Skip to content

fix(slack-gateway): log oauth callback failures#153

Merged
onutc merged 1 commit intomainfrom
codex-slack-gateway-oauth-logging
Mar 25, 2026
Merged

fix(slack-gateway): log oauth callback failures#153
onutc merged 1 commit intomainfrom
codex-slack-gateway-oauth-logging

Conversation

@onutc
Copy link
Copy Markdown
Member

@onutc onutc commented Mar 25, 2026

Summary

  • log Slack OAuth callback failures at the exact failing stage
  • capture backend/upsert error details in the existing gateway logger without logging Slack codes or bot tokens
  • cover the new logging behavior with a regression test

Testing

  • cd /Users/onur/repos/spritz/integrations/slack-gateway && go test ./... -run TestOAuthCallbackReturnsBadGatewayWhenBackendUpsertFails -count=1
  • cd /Users/onur/repos/spritz/integrations/slack-gateway && go test ./...

@onutc onutc merged commit f3db3a6 into main Mar 25, 2026
4 checks passed
@onutc onutc deleted the codex-slack-gateway-oauth-logging branch March 25, 2026 00:29
@gitrank-connector
Copy link
Copy Markdown

gitrank-connector bot commented Mar 25, 2026

👍 GitRank PR Analysis

Score: 5 points

Metric Value
Component Other (1× multiplier)
Severity P3 - Low (5 base pts)
Final Score 5 × 1 = 5

Eligibility Checks

Check Status
Issue/Bug Fix
Fix Implementation
PR Documented
Tests
Lines Within Limit

Impact Summary

This PR adds comprehensive error logging to the Slack OAuth callback handler at multiple failure points (state validation, code exchange, installation upsert) and includes a success log. The changes improve observability and debuggability of OAuth flow failures while safely excluding sensitive tokens. A regression test was added to verify the logging behavior when backend upsert fails.

Analysis Details

Component Classification: This PR affects the Slack OAuth gateway integration, which doesn't map to a specific component in the provided table. It falls under OTHER as a miscellaneous integration improvement.

Severity Justification: This is a P3 (Low) severity fix. It adds observability/logging to OAuth callback failures without fixing a critical bug or preventing data loss. The logging helps with debugging but doesn't resolve a broken feature or security vulnerability.

Eligibility Notes: issue=true: PR title indicates 'fix' and addresses logging of failures. fix_implementation=true: Code changes align with PR description, adding logging at each failure stage. pr_linked=true: Clear summary and testing instructions provided. tests=true: Test file modified with new assertions. tests_required=true: Bug fixes in business logic (even observability fixes) require tests to prevent regression.

Analyzed by GitRank 🤖

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@onutc