fix: add Discord OAuth token exchange logging for production diagnostics #92

Closed

Toutsu wants to merge 0 commits from fix/discord-oauth-diagnostics into main

pull from: fix/discord-oauth-diagnostics

merge into: Toutsu:main

Toutsu:main

Toutsu:feature/telegram-game-card-fields

Toutsu:feature/issue-136-wizard-format-location

Toutsu:fix/issue-135-wizard-publish-schedule

Toutsu:fix/issue-133-on-conflict-inference

Toutsu:fix/issue-130-no-limit-complete

Toutsu:fix/issue-129-libgssapi

Toutsu:fix/issue-127-wizard-capacity-club

Toutsu:fix/issue-125-test-cleanup

Toutsu:fix/issue-123-no-limit-wizard

Toutsu:feat/issue-112-wizard-refactor

Toutsu:feat/issue-111-game-creation-wizard

Toutsu:fix/issue-110-showcase-500

Toutsu:feat/issue-110-private-club-showcases

Toutsu:codex/feature-issue-108-portfolio

Toutsu:feat/profile-design-system

Toutsu:codex/fix-public-pages-500

Toutsu:feature/issue-40-master-profiles

Toutsu:feature/issue-39-game-catalog

Toutsu:codex/feature/issue-38-public-club-pages

Toutsu:refactor/issue-37-platform-neutral-handlers

Toutsu:codex/fix-template-topic-release

Toutsu:refactor/issue-36-platform-migration

Toutsu:fix/discord-nullable-telegram-columns

Toutsu:fix/discord-dapper-aot-missing

Toutsu:fix/discord-console-logging-deferred

Toutsu:fix/discord-guildinteractionuser-permissions

Toutsu:fix/discord-count-bigint-cast

Toutsu:fix/discord-slash-commands-guild-context

Toutsu:fix/discord-slash-command-registration

Toutsu:feature/issue-35-identity-linking

Toutsu:feature/issue-34-discord-oauth-dashboard

Toutsu:test/issue-33-regression-tests

Toutsu:chore/issue-32-discord-compose-wiring

Toutsu:codex/issue-31-platform-messenger-scheduler

Toutsu:feature/discord-reschedule-voting

Toutsu:codex/feature-issue-29-discord-join-leave

Toutsu:feature/issue-28-discord-newsession-listsessions

Toutsu:feature/issue-27-discord-session-batch-renderer

Toutsu:feature/issue-26-discord-netcord-gateway

Toutsu:codex/refactor-issue-25-platform-neutral-join-leave

Toutsu:feature/dashboard-design-refresh

Toutsu:feature/issue-58-health-checks

Toutsu:feature/issue-23-platform-identity

Toutsu:fix/issue-60-add-license

Toutsu:feature/issue-57-postgresql-backup

Toutsu:feature/trivy-security-scan

Toutsu:codex/feature/issue-21-telegram-topics

Toutsu:feature/issue-20-rsvp-reminders

Toutsu:feature/issue-15-session-audit-log

Toutsu:feature/issue-19-batch-join-link

Toutsu:fix/navmenu-mobile-overlap

Toutsu:feature/new-logo

Toutsu:issue-47-navmenu-icon-fix

Toutsu:issue-15-session-audit-log

Toutsu:issue-14-attendance-stats

Toutsu:issue-22-neutral-rendering

Toutsu:codex/ftest-telegram-landing-smoke

Toutsu:feat/player-list-kick-waitlist

Toutsu:codex/co-gm-delegation

Conversation 0 Commits - Files Changed -

Toutsu commented 2026-05-25 12:47:57 +03:00

Owner

Copy Link

Copy Source

Summary

Добавлено логирование ошибок при обмене кода на токен в Discord OAuth, чтобы диагностировать почему в production происходит auth_failed.

Changes

• DiscordAuthService.ExchangeCodeForTokenAsync теперь логирует StatusCode и тело ответа Discord API при неуспехе
• Обновлены тесты DiscordAuthServiceTests для нового параметра ILogger
• Версия поднята до 2.8.1

Test plan

• dotnet build проходит
• 265 тестов проходят

Workflow

• CI passes
• Code review approved
• Deployed
• Release published

## Summary Добавлено логирование ошибок при обмене кода на токен в Discord OAuth, чтобы диагностировать почему в production происходит `auth_failed`. ## Changes - `DiscordAuthService.ExchangeCodeForTokenAsync` теперь логирует `StatusCode` и тело ответа Discord API при неуспехе - Обновлены тесты `DiscordAuthServiceTests` для нового параметра `ILogger` - Версия поднята до `2.8.1` ## Test plan - [x] `dotnet build` проходит - [x] 265 тестов проходят ## Workflow - [ ] CI passes - [ ] Code review approved - [ ] Deployed - [ ] Release published

Toutsu added 1 commit 2026-05-25 12:47:58 +03:00

fix: add Discord OAuth token exchange logging for production diagnostics ... 7e02e86cd6

- Log status code and response body when Discord /oauth2/token fails
- Helps identify why ExchangeCodeAsync returns null in production

Bump version → 2.8.1

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Toutsu referenced this issue from a commit 2026-05-25 12:48:12 +03:00

Merge pull request #92: fix: add Discord OAuth token exchange logging for production diagnostics

Toutsu added 1 commit 2026-05-25 13:09:12 +03:00

fix: Discord OAuth CSRF cookie SameSite=None for cross-site callback ... 72a392e652

- Changed __DiscordOAuthState cookie from SameSