4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# File 'lib/omniauth_openid_federation/strategy/failure_handling.rb', line 4
def fail!(error_type, exception = nil)
already_instrumented = env["omniauth_openid_federation.instrumented"] == true
unless already_instrumented
error_message = exception&.message || error_type.to_s
error_class = exception&.class&.name || "UnknownError"
phase = request.path.end_with?("/callback") ? "callback_phase" : "request_phase"
request_info = {
remote_ip: request.env["REMOTE_ADDR"],
user_agent: request.env["HTTP_USER_AGENT"],
path: request.path,
method: request.request_method
}
case error_type.to_sym
when :authenticity_error
OmniauthOpenidFederation::Instrumentation.notify_authenticity_error(
error_type: error_type.to_s,
error_message: error_message,
error_class: error_class,
phase: phase,
request_info: request_info
)
when :csrf_detected
OmniauthOpenidFederation::Instrumentation.notify_csrf_detected(
error_type: error_type.to_s,
error_message: error_message,
phase: phase,
request_info: request_info
)
when :missing_code, :token_exchange_error
OmniauthOpenidFederation::Instrumentation.notify_unexpected_authentication_break(
stage: phase,
error_message: error_message,
error_class: error_class,
error_type: error_type.to_s,
request_info: request_info
)
else
OmniauthOpenidFederation::Instrumentation.notify_unexpected_authentication_break(
stage: phase,
error_message: error_message,
error_class: error_class,
error_type: error_type.to_s,
request_info: request_info
)
end
end
env["omniauth_openid_federation.instrumented"] = true
super
end
|