From 0e55d4707686c36588ee7b9321d5271aee1c9d7b Mon Sep 17 00:00:00 2001
From: Andrey Savihin <andrey.savihin@onlyoffice.com>
Date: Mon, 2 Dec 2024 11:14:13 +0300
Subject: [PATCH] Api: lower logging level for authentication exception

---
 .../ASC.Api.Core/Log/CustomExceptionHandlerLogger.cs  |  3 +++
 common/ASC.Api.Core/Middleware/ResponseWrapper.cs     | 11 ++++++++++-
 web/ASC.Web.Api/Api/AuthenticationController.cs       |  9 +++------
 web/ASC.Web.Core/BruteForceLoginManager.cs            |  2 +-
 4 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/common/ASC.Api.Core/Log/CustomExceptionHandlerLogger.cs b/common/ASC.Api.Core/Log/CustomExceptionHandlerLogger.cs
index ac6c85bcb6c..5d5bdbb4db9 100644
--- a/common/ASC.Api.Core/Log/CustomExceptionHandlerLogger.cs
+++ b/common/ASC.Api.Core/Log/CustomExceptionHandlerLogger.cs
@@ -30,4 +30,7 @@ internal static partial class CustomExceptionHandlerLogger
 {
     [LoggerMessage(LogLevel.Critical, "error during executing {RequestMethod}: {PathValue}")]
     public static partial void CriticalError(this ILogger<CustomExceptionHandler> logger, string RequestMethod, string PathValue, Exception exception);
+
+    [LoggerMessage(LogLevel.Information, "error during executing {RequestMethod}: {PathValue} {ExceptionMessage} {InnerExceptionMessage}")]
+    public static partial void InformationError(this ILogger<CustomExceptionHandler> logger, string RequestMethod, string PathValue, string ExceptionMessage, string InnerExceptionMessage);
 }
\ No newline at end of file
diff --git a/common/ASC.Api.Core/Middleware/ResponseWrapper.cs b/common/ASC.Api.Core/Middleware/ResponseWrapper.cs
index e2f81f8e9e4..af8489d2096 100644
--- a/common/ASC.Api.Core/Middleware/ResponseWrapper.cs
+++ b/common/ASC.Api.Core/Middleware/ResponseWrapper.cs
@@ -41,6 +41,7 @@ public async ValueTask<bool> TryHandleAsync(HttpContext context, Exception excep
         }
 
         var withStackTrace = true;
+        var criticalException = true;
 
         switch (exception)
         {
@@ -64,6 +65,7 @@ public async ValueTask<bool> TryHandleAsync(HttpContext context, Exception excep
             case AuthenticationException:
                 status = HttpStatusCode.Unauthorized;
                 withStackTrace = false;
+                criticalException = false;
                 break;
             case InvalidOperationException:
                 status = HttpStatusCode.Forbidden;
@@ -82,7 +84,14 @@ public async ValueTask<bool> TryHandleAsync(HttpContext context, Exception excep
                 break;
         }
 
-        logger.CriticalError(context.Request.Method, context.Request.Path.Value, exception);
+        if (criticalException)
+        {
+            logger.CriticalError(context.Request.Method, context.Request.Path.Value, exception);
+        }
+        else
+        {
+            logger.InformationError(context.Request.Method, context.Request.Path.Value, exception.Message, exception.InnerException?.Message);
+        }
 
         var result = new ErrorApiResponse(status, exception, message, withStackTrace);
 
diff --git a/web/ASC.Web.Api/Api/AuthenticationController.cs b/web/ASC.Web.Api/Api/AuthenticationController.cs
index a569be19df9..3c0d8f25a55 100644
--- a/web/ASC.Web.Api/Api/AuthenticationController.cs
+++ b/web/ASC.Web.Api/Api/AuthenticationController.cs
@@ -159,8 +159,7 @@ await messageService.SendAsync(user.DisplayUserName(false, displayUserSettingsHe
                                                                           ? MessageAction.LoginFailViaApiSms
                                                                           : MessageAction.LoginFailViaApiTfa,
                                 MessageTarget.Create(user.Id));
-            logger.ErrorWithException(ex);
-            throw new AuthenticationException("User authentication failed");
+            throw new AuthenticationException("User authentication failed", ex);
         }
         finally
         {
@@ -275,8 +274,7 @@ public async Task<AuthenticationTokenDto> AuthenticateMeAsync(AuthRequestsDto in
         catch (Exception ex)
         {
             await messageService.SendAsync(user.DisplayUserName(false, displayUserSettingsHelper), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
-            logger.ErrorWithException(ex);
-            throw new AuthenticationException("User authentication failed");
+            throw new AuthenticationException("User authentication failed", ex);
         }
         finally
         {
@@ -519,8 +517,7 @@ await loginProfileTransport.FromTransport(inDto.SerializedProfile) :
         catch (Exception ex)
         {
             await messageService.SendAsync(!string.IsNullOrEmpty(inDto.UserName) ? inDto.UserName : AuditResource.EmailNotSpecified, action);
-            logger.ErrorWithException(ex);
-            throw new AuthenticationException("User authentication failed");
+            throw new AuthenticationException("User authentication failed", ex);
         }
         wrapper.UserInfo = user;
         return wrapper;
diff --git a/web/ASC.Web.Core/BruteForceLoginManager.cs b/web/ASC.Web.Core/BruteForceLoginManager.cs
index 5d0ed9ee7c7..6795c7a4bcb 100644
--- a/web/ASC.Web.Core/BruteForceLoginManager.cs
+++ b/web/ASC.Web.Core/BruteForceLoginManager.cs
@@ -154,7 +154,7 @@ public async Task<UserInfo> AttemptAsync(string login, RecaptchaType recaptchaTy
 
             if (user == null || !userManager.UserExists(user))
             {
-                throw new Exception("user not found");
+                throw new AuthenticationException("user not found");
             }
 
             if (recaptchaPassed)