matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-09 04:22:45 +03:00
Code Activity

Add the Sentry event ID in error response headers

Browse Source
This commit is contained in:
Quentin Gliech
2023-09-08 15:03:26 +02:00
parent be90cbb3da
commit 0bb34ed3e0
19 changed files with 149 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
crates/axum-utils/src/fancy_error.rs
View File

@@ -19,6 +19,8 @@ use axum::{
}; };
use mas_templates::ErrorContext; use mas_templates::ErrorContext;
use crate::sentry::SentryEventID;
pub struct FancyError { pub struct FancyError {
context: ErrorContext, context: ErrorContext,
} }
@@ -59,9 +61,10 @@ impl<E: std::fmt::Debug + std::fmt::Display> From<E> for FancyError {
impl IntoResponse for FancyError { impl IntoResponse for FancyError {
fn into_response(self) -> Response { fn into_response(self) -> Response {
let error = format!("{:?}", self.context); let error = format!("{:?}", self.context);
sentry::capture_message(&error, sentry::Level::Error); let event_id = sentry::capture_message(&error, sentry::Level::Error);
( (
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
SentryEventID::from(event_id),
Extension(self.context), Extension(self.context),
error, error,
) )

1
crates/axum-utils/src/lib.rs
View File

@@ -28,6 +28,7 @@ pub mod csrf;
pub mod fancy_error; pub mod fancy_error;
pub mod http_client_factory; pub mod http_client_factory;
pub mod jwt; pub mod jwt;
pub mod sentry;
pub mod session; pub mod session;
pub mod user_authorization; pub mod user_authorization;

38
crates/axum-utils/src/sentry.rs Normal file
View File

@@ -0,0 +1,38 @@
// Copyright 2023 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use std::convert::Infallible;
use axum::response::{IntoResponseParts, ResponseParts};
use sentry::types::Uuid;
/// A wrapper to include a Sentry event ID in the response headers.
#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
pub struct SentryEventID(Uuid);
impl From<Uuid> for SentryEventID {
fn from(uuid: Uuid) -> Self {
Self(uuid)
}
}
impl IntoResponseParts for SentryEventID {
type Error = Infallible;
fn into_response_parts(self, mut res: ResponseParts) -> Result<ResponseParts, Self::Error> {
res.headers_mut()
.insert("X-Sentry-Event-ID", self.0.to_string().parse().unwrap());
Ok(res)
}
}

10
crates/handlers/src/compat/login.rs
View File

@@ -15,6 +15,7 @@
use axum::{extract::State, response::IntoResponse, Json}; use axum::{extract::State, response::IntoResponse, Json};
use chrono::Duration; use chrono::Duration;
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::sentry::SentryEventID;
use mas_data_model::{CompatSession, CompatSsoLoginState, Device, TokenType, User}; use mas_data_model::{CompatSession, CompatSsoLoginState, Device, TokenType, User};
use mas_storage::{ use mas_storage::{
compat::{ compat::{
@@ -169,8 +170,8 @@ impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) | Self::SessionNotFound => MatrixError { Self::Internal(_) | Self::SessionNotFound => MatrixError {
errcode: "M_UNKNOWN", errcode: "M_UNKNOWN",
error: "Internal server error", error: "Internal server error",
@@ -198,8 +199,9 @@ impl IntoResponse for RouteError {
error: "Invalid login token", error: "Invalid login token",
status: StatusCode::FORBIDDEN, status: StatusCode::FORBIDDEN,
}, },
} };
.into_response()
(SentryEventID::from(event_id), response).into_response()
} }
} }

10
crates/handlers/src/compat/login_sso_redirect.rs
View File

@@ -18,6 +18,7 @@ use axum::{
response::IntoResponse, response::IntoResponse,
}; };
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::sentry::SentryEventID;
use mas_router::{CompatLoginSsoAction, CompatLoginSsoComplete, UrlBuilder}; use mas_router::{CompatLoginSsoAction, CompatLoginSsoComplete, UrlBuilder};
use mas_storage::{compat::CompatSsoLoginRepository, BoxClock, BoxRepository, BoxRng}; use mas_storage::{compat::CompatSsoLoginRepository, BoxClock, BoxRepository, BoxRng};
use rand::distributions::{Alphanumeric, DistString}; use rand::distributions::{Alphanumeric, DistString};
@@ -51,8 +52,13 @@ impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
(StatusCode::INTERNAL_SERVER_ERROR, format!("{self}")).into_response() (
StatusCode::INTERNAL_SERVER_ERROR,
SentryEventID::from(event_id),
format!("{self}"),
)
.into_response()
} }
} }

