oidc: Add log client IP address

Signed-off-by: Omer Aplatony <omerap12@gmail.com>
argoproj · Nov 21, 2024 · 0f078f6 · 0f078f6
1 parent c6804e9
commit 0f078f6
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/util/oidc/oidc.go b/util/oidc/oidc.go
@@ -376,6 +376,7 @@ func (a *ClientApp) HandleCallback(w http.ResponseWriter, r *http.Request) {
 	idToken, err := a.provider.Verify(idTokenRAW, a.settings)
 	if err != nil {
 		log.Warnf("Failed to verify token: %s", err)
+		log.Infof("Client IP: %s", r.RemoteAddr)
 		http.Error(w, common.TokenVerificationError, http.StatusInternalServerError)
 		return
 	}

diff --git a/util/oidc/provider.go b/util/oidc/provider.go
@@ -130,9 +130,6 @@ func (p *providerImpl) Verify(tokenString string, argoSettings *settings.ArgoCDS
 			if err == nil {
 				break
 			}
-			// We store the error for each audience so that we can return a more detailed error message to the user.
-			// If this gets merged, we'll be able to detect failures unrelated to audiences and short-circuit this loop
-			// to avoid logging irrelevant warnings: https://github.com/coreos/go-oidc/pull/406
 			tokenVerificationErrors[aud] = err
 		}
 		// If the most recent attempt encountered an error, and if we have collected multiple errors, switch to the