tidy: cleanup oauth metadata logging

webmeshproj · Oct 18, 2023 · 4adc890 · 4adc890
1 parent 7141439
commit 4adc890
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/internal/metadata/client_store.go b/internal/metadata/client_store.go
@@ -25,6 +25,7 @@ import (
 	"github.com/webmeshproj/storage-provider-k8s/provider"
 	"github.com/webmeshproj/webmesh/pkg/crypto"
 	"github.com/webmeshproj/webmesh/pkg/storage/types"
+	"sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 // Ensure we implement the oauth2.ClientStore interface.
@@ -52,7 +53,10 @@ func NewClientStore(storage *provider.Provider, keys NodeKeyResolver) *ClientSto
 func (c *ClientStore) GetByID(ctx context.Context, id string) (oauth2.ClientInfo, error) {
 	c.mu.Lock()
 	defer c.mu.Unlock()
+	log := log.FromContext(ctx).WithName("oauth-client-store")
+	log.V(1).Info("Looking up client by ID", "id", id)
 	if c.domain == "" {
+		log.V(1).Info("Fetching current cluster domain")
 		netstate, err := c.storage.MeshDB().MeshState().GetMeshState(ctx)
 		if err != nil {
 			return nil, err

diff --git a/internal/metadata/server.go b/internal/metadata/server.go
@@ -25,6 +25,7 @@ import (
 	"net"
 	"net/http"
 	"net/netip"
+	"sort"
 	"strings"
 
 	"github.com/go-logr/logr"
@@ -95,11 +96,11 @@ func NewServer(opts Options) *Server {
 		srv.oauth.SetAllowGetAccessRequest(true)
 		srv.oauth.SetClientInfoHandler(srv.getClientInfoFromRequest)
 		srv.oauth.SetInternalErrorHandler(func(err error) (re *errors.Response) {
-			srv.log.Error(err, "Internal oauth error")
+			srv.log.Error(err, "Internal metadata oauth error")
 			return
 		})
 		srv.oauth.SetResponseErrorHandler(func(re *errors.Response) {
-			srv.log.Error(fmt.Errorf("oauth response error: %s", re.Error.Error()), "Oauth response error")
+			srv.log.Info("Metadata oauth response error", "error", re.Error.Error())
 		})
 		mux.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
 			err := srv.oauth.HandleAuthorizeRequest(w, r)
@@ -170,12 +171,21 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			s.returnError(w, err)
 			return
 		}
+		var keys []string
 		for k := range m {
-			fmt.Fprintln(w, k)
+			keys = append(keys, k)
 		}
 		// Append the privateKey key if the request is local or we have a key resolver.
 		if (peerInfo.Local || s.KeyResolver != nil) && !peerInfo.Remote {
-			fmt.Fprintln(w, "privateKey")
+			keys = append(keys, "privateKey")
+		}
+		// Append oauth endpoints if enabled
+		if s.oauth != nil {
+			keys = append(keys, "authorize", "token")
+		}
+		sort.Strings(keys)
+		for _, k := range keys {
+			fmt.Fprintln(w, k)
 		}
 		return
 	default: