Logging controller exceptions and formatting controller error responses

Author: fabiocav

src/WebJobs.Script.WebHost/App_Start/WebApiConfig.cs

@@ -5,6 +5,7 @@
 using System.IO;
 using System.Web;
 using System.Web.Http;
+using System.Web.Http.ExceptionHandling;
 using Autofac;
 using Autofac.Integration.WebApi;
 using Microsoft.Azure.WebJobs.Script.Config;
@@ -49,6 +50,7 @@ public static void Register(HttpConfiguration config, ScriptSettingsManager sett
             var container = builder.Build();
             config.DependencyResolver = new AutofacWebApiDependencyResolver(container);
             config.Formatters.Add(new PlaintextMediaTypeFormatter());
+            config.Services.Replace(typeof(IExceptionHandler), new ExceptionProcessingHandler(config));
             AddMessageHandlers(config);
 
             // Web API configuration and services

src/WebJobs.Script.WebHost/GlobalSuppressions.cs

@@ -93,5 +93,11 @@
 [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Naming", "CA1721:PropertyNamesShouldNotMatchGetMethods", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.FunctionSecrets.#Keys")]
 [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA2227:CollectionPropertiesShouldBeReadOnly", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.HostSecrets.#SystemKeys")]
 [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Performance", "CA1813:AvoidUnsealedAttributes", Scope = "type", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Filters.AuthorizationLevelAttribute")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "CA1019:DefineAccessorsForAttributeArguments", Scope = "type", Target = "Microsoft.Azure.WebJobs.Script.WebHost.ScriptExceptionFilter")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Design", "CA1019:DefineAccessorsForAttributeArguments", Scope = "type", Target = "Microsoft.Azure.WebJobs.Script.WebHost.ScriptExceptionFilterAttribute")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA2227:CollectionPropertiesShouldBeReadOnly", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Models.ApiErrorModel.#Arguments")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA1801:ReviewUnusedParameters", MessageId = "cancellationToken", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Controllers.ExceptionProcessingHandler.#HandleException(System.Net.Http.HttpRequestMessage,System.Exception,System.Threading.CancellationToken)")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Controllers.ExceptionProcessingHandler.#Handle(System.Web.Http.ExceptionHandling.ExceptionHandlerContext)")]
+[assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Performance", "CA1813:AvoidUnsealedAttributes", Scope = "type", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Filters.AuthorizationLevelAttribute")]
 [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA2227:CollectionPropertiesShouldBeReadOnly", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Models.Swagger.HttpOperationInfo.#InputParameters")]
 [assembly: System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Usage", "CA2227:CollectionPropertiesShouldBeReadOnly", Scope = "member", Target = "Microsoft.Azure.WebJobs.Script.WebHost.Models.Swagger.SwaggerDocument.#ApiEndpoints")]

