internal: fix outposts not logging flow execution errors correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-08-31 23:03:57 +02:00
parent 3e11f0c0b3
commit 14a7c9f967
2 changed files with 11 additions and 11 deletions

View File

@ -213,7 +213,7 @@ func (fe *FlowExecutor) solveFlowChallenge(depth int) (bool, error) {
switch ch.GetComponent() {
case string(StageAccessDenied):
return false, errors.New("got ak-stage-access-denied")
return false, nil
}
if ch.GetType() == "redirect" {
return true, nil

View File

@ -70,6 +70,16 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul
Session: fe.GetSession(),
}
db.si.SetFlags(req.BindDN, flags)
if err != nil {
metrics.RequestsRejected.With(prometheus.Labels{
"outpost_name": db.si.GetOutpostName(),
"type": "bind",
"reason": "flow_error",
"app": db.si.GetAppSlug(),
}).Inc()
req.Log().WithError(err).Warning("failed to execute flow")
return ldap.LDAPResultInvalidCredentials, nil
}
if !passed {
metrics.RequestsRejected.With(prometheus.Labels{
"outpost_name": db.si.GetOutpostName(),
@ -80,16 +90,6 @@ func (db *DirectBinder) Bind(username string, req *bind.Request) (ldap.LDAPResul
req.Log().Info("Invalid credentials")
return ldap.LDAPResultInvalidCredentials, nil
}
if err != nil {
metrics.RequestsRejected.With(prometheus.Labels{
"outpost_name": db.si.GetOutpostName(),
"type": "bind",
"reason": "flow_error",
"app": db.si.GetAppSlug(),
}).Inc()
req.Log().WithError(err).Warning("failed to execute flow")
return ldap.LDAPResultOperationsError, nil
}
access, err := fe.CheckApplicationAccess(db.si.GetAppSlug())
if !access {