telemetry(auth): emit metric for createToken

Author: chungjac

gradle/libs.versions.toml

@@ -28,7 +28,7 @@ mockitoKotlin = "5.4.1-SNAPSHOT"
 mockk = "1.13.17"
 nimbus-jose-jwt = "9.40"
 node-gradle = "7.0.2"
-telemetryGenerator = "1.0.329"
+telemetryGenerator = "1.0.338"
 testLogger = "4.0.0"
 testRetry = "1.5.10"
 # test-only; platform provides slf4j transitively at runtime

plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/credentials/sso/SsoAccessTokenProvider.kt

@@ -338,11 +338,36 @@ class SsoAccessTokenProvider(
                     throw ProcessCanceledException(IllegalStateException("Login canceled by user"))
                 }
 
-                val tokenResponse = client.createToken {
-                    it.clientId(registration.clientId)
-                    it.clientSecret(registration.clientSecret)
-                    it.grantType(DEVICE_GRANT_TYPE)
-                    it.deviceCode(authorization.deviceCode)
+                val startTime = clock.instant()
+                val tokenResponse = try {
+                    client.createToken {
+                        it.clientId(registration.clientId)
+                        it.clientSecret(registration.clientSecret)
+                        it.grantType(DEVICE_GRANT_TYPE)
+                        it.deviceCode(authorization.deviceCode)
+                    }.also { response ->
+                        val duration = Duration.between(startTime, clock.instant()).toMillis().toDouble()
+                        AuthTelemetry.ssoTokenOperation(
+                            result = Result.Succeeded,
+                            grantType = DEVICE_GRANT_TYPE,
+                            duration = duration,
+                            requestId = response.responseMetadata()?.requestId()
+                        )
+                        LOG.info { "SSO token operation succeeded: grantType=$DEVICE_GRANT_TYPE, duration=${duration}ms" }
+                    }
+                } catch (e: Exception) {
+                    val duration = Duration.between(startTime, clock.instant()).toMillis().toDouble()
+                    val requestId = (e as? AwsServiceException)?.requestId()
+                    AuthTelemetry.ssoTokenOperation(
+                        result = Result.Failed,
+                        grantType = DEVICE_GRANT_TYPE,
+                        duration = duration,
+                        reason = e::class.simpleName,
+                        reasonDesc = e.message?.let { scrubNames(it) },
+                        requestId = requestId
+                    )
+                    LOG.warn { "SSO token operation failed: grantType=$DEVICE_GRANT_TYPE, duration=${duration}ms, error=${e::class.simpleName}" }
+                    throw e
                 }
 
                 onPendingToken.tokenRetrieved()
@@ -459,11 +484,36 @@ class SsoAccessTokenProvider(
 
         stageName = RefreshCredentialStage.CREATE_TOKEN
         try {
-            val newToken = client.createToken {
-                it.clientId(registration.clientId)
-                it.clientSecret(registration.clientSecret)
-                it.grantType(REFRESH_GRANT_TYPE)
-                it.refreshToken(currentToken.refreshToken)
+            val startTime = clock.instant()
+            val newToken = try {
+                client.createToken {
+                    it.clientId(registration.clientId)
+                    it.clientSecret(registration.clientSecret)
+                    it.grantType(REFRESH_GRANT_TYPE)
+                    it.refreshToken(currentToken.refreshToken)
+                }.also { response ->
+                    val duration = Duration.between(startTime, clock.instant()).toMillis().toDouble()
+                    AuthTelemetry.ssoTokenOperation(
+                        result = Result.Succeeded,
+                        grantType = REFRESH_GRANT_TYPE,
+                        duration = duration,
+                        requestId = response.responseMetadata()?.requestId()
+                    )
+                    LOG.info { "SSO token operation succeeded: grantType=$REFRESH_GRANT_TYPE, duration=${duration}ms" }
+                }
+            } catch (e: Exception) {
+                val duration = Duration.between(startTime, clock.instant()).toMillis().toDouble()
+                val requestId = (e as? AwsServiceException)?.requestId()
+                AuthTelemetry.ssoTokenOperation(
+                    result = Result.Failed,
+                    grantType = REFRESH_GRANT_TYPE,
+                    duration = duration,
+                    reason = e::class.simpleName,
+                    reasonDesc = e.message?.let { scrubNames(it) },
+                    requestId = requestId
+                )
+                LOG.warn { "SSO token operation failed: grantType=$REFRESH_GRANT_TYPE, duration=${duration}ms, error=${e::class.simpleName}" }
+                throw e
             }
 
             stageName = RefreshCredentialStage.GET_TOKEN_DETAILS

plugins/core/jetbrains-community/src/software/aws/toolkits/jetbrains/core/credentials/sso/pkce/ToolkitOAuthService.kt

@@ -40,6 +40,9 @@ import java.math.BigInteger
 import java.time.Instant
 import java.util.Base64
 import java.util.concurrent.CompletableFuture
+import software.aws.toolkits.jetbrains.services.telemetry.scrubNames
+import software.aws.toolkits.telemetry.AuthTelemetry
+import software.aws.toolkits.telemetry.Result
 
 const val PKCE_CLIENT_NAME = "AWS IDE Plugins for JetBrains"
 
@@ -149,15 +152,39 @@ internal class ToolkitOauthCredentialsAcquirer(
     private val redirectUri: String,
 ) : OAuthCredentialsAcquirer<AccessToken> {
     override fun acquireCredentials(code: String): OAuthCredentialsAcquirer.AcquireCredentialsResult<AccessToken> {
-        val token = buildUnmanagedSsoOidcClient(registration.region).use { client ->
-            client.createToken {
-                it.clientId(registration.clientId)
-                it.clientSecret(registration.clientSecret)
-                it.grantType("authorization_code")
-                it.redirectUri(redirectUri)
-                it.codeVerifier(codeVerifier)
-                it.code(code)
+        val grantType = "authorization_code"
+        val startTime = Instant.now()
+        val token = try {
+            buildUnmanagedSsoOidcClient(registration.region).use { client ->
+                client.createToken {
+                    it.clientId(registration.clientId)
+                    it.clientSecret(registration.clientSecret)
+                    it.grantType(grantType)
+                    it.redirectUri(redirectUri)
+                    it.codeVerifier(codeVerifier)
+                    it.code(code)
+                }.also { response ->
+                    val duration = java.time.Duration.between(startTime, Instant.now()).toMillis().toDouble()
+                    AuthTelemetry.ssoTokenOperation(
+                        result = Result.Succeeded,
+                        grantType = grantType,
+                        duration = duration,
+                        requestId = response.responseMetadata()?.requestId()
+                    )
+                }
             }
+        } catch (e: Exception) {
+            val duration = java.time.Duration.between(startTime, Instant.now()).toMillis().toDouble()
+            val requestId = (e as? software.amazon.awssdk.awscore.exception.AwsServiceException)?.requestId()
+            AuthTelemetry.ssoTokenOperation(
+                result = Result.Failed,
+                grantType = grantType,
+                duration = duration,
+                reason = e::class.simpleName,
+                reasonDesc = e.message?.let { scrubNames(it) },
+                requestId = requestId
+            )
+            throw e
         }
 
         return OAuthCredentialsAcquirer.AcquireCredentialsResult.Success(