10
crates/handlers/src/compat/logout.rs
View File

@@ -15,6 +15,7 @@
use axum::{response::IntoResponse, Json, TypedHeader}; use axum::{response::IntoResponse, Json, TypedHeader};
use headers::{authorization::Bearer, Authorization}; use headers::{authorization::Bearer, Authorization};
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::sentry::SentryEventID;
use mas_data_model::TokenType; use mas_data_model::TokenType;
use mas_storage::{ use mas_storage::{
compat::{CompatAccessTokenRepository, CompatSessionRepository}, compat::{CompatAccessTokenRepository, CompatSessionRepository},
@@ -45,8 +46,8 @@ impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) => MatrixError { Self::Internal(_) => MatrixError {
errcode: "M_UNKNOWN", errcode: "M_UNKNOWN",
error: "Internal error", error: "Internal error",
@@ -62,8 +63,9 @@ impl IntoResponse for RouteError {
error: "Invalid access token", error: "Invalid access token",
status: StatusCode::UNAUTHORIZED, status: StatusCode::UNAUTHORIZED,
}, },
} };
.into_response()
(SentryEventID::from(event_id), response).into_response()
} }
} }

10
crates/handlers/src/compat/refresh.rs
View File

@@ -15,6 +15,7 @@
use axum::{extract::State, response::IntoResponse, Json}; use axum::{extract::State, response::IntoResponse, Json};
use chrono::Duration; use chrono::Duration;
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::sentry::SentryEventID;
use mas_data_model::{TokenFormatError, TokenType}; use mas_data_model::{TokenFormatError, TokenType};
use mas_storage::{ use mas_storage::{
compat::{CompatAccessTokenRepository, CompatRefreshTokenRepository, CompatSessionRepository}, compat::{CompatAccessTokenRepository, CompatRefreshTokenRepository, CompatSessionRepository},
@@ -52,8 +53,8 @@ pub enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) | Self::UnknownSession => MatrixError { Self::Internal(_) | Self::UnknownSession => MatrixError {
errcode: "M_UNKNOWN", errcode: "M_UNKNOWN",
error: "Internal error", error: "Internal error",
@@ -64,8 +65,9 @@ impl IntoResponse for RouteError {
error: "Invalid refresh token", error: "Invalid refresh token",
status: StatusCode::UNAUTHORIZED, status: StatusCode::UNAUTHORIZED,
}, },
} };
.into_response()
(SentryEventID::from(event_id), response).into_response()
} }
} }

12
crates/handlers/src/graphql/mod.rs
View File

@@ -28,7 +28,9 @@ use axum::{
use futures_util::TryStreamExt; use futures_util::TryStreamExt;
use headers::{authorization::Bearer, Authorization, ContentType, HeaderValue}; use headers::{authorization::Bearer, Authorization, ContentType, HeaderValue};
use hyper::header::CACHE_CONTROL; use hyper::header::CACHE_CONTROL;
use mas_axum_utils::{cookies::CookieJar, FancyError, SessionInfo, SessionInfoExt}; use mas_axum_utils::{
cookies::CookieJar, sentry::SentryEventID, FancyError, SessionInfo, SessionInfoExt,
};
use mas_data_model::User; use mas_data_model::User;
use mas_graphql::{Requester, Schema}; use mas_graphql::{Requester, Schema};
use mas_matrix::HomeserverConnection; use mas_matrix::HomeserverConnection;
@@ -144,9 +146,9 @@ impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> Response { fn into_response(self) -> Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
e @ (Self::Internal(_) | Self::LoadFailed) => { e @ (Self::Internal(_) | Self::LoadFailed) => {
let error = async_graphql::Error::new_with_source(e); let error = async_graphql::Error::new_with_source(e);
( (
@@ -182,7 +184,9 @@ impl IntoResponse for RouteError {
) )
.into_response() .into_response()
} }
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

