From c86a036ac61091bec62866584b335f4c68866bde Mon Sep 17 00:00:00 2001
From: BaiJiangJie <32935519+BaiJiangJie@users.noreply.github.com>
Date: Thu, 7 Mar 2019 18:41:42 +0800
Subject: [PATCH] =?UTF-8?q?[Update]=20OpenID=E8=AE=A4=E8=AF=81=E6=B5=81?=
 =?UTF-8?q?=E7=A8=8B=E6=B7=BB=E5=8A=A0=E8=AF=A6=E7=BB=86=E6=97=A5=E5=BF=97?=
 =?UTF-8?q?=20(#2462)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [Update] OpenID认证流程添加详细日志

* [Update] 优化日志格式
---
 apps/authentication/backends/ldap.py          |  3 +++
 .../backends/openid/backends.py               | 20 ++++++++++---------
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/apps/authentication/backends/ldap.py b/apps/authentication/backends/ldap.py
index 49240f068..f802b5307 100644
--- a/apps/authentication/backends/ldap.py
+++ b/apps/authentication/backends/ldap.py
@@ -16,10 +16,13 @@ class LDAPAuthorizationBackend(LDAPBackend):
     """
 
     def authenticate(self, request=None, username=None, password=None, **kwargs):
+        logger.info('Authentication LDAP backend')
         if not username:
+            logger.info('Authenticate failed: username is None')
             return None
         ldap_user = LDAPUser(self, username=username.strip(), request=request)
         user = self.authenticate_ldap_user(ldap_user, password)
+        logger.info('Authenticate user: {}'.format(user))
         return user
 
     def get_user(self, user_id):
diff --git a/apps/authentication/backends/openid/backends.py b/apps/authentication/backends/openid/backends.py
index aeb611db5..b8e4ae609 100644
--- a/apps/authentication/backends/openid/backends.py
+++ b/apps/authentication/backends/openid/backends.py
@@ -42,40 +42,41 @@ class BaseOpenIDAuthorizationBackend(object):
 class OpenIDAuthorizationCodeBackend(BaseOpenIDAuthorizationBackend):
 
     def authenticate(self, request, **kwargs):
-        logger.info('1.openid code backend')
+        logger.info('Authentication OpenID code backend')
 
         code = kwargs.get('code')
         redirect_uri = kwargs.get('redirect_uri')
 
         if not code or not redirect_uri:
+            logger.info('Authenticate failed: No code or No redirect uri')
             return None
 
         try:
             oidt_profile = client.update_or_create_from_code(
-                    code=code,
-                    redirect_uri=redirect_uri
-                )
+                    code=code, redirect_uri=redirect_uri
+            )
 
         except Exception as e:
-            logger.error(e)
+            logger.info('Authenticate failed: get oidt_profile: {}'.format(e))
 
         else:
             # Check openid user single logout or not with access_token
             request.session[OIDT_ACCESS_TOKEN] = oidt_profile.access_token
-
             user = oidt_profile.user
-
+            logger.info('Authenticate success: user -> {}'.format(user))
             return user if self.user_can_authenticate(user) else None
 
 
 class OpenIDAuthorizationPasswordBackend(BaseOpenIDAuthorizationBackend):
 
     def authenticate(self, request, username=None, password=None, **kwargs):
-        logger.info('2.openid password backend')
+        logger.info('Authentication OpenID password backend')
 
         if not settings.AUTH_OPENID:
+            logger.info('Authenticate failed: AUTH_OPENID is False')
             return None
         elif not username:
+            logger.info('Authenticate failed: Not username')
             return None
 
         try:
@@ -84,9 +85,10 @@ class OpenIDAuthorizationPasswordBackend(BaseOpenIDAuthorizationBackend):
             )
 
         except Exception as e:
-            logger.error(e)
+            logger.info('Authenticate failed: get oidt_profile: {}'.format(e))
 
         else:
             user = oidt_profile.user
+            logger.info('Authenticate success: user -> {}'.format(user))
             return user if self.user_can_authenticate(user) else None