feat(oauth): send analytics error event for load_server_metadata

cal-itp · Jul 18, 2024 · c62f036 · c62f036
1 parent 4747b72
commit c62f036
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 6 deletions.
diff --git a/benefits/oauth/redirects.py b/benefits/oauth/redirects.py
@@ -3,10 +3,12 @@
 
 import sentry_sdk
 
+from . import analytics
+
 ROUTE_SYSTEM_ERROR = "oauth:system-error"
 
 
-def deauthorize_redirect(oauth_client, token, redirect_uri):
+def deauthorize_redirect(request, oauth_client, token, redirect_uri):
     """Helper implements OIDC signout via the `end_session_endpoint`."""
 
     # Authlib has not yet implemented `end_session_endpoint` as the OIDC Session Management 1.0 spec is still in draft
@@ -16,6 +18,7 @@ def deauthorize_redirect(oauth_client, token, redirect_uri):
     try:
         metadata = oauth_client.load_server_metadata()
     except Exception as ex:
+        analytics.client_error(request, message=str(ex), operation="load_server_metadata")
         sentry_sdk.capture_exception(ex)
         return redirect(ROUTE_SYSTEM_ERROR)
 

diff --git a/benefits/oauth/views.py b/benefits/oauth/views.py
@@ -186,7 +186,7 @@ def logout(request):
 
     # send the user through the end_session_endpoint, redirecting back to
     # the post_logout route
-    return redirects.deauthorize_redirect(oauth_client, token, redirect_uri)
+    return redirects.deauthorize_redirect(request, oauth_client, token, redirect_uri)
 
 
 @decorator_from_middleware(VerifierUsesAuthVerificationSessionRequired)

diff --git a/tests/pytest/oauth/test_redirects.py b/tests/pytest/oauth/test_redirects.py
@@ -7,15 +7,20 @@
 import pytest
 
 
+@pytest.fixture
+def mocked_analytics_module(mocked_analytics_module):
+    return mocked_analytics_module(benefits.oauth.redirects)
+
+
 @pytest.fixture
 def mocked_sentry_sdk_module(mocker):
     return mocker.patch.object(benefits.oauth.redirects, "sentry_sdk")
 
 
-def test_deauthorize_redirect(mocked_oauth_client):
+def test_deauthorize_redirect(app_request, mocked_oauth_client):
     mocked_oauth_client.load_server_metadata.return_value = {"end_session_endpoint": "https://server/endsession"}
 
-    result = deauthorize_redirect(mocked_oauth_client, "token", "https://localhost/redirect_uri")
+    result = deauthorize_redirect(app_request, mocked_oauth_client, "token", "https://localhost/redirect_uri")
 
     mocked_oauth_client.load_server_metadata.assert_called()
     assert result.status_code == 302
@@ -25,13 +30,17 @@ def test_deauthorize_redirect(mocked_oauth_client):
     )
 
 
-def test_deauthorize_redirect_load_server_metadata_error(mocked_oauth_client, mocked_sentry_sdk_module):
+@pytest.mark.django_db
+def test_deauthorize_redirect_load_server_metadata_error(
+    app_request, mocked_oauth_client, mocked_analytics_module, mocked_sentry_sdk_module
+):
     mocked_oauth_client.load_server_metadata.side_effect = Exception("Side effect")
 
-    result = deauthorize_redirect(mocked_oauth_client, "token", "https://localhost/redirect_uri")
+    result = deauthorize_redirect(app_request, mocked_oauth_client, "token", "https://localhost/redirect_uri")
 
     assert result.status_code == 302
     assert result.url == reverse(ROUTE_SYSTEM_ERROR)
+    mocked_analytics_module.client_error.assert_called_once()
     mocked_sentry_sdk_module.capture_exception.assert_called_once()