10
crates/handlers/src/oauth2/authorization/complete.rs
View File

@@ -17,7 +17,7 @@ use axum::{
response::{Html, IntoResponse, Response}, response::{Html, IntoResponse, Response},
}; };
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, SessionInfoExt}; use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, sentry::SentryEventID, SessionInfoExt};
use mas_data_model::{AuthorizationGrant, BrowserSession, Client, Device}; use mas_data_model::{AuthorizationGrant, BrowserSession, Client, Device};
use mas_keystore::Keystore; use mas_keystore::Keystore;
use mas_policy::{EvaluationResult, Policy}; use mas_policy::{EvaluationResult, Policy};
@@ -53,9 +53,9 @@ pub enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event = sentry::capture_error(&self);
// TODO: better error pages // TODO: better error pages
match self { let response = match self {
RouteError::NotFound => { RouteError::NotFound => {
(StatusCode::NOT_FOUND, "authorization grant was not found").into_response() (StatusCode::NOT_FOUND, "authorization grant was not found").into_response()
} }
@@ -67,7 +67,9 @@ impl IntoResponse for RouteError {
RouteError::Internal(_) | Self::NoSuchClient => { RouteError::Internal(_) | Self::NoSuchClient => {
(StatusCode::INTERNAL_SERVER_ERROR, self.to_string()).into_response() (StatusCode::INTERNAL_SERVER_ERROR, self.to_string()).into_response()
} }
} };
(SentryEventID::from(event), response).into_response()
} }
} }

10
crates/handlers/src/oauth2/authorization/mod.rs
View File

@@ -17,7 +17,7 @@ use axum::{
response::{Html, IntoResponse, Response}, response::{Html, IntoResponse, Response},
}; };
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, SessionInfoExt}; use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, sentry::SentryEventID, SessionInfoExt};
use mas_data_model::{AuthorizationCode, Pkce}; use mas_data_model::{AuthorizationCode, Pkce};
use mas_keystore::Keystore; use mas_keystore::Keystore;
use mas_policy::Policy; use mas_policy::Policy;
@@ -64,9 +64,9 @@ pub enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
// TODO: better error pages // TODO: better error pages
match self { let response = match self {
RouteError::Internal(e) => { RouteError::Internal(e) => {
(StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response() (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response()
} }
@@ -84,7 +84,9 @@ impl IntoResponse for RouteError {
format!("Invalid redirect URI ({e})"), format!("Invalid redirect URI ({e})"),
) )
.into_response(), .into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

9
crates/handlers/src/oauth2/consent.rs
View File

@@ -20,6 +20,7 @@ use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
cookies::CookieJar, cookies::CookieJar,
csrf::{CsrfExt, ProtectedForm}, csrf::{CsrfExt, ProtectedForm},
sentry::SentryEventID,
SessionInfoExt, SessionInfoExt,
}; };
use mas_data_model::{AuthorizationGrantStage, Device}; use mas_data_model::{AuthorizationGrantStage, Device};
@@ -63,8 +64,12 @@ impl_from_error_for_route!(mas_policy::EvaluationError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
StatusCode::INTERNAL_SERVER_ERROR.into_response() (
SentryEventID::from(event_id),
StatusCode::INTERNAL_SERVER_ERROR,
)
.into_response()
} }
} }

9
crates/handlers/src/oauth2/introspection.rs
View File

@@ -17,6 +17,7 @@ use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
client_authorization::{ClientAuthorization, CredentialsVerificationError}, client_authorization::{ClientAuthorization, CredentialsVerificationError},
http_client_factory::HttpClientFactory, http_client_factory::HttpClientFactory,
sentry::SentryEventID,
}; };
use mas_data_model::{TokenFormatError, TokenType, User}; use mas_data_model::{TokenFormatError, TokenType, User};
use mas_iana::oauth::{OAuthClientAuthenticationMethod, OAuthTokenTypeHint}; use mas_iana::oauth::{OAuthClientAuthenticationMethod, OAuthTokenTypeHint};
@@ -59,8 +60,8 @@ pub enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(e) => ( Self::Internal(e) => (
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
Json( Json(
@@ -92,7 +93,9 @@ impl IntoResponse for RouteError {
Json(ClientError::from(ClientErrorCode::InvalidRequest)), Json(ClientError::from(ClientErrorCode::InvalidRequest)),
) )
.into_response(), .into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

9
crates/handlers/src/oauth2/registration.rs
View File

@@ -14,6 +14,7 @@
use axum::{extract::State, response::IntoResponse, Json}; use axum::{extract::State, response::IntoResponse, Json};
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::sentry::SentryEventID;
use mas_iana::oauth::OAuthClientAuthenticationMethod; use mas_iana::oauth::OAuthClientAuthenticationMethod;
use mas_keystore::Encrypter; use mas_keystore::Encrypter;
use mas_policy::{Policy, Violation}; use mas_policy::{Policy, Violation};
@@ -52,8 +53,8 @@ impl_from_error_for_route!(mas_keystore::aead::Error);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) => ( Self::Internal(_) => (
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
Json(ClientError::from(ClientErrorCode::ServerError)), Json(ClientError::from(ClientErrorCode::ServerError)),
@@ -124,7 +125,9 @@ impl IntoResponse for RouteError {
) )
.into_response() .into_response()
} }
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

9
crates/handlers/src/oauth2/revoke.rs
View File

@@ -17,6 +17,7 @@ use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
client_authorization::{ClientAuthorization, CredentialsVerificationError}, client_authorization::{ClientAuthorization, CredentialsVerificationError},
http_client_factory::HttpClientFactory, http_client_factory::HttpClientFactory,
sentry::SentryEventID,
}; };
use mas_data_model::{Device, TokenType}; use mas_data_model::{Device, TokenType};
use mas_iana::oauth::OAuthTokenTypeHint; use mas_iana::oauth::OAuthTokenTypeHint;
@@ -62,8 +63,8 @@ pub(crate) enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) => ( Self::Internal(_) => (
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
Json(ClientError::from(ClientErrorCode::ServerError)), Json(ClientError::from(ClientErrorCode::ServerError)),
@@ -96,7 +97,9 @@ impl IntoResponse for RouteError {
// If the token is unknown, we still return a 200 OK response. // If the token is unknown, we still return a 200 OK response.
Self::UnknownToken => StatusCode::OK.into_response(), Self::UnknownToken => StatusCode::OK.into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

11
crates/handlers/src/oauth2/token.rs
View File

@@ -19,6 +19,7 @@ use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
client_authorization::{ClientAuthorization, CredentialsVerificationError}, client_authorization::{ClientAuthorization, CredentialsVerificationError},
http_client_factory::HttpClientFactory, http_client_factory::HttpClientFactory,
sentry::SentryEventID,
}; };
use mas_data_model::{AuthorizationGrantStage, Client, Device, TokenType}; use mas_data_model::{AuthorizationGrantStage, Client, Device, TokenType};
use mas_keystore::{Encrypter, Keystore}; use mas_keystore::{Encrypter, Keystore};
@@ -113,8 +114,9 @@ pub(crate) enum RouteError {
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self {
let response = match self {
Self::Internal(_) | Self::NoSuchBrowserSession | Self::NoSuchOAuthSession => ( Self::Internal(_) | Self::NoSuchBrowserSession | Self::NoSuchOAuthSession => (
StatusCode::INTERNAL_SERVER_ERROR, StatusCode::INTERNAL_SERVER_ERROR,
Json(ClientError::from(ClientErrorCode::ServerError)), Json(ClientError::from(ClientErrorCode::ServerError)),
@@ -158,8 +160,9 @@ impl IntoResponse for RouteError {
StatusCode::BAD_REQUEST, StatusCode::BAD_REQUEST,
Json(ClientError::from(ClientErrorCode::UnsupportedGrantType)), Json(ClientError::from(ClientErrorCode::UnsupportedGrantType)),
), ),
} };
.into_response()
(SentryEventID::from(event_id), response).into_response()
} }
} }

9
crates/handlers/src/oauth2/userinfo.rs
View File

@@ -20,6 +20,7 @@ use axum::{
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
jwt::JwtResponse, jwt::JwtResponse,
sentry::SentryEventID,
user_authorization::{AuthorizationVerificationError, UserAuthorization}, user_authorization::{AuthorizationVerificationError, UserAuthorization},
}; };
use mas_jose::{ use mas_jose::{
@@ -84,15 +85,17 @@ impl_from_error_for_route!(mas_jose::jwt::JwtSignatureError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::Internal(_) | Self::InvalidSigningKey | Self::NoSuchClient | Self::NoSuchUser => { Self::Internal(_) | Self::InvalidSigningKey | Self::NoSuchClient | Self::NoSuchUser => {
(StatusCode::INTERNAL_SERVER_ERROR, self.to_string()).into_response() (StatusCode::INTERNAL_SERVER_ERROR, self.to_string()).into_response()
} }
Self::AuthorizationVerificationError(_) | Self::Unauthorized => { Self::AuthorizationVerificationError(_) | Self::Unauthorized => {
StatusCode::UNAUTHORIZED.into_response() StatusCode::UNAUTHORIZED.into_response()
} }
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

