From 0567b8d12a9862a198e589c4b0d278118a5601f5 Mon Sep 17 00:00:00 2001 From: Jacob Chung Date: Tue, 18 Nov 2025 10:42:57 -0800 Subject: [PATCH] telemetry(auth): emit metric for createToken --- package-lock.json | 8 ++++---- package.json | 2 +- packages/core/src/auth/sso/clients.ts | 27 +++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2dd14a509fd..e1ea3622941 100644 --- a/package-lock.json +++ b/package-lock.json @@ -22,7 +22,7 @@ "vscode-nls-dev": "^4.0.4" }, "devDependencies": { - "@aws-toolkits/telemetry": "^1.0.329", + "@aws-toolkits/telemetry": "^1.0.338", "@playwright/browser-chromium": "^1.43.1", "@stylistic/eslint-plugin": "^2.11.0", "@types/he": "^1.2.3", @@ -24526,9 +24526,9 @@ } }, "node_modules/@aws-toolkits/telemetry": { - "version": "1.0.329", - "resolved": "https://registry.npmjs.org/@aws-toolkits/telemetry/-/telemetry-1.0.329.tgz", - "integrity": "sha512-zMkljZDtIAxuZzPTLL5zIxn+zGmk767sbqGIc2ZYuv0sSU+UoYgB3tqwV5KVV2oDPKs5593nwJC97NVHJqzowQ==", + "version": "1.0.338", + "resolved": "https://registry.npmjs.org/@aws-toolkits/telemetry/-/telemetry-1.0.338.tgz", + "integrity": "sha512-fg3zCqH4GEBjgL3Wo+xiijRbkyxMh4hXPsOD8Q52k8bvmq5rL9tjbp2IqmHI8JVLOhoomedicXK9ZVEdKSsatw==", "dev": true, "license": "Apache-2.0", "dependencies": { diff --git a/package.json b/package.json index 67135911fe7..242e4ee9594 100644 --- a/package.json +++ b/package.json @@ -42,7 +42,7 @@ "scan-licenses": "ts-node ./scripts/scan-licenses.ts" }, "devDependencies": { - "@aws-toolkits/telemetry": "^1.0.329", + "@aws-toolkits/telemetry": "^1.0.338", "@playwright/browser-chromium": "^1.43.1", "@stylistic/eslint-plugin": "^2.11.0", "@types/he": "^1.2.3", diff --git a/packages/core/src/auth/sso/clients.ts b/packages/core/src/auth/sso/clients.ts index 2fa8b1a3854..14bc35c039e 100644 --- a/packages/core/src/auth/sso/clients.ts +++ b/packages/core/src/auth/sso/clients.ts @@ -36,6 +36,8 @@ import { AuthenticationFlow } from './model' import { toSnakeCase } from '../../shared/utilities/textUtilities' import { getUserAgent, withTelemetryContext } from '../../shared/telemetry/util' import { oneSecond } from '../../shared/datetime' +import { telemetry } from '../../shared/telemetry/telemetry' +import { getTelemetryReason, getTelemetryReasonDesc, getHttpStatusCode } from '../../shared/errors' export class OidcClient { public constructor( @@ -86,15 +88,40 @@ export class OidcClient { } public async createToken(request: CreateTokenRequest) { + const startTime = this.clock.Date.now() + const grantType = request.grantType + let response try { response = await this.client.createToken(request as CreateTokenRequest) } catch (err) { + const statusCode = getHttpStatusCode(err) + telemetry.auth_ssoTokenOperation.emit({ + result: 'Failed', + grantType: grantType ?? 'unknown', + duration: this.clock.Date.now() - startTime, + reason: getTelemetryReason(err), + reasonDesc: getTelemetryReasonDesc(err), + ...(statusCode !== undefined ? { httpStatusCode: String(statusCode) } : {}), + }) + + getLogger().error(`sso-oidc: createToken failed (grantType=${grantType}): ${err}`) + const newError = AwsClientResponseError.instanceIf(err) throw newError } assertHasProps(response, 'accessToken', 'expiresIn') + telemetry.auth_ssoTokenOperation.emit({ + result: 'Succeeded', + grantType: grantType ?? 'unknown', + duration: this.clock.Date.now() - startTime, + }) + + getLogger().debug( + `sso-oidc: createToken succeeded (grantType=${grantType}, requestId=${response.$metadata.requestId})` + ) + return { ...selectFrom(response, 'accessToken', 'refreshToken', 'tokenType'), requestId: response.$metadata.requestId,