Add metric for login requests

Signed-off-by: ArthurSens <[email protected]>

Author: ArthurSens

components/server/ee/src/monitoring-endpoint-ee.ts

@@ -5,26 +5,24 @@
  */
 
 import * as express from 'express';
-import * as prometheusClient from 'prom-client';
 import { WorkspaceHealthMonitoring } from './workspace/workspace-health-monitoring';
 import { TraceContext } from '@gitpod/gitpod-protocol/lib/util/tracing';
 import * as request from 'request';
 import { Span } from 'opentracing';
 import { log } from "@gitpod/gitpod-protocol/lib/util/logging";
 import { injectable, inject } from 'inversify';
+import { register } from '../../src/prometheusMetrics';
 
 @injectable()
 export class MonitoringEndpointsAppEE extends WorkspaceHealthMonitoring {
     @inject(WorkspaceHealthMonitoring) protected readonly workspaceHealthMonitoring: WorkspaceHealthMonitoring;
 
     public create(): express.Application {
         const monApp = express();
-        prometheusClient.collectDefaultMetrics({ timeout: 5000 });
-
         monApp.get('/metrics', async (req, res) => {
 	        try {
-		        res.set('Content-Type', prometheusClient.register.contentType);
-		        res.end(await prometheusClient.register.metrics());
+		        res.set('Content-Type', register.contentType);
+		        res.end(register.metrics());
 	        } catch (ex) {
     		    res.status(500).end(ex);
 	        }

components/server/src/auth/authenticator.ts

@@ -15,6 +15,7 @@ import { HostContextProvider } from './host-context-provider';
 import { AuthProvider, AuthFlow } from './auth-provider';
 import { TokenProvider } from '../user/token-provider';
 import { AuthProviderService } from './auth-provider-service';
+import { increaseLoginCounter } from '../../src/prometheusMetrics';
 
 @injectable()
 export class Authenticator {
@@ -108,12 +109,14 @@ export class Authenticator {
             return;
         }
         if (!req.session) {
+            increaseLoginCounter("failed", authProvider.info.host)
             log.info({ }, `No session.`, { req, 'login-flow': true });
             res.redirect(this.getSorryUrl(`No session found. Please refresh the browser.`));
             return;
         }
 
         if (!authProvider.info.verified && !(await this.isInSetupMode())) {
+            increaseLoginCounter("failed", authProvider.info.host)
             log.info({ sessionId: req.sessionID }, `Login with "${host}" is not permitted.`, { req, 'login-flow': true, ap: authProvider.info });
             res.redirect(this.getSorryUrl(`Login with "${host}" is not permitted.`));
             return;

components/server/src/auth/generic-auth-provider.ts

@@ -26,6 +26,7 @@ import { UserService } from "../user/user-service";
 import { AuthProviderService } from './auth-provider-service';
 import { LoginCompletionHandler } from './login-completion-handler';
 import { TosFlow } from '../terms/tos-flow';
+import { increaseLoginCounter } from '../../src/prometheusMetrics';
 
 /**
  * This is a generic implementation of OAuth2-based AuthProvider.
@@ -276,6 +277,8 @@ export class GenericAuthProvider implements AuthProvider {
 
         // assert additional infomation is attached to current session
         if (!authFlow) {
+            increaseLoginCounter("failed", this.host);
+
             log.error(cxt, `(${strategyName}) No session found during auth callback.`, { request, clientInfo });
             response.redirect(this.getSorryUrl(`Please allow Cookies in your browser and try to log in again.`));
             return;
@@ -290,6 +293,8 @@ export class GenericAuthProvider implements AuthProvider {
             await AuthFlow.clear(request.session);
             await TosFlow.clear(request.session);
 
+            increaseLoginCounter("failed", this.host);
+
             log.info(cxt, `(${strategyName}) Received OAuth2 error, thus redirecting to /sorry (${error})`, { ...defaultLogPayload, requestUrl: request.originalUrl });
             response.redirect(this.getSorryUrl(`OAuth2 error. (${error})`));
             return;
@@ -302,6 +307,8 @@ export class GenericAuthProvider implements AuthProvider {
                 authenticate(request, response, next);
             })
         } catch (error) {
+            increaseLoginCounter("failed", this.host);
+
             response.redirect(this.getSorryUrl(`OAuth2 error. (${error})`));
             return;
         }
@@ -336,6 +343,9 @@ export class GenericAuthProvider implements AuthProvider {
             if (this.isOAuthError(err)) {
                 message = 'OAuth Error. Please try again.'; // this is a 5xx response from authorization service
             }
+
+            increaseLoginCounter("failed", this.host);
+
             log.error(context, `(${strategyName}) Redirect to /sorry from verify callback`, err, { ...defaultLogPayload, err });
             response.redirect(this.getSorryUrl(message));
             return;

components/server/src/auth/login-completion-handler.ts

@@ -14,6 +14,7 @@ import { AuthFlow } from './auth-provider';
 import { HostContextProvider } from './host-context-provider';
 import { AuthProviderService } from './auth-provider-service';
 import { TosFlow } from '../terms/tos-flow';
+import { increaseLoginCounter } from '../../src/prometheusMetrics';
 
 /**
  * The login completion handler pulls the strings between the OAuth2 flow, the ToS flow, and the session management.
@@ -44,6 +45,9 @@ export class LoginCompletionHandler {
             await TosFlow.clear(request.session);
             await AuthFlow.clear(request.session);
 
+            if (authHost) {
+                increaseLoginCounter("failed", authHost)
+            } 
             log.error(logContext, `Redirect to /sorry on login`, err, { err, session: request.session });
             response.redirect(this.env.hostUrl.asSorry("Oops! Something went wrong during login.").toString());
             return;
@@ -72,6 +76,9 @@ export class LoginCompletionHandler {
         // Create Gitpod 🍪 before the redirect
         this.gitpodCookie.setCookie(response);
 
+        if (authHost) {
+                increaseLoginCounter("succeeded", authHost)
+        } 
         response.redirect(returnTo);
     }
 

components/server/src/prometheusMetrics.ts

@@ -0,0 +1,19 @@
+import * as prometheusClient from 'prom-client';
+
+// Enable collection of default metrics.
+prometheusClient.collectDefaultMetrics({ timeout: 5000 });
+export const register = prometheusClient.register;
+
+const loginCounter = new prometheusClient.Counter({
+    name: 'gitpod_login_requests_total',
+    help: 'Total amount of login requests',
+    labelNames: ['status', 'auth_host'],
+    registers: [prometheusClient.register]
+});
+
+export function increaseLoginCounter(status: string, auth_host: string) {
+    loginCounter.inc({
+        status,
+        auth_host,
+    });
+}

components/server/src/user/user-controller.ts

@@ -26,6 +26,7 @@ import { AuthFlow } from "../auth/auth-provider";
 import { LoginCompletionHandler } from "../auth/login-completion-handler";
 import { TosCookie } from "./tos-cookie";
 import { TosFlow } from "../terms/tos-flow";
+import { increaseLoginCounter } from '../../src/prometheusMetrics';
 
 @injectable()
 export class UserController {
@@ -76,6 +77,7 @@ export class UserController {
             try {
                 await saveSession(req);
             } catch (error) {
+                increaseLoginCounter("failed", "unkown")
                 log.error(`Login failed due to session save error; redirecting to /sorry`, { req, error, clientInfo });
                 res.redirect(this.getSorryUrl("Login failed 🦄 Please try again"));
             }