src/WebJobs.Script.WebHost/Handlers/ExceptionProcessingHandler.cs

@@ -0,0 +1,143 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Net;
+using System.Net.Http;
+using System.Security.Cryptography;
+using System.Web.Http;
+using System.Web.Http.ExceptionHandling;
+using System.Web.Http.Results;
+using Microsoft.Azure.WebJobs.Host;
+using Microsoft.Azure.WebJobs.Host.Diagnostics;
+using Microsoft.Azure.WebJobs.Script.WebHost.Models;
+using Newtonsoft.Json;
+using ExceptionProcessor = System.Action<System.Web.Http.ExceptionHandling.ExceptionContext,
+    Microsoft.Azure.WebJobs.Script.AuthorizationLevel, Microsoft.Azure.WebJobs.Script.WebHost.Models.ApiErrorModel>;
+
+namespace Microsoft.Azure.WebJobs.Script.WebHost.Controllers
+{
+    public class ExceptionProcessingHandler : ExceptionHandler
+    {
+        private readonly IDictionary<Type, ExceptionProcessor> _handlers;
+        private readonly HttpConfiguration _config;
+        private readonly Lazy<TraceWriter> _traceWriterLoader;
+
+        public ExceptionProcessingHandler(HttpConfiguration config)
+        {
+            if (config == null)
+            {
+                throw new ArgumentNullException("config");
+            }
+
+            _config = config;
+            _traceWriterLoader = new Lazy<TraceWriter>(() => _config.DependencyResolver.GetService<TraceWriter>());
+            _handlers = InitializeExceptionHandlers();
+        }
+
+        private static IDictionary<Type, ExceptionProcessor> InitializeExceptionHandlers()
+        {
+            var handlers = new Dictionary<Type, ExceptionProcessor>
+            {
+                { typeof(CryptographicException), CryptographicExceptionHandler }
+            };
+
+            return handlers;
+        }
+
+        public override void Handle(ExceptionHandlerContext context)
+        {
+            var error = new ApiErrorModel(HttpStatusCode.InternalServerError);
+
+            AuthorizationLevel currentLevel = context.Request.GetAuthorizationLevel();
+            foreach (var handler in GetExceptionHandlers(context.Exception))
+            {
+                handler(context.ExceptionContext, currentLevel, error);
+            }
+
+            TraceErrorEvent(context.ExceptionContext, error);
+
+            context.Result = new ResponseMessageResult(context.Request.CreateResponse(error.StatusCode, error));
+        }
+
+        private IEnumerable<ExceptionProcessor> GetExceptionHandlers(Exception exc)
+        {
+            if (exc == null)
+            {
+                yield break;
+            }
+
+            // We return our default handler first.
+            // Subsequent handlers can override everything done by it.
+            yield return DefaultExceptionHandler;
+
+            Type exceptionType = exc.GetType();
+            ExceptionProcessor exceptionHandler = null;
+            if (exceptionType != null && _handlers.TryGetValue(exceptionType, out exceptionHandler))
+            {
+                yield return exceptionHandler;
+            }
+        }
+
+        private static void DefaultExceptionHandler(ExceptionContext exceptionContext, AuthorizationLevel currentLevel, ApiErrorModel error)
+        {
+            if (currentLevel == AuthorizationLevel.Admin || exceptionContext.RequestContext.IsLocal)
+            {
+                error.Message = GetExceptionMessage(exceptionContext.Exception);
+
+                if (exceptionContext.RequestContext.IncludeErrorDetail)
+                {
+                    error.ErrorDetails = ExceptionFormatter.GetFormattedException(exceptionContext.Exception);
+                }
+            }
+            else
+            {
+                error.Message = $"An error has occurred. For more information, please check the logs for error ID {error.Id}";
+            }
+        }
+
+        private void TraceErrorEvent(ExceptionContext exceptionContext, ApiErrorModel error)
+        {
+            string controllerName = exceptionContext.ControllerContext?.ControllerDescriptor.ControllerName ?? "<unknown>";
+            string actionName = exceptionContext.ActionContext?.ActionDescriptor.ActionName ?? "<unknown>";
+
+            string message = JsonConvert.SerializeObject(error);
+            var traceEvent = new TraceEvent(TraceLevel.Error, message, $"ApiError.{controllerName}.{actionName}", exceptionContext.Exception);
+            _traceWriterLoader.Value.Trace(traceEvent);
+        }
+
+        private static void CryptographicExceptionHandler(ExceptionContext exceptionContext, AuthorizationLevel currentLevel, ApiErrorModel error)
+        {
+            if (currentLevel == AuthorizationLevel.Admin)
+            {
+                error.ErrorCode = ErrorCodes.KeyCryptographicError;
+                error.Message = "Cryptographic error. Unable to encrypt or decrypt keys.";
+            }
+        }
+
+        private static string GetExceptionMessage(Exception exception)
+        {
+            if (exception == null)
+            {
+                return string.Empty;
+            }
+
+            var aggregateException = exception as AggregateException;
+            if (aggregateException != null)
+            {
+                exception = aggregateException.Flatten().InnerException;
+            }
+
+            var messages = new List<string>();
+            while (exception != null)
+            {
+                messages.Add(exception.Message);
+                exception = exception.InnerException;
+            }
+
+            return string.Join(" -> ", messages);
+        }
+    }
+}

src/WebJobs.Script.WebHost/Handlers/WebScriptHostHandler.cs

@@ -51,8 +51,8 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
                 // initialize. This might happen if http requests come in while the
                 // host is starting up for the first time, or if it is restarting.
                 TimeSpan timeWaited = TimeSpan.Zero;
-                while (!scriptHostManager.CanInvoke() && 
-                        scriptHostManager.State != ScriptHostState.Error && 
+                while (!scriptHostManager.CanInvoke() &&
+                        scriptHostManager.State != ScriptHostState.Error &&
                         (timeWaited < _hostTimeoutSeconds))
                 {
                     await Task.Delay(_hostRunningPollIntervalMs);

src/WebJobs.Script.WebHost/Models/ApiErrorModel.cs

@@ -0,0 +1,41 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Net;
+using Newtonsoft.Json;
+
+namespace Microsoft.Azure.WebJobs.Script.WebHost.Models
+{
+    public class ApiErrorModel
+    {
+        public ApiErrorModel(HttpStatusCode status)
+            : this()
+        {
+            StatusCode = status;
+        }
+        public ApiErrorModel()
+        {
+            Id = Guid.NewGuid().ToString();
+        }
+
+        [JsonProperty("id")]
+        public string Id { get; set; }
+
+        [JsonProperty("statusCode")]
+        public HttpStatusCode StatusCode { get; set; }
+
+        [JsonProperty("errorCode")]
+        public int ErrorCode { get; set; }
+
+        [JsonProperty("messsage", NullValueHandling = NullValueHandling.Ignore)]
+        public string Message { get; set; }
+
+        [JsonProperty("errorDetails", NullValueHandling = NullValueHandling.Ignore)]
+        public string ErrorDetails { get; set; }
+
+        [JsonProperty("arguments", NullValueHandling = NullValueHandling.Ignore)]
+        public IDictionary<string, string> Arguments { get; set; }
+    }
+}

src/WebJobs.Script.WebHost/WebJobs.Script.WebHost.csproj

@@ -408,6 +408,7 @@
     <Compile Include="Controllers\FunctionsController.cs" />
     <Compile Include="Controllers\HomeController.cs" />
     <Compile Include="Controllers\KeysController.cs" />
+    <Compile Include="Handlers\ExceptionProcessingHandler.cs" />
     <Compile Include="Controllers\SwaggerController.cs" />
     <Compile Include="Diagnostics\EventGenerator.cs" />
     <Compile Include="Diagnostics\FastLogger.cs" />
@@ -426,6 +427,7 @@
     <Compile Include="GlobalSuppressions.cs" />
     <Compile Include="Handlers\SystemTraceHandler.cs" />
     <Compile Include="Handlers\WebScriptHostHandler.cs" />
+    <Compile Include="Models\ApiErrorModel.cs" />
     <Compile Include="Models\ApiModel.cs" />
     <Compile Include="Models\ApiModelUtility.cs" />
     <Compile Include="Models\Swagger\HttpOperationInfo.cs" />

src/WebJobs.Script/ErrorCodes.cs

@@ -0,0 +1,12 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+
+namespace Microsoft.Azure.WebJobs.Script
+{
+    public static class ErrorCodes
+    {
+        public const int KeyCryptographicError = 1000;
+    }
+}

src/WebJobs.Script/WebJobs.Script.csproj

@@ -426,6 +426,7 @@
     <Compile Include="Diagnostics\MetricsLogger.cs" />
     <Compile Include="Diagnostics\HostStartedEvent.cs" />
     <Compile Include="EnvironmentSettingNames.cs" />
+    <Compile Include="ErrorCodes.cs" />
     <Compile Include="Extensions\AssemblyExtensions.cs" />
     <Compile Include="Extensions\ExceptionExtensions.cs" />
     <Compile Include="Extensions\FileUtility.cs" />

