From 7ea1a03c6b37a3e33284911592bb938868b6b5b1 Mon Sep 17 00:00:00 2001
From: Ersun Warncke <ersun.warncke@overleaf.com>
Date: Tue, 5 Nov 2019 10:09:37 -0400
Subject: [PATCH] saml session/error logging

GitOrigin-RevId: bc5e5cafbd4c5da7ba33891fa738efa9a95c5332
---
 .../src/Features/Errors/ErrorController.js    | 16 ++++++++++++
 .../src/Features/SamlLog/SamlLogHandler.js    | 20 ++++++++++++++
 services/web/app/src/models/SamlLog.js        | 26 +++++++++++++++++++
 3 files changed, 62 insertions(+)
 create mode 100644 services/web/app/src/Features/SamlLog/SamlLogHandler.js
 create mode 100644 services/web/app/src/models/SamlLog.js

diff --git a/services/web/app/src/Features/Errors/ErrorController.js b/services/web/app/src/Features/Errors/ErrorController.js
index 1083effe6c..a18ff5a0f3 100644
--- a/services/web/app/src/Features/Errors/ErrorController.js
+++ b/services/web/app/src/Features/Errors/ErrorController.js
@@ -2,6 +2,8 @@ let ErrorController
 const Errors = require('./Errors')
 const logger = require('logger-sharelatex')
 const AuthenticationController = require('../Authentication/AuthenticationController')
+const SamlLogHandler = require('../SamlLog/SamlLogHandler')
+const _ = require('lodash')
 
 module.exports = ErrorController = {
   notFound(req, res) {
@@ -21,6 +23,20 @@ module.exports = ErrorController = {
 
   handleError(error, req, res, next) {
     const user = AuthenticationController.getSessionUser(req)
+    // log errors related to SAML flow
+    if (req.session.saml) {
+      const providerId = _.get(req.session.saml, 'universityId', '').toString()
+      SamlLogHandler.log(providerId, req.sessionID, {
+        error: {
+          message: error && error.message,
+          stack: error && error.stack
+        },
+        path: req.path,
+        query: req.query,
+        saml: req.session.saml,
+        user_id: user && user._id
+      })
+    }
     if (error.code === 'EBADCSRFTOKEN') {
       logger.warn(
         { err: error, url: req.url, method: req.method, user },
diff --git a/services/web/app/src/Features/SamlLog/SamlLogHandler.js b/services/web/app/src/Features/SamlLog/SamlLogHandler.js
new file mode 100644
index 0000000000..13a31ddf8e
--- /dev/null
+++ b/services/web/app/src/Features/SamlLog/SamlLogHandler.js
@@ -0,0 +1,20 @@
+const { SamlLog } = require('../../models/SamlLog')
+const logger = require('logger-sharelatex')
+
+function log(providerId, sessionId, data) {
+  const samlLog = new SamlLog()
+  samlLog.providerId = providerId
+  samlLog.sessionId = sessionId
+  samlLog.data = data
+  samlLog.save(err => {
+    if (err) {
+      logger.error({ err }, 'SamlLog Error')
+    }
+  })
+}
+
+const SamlLogHandler = {
+  log
+}
+
+module.exports = SamlLogHandler
diff --git a/services/web/app/src/models/SamlLog.js b/services/web/app/src/models/SamlLog.js
new file mode 100644
index 0000000000..bd88b38b11
--- /dev/null
+++ b/services/web/app/src/models/SamlLog.js
@@ -0,0 +1,26 @@
+const Settings = require('settings-sharelatex')
+const mongoose = require('mongoose')
+const { Schema } = mongoose
+
+const SamlLogSchema = new Schema(
+  {
+    createdAt: { type: Date, default: () => new Date() },
+    data: { type: Object, default: {} },
+    providerId: { type: String, default: '' },
+    sessionId: { type: String, default: '' }
+  },
+  {
+    collection: 'samlLogs'
+  }
+)
+
+const conn = mongoose.createConnection(Settings.mongo.url, {
+  server: { poolSize: Settings.mongo.poolSize || 10 },
+  config: { autoIndex: false }
+})
+
+const SamlLog = conn.model('SamlLog', SamlLogSchema)
+
+mongoose.model('SamlLog', SamlLogSchema)
+exports.SamlLog = SamlLog
+exports.SamlLogSchema = SamlLogSchema