@@ -343,6 +343,13 @@ func NewFakeIDP(t testing.TB, opts ...FakeIDPOpt) *FakeIDP {
343343idp .realServer (t )
344344}
345345
346+ // Log the url to indicate which port the IDP is running on if it is
347+ // being served on a real port.
348+ idp .logger .Info (context .Background (),
349+ "fake IDP created" ,
350+ slog .F ("issuer" ,idp .IssuerURL ().String ()),
351+ )
352+
346353return idp
347354}
348355
@@ -744,7 +751,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
744751// This endpoint is required to initialize the OIDC provider.
745752// It is used to get the OIDC configuration.
746753mux .Get ("/.well-known/openid-configuration" ,func (rw http.ResponseWriter ,r * http.Request ) {
747- f .logger .Info (r .Context (),"http OIDC config" ,slog . F ( "url" , r . URL . String ()) )
754+ f .logger .Info (r .Context (),"http OIDC config" ,slogRequestFields ( r ) ... )
748755
749756_ = json .NewEncoder (rw ).Encode (f .provider )
750757})
@@ -754,7 +761,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
754761// w/e and clicking "Allow". They will be redirected back to the redirect
755762// when this is done.
756763mux .Handle (authorizePath ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
757- f .logger .Info (r .Context (),"http call authorize" ,slog . F ( "url" , r . URL . String ()) )
764+ f .logger .Info (r .Context (),"http call authorize" ,slogRequestFields ( r ) ... )
758765
759766clientID := r .URL .Query ().Get ("client_id" )
760767if ! assert .Equal (t ,f .clientID ,clientID ,"unexpected client_id" ) {
@@ -812,11 +819,12 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
812819values ,err = f .authenticateOIDCClientRequest (t ,r )
813820}
814821f .logger .Info (r .Context (),"http idp call token" ,
815- slog .F ("url" ,r .URL .String ()),
816- slog .F ("valid" ,err == nil ),
817- slog .F ("grant_type" ,values .Get ("grant_type" )),
818- slog .F ("values" ,values .Encode ()),
819- )
822+ append (slogRequestFields (r ),
823+ slog .F ("valid" ,err == nil ),
824+ slog .F ("grant_type" ,values .Get ("grant_type" )),
825+ slog .F ("values" ,values .Encode ()),
826+ )... )
827+
820828if err != nil {
821829http .Error (rw ,fmt .Sprintf ("invalid token request: %s" ,err .Error ()),httpErrorCode (http .StatusBadRequest ,err ))
822830return
@@ -990,8 +998,10 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
990998mux .Handle (userInfoPath ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
991999email ,ok := validateMW (rw ,r )
9921000f .logger .Info (r .Context (),"http userinfo endpoint" ,
993- slog .F ("valid" ,ok ),
994- slog .F ("email" ,email ),
1001+ append (slogRequestFields (r ),
1002+ slog .F ("valid" ,ok ),
1003+ slog .F ("email" ,email ),
1004+ )... ,
9951005)
9961006if ! ok {
9971007return
@@ -1011,8 +1021,10 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
10111021mux .Mount ("/external-auth-validate/" ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
10121022email ,ok := validateMW (rw ,r )
10131023f .logger .Info (r .Context (),"http external auth validate" ,
1014- slog .F ("valid" ,ok ),
1015- slog .F ("email" ,email ),
1024+ append (slogRequestFields (r ),
1025+ slog .F ("valid" ,ok ),
1026+ slog .F ("email" ,email ),
1027+ )... ,
10161028)
10171029if ! ok {
10181030return
@@ -1028,7 +1040,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
10281040}))
10291041
10301042mux .Handle (keysPath ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
1031- f .logger .Info (r .Context (),"http call idp /keys" )
1043+ f .logger .Info (r .Context (),"http call idp /keys" , slogRequestFields ( r ) ... )
10321044set := jose.JSONWebKeySet {
10331045Keys : []jose.JSONWebKey {
10341046{
@@ -1042,7 +1054,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
10421054}))
10431055
10441056mux .Handle (deviceVerify ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
1045- f .logger .Info (r .Context (),"http call device verify" )
1057+ f .logger .Info (r .Context (),"http call device verify" , slogRequestFields ( r ) ... )
10461058
10471059inputParam := "user_input"
10481060userInput := r .URL .Query ().Get (inputParam )
@@ -1099,7 +1111,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
10991111}))
11001112
11011113mux .Handle (deviceAuth ,http .HandlerFunc (func (rw http.ResponseWriter ,r * http.Request ) {
1102- f .logger .Info (r .Context (),"http call device auth" )
1114+ f .logger .Info (r .Context (),"http call device auth" , slogRequestFields ( r ) ... )
11031115
11041116p := httpapi .NewQueryParamParser ()
11051117p .RequiredNotEmpty ("client_id" )
@@ -1161,7 +1173,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
11611173}))
11621174
11631175mux .NotFound (func (rw http.ResponseWriter ,r * http.Request ) {
1164- f .logger .Error (r .Context (),"http call not found" ,slog . F ( "path" , r . URL . Path ) )
1176+ f .logger .Error (r .Context (),"http call not found" ,slogRequestFields ( r ) ... )
11651177t .Errorf ("unexpected request to IDP at path %q. Not supported" ,r .URL .Path )
11661178})
11671179
@@ -1422,6 +1434,14 @@ func (f *FakeIDP) getClaims(m *syncmap.Map[string, jwt.MapClaims], key string) (
14221434return v ,true
14231435}
14241436
1437+ func slogRequestFields (r * http.Request ) []any {
1438+ return []any {
1439+ slog .F ("url" ,r .URL .String ()),
1440+ slog .F ("host" ,r .Host ),
1441+ slog .F ("method" ,r .Method ),
1442+ }
1443+ }
1444+
14251445func httpErrorCode (defaultCode int ,err error )int {
14261446var statusErr statusHookError
14271447status := defaultCode