summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src')
-rw-r--r--packages/server/src/helpers/logging.ts21
-rw-r--r--packages/server/src/services/metadataService.ts44
2 files changed, 45 insertions, 20 deletions
diff --git a/packages/server/src/helpers/logging.ts b/packages/server/src/helpers/logging.ts
new file mode 100644
index 0000000..2a8b67e
--- /dev/null
+++ b/packages/server/src/helpers/logging.ts
@@ -0,0 +1,21 @@
+import debug, { Debugger } from 'debug';
+
+const defaultLogger = debug('SimpleWebAuthn');
+
+/**
+ * Generate an instance of a `debug` logger that extends off of the "simplewebauthn" namespace for
+ * consistent naming.
+ *
+ * See https://www.npmjs.com/package/debug for information on how to control logging output when
+ * using @simplewebauthn/server
+ *
+ * Example:
+ *
+ * ```
+ * const log = getLogger('mds');
+ * log('hello'); // simplewebauthn:mds hello +0ms
+ * ```
+ */
+export function getLogger(name: string): Debugger {
+ return defaultLogger.extend(name);
+}
diff --git a/packages/server/src/services/metadataService.ts b/packages/server/src/services/metadataService.ts
index 3eac8a1..41fb39e 100644
--- a/packages/server/src/services/metadataService.ts
+++ b/packages/server/src/services/metadataService.ts
@@ -11,8 +11,7 @@ import type {
MetadataBLOBPayloadEntry,
} from '../metadata/mdsTypes';
import SettingsService from '../services/settingsService';
-// TODO: Re-enable this once we figure out logging
-// import { log } from '../helpers/logging';
+import { getLogger } from '../helpers/logging';
import parseJWT from '../metadata/parseJWT';
@@ -40,6 +39,8 @@ enum SERVICE_STATE {
// registered AAGUIDs ("strict"). Currently primarily impacts how `getStatement()` operates
type VerificationMode = 'permissive' | 'strict';
+const log = getLogger('MetadataService');
+
/**
* A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
* download and parsing, and on-demand requesting and caching of individual metadata statements.
@@ -82,6 +83,8 @@ export class BaseMetadataService {
// If metadata statements are provided, load them into the cache first
if (statements?.length) {
+ let statementsAdded = 0;
+
statements.forEach(statement => {
// Only cache statements that are for FIDO2-compatible authenticators
if (statement.aaguid) {
@@ -93,15 +96,19 @@ export class BaseMetadataService {
},
url: '',
};
+
+ statementsAdded += 1;
}
});
+
+ log(`Cached ${statementsAdded} local statements`);
}
// If MDS servers are provided, then process them and add their statements to the cache
if (mdsServers?.length) {
- // TODO: Re-enable this once we figure out logging
- // const currentCacheCount = Object.keys(this.statementCache).length;
- // let numServers = mdsServers.length;
+ // Get a current count so we know how many new statements we've added from MDS servers
+ const currentCacheCount = Object.keys(this.statementCache).length;
+ let numServers = mdsServers.length;
for (const url of mdsServers) {
try {
@@ -112,16 +119,15 @@ export class BaseMetadataService {
});
} catch (err) {
// Notify of the error and move on
- // TODO: Re-enable this once we figure out logging
- // log('warning', `Could not download BLOB from ${url}:`, err);
- // numServers -= 1;
+ log(`Could not download BLOB from ${url}:`, err);
+ numServers -= 1;
}
}
- // TODO: Re-enable this once we figure out logging
- // const newCacheCount = Object.keys(this.statementCache).length;
- // const cacheDiff = newCacheCount - currentCacheCount;
- // log('info', `Downloaded ${cacheDiff} statements from ${numServers} metadata servers`);
+ // Calculate the difference to get the total number of new statements we successfully added
+ const newCacheCount = Object.keys(this.statementCache).length;
+ const cacheDiff = newCacheCount - currentCacheCount;
+ log(`Cached ${cacheDiff} statements from ${numServers} metadata server(s)`);
}
if (verificationMode) {
@@ -223,10 +229,11 @@ export class BaseMetadataService {
// Validate the certificate chain
const rootCerts = SettingsService.getRootCertificates({ identifier: 'mds' });
await validateCertificatePath(headerCertsPEM, rootCerts);
- } catch (err) {
+ } catch (error) {
+ const _error: Error = error as Error;
// From FIDO MDS docs: "ignore the file if the chain cannot be verified or if one of the
// chain certificates is revoked"
- throw new Error(`BLOB certificate path could not be validated: ${err.message}`);
+ throw new Error(`BLOB certificate path could not be validated: ${_error.message}`);
}
// Verify the BLOB JWT signature
@@ -306,14 +313,11 @@ export class BaseMetadataService {
this.state = newState;
if (newState === SERVICE_STATE.DISABLED) {
- // TODO: Re-enable this once we figure out logging
- // log('MetadataService is DISABLED');
+ log('MetadataService is DISABLED');
} else if (newState === SERVICE_STATE.REFRESHING) {
- // TODO: Re-enable this once we figure out logging
- // log('MetadataService is REFRESHING');
+ log('MetadataService is REFRESHING');
} else if (newState === SERVICE_STATE.READY) {
- // TODO: Re-enable this once we figure out logging
- // log('MetadataService is READY');
+ log('MetadataService is READY');
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-02 11:55:45 +0000