refac: add better logging for oauth errors

99e7b328 · Jun Siang Cheah · 981f3841 · 99e7b328
Commit 99e7b328 authored Jun 24, 2024 by Jun Siang Cheah
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 2 deletions

backend/main.py backend/main.py +6 -2

No files found.
--- a/backend/main.py
+++ b/backend/main.py
@@ -1883,17 +1883,19 @@ async def oauth_callback(provider: str, request: Request, response: Response):
    try:
        token = await client.authorize_access_token(request)
    except Exception as e:
-        log.error(f"OAuth callback error: {e}")
+        log.warning(f"OAuth callback error: {e}")
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
    user_data: UserInfo = token["userinfo"]
    sub = user_data.get("sub")
    if not sub:
+        log.warning(f"OAuth callback failed, sub is missing: {user_data}")
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
    provider_sub = f"{provider}@{sub}"
    email = user_data.get("email", "").lower()
    # We currently mandate that email addresses are provided
    if not email:
+        log.warning(f"OAuth callback failed, email is missing: {user_data}")
        raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
    # Check if the user exists
@@ -1958,7 +1960,9 @@ async def oauth_callback(provider: str, request: Request, response: Response):
                    },
                )
        else:
-            raise HTTPException(400, detail=ERROR_MESSAGES.INVALID_CRED)
+            raise HTTPException(
+                status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.ACCESS_PROHIBITED
+            )
    jwt_token = create_token(
        data={"id": user.id},