feat: log invalid credentials on info level instead of error/warning (#…

…517) Closes #505
ory · Sep 17, 2020 · a372b5f · a372b5f
1 parent 4580ab1
commit a372b5f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/api/decision.go b/api/decision.go
@@ -110,7 +110,7 @@ func (h *DecisionHandler) decisions(w http.ResponseWriter, r *http.Request) {
 		h.r.Logger().WithError(err).
 			WithFields(fields).
 			WithField("granted", false).
-			Warn("Access request denied")
+			Info("Access request denied")
 
 		h.r.ProxyRequestHandler().HandleError(w, r, rl, err)
 		return

diff --git a/proxy/request_handler.go b/proxy/request_handler.go
@@ -223,6 +223,9 @@ func (d *RequestHandler) HandleRequest(r *http.Request, rl *rule.Rule) (session
 			// The authentication handler says that no further authentication/authorization is required, and the request should
 			// be forwarded to its final destination.
 			// return nil
+			case helper.ErrUnauthorized.ErrorField:
+				d.r.Logger().Info(err)
+				return nil, err
 			default:
 				d.r.Logger().WithError(err).
 					WithFields(fields).