Skip to content

Commit 5ed97e3

Browse files
ezekgezekg
committed
add logging to sso
1 parent 1d6429c commit 5ed97e3

File tree

1 file changed

+8
-2
lines changed

1 file changed

+8
-2
lines changed

app/controllers/auth/sso_controller.rb

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,8 @@ def callback
8383

8484
# provision a new user for the current environment (not using existing users scope because it's a union)
8585
user = account.users.build(email: profile.email, environment:) do |new_user|
86+
Keygen.logger.info { "[sso] creating new user: profile_id=#{profile.id.inspect} organization_id=#{profile.organization_id.inspect} account_id=#{account.id.inspect}" }
87+
8688
new_user.sso_profile_id = profile.id
8789
new_user.sso_connection_id = profile.connection_id
8890
new_user.sso_idp_id = profile.idp_id
@@ -113,17 +115,21 @@ def callback
113115
role = name.underscore.to_sym # pattern matching expects a symbol
114116

115117
unless user.role in Role(^role)
118+
Keygen.logger.info { "[sso] changing user role: profile_id=#{profile.id.inspect} organization_id=#{profile.organization_id.inspect} account_id=#{account.id.inspect} user_id=#{user.id.inspect} user_role=#{role.inspect}" }
119+
116120
user.change_role role
117121
end
118122
end
119123

120-
unless user.errors.empty?
124+
unless user.valid?
121125
Keygen.logger.warn { "[sso] user is not valid: profile_id=#{profile.id.inspect} organization_id=#{profile.organization_id.inspect} account_id=#{account.id.inspect} user_id=#{user.id.inspect} error_messages=#{user.errors.messages.inspect}" }
122126

123127
raise Keygen::Error::InvalidSingleSignOnError.new('user is not valid', code: 'SSO_USER_INVALID')
124128
end
125129

126130
session = user.transaction do
131+
Keygen.logger.info { "[sso] creating new session: profile_id=#{profile.id.inspect} organization_id=#{profile.organization_id.inspect} account_id=#{account.id.inspect} user_id=#{user.id.inspect}" }
132+
127133
# FIXME(ezekg) quirk: https://stackoverflow.com/a/78727914/3247081
128134
user.sessions.delete_all(:delete_all) # clear current sessions
129135
user.sessions.create(
@@ -134,7 +140,7 @@ def callback
134140
)
135141
end
136142

137-
unless session.errors.empty?
143+
unless session.valid?
138144
Keygen.logger.warn { "[sso] session is not valid: profile_id=#{profile.id.inspect} organization_id=#{profile.organization_id.inspect} account_id=#{account.id.inspect} user_id=#{user.id.inspect} session_id=#{session.id.inspect} error_messages=#{session.errors.messages.inspect}" }
139145

140146
raise Keygen::Error::InvalidSingleSignOnError.new('session is not valid', code: 'SSO_SESSION_INVALID')

0 commit comments

Comments
 (0)