response_code":"302","response_flags":"-","response_code_details":"oauth.logged_in"

cc: @zhaohuabing
@denniskniep denniskniep added enhancement Feature requests. Not bugs or questions. triage Issue requires triage labels Jan 8, 2025
@denniskniep
Copy link
Contributor Author

Plz assign me on that issue

@zuercher zuercher added area/oauth help wanted Needs help! and removed triage Issue requires triage help wanted Needs help! labels Jan 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@denniskniep denniskniep

Labels
area/oauth enhancement Feature requests. Not bugs or questions.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zuercher @denniskniep