Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(integrations): oauth2 identity pipeline metrics #79325

Merged
merged 2 commits into from
Oct 25, 2024
Merged

chore(integrations): oauth2 identity pipeline metrics #79325

merged 2 commits into from
Oct 25, 2024

Conversation

cathteng
Copy link
Member

@cathteng cathteng commented Oct 17, 2024
edited
Loading

sentry/src/sentry/identity/__init__.py

Lines 25 to 35 in d7da2a2

register(SlackIdentityProvider) # NOQA
register(GitHubIdentityProvider) # NOQA
register(GitHubEnterpriseIdentityProvider) # NOQA
register(VSTSNewIdentityProvider) # NOQA
register(VSTSIdentityProvider) # NOQA
register(VstsExtensionIdentityProvider) # NOQA
register(VercelIdentityProvider) # NOQA
register(BitbucketIdentityProvider) # NOQA
register(GitlabIdentityProvider) # NOQA
register(GoogleIdentityProvider) # NOQA
register(DiscordIdentityProvider) # NOQA

These are used in the installation flows for:

  • GitHub Enterprise
  • VSTSNewIdentityProvider
  • Slack
  • Vercel
  • Gitlab
  • GitHub (via a redirect, the pipeline is not directly used)

Missing:

  • VSTSOAuth2CallbackView overwrites the exchange_token function (VSTSIdentityProvider, VSTSExtensionIdentityProvider)

Not applicable

@cathteng cathteng requested review from a team as code owners October 17, 2024 21:50
@github-actions github-actions bot added the Scope: Backend Automatically applied to PRs that change backend components label Oct 17, 2024
cathteng
cathteng commented Oct 17, 2024
View reviewed changes
src/sentry/identity/oauth2.py
Comment on lines 302 to +304
def exchange_token(self, request: Request, pipeline, code):
# TODO: this needs the auth yet
data = self.get_token_params(code=code, redirect_uri=absolute_uri(pipeline.redirect_url()))
verify_ssl = pipeline.config.get("verify_ssl", True)
try:
req = safe_urlopen(self.access_token_url, data=data, verify_ssl=verify_ssl)
body = safe_urlread(req)
if req.headers.get("Content-Type", "").startswith("application/x-www-form-urlencoded"):
return dict(parse_qsl(body))
return orjson.loads(body)
except SSLError:
logger.info(
"identity.oauth2.ssl-error",
extra={"url": self.access_token_url, "verify_ssl": verify_ssl},
with record_event(
IntegrationPipelineViewType.TOKEN_EXCHANGE, pipeline.provider.key
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

even though exchange_token is used inside a function that already has a context manager, i decided to emit another lifecycle metric because the errors are more granular inside exchange_token

GabeVillalobos
GabeVillalobos reviewed Oct 21, 2024
View reviewed changes
src/sentry/integrations/base.py
Comment on lines +180 to +181
INTEGRATION_PROVIDER_TO_TYPE = {
v: k for k, values in INTEGRATION_TYPE_TO_PROVIDER.items() for v in values
}

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have some providers that have multiple integration types (namely github), so I think this map will end up incomplete.

sentry/src/sentry/integrations/base.py

Line 153 in 361e5e5

INTEGRATION_TYPE_TO_PROVIDER = {

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oof, i wonder if we want to restrict these to the main type? i'm not actually sure what the multiple types are used for here. @ameliahsu

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for the purposes of a metric i'd just want to stick to one, consistently

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right now the types are only really being used for messaging integration onboarding so that we can query OrganizationIntegrationsEndpoint to check if an org has any messaging integrations installed

@cathteng cathteng force-pushed the cathy/integrations/oauth2-identity-metrics branch from d7da2a2 to 06ff23b Compare October 21, 2024 21:24
@codecov Codecov
Copy link

codecov bot commented Oct 21, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 80.64516% with 12 lines in your changes missing coverage. Please review.

✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
src/sentry/identity/oauth2.py 79.66% 8 Missing and 4 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #79325      +/-   ##
==========================================
- Coverage   78.31%   78.30%   -0.01%     
==========================================
  Files        7140     7140              
  Lines      315463   315485      +22     
  Branches    51561    51564       +3     
==========================================
+ Hits       247043   247047       +4     
- Misses      61953    61963      +10     
- Partials     6467     6475       +8

@cathteng cathteng requested a review from a team October 22, 2024 20:29
@cathteng cathteng merged commit 7cfcaf3 into master Oct 25, 2024
49 of 50 checks passed
@cathteng cathteng deleted the cathy/integrations/oauth2-identity-metrics branch October 25, 2024 17:02
GabeVillalobos
GabeVillalobos reviewed Oct 25, 2024
View reviewed changes
src/sentry/integrations/base.py
Comment on lines -162 to -165
IntegrationProviderSlug.GITHUB,
IntegrationProviderSlug.GITHUB_ENTERPRISE,
IntegrationProviderSlug.GITLAB,
IntegrationProviderSlug.AZURE_DEVOPS,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's worth thinking about this a bit more. It'd be nice to have a centralized place where we can definitively state which integrations have certain meta functionality like this, but only if we can meaningfully keep it in sync with the classes themselves.

This is fine for now though.

@sentry-io Sentry.io
Copy link

sentry-io bot commented Oct 25, 2024

Suspect Issues

This pull request was deployed and Sentry observed the following issues:

  • ‼️ ValueError: 'google_login' is not a valid IntegrationProviderSlug /extensions/{provider_id}/setup/ View Issue

Did you find this useful? React with a 👍 or 👎

@cathteng cathteng added the Trigger: Revert add to a merged PR to revert it (skips CI) label Oct 25, 2024
@getsentry-bot
Copy link
Contributor

PR reverted: fd5eee0

getsentry-bot added a commit that referenced this pull request Oct 25, 2024
@getsentry-bot @cathteng
Revert "chore(integrations): oauth2 identity pipeline metrics (#79325)"
fd5eee0 
This reverts commit 7cfcaf3.

Co-authored-by: cathteng <70817427+cathteng@users.noreply.github.com>
@cathteng cathteng mentioned this pull request Nov 4, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ameliahsu ameliahsu ameliahsu left review comments

@GabeVillalobos GabeVillalobos GabeVillalobos approved these changes

Assignees
No one assigned
Labels
Scope: Backend Automatically applied to PRs that change backend components Trigger: Revert add to a merged PR to revert it (skips CI)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@cathteng @getsentry-bot @GabeVillalobos @ameliahsu