[TT-14494] improve error logging for JWKS URL handling - visor comments

NurayAhmadova · NurayAhmadova · commit 7cbe1bd3fb87 · 2025-12-04T16:40:50.000+04:00
diff --git a/gateway/log_helpers.go b/gateway/log_helpers.go
@@ -77,10 +77,13 @@ func (gw *Gateway) logJWKError(logger *logrus.Entry, jwkURL string, err error) {
 		return
 	}
 
+	errStr := err.Error()
+
 	// content/JSON errors
 	var syntaxErr *json.SyntaxError
 	var unmarshalErr *json.UnmarshalTypeError
-	if errors.As(err, &syntaxErr) || errors.As(err, &unmarshalErr) || strings.Contains(err.Error(), "invalid character") {
+
+	if errors.As(err, &syntaxErr) || errors.As(err, &unmarshalErr) || strings.Contains(errStr, "invalid character") {
 		logger.WithError(err).Errorf("Invalid JWKS retrieved from endpoint: %s", jwkURL)
 		return
 	}
@@ -90,30 +93,14 @@ func (gw *Gateway) logJWKError(logger *logrus.Entry, jwkURL string, err error) {
 	var netOpErr *net.OpError
 	var dnsErr *net.DNSError
 
-	if errors.As(err, &urlErr) {
-		logger.WithError(err).Errorf("JWKS endpoint resolution failed: invalid or unreachable host %s", jwkURL)
-		return
-	}
-
-	// DNS errors
-	if errors.As(err, &dnsErr) {
-		logger.WithError(err).Errorf("JWKS endpoint resolution failed: invalid or unreachable host %s", jwkURL)
-		return
-	}
-
-	// connection refused
-	if errors.As(err, &netOpErr) {
-		if errors.Is(netOpErr, syscall.ECONNREFUSED) {
-			logger.WithError(err).Errorf("JWKS endpoint resolution failed: invalid or unreachable host %s", jwkURL)
-			return
-		}
-	}
-
-	// fallback check strings
-	errStr := err.Error()
-	if strings.Contains(errStr, "dial tcp") ||
+	isNetworkError := errors.As(err, &urlErr) ||
+		errors.As(err, &dnsErr) ||
+		(errors.As(err, &netOpErr) && errors.Is(netOpErr, syscall.ECONNREFUSED)) ||
+		strings.Contains(errStr, "dial tcp") ||
 		strings.Contains(errStr, "no such host") ||
-		strings.Contains(errStr, "connection refused") {
+		strings.Contains(errStr, "connection refused")
+
+	if isNetworkError {
 		logger.WithError(err).Errorf("JWKS endpoint resolution failed: invalid or unreachable host %s", jwkURL)
 		return
 	}
diff --git a/gateway/log_helpers_test.go b/gateway/log_helpers_test.go
@@ -6,6 +6,7 @@ import (
 	"net"
 	"net/http/httptest"
 	"net/url"
+	"reflect"
 	"syscall"
 	"testing"
 
@@ -168,8 +169,11 @@ func TestGatewayLogJWKError(t *testing.T) {
 			shouldLog:   true,
 		},
 		{
-			name:        "JSON Unmarshal Type Error",
-			err:         &json.UnmarshalTypeError{},
+			name: "JSON Unmarshal Type Error",
+			err: &json.UnmarshalTypeError{
+				Value: "number",
+				Type:  reflect.TypeOf(""),
+			},
 			expectedLog: "Invalid JWKS retrieved from endpoint: " + testURL,
 			shouldLog:   true,
 		},
@@ -209,12 +213,6 @@ func TestGatewayLogJWKError(t *testing.T) {
 			expectedLog: "JWKS endpoint resolution failed: invalid or unreachable host " + testURL,
 			shouldLog:   true,
 		},
-		{
-			name:        "String error containing 'connection refused'",
-			err:         errors.New("connect: connection refused"),
-			expectedLog: "JWKS endpoint resolution failed: invalid or unreachable host " + testURL,
-			shouldLog:   true,
-		},
 		{
 			name:        "Generic/Fallback Error",
 			err:         errors.New("unknown internal server error"),
@@ -236,9 +234,7 @@ func TestGatewayLogJWKError(t *testing.T) {
 
 			assert.Len(t, hook.Entries, 1)
 			assert.Equal(t, logrus.ErrorLevel, hook.LastEntry().Level)
-
 			assert.Equal(t, tc.expectedLog, hook.LastEntry().Message)
-
 			assert.Equal(t, tc.err, hook.LastEntry().Data["error"])
 		})
 	}
