From 5866493cae0f2877398e5bedfb4261dfefbdf7dd Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 19 Oct 2010 12:07:59 -0700 Subject: OAuth - better log messages --- lib/apiauth.php | 67 +++++++++++++++++++++++++++++++++------------------ lib/apioauthstore.php | 9 +++++-- 2 files changed, 51 insertions(+), 25 deletions(-) (limited to 'lib') diff --git a/lib/apiauth.php b/lib/apiauth.php index 8b0a3da17..a1c698bba 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -168,9 +168,11 @@ class ApiAuthAction extends ApiAction $app = Oauth_application::getByConsumerKey($consumer); if (empty($app)) { - common_log(LOG_WARNING, - 'Couldn\'t find the OAuth app for consumer key: ' . - $consumer); + common_log( + LOG_WARNING, + 'API OAuth - Couldn\'t find the OAuth app for consumer key: ' . + $consumer + ); // TRANS: OAuth exception thrown when no application is found for a given consumer key. throw new OAuthException(_('No application for that consumer key.')); } @@ -197,16 +199,19 @@ class ApiAuthAction extends ApiAction } $msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " . - "application '%s' (id: %d) with %s access."; - - common_log(LOG_INFO, sprintf($msg, - $this->auth_user->nickname, - $this->auth_user->id, - $app->name, - $app->id, - ($this->access = self::READ_WRITE) ? - 'read-write' : 'read-only' - )); + "application '%s' (id: %d) with %s access."; + + common_log( + LOG_INFO, + sprintf( + $msg, + $this->auth_user->nickname, + $this->auth_user->id, + $app->name, + $app->id, + ($this->access = self::READ_WRITE) ? 'read-write' : 'read-only' + ) + ); } else { // TRANS: OAuth exception given when an incorrect access token was given for a user. throw new OAuthException(_('Bad access token.')); @@ -218,6 +223,7 @@ class ApiAuthAction extends ApiAction } } catch (OAuthException $e) { + $this->logAuthFailure($e->getMessage()); common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage()); $this->clientError($e->getMessage(), 401, $this->format); exit; @@ -276,16 +282,11 @@ class ApiAuthAction extends ApiAction $this->access = self::READ_WRITE; if (empty($this->auth_user) && ($required || isset($_SERVER['PHP_AUTH_USER']))) { - - // basic authentication failed - list($proxy, $ip) = common_client_ip(); - - $msg = sprintf( 'Failed API auth attempt, nickname = %1$s, ' . - 'proxy = %2$s, ip = %3$s', - $this->auth_user_nickname, - $proxy, - $ip); - common_log(LOG_WARNING, $msg); + $msg = sprintf( + "basic auth nickname = %s", + $this->auth_user_nickname + ); + $this->logAuthFailure($msg); // TRANS: Client error thrown when authentication fails. $this->clientError(_("Could not authenticate you."), 401, $this->format); exit; @@ -332,4 +333,24 @@ class ApiAuthAction extends ApiAction } } } + + /** + * Log an API authentication failer. Collect the proxy and IP + * and log them + * + * @param string $logMsg additional log message + */ + + function logAuthFailure($logMsg) + { + list($proxy, $ip) = common_client_ip(); + + $msg = sprintf( + 'API auth failure (proxy = %1$s, ip = %2$s) - ', + $proxy, + $ip + ); + + common_log(LOG_WARNING, $msg . $logMsg); + } } diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php index f3bf0b857..6e0039bdd 100644 --- a/lib/apioauthstore.php +++ b/lib/apioauthstore.php @@ -74,8 +74,13 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore function new_access_token($token, $consumer, $verifier) { common_debug( - 'new_access_token("' . $token->key . '","' . $consumer->key. '","' . $verifier . '")', - __FILE__ + sprintf( + "%s - New access token from request token %s, consumer %s and verifier %s ", + __FILE__, + $token, + $consumer, + $verifier + ) ); $rt = new Token(); -- cgit v1.2.3-54-g00ecf