Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scope ScriptJwtBearerHandler logs to system-only #10617

Merged
merged 10 commits into from
Nov 15, 2024
Merged

Conversation

jviau
Copy link
Contributor

@jviau jviau commented Nov 11, 2024

Issue describing the changes in this PR

resolves #10532

Pull request checklist

IMPORTANT: Currently, changes must be backported to the in-proc branch to be included in Core Tools and non-Flex deployments.

  • Backporting to the in-proc branch is not required
    • Otherwise: Link to backporting PR
  • My changes do not require documentation changes
    • Otherwise: Documentation issue linked to PR
  • My changes should not be added to the release notes for the next release
    • Otherwise: I've added my notes to release_notes.md
  • My changes do not need to be backported to a previous version
    • Otherwise: Backport tracked by issue/PR #issue_or_pr
  • My changes do not require diagnostic events changes
    • Otherwise: I have added/updated all related diagnostic events and their documentation (Documentation issue linked to PR)
  • I have added all required tests (Unit tests, E2E tests)

Additional information

As part of our changes to DI in the out-of-proc host many components now resolve loggers from the job host, which includes customer logs. This was intentional and what we wanted for the most part. However, we have identified that JwtBearerHandler for script auth produces noisy logs which are distracting to have in customer logs. This PR addresses this by ensuring the JwtBearerHandler gets loggers from the parent scope only. This is done as follows:

  1. Introduce a new ISystemLoggerFactory interface which is used to create loggers from system-only providers.
    • This is a mere wrapper around ILoggerFactory.
    • This is registered as a singleton in the WebHost, meaning its exact instance will be forwarded to the JobHost.
  2. Introduce ScriptJwtBearerHandler, which inherits JwtBearerHandler. This now imports ISystemLoggerFactory instead of ILoggerFactory.

@jviau jviau requested a review from a team as a code owner November 11, 2024 22:37
@jviau
Copy link
Contributor Author

jviau commented Nov 12, 2024

/azp run host.public

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

Copy link
Member

@fabiocav fabiocav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@jviau jviau merged commit da46c0e into dev Nov 15, 2024
11 checks passed
@jviau jviau deleted the jviau/script-auth-noresult branch November 15, 2024 06:40
@JuNe98
Copy link

JuNe98 commented Nov 29, 2024

@jviau
In which runtime version can i expect the fix? Or is there a preview available?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

BUG : Unexpected JWT Validation Exception - IDX10205: Issuer validation failed
5 participants