Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-07-22 22:59:41 +02:00
Code Issues Releases Activity

chore: Add OIDC debug logging (#4658)

Browse source 
Signed-off-by: Dan Webb <dan.webb@damacus.io>
This commit is contained in:
Dan Webb 2024-12-30 21:20:15 +00:00 committed by GitHub
parent 5d33694bc6
commit 716c5c1d87
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 40 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
mealie/core/security/providers/openid_provider.py
View file

@ -27,6 +27,11 @@ class OpenIDProvider(AuthProvider[UserInfo]):
self._logger.error("[OIDC] No claims in the id_token") self._logger.error("[OIDC] No claims in the id_token")
return None return None
# Log all claims for debugging
self._logger.debug("[OIDC] Received claims:")
for key, value in claims.items():
self._logger.debug("[OIDC] %s: %s", key, value)
if not self.required_claims.issubset(claims.keys()): if not self.required_claims.issubset(claims.keys()):
self._logger.error( self._logger.error(
"[OIDC] Required claims not present. Expected: %s Actual: %s", "[OIDC] Required claims not present. Expected: %s Actual: %s",
@ -35,6 +40,12 @@ class OpenIDProvider(AuthProvider[UserInfo]):
) )
return None return None
# Check for empty required claims
for claim in self.required_claims:
if not claims.get(claim):
self._logger.error("[OIDC] Required claim '%s' is empty", claim)
return None
repos = get_repositories(self.session, group_id=None, household_id=None) repos = get_repositories(self.session, group_id=None, household_id=None)
is_admin = False is_admin = False

29
tests/unit_tests/core/security/providers/test_openid_provider.py
View file

@ -1,5 +1,6 @@
import pytest import pytest
from pytest import MonkeyPatch, Session from pytest import MonkeyPatch, Session
import logging
from mealie.core.config import get_app_settings from mealie.core.config import get_app_settings
from mealie.core.security.providers.openid_provider import OpenIDProvider from mealie.core.security.providers.openid_provider import OpenIDProvider
@ -20,6 +21,18 @@ def test_empty_claims():
assert auth_provider.authenticate() is None assert auth_provider.authenticate() is None
def test_empty_required_claims():
data = {
"preferred_username": "dude1",
"email": "", # Empty required claim
"name": "Firstname Lastname",
"groups": ["mealie_user"],
}
auth_provider = OpenIDProvider(None, data)
assert auth_provider.authenticate() is None
def test_missing_claims(): def test_missing_claims():
data = {"preferred_username": "dude1"} data = {"preferred_username": "dude1"}
auth_provider = OpenIDProvider(None, data) auth_provider = OpenIDProvider(None, data)
@ -162,3 +175,19 @@ def test_ldap_user_creation_invalid_group_or_household(
assert user is not None assert user is not None
else: else:
assert user is None assert user is None
def test_claims_logging(caplog, session: Session):
caplog.set_level(logging.DEBUG)
data = {
"preferred_username": "testuser",
"email": "test@example.com",
"name": "Test User",
"groups": ["mealie_user"],
}
auth_provider = OpenIDProvider(session, data)
auth_provider.authenticate()
# Verify that all claims are logged
for key, value in data.items():
assert f"{key}: {value}" in caplog.text