Skip to content

Commit

Permalink
Remove confusing key_id from stepup callout logging
Browse files Browse the repository at this point in the history
This value is not the keyID but the original authnrequest ID. This is superfluous
as EB log messages already log tracing information in the session_id and request_id
parameters that are logged with every message. Just leave out this confusingly
named value.

Closes: #1343
  • Loading branch information
thijskh committed Dec 4, 2024
1 parent 9a9a25e commit 2160543
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ public function serve($serviceName, Request $httpRequest)
return;
}

$log->info('Handle Stepup authentication callout', array('key_id' => $receivedRequest->getId()));
$log->info('Handle Stepup authentication callout');

// Add Stepup authentication step
$currentProcessStep = $this->_processingStateHelper->addStep(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ public function serve($serviceName, Request $httpRequest)
$receivedLoa = $this->_stepupGatewayCallOutHelper->getEbLoa($receivedResponse->getAssertion()->getAuthnContextClassRef());
$this->updateProcessingStateLoa($receivedRequest, $receivedResponse, $receivedLoa);

$log->warning('After Stepup authentication update received LoA', array('key_id' => $receivedRequest->getId(), 'result' => $receivedLoa));
$log->warning('After Stepup authentication update received LoA', ['result' => $receivedLoa]);
} catch (EngineBlock_Corto_Exception_ReceivedErrorStatusCode $e) {

// The user is allowed to continue upon subcode: NoAuthnContext when the SP is configured with the coin: coin:stepup:allow_no_token == true
Expand All @@ -108,7 +108,7 @@ public function serve($serviceName, Request $httpRequest)
// Update the AuthnContextClassRef to LoA 1
$mappedLoa = $this->_stepupGatewayCallOutHelper->getStepupLoa1();
$this->updateProcessingStateLoa($receivedRequest, $receivedResponse, $mappedLoa);
$log->warning('After failed Stepup authentication set LoA to Loa1', array('key_id' => $receivedRequest->getId(), 'result' => $mappedLoa));
$log->warning('After failed Stepup authentication set LoA to Loa1', ['result' => $mappedLoa]);
}

if ($checkResponseSignature) {
Expand All @@ -125,7 +125,7 @@ public function serve($serviceName, Request $httpRequest)
$this->_server->getRepository()
);

$log->info('Handled Stepup authentication callout successfully', array('key_id' => $receivedRequest->getId()));
$log->info('Handled Stepup authentication callout successfully');

// Get active request
$processStep = $this->_processingStateHelper->getStepByRequestId($receivedRequest->getId(), ProcessingStateHelperInterface::STEP_STEPUP);
Expand Down Expand Up @@ -193,7 +193,7 @@ private function handleInvalidGatewayResponse(EngineBlock_Corto_Exception_Receiv
switch (true) {
case ($e->getFeedbackStatusCode() === 'Responder/AuthnFailed' && $e->getFeedbackStatusMessage() === 'Authentication cancelled by user'):
// user cancelled
$log->info('User cancelled Stepup authentication callout', array('key_id' => $receivedRequest->getId(), 'result' => $e->getFeedbackInfo()));
$log->info('User cancelled Stepup authentication callout', ['result' => $e->getFeedbackInfo()]);

throw new EngineBlock_Corto_Exception_UserCancelledStepupCallout(
'User cancelled Stepup authentication callout',
Expand All @@ -204,7 +204,7 @@ private function handleInvalidGatewayResponse(EngineBlock_Corto_Exception_Receiv
// invalid loa level
// should continue if no valid token is allowed

$log->warning('Unmet loa level for Stepup authentication callout, trying allow no token', array('key_id' => $receivedRequest->getId(), 'result' => $e->getFeedbackInfo()));
$log->warning('Unmet loa level for Stepup authentication callout, trying allow no token', ['result' => $e->getFeedbackInfo()]);

// check if no token allowed
$processStep = $this->_processingStateHelper->getStepByRequestId($receivedRequest->getId(), ProcessingStateHelperInterface::STEP_STEPUP);
Expand All @@ -216,7 +216,7 @@ private function handleInvalidGatewayResponse(EngineBlock_Corto_Exception_Receiv

if ($this->_stepupGatewayCallOutHelper->allowNoToken($idp, $sp)) {

$log->warning('Allow no token allowed from sp/idp configuration, continuing', array('key_id' => $receivedRequest->getId(), 'result' => $e->getFeedbackInfo()));
$log->warning('Allow no token allowed from sp/idp configuration, continuing', ['result' => $e->getFeedbackInfo()]);
return;
}

Expand All @@ -226,7 +226,7 @@ private function handleInvalidGatewayResponse(EngineBlock_Corto_Exception_Receiv
);
}

$log->warning('Invalid status returned from Stepup authentication gateway', array('key_id' => $receivedRequest->getId(), 'result' => $e->getFeedbackInfo()));
$log->warning('Invalid status returned from Stepup authentication gateway', ['result' => $e->getFeedbackInfo()]);

throw new EngineBlock_Corto_Exception_InvalidStepupCalloutResponse(
sprintf(
Expand Down

0 comments on commit 2160543

Please sign in to comment.