-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve logging #88
Comments
Things we attempt to log:
Things included in first log statement generated for each successful login attempt:
Things included in second log statement (generated at almost the same time as first statement)
Things included in third log statement:
if new user created
|
Logs look great for SamlTest on integrations. Will try to test with alternate IdP |
Client IdP I hoped to test with is down. Without ability to test further, will consider the issue resolved. |
We have a few problems with the logs:
pressbooks-saml-sso/inc/class-saml.php
Lines 368 to 370 in 6b887a3
It would be good to log the contents of self::USER_DATA at the same time we store it to the $attributes variable so we can see what values we have from the claim even before we attempt to set the username and email address. We should have information in the log about the claim information received by Pressbooks in cases when login fails (maybe especially so in this cases). We should also switch the order of lines 369 and 368 so that we log net_id before we log email.
Each successful login sends the same information twice, except once with some "Auth SAML data" and once without it. See
pressbooks-saml-sso/inc/class-saml.php
Line 577 in 6b887a3
It would be good to allow network managers to download and inspect these logs from the SSO config page, as we allow with the OIDC plugin's logs.
Finally, logs do not appear to be automatically configured the plugin is activated or used in our production network. Not sure what needs to be done so that necessary S3 buckets or CloudWatch groups are created, but if the plugin is active on one of our hosted networks, logs should automatically be kept.
The text was updated successfully, but these errors were encountered: