Adding Logs to record behaviour

ethyca · Dec 5, 2024 · 61db350 · 61db350
1 parent 5fb687c
commit 61db350
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/src/fides/api/api/v1/endpoints/system.py b/src/fides/api/api/v1/endpoints/system.py
@@ -140,6 +140,8 @@ def patch_connections(
     Otherwise, a new ConnectionConfiguration will be created for you.
     """
     system = get_system(db, fides_key)
+    logger.info("Patching connection configs for system '{}'", system.fides_key)
+    logger.debug("Connection configs: {}", configs[0].secrets)
     return patch_connection_configs(db, configs, system)
 
 
@@ -172,6 +174,9 @@ def patch_connection_secrets(
     connection_config: ConnectionConfig = get_connection_config_or_error(
         db, system.connection_configs.key
     )
+    logger.info(f"Oauth Log: For Key '{connection_config.key}'.  secrets: {connection_config.secrets}")
+    logger.info(f"Oauth Log: unvalidated_secrets: {unvalidated_secrets}")
+
     # Inserts unchanged sensitive values. The FE does not send masked values sensitive secrets.
     if connection_config.secrets is not None:
         for key, value in connection_config.secrets.items():
@@ -187,16 +192,20 @@ def patch_connection_secrets(
         db, unvalidated_secrets, connection_config
     ).model_dump(mode="json")
 
+    logger.info(f"Oauth Log: validated_secrets: {validated_secrets}")
+
+
     for key, value in validated_secrets.items():
         connection_config.secrets[key] = value  # type: ignore
 
     # Deauthorize an OAuth connection when the secrets are updated. This is necessary because
     # the existing access tokens may not be valid anymore. This only applies to SaaS connection
-    # configurations that use the "oauth2_authorization_code" authentication strategy.
+    # configurations that uses an Oauth authentication strategy.
     if (
         connection_config.authorized
         and connection_config.connection_type == ConnectionType.saas
     ):
+        logger.info(f"Removing access Token {connection_config.secrets['access_token']}")
         del connection_config.secrets["access_token"]
 
     # Save validated secrets, regardless of whether they've been verified.

diff --git a/src/fides/api/util/connection_util.py b/src/fides/api/util/connection_util.py
@@ -172,6 +172,7 @@ def patch_connection_configs(
 
         if config.connection_type == "saas":
             if config.secrets:
+                logger.info("Oauth Log: Registered New Config Secrets")
                 # This is here rather than with the get_connection_config_or_error because
                 # it will also throw an HTTPException if validation fails and we don't want
                 # to catch it in this case.
@@ -180,6 +181,8 @@ def patch_connection_configs(
                         db, config.secrets, existing_connection_config
                     )
                 else:
+                    # Refactor idea: Transform this into a function for readability
+                    logger.info("Oauth Log: Into Non existing connection config branch")
                     if not config.saas_connector_type:
                         raise HTTPException(
                             status_code=HTTP_422_UNPROCESSABLE_ENTITY,
@@ -252,6 +255,7 @@ def patch_connection_configs(
         config_dict = config.model_dump(serialize_as_any=True, exclude_unset=True)
         config_dict.pop("saas_connector_type", None)
 
+
         if existing_connection_config:
             config_dict = {
                 key: value