From 32a15c26538efa054b6d84631fde3e368a11d10a Mon Sep 17 00:00:00 2001
From: simonredfern <simon@tesobe.com>
Date: Wed, 7 Jan 2026 23:12:59 +0100
Subject: [PATCH] added console logging regarding auth endpoints

---
 server/services/OAuth2ClientWithConfig.ts | 45 +++++++++++++++++++++--
 server/services/OAuth2ProviderManager.ts  | 14 +++++++
 2 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/server/services/OAuth2ClientWithConfig.ts b/server/services/OAuth2ClientWithConfig.ts
index 5e19f91..195dd02 100644
--- a/server/services/OAuth2ClientWithConfig.ts
+++ b/server/services/OAuth2ClientWithConfig.ts
@@ -79,22 +79,57 @@ export class OAuth2ClientWithConfig extends OAuth2Client {
     try {
       const response = await fetch(wellKnownUrl)
 
+      console.log(
+        `OAuth2ClientWithConfig: Response status: ${response.status} ${response.statusText}`
+      )
+      console.log(
+        `OAuth2ClientWithConfig: Response headers:`,
+        Object.fromEntries(response.headers.entries())
+      )
+
       if (!response.ok) {
+        const errorBody = await response.text()
+        console.error(`OAuth2ClientWithConfig: Error response body:`, errorBody)
         throw new Error(
-          `Failed to fetch OIDC configuration for ${this.provider}: ${response.status} ${response.statusText}`
+          `Failed to fetch OIDC configuration for ${this.provider}: ${response.status} ${response.statusText} - ${errorBody}`
         )
       }
 
-      const config = (await response.json()) as OIDCConfiguration
+      const responseText = await response.text()
+      console.log(
+        `OAuth2ClientWithConfig: Raw response body (first 500 chars):`,
+        responseText.substring(0, 500)
+      )
+
+      let config: OIDCConfiguration
+      try {
+        config = JSON.parse(responseText) as OIDCConfiguration
+        console.log(`OAuth2ClientWithConfig: Parsed config keys:`, Object.keys(config))
+        console.log(`OAuth2ClientWithConfig: Full parsed config:`, JSON.stringify(config, null, 2))
+      } catch (parseError) {
+        console.error(`OAuth2ClientWithConfig: JSON parse error:`, parseError)
+        console.error(`OAuth2ClientWithConfig: Failed to parse response as JSON`)
+        throw new Error(`Invalid JSON response from ${this.provider}: ${parseError}`)
+      }
+
+      // Validate required endpoints with detailed logging
+      console.log(`OAuth2ClientWithConfig: Validating required endpoints...`)
+      console.log(`  - authorization_endpoint: ${config.authorization_endpoint || 'MISSING'}`)
+      console.log(`  - token_endpoint: ${config.token_endpoint || 'MISSING'}`)
+      console.log(`  - userinfo_endpoint: ${config.userinfo_endpoint || 'MISSING'}`)
 
-      // Validate required endpoints
       if (!config.authorization_endpoint) {
+        console.error(`OAuth2ClientWithConfig: authorization_endpoint is missing or undefined`)
+        console.error(`OAuth2ClientWithConfig: Config object type:`, typeof config)
+        console.error(`OAuth2ClientWithConfig: Config object:`, config)
         throw new Error(`OIDC configuration for ${this.provider} missing authorization_endpoint`)
       }
       if (!config.token_endpoint) {
+        console.error(`OAuth2ClientWithConfig: token_endpoint is missing or undefined`)
         throw new Error(`OIDC configuration for ${this.provider} missing token_endpoint`)
       }
       if (!config.userinfo_endpoint) {
+        console.error(`OAuth2ClientWithConfig: userinfo_endpoint is missing or undefined`)
         throw new Error(`OIDC configuration for ${this.provider} missing userinfo_endpoint`)
       }
 
@@ -112,6 +147,10 @@ export class OAuth2ClientWithConfig extends OAuth2Client {
       }
     } catch (error) {
       console.error(`OAuth2ClientWithConfig: Failed to initialize ${this.provider}:`, error)
+      console.error(
+        `OAuth2ClientWithConfig: Error stack:`,
+        error instanceof Error ? error.stack : 'N/A'
+      )
       throw error
     }
   }
diff --git a/server/services/OAuth2ProviderManager.ts b/server/services/OAuth2ProviderManager.ts
index db7cdbc..cb6eb01 100644
--- a/server/services/OAuth2ProviderManager.ts
+++ b/server/services/OAuth2ProviderManager.ts
@@ -94,24 +94,38 @@ export class OAuth2ProviderManager {
 
     // Multi-provider mode: fetch from OBP API
     console.log('OAuth2ProviderManager: Fetching well-known URIs from OBP API...')
+    console.log(
+      `OAuth2ProviderManager: Target URL: ${this.obpClientService.getOBPClientConfig().baseUri}/obp/v5.1.0/well-known`
+    )
 
     try {
       // Use OBPClientService to call the API
       const response = await this.obpClientService.get('/obp/v5.1.0/well-known', null)
 
+      console.log(
+        'OAuth2ProviderManager: Raw response from OBP API:',
+        JSON.stringify(response, null, 2)
+      )
+
       if (!response.well_known_uris || response.well_known_uris.length === 0) {
         console.warn('OAuth2ProviderManager: No well-known URIs found in OBP API response')
+        console.warn('OAuth2ProviderManager: Response keys:', Object.keys(response))
         return []
       }
 
       console.log(`OAuth2ProviderManager: Found ${response.well_known_uris.length} providers:`)
       response.well_known_uris.forEach((uri: WellKnownUri) => {
         console.log(`  - ${uri.provider}: ${uri.url}`)
+        console.log(`    Testing accessibility of: ${uri.url}`)
       })
 
       return response.well_known_uris
     } catch (error) {
       console.error('OAuth2ProviderManager: Failed to fetch well-known URIs:', error)
+      console.error(
+        'OAuth2ProviderManager: Error details:',
+        error instanceof Error ? error.message : String(error)
+      )
       console.warn('OAuth2ProviderManager: Falling back to no providers')
       return []
     }