test/WebJobs.Script.Tests/Handlers/ExceptionProcessingHandlerTests.cs

@@ -0,0 +1,101 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
+using System.Net.Http;
+using System.Threading;
+using System.Threading.Tasks;
+using System.Web.Http;
+using System.Web.Http.Dependencies;
+using System.Web.Http.ExceptionHandling;
+using Microsoft.Azure.WebJobs.Host;
+using Microsoft.Azure.WebJobs.Script.Config;
+using Microsoft.Azure.WebJobs.Script.WebHost.Controllers;
+using Microsoft.Azure.WebJobs.Script.WebHost.Models;
+using Moq;
+using WebJobs.Script.Tests;
+using Xunit;
+
+namespace Microsoft.Azure.WebJobs.Script.Tests
+{
+    public class ExceptionProcessingHandlerTests
+    {
+        private readonly ScriptSettingsManager _settingsManager;
+        private readonly TempDirectory _secretsDirectory = new TempDirectory();
+        private readonly HttpConfiguration _config;
+        private readonly TestTraceWriter _traceWriter;
+
+        public ExceptionProcessingHandlerTests()
+        {
+            _settingsManager = ScriptSettingsManager.Instance;
+            _traceWriter = new TestTraceWriter(System.Diagnostics.TraceLevel.Verbose);
+
+            Mock<IDependencyResolver> mockResolver = new Mock<IDependencyResolver>();
+            mockResolver.Setup(p => p.GetService(typeof(TraceWriter))).Returns(_traceWriter);
+
+            _config = new HttpConfiguration();
+            _config.DependencyResolver = mockResolver.Object;
+        }
+
+        [Fact]
+        public async Task Handle_WithAnonymousLevelAndNoErrorDetailsFlag_SetsResponseWithNoErrorDetailsAndGenericMessage()
+        {
+            var errorModel = await ExecuteHandlerTest(AuthorizationLevel.Anonymous, false);
+
+            Assert.Null(errorModel.ErrorDetails);
+            Assert.Equal($"An error has occurred. For more information, please check the logs for error ID {errorModel.Id}", errorModel.Message);
+        }
+
+        [Fact]
+        public async Task Handle_WithAdminlAndNoErrorDetailsFlag_SetsResponseWithNoErrorDetailsAndExceptionMessage()
+        {
+            var errorModel = await ExecuteHandlerTest(AuthorizationLevel.Admin, false);
+
+            Assert.Null(errorModel.ErrorDetails);
+            Assert.Equal("TestException", errorModel.Message);
+        }
+
+        [Fact]
+        public async Task Handle_WithAdminlAndErrorDetailsFlag_SetsResponseWithErrorDetailsAndExceptionMessage()
+        {
+            var errorModel = await ExecuteHandlerTest(AuthorizationLevel.Admin, true);
+
+            Assert.Equal("System.Exception : TestException", errorModel.ErrorDetails);
+            Assert.Equal("TestException", errorModel.Message);
+        }
+
+        [Fact]
+        public async Task Handle_WithAnonymousAndErrorDetailsFlag_SetsResponseWithNoErrorDetailsAndExceptionMessage()
+        {
+            var errorModel = await ExecuteHandlerTest(AuthorizationLevel.Anonymous, true);
+
+            Assert.Null(errorModel.ErrorDetails);
+            Assert.Equal($"An error has occurred. For more information, please check the logs for error ID {errorModel.Id}", errorModel.Message);
+        }
+
+        private async Task<ApiErrorModel> ExecuteHandlerTest(AuthorizationLevel authLevel, bool includeDetails)
+        {
+            var handler = new ExceptionProcessingHandler(_config);
+
+            var exception = new Exception("TestException");
+            var exceptionContext = new ExceptionContext(exception, ExceptionCatchBlocks.HttpServer)
+            {
+                Request = new HttpRequestMessage()
+            };
+
+            exceptionContext.Request.SetAuthorizationLevel(authLevel);
+            exceptionContext.Request.SetConfiguration(_config);
+
+            exceptionContext.RequestContext = new System.Web.Http.Controllers.HttpRequestContext();
+
+            var context = new ExceptionHandlerContext(exceptionContext);
+            context.RequestContext.IncludeErrorDetail = includeDetails;
+
+            handler.Handle(context);
+
+            HttpResponseMessage response = await context.Result.ExecuteAsync(CancellationToken.None);
+
+            return await response.Content.ReadAsAsync<ApiErrorModel>();
+        }
+    }
+}

test/WebJobs.Script.Tests/WebJobs.Script.Tests.csproj

@@ -470,6 +470,7 @@
     <Compile Include="Description\FunctionGeneratorTests.cs" />
     <Compile Include="Description\DotNet\PackageAssemblyResolverTests.cs" />
     <Compile Include="Description\FunctionInvokerBaseTests.cs" />
+    <Compile Include="Handlers\ExceptionProcessingHandlerTests.cs" />
     <Compile Include="Handlers\SystemTraceHandlerTests.cs" />
     <Compile Include="HttpRouteFactoryTests.cs" />
     <Compile Include="Binding\HttpTriggerAttributeBindingProviderTests.cs" />