12
crates/handlers/src/upstream_oauth2/authorize.rs
View File

@@ -17,7 +17,9 @@ use axum::{
response::{IntoResponse, Redirect}, response::{IntoResponse, Redirect},
}; };
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::{cookies::CookieJar, http_client_factory::HttpClientFactory}; use mas_axum_utils::{
cookies::CookieJar, http_client_factory::HttpClientFactory, sentry::SentryEventID,
};
use mas_oidc_client::requests::authorization_code::AuthorizationRequestData; use mas_oidc_client::requests::authorization_code::AuthorizationRequestData;
use mas_router::UrlBuilder; use mas_router::UrlBuilder;
use mas_storage::{ use mas_storage::{
@@ -49,11 +51,13 @@ impl_from_error_for_route!(mas_storage::RepositoryError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::ProviderNotFound => (StatusCode::NOT_FOUND, "Provider not found").into_response(), Self::ProviderNotFound => (StatusCode::NOT_FOUND, "Provider not found").into_response(),
Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(), Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

12
crates/handlers/src/upstream_oauth2/callback.rs
View File

@@ -17,7 +17,9 @@ use axum::{
response::IntoResponse, response::IntoResponse,
}; };
use hyper::StatusCode; use hyper::StatusCode;
use mas_axum_utils::{cookies::CookieJar, http_client_factory::HttpClientFactory}; use mas_axum_utils::{
cookies::CookieJar, http_client_factory::HttpClientFactory, sentry::SentryEventID,
};
use mas_jose::claims::ClaimError; use mas_jose::claims::ClaimError;
use mas_keystore::{Encrypter, Keystore}; use mas_keystore::{Encrypter, Keystore};
use mas_oidc_client::requests::{ use mas_oidc_client::requests::{
@@ -107,13 +109,15 @@ impl_from_error_for_route!(super::cookie::UpstreamSessionNotFound);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::ProviderNotFound => (StatusCode::NOT_FOUND, "Provider not found").into_response(), Self::ProviderNotFound => (StatusCode::NOT_FOUND, "Provider not found").into_response(),
Self::SessionNotFound => (StatusCode::NOT_FOUND, "Session not found").into_response(), Self::SessionNotFound => (StatusCode::NOT_FOUND, "Session not found").into_response(),
Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(), Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(),
e => (StatusCode::BAD_REQUEST, e.to_string()).into_response(), e => (StatusCode::BAD_REQUEST, e.to_string()).into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }

9
crates/handlers/src/upstream_oauth2/link.rs
View File

@@ -21,6 +21,7 @@ use hyper::StatusCode;
use mas_axum_utils::{ use mas_axum_utils::{
cookies::CookieJar, cookies::CookieJar,
csrf::{CsrfExt, ProtectedForm}, csrf::{CsrfExt, ProtectedForm},
sentry::SentryEventID,
FancyError, SessionInfoExt, FancyError, SessionInfoExt,
}; };
use mas_data_model::{UpstreamOAuthProviderImportPreference, User}; use mas_data_model::{UpstreamOAuthProviderImportPreference, User};
@@ -96,8 +97,8 @@ impl_from_error_for_route!(mas_jose::jwt::JwtDecodeError);
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
fn into_response(self) -> axum::response::Response { fn into_response(self) -> axum::response::Response {
sentry::capture_error(&self); let event_id = sentry::capture_error(&self);
match self { let response = match self {
Self::LinkNotFound => (StatusCode::NOT_FOUND, "Link not found").into_response(), Self::LinkNotFound => (StatusCode::NOT_FOUND, "Link not found").into_response(),
Self::PolicyViolation { violations } => { Self::PolicyViolation { violations } => {
let details = violations.iter().map(|v| v.msg.clone()).collect::<Vec<_>>(); let details = violations.iter().map(|v| v.msg.clone()).collect::<Vec<_>>();
@@ -111,7 +112,9 @@ impl IntoResponse for RouteError {
} }
Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(), Self::Internal(e) => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(),
e => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(), e => (StatusCode::INTERNAL_SERVER_ERROR, e.to_string()).into_response(),
} };
(SentryEventID::from(event_id), response).into_response()
} }
} }