mirror of
https://github.com/go-gitea/gitea
synced 2024-06-03 01:45:47 +00:00
Add trace logging to SSO methods (#15803)
It is currenly impossible to detect which "SSO" method is responsible for login. This PR adds some basic trace logging to these methods. Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
zeripath
GitHub
parent
4ea0b46d9b
commit
a2df265476
|
|
@ -66,12 +66,16 @@ func (b *Basic) VerifyAuthData(req *http.Request, w http.ResponseWriter, store D
|
||||||
// Assume username is token
|
// Assume username is token
|
||||||
authToken := uname
|
authToken := uname
|
||||||
if !isUsernameToken {
|
if !isUsernameToken {
|
||||||
|
log.Trace("Basic Authorization: Attempting login for: %s", uname)
|
||||||
// Assume password is token
|
// Assume password is token
|
||||||
authToken = passwd
|
authToken = passwd
|
||||||
|
} else {
|
||||||
|
log.Trace("Basic Authorization: Attempting login with username as token")
|
||||||
}
|
}
|
||||||
|
|
||||||
uid := CheckOAuthAccessToken(authToken)
|
uid := CheckOAuthAccessToken(authToken)
|
||||||
if uid != 0 {
|
if uid != 0 {
|
||||||
|
log.Trace("Basic Authorization: Valid OAuthAccessToken for user[%d]", uid)
|
||||||
var err error
|
var err error
|
||||||
store.GetData()["IsApiToken"] = true
|
store.GetData()["IsApiToken"] = true
|
||||||
|
|
||||||
|
|
@ -83,6 +87,8 @@ func (b *Basic) VerifyAuthData(req *http.Request, w http.ResponseWriter, store D
|
||||||
}
|
}
|
||||||
token, err := models.GetAccessTokenBySHA(authToken)
|
token, err := models.GetAccessTokenBySHA(authToken)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
|
log.Trace("Basic Authorization: Valid AccessToken for user[%d]", uid)
|
||||||
|
|
||||||
u, err = models.GetUserByID(token.UID)
|
u, err = models.GetUserByID(token.UID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("GetUserByID: %v", err)
|
log.Error("GetUserByID: %v", err)
|
||||||
|
|
@ -98,6 +104,8 @@ func (b *Basic) VerifyAuthData(req *http.Request, w http.ResponseWriter, store D
|
||||||
}
|
}
|
||||||
|
|
||||||
if u == nil {
|
if u == nil {
|
||||||
|
log.Trace("Basic Authorization: Attempting SignIn for %s", uname)
|
||||||
|
|
||||||
u, err = models.UserSignIn(uname, passwd)
|
u, err = models.UserSignIn(uname, passwd)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !models.IsErrUserNotExist(err) {
|
if !models.IsErrUserNotExist(err) {
|
||||||
|
|
@ -109,5 +117,7 @@ func (b *Basic) VerifyAuthData(req *http.Request, w http.ResponseWriter, store D
|
||||||
store.GetData()["IsApiToken"] = true
|
store.GetData()["IsApiToken"] = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("Basic Authorization: Logged in user %-v", u)
|
||||||
|
|
||||||
return u
|
return u
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -130,6 +130,7 @@ func (o *OAuth2) VerifyAuthData(req *http.Request, w http.ResponseWriter, store
|
||||||
if id <= 0 {
|
if id <= 0 {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
log.Trace("OAuth2 Authorization: Found token for user[%d]", id)
|
||||||
|
|
||||||
user, err := models.GetUserByID(id)
|
user, err := models.GetUserByID(id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -139,5 +140,6 @@ func (o *OAuth2) VerifyAuthData(req *http.Request, w http.ResponseWriter, store
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("OAuth2 Authorization: Logged in user %-v", user)
|
||||||
return user
|
return user
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -65,6 +65,7 @@ func (r *ReverseProxy) VerifyAuthData(req *http.Request, w http.ResponseWriter,
|
||||||
if len(username) == 0 {
|
if len(username) == 0 {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
log.Trace("ReverseProxy Authorization: Found username: %s", username)
|
||||||
|
|
||||||
user, err := models.GetUserByName(username)
|
user, err := models.GetUserByName(username)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -75,6 +76,7 @@ func (r *ReverseProxy) VerifyAuthData(req *http.Request, w http.ResponseWriter,
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("ReverseProxy Authorization: Logged in user %-v", user)
|
||||||
return user
|
return user
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -77,6 +77,8 @@ func SessionUser(sess SessionStore) *models.User {
|
||||||
if uid == nil {
|
if uid == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
log.Trace("Session Authorization: Found user[%d]", uid)
|
||||||
|
|
||||||
id, ok := uid.(int64)
|
id, ok := uid.(int64)
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil
|
return nil
|
||||||
|
|
@ -90,6 +92,8 @@ func SessionUser(sess SessionStore) *models.User {
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("Session Authorization: Logged in user %-v", user)
|
||||||
return user
|
return user
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -87,6 +87,7 @@ func (s *SSPI) VerifyAuthData(req *http.Request, w http.ResponseWriter, store Da
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("SSPI Authorization: Attempting to authenticate")
|
||||||
userInfo, outToken, err := sspiAuth.Authenticate(req, w)
|
userInfo, outToken, err := sspiAuth.Authenticate(req, w)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Warn("Authentication failed with error: %v\n", err)
|
log.Warn("Authentication failed with error: %v\n", err)
|
||||||
|
|
@ -140,6 +141,7 @@ func (s *SSPI) VerifyAuthData(req *http.Request, w http.ResponseWriter, store Da
|
||||||
handleSignIn(w, req, sess, user)
|
handleSignIn(w, req, sess, user)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Trace("SSPI Authorization: Logged in user %-v", user)
|
||||||
return user
|
return user
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user