Skip to content

More context in OIDC logs #7428

New issue
New issue
Open
Open
More context in OIDC logs#7428
Labels
area/securityIssues related to security capabilities or concernsproposalAn issue that proposes a feature requestready for refinementAn issue that was triaged and it is ready to be refined
@anderius

Description

@anderius
anderius
opened on Feb 28, 2025

Is your feature request related to a problem? Please describe.

The problem is log messages like this:

2024/12/11  13:44:54 [error] 86#86: *3762 js: OIDC ID Token validation error: nonce
 from token (3-wSxtTGFsip_PQNftt4S5ty-vHIkiG0PsfdMEqyu11ds) does not match
 client ()

Describe the solution you'd like

It would be nice if at least the name of the VirtualServer object, or URL, was included. It would also be nice if this logging was configurable, in JSON format. Missing context is the most required feature, though.

It would be nice if the context was not limited to the OIDC module, but was added for all modules/components. For example the JWT policy.

Describe alternatives you've considered

None, very open to suggestions.

Additional context

Using Nginx Ingress Controller 4.0.1 (the example is a bit older, though).

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/securityIssues related to security capabilities or concernsproposalAn issue that proposes a feature requestready for refinementAn issue that was triaged and it is ready to be refined

    Type

    No type

    Projects

    NGINX Ingress Controller

    Status

    Prioritized backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions