From 98bf949495a8d6aa277233eff1a6ce018d98ee0a Mon Sep 17 00:00:00 2001 From: Samuel Monroe Date: Wed, 25 Mar 2026 12:15:16 +0100 Subject: [PATCH] Add structured logging to OAuth callback and enhance test coverage for logging verification. --- bff/bff_app/routes/auth.py | 5 +++++ bff/tests/test_auth_callback.py | 10 ++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/bff/bff_app/routes/auth.py b/bff/bff_app/routes/auth.py index 33db4ad5..b7cb12e7 100644 --- a/bff/bff_app/routes/auth.py +++ b/bff/bff_app/routes/auth.py @@ -250,6 +250,11 @@ def login_cb(): session.pop("cv", None) session.pop("state", None) + current_app.logger.info( + "OAuth callback succeeded; returning response with status=%s location=%s", + response.status_code, + response.headers.get("Location"), + ) return response diff --git a/bff/tests/test_auth_callback.py b/bff/tests/test_auth_callback.py index 74223c18..3f23381c 100644 --- a/bff/tests/test_auth_callback.py +++ b/bff/tests/test_auth_callback.py @@ -1,3 +1,4 @@ +import logging from unittest.mock import MagicMock from bff_app.routes import auth as auth_routes @@ -18,7 +19,7 @@ def _fake_oauth_session(state="state-123", token=None): return fake -def test_login_callback_exchanges_code_and_redirects(client, monkeypatch): +def test_login_callback_exchanges_code_and_redirects(client, monkeypatch, app, caplog): # Mock the token exchange so we don't call the real auth server. fake_oauth = _fake_oauth_session( token={ @@ -35,10 +36,15 @@ def test_login_callback_exchanges_code_and_redirects(client, monkeypatch): sess["state"] = "state-123" sess["cv"] = "cv-hex" - res = client.get("/proxy/api/auth/callback?state=state-123&code=abc") + with caplog.at_level(logging.INFO, logger=app.logger.name): + res = client.get("/proxy/api/auth/callback?state=state-123&code=abc") assert res.status_code == 302 assert res.headers["Location"] == "http://frontend.test" + assert ( + "OAuth callback succeeded; returning response with status=302 " + "location=http://frontend.test" + ) in caplog.text set_cookie_headers = res.headers.getlist("Set-Cookie") assert any(header.startswith("test-session_at=") for header in set_cookie_headers) assert any(header.startswith("test-session_rt=") for header in set_cookie_headers)