Emit metric on OAuth failure

rli · rli · commit fc5efc0495b8 · 2024-11-07T10:01:54.000-08:00
diff --git a/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/credentials/sso/pkce/ToolkitOAuthService.kt b/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/credentials/sso/pkce/ToolkitOAuthService.kt
@@ -32,6 +32,9 @@ import software.aws.toolkits.jetbrains.core.credentials.sso.PKCEAuthorizationGra
 import software.aws.toolkits.jetbrains.core.credentials.sso.PKCEClientRegistration
 import software.aws.toolkits.jetbrains.core.credentials.sso.bearer.buildUnmanagedSsoOidcClient
 import software.aws.toolkits.resources.AwsCoreBundle
+import software.aws.toolkits.telemetry.AuthType
+import software.aws.toolkits.telemetry.AwsTelemetry
+import software.aws.toolkits.telemetry.MetricResult
 import java.math.BigInteger
 import java.time.Instant
 import java.util.Base64
@@ -67,6 +70,8 @@ class ToolkitOAuthService : OAuthServiceBase<AccessToken>() {
     override fun handleOAuthServerCallback(path: String, parameters: Map<String, List<String>>): OAuthService.OAuthResult<AccessToken>? {
         val request = currentRequest.get() ?: return OAuthService.OAuthResult(null, false)
         val toolkitRequest = request.request as? ToolkitOAuthRequest ?: return OAuthService.OAuthResult(request.request, false)
+        toolkitRequest.error = OAuthError(error = "error", errorDescription = "errorDescription")
+        return OAuthService.OAuthResult(toolkitRequest, false)
 
         val callbackState = parameters["state"]?.firstOrNull()
         if (toolkitRequest.csrfToken != callbackState) {
@@ -189,13 +194,23 @@ internal class ToolkitOAuthCallbackHandler : OAuthCallbackHandlerBase() {
                 "scopes" to ApplicationNamesInfo.getInstance().fullProductName
             )
         } else {
-            val (error, errorDescription) = (oAuthResult.request as? ToolkitOAuthRequest)?.error ?: OAuthError(null, null)
+            val toolkitRequest = (oAuthResult.request as? ToolkitOAuthRequest)
+            val (error, errorDescription) = toolkitRequest?.error ?: OAuthError(null, null)
             val errorString = if (error != null && errorDescription != null) {
                 "$error: $errorDescription"
             } else {
                 errorDescription ?: error ?: AwsCoreBundle.message("general.unknown_error")
             }
 
+            AwsTelemetry.loginWithBrowser(
+                project = null,
+                credentialStartUrl = toolkitRequest?.registration?.issuerUrl,
+                result = MetricResult.Failed,
+                reason = error,
+                reasonDesc = errorDescription,
+                authType = AuthType.PKCE
+            )
+
             mapOf(
                 "error" to errorString
             )
diff --git a/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/webview/LoginBrowser.kt b/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/webview/LoginBrowser.kt
@@ -36,6 +36,7 @@ import software.aws.toolkits.jetbrains.core.credentials.reauthConnectionIfNeeded
 import software.aws.toolkits.jetbrains.core.credentials.sono.CODECATALYST_SCOPES
 import software.aws.toolkits.jetbrains.core.credentials.sono.IDENTITY_CENTER_ROLE_ACCESS_SCOPE
 import software.aws.toolkits.jetbrains.core.credentials.sono.Q_SCOPES
+import software.aws.toolkits.jetbrains.core.credentials.sono.SONO_REGION
 import software.aws.toolkits.jetbrains.core.credentials.sono.SONO_URL
 import software.aws.toolkits.jetbrains.core.credentials.sso.PendingAuthorization
 import software.aws.toolkits.jetbrains.core.credentials.sso.bearer.InteractiveBearerTokenProvider
@@ -197,7 +198,7 @@ abstract class LoginBrowser(
                 reason = e.message,
                 credentialSourceId = CredentialSourceId.AwsId,
                 isReAuth = isReauth,
-                authType = getAuthType()
+                authType = getAuthType(SONO_REGION)
             )
             AuthTelemetry.addConnection(
                 result = Result.Failed,
@@ -217,7 +218,7 @@ abstract class LoginBrowser(
                 result = Result.Succeeded,
                 credentialSourceId = CredentialSourceId.AwsId,
                 isReAuth = isReauth,
-                authType = getAuthType()
+                authType = getAuthType(SONO_REGION)
             )
             AuthTelemetry.addConnection(
                 result = Result.Succeeded,
diff --git a/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/webview/WebviewTelemetryUtils.kt b/plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/webview/WebviewTelemetryUtils.kt
@@ -9,7 +9,7 @@ import software.aws.toolkits.jetbrains.core.credentials.sono.Q_SCOPES
 import software.aws.toolkits.telemetry.AuthType
 import software.aws.toolkits.telemetry.FeatureId
 
-fun getAuthType(region: String = "us-east-1"): AuthType {
+fun getAuthType(region: String): AuthType {
     val isCommercialRegion = !region.startsWith("us-gov") && !region.startsWith("us-iso") && !region.startsWith("cn")
     if (!Registry.`is`("aws.dev.useDAG") && isCommercialRegion) {
         return AuthType.PKCE
