Auth logging updates

2026-05-25 14:48:51 -04:00
parent a5e39d71c1
commit c530809449
3 changed files with 129 additions and 19 deletions
--- a/SVSim.EmulatedEntrypoint/Security/SteamSessionAuthentication/SteamSessionAuthenticationHandler.cs
+++ b/SVSim.EmulatedEntrypoint/Security/SteamSessionAuthentication/SteamSessionAuthenticationHandler.cs
@@ -34,6 +34,7 @@ public class SteamSessionAuthenticationHandler : AuthenticationHandler<SteamAuth

    protected async override Task<AuthenticateResult> HandleAuthenticateAsync()
    {
+        string path = Request.Path;
        byte[] requestBytes;
        try
        {
@@ -51,6 +52,7 @@ public class SteamSessionAuthenticationHandler : AuthenticationHandler<SteamAuth
        }
        catch (Exception e)
        {
+            Logger.LogWarning(e, "Auth: failed to read request body on {Path}.", path);
            return AuthenticateResult.Fail("Failed to read request body.");
        }

@@ -61,13 +63,21 @@ public class SteamSessionAuthenticationHandler : AuthenticationHandler<SteamAuth
        {
            requestJson = JsonSerializer.Deserialize<BaseRequest>(requestString, RequestJsonOptions);
        }
-        catch (JsonException)
+        catch (JsonException ex)
        {
+            Logger.LogWarning(ex,
+                "Auth: failed to JSON-parse request body on {Path} (bodyLen={BodyLen}). " +
+                "Translation middleware should have rewritten this to JSON — if it didn't, the request bypassed translation (non-Unity UA?).",
+                path, requestBytes.Length);
            return AuthenticateResult.Fail("Invalid request body.");
        }

        if (requestJson is null || string.IsNullOrEmpty(requestJson.SteamSessionTicket))
        {
+            Logger.LogWarning(
+                "Auth: request body missing steam_session_ticket on {Path} (bodyLen={BodyLen}, hasViewerId={HasViewerId}, steamId={SteamId}).",
+                path, requestBytes.Length,
+                !string.IsNullOrEmpty(requestJson?.ViewerId), requestJson?.SteamId ?? 0);
            return AuthenticateResult.Fail("Invalid request body.");
        }

@@ -75,6 +85,10 @@ public class SteamSessionAuthenticationHandler : AuthenticationHandler<SteamAuth
        bool sessionIsValid = _sessionService.IsTicketValidForUser(requestJson.SteamSessionTicket, requestJson.SteamId);
        if (!sessionIsValid)
        {
+            Logger.LogWarning(
+                "Auth: Steam ticket rejected on {Path} for steamId={SteamId} (ticketLen={TicketLen}). " +
+                "See SteamSessionService logs above for the underlying Steam reason (BeginAuthSession failure, duplicate, etc.).",
+                path, requestJson.SteamId, requestJson.SteamSessionTicket.Length);
            return AuthenticateResult.Fail("Invalid ticket.");
        }

@@ -83,6 +97,12 @@ public class SteamSessionAuthenticationHandler : AuthenticationHandler<SteamAuth

        if (viewer is null)
        {
+            // Most common dev-loop cause: DB was re-bootstrapped and this Steam account hasn't
+            // been re-linked yet. Log loudly with the steam_id so it's obvious what to add back.
+            Logger.LogWarning(
+                "Auth: no viewer linked to steamId={SteamId} on {Path}. " +
+                "Likely you re-bootstrapped the DB without re-linking this Steam account.",
+                requestJson.SteamId, path);
            return AuthenticateResult.Fail("User not found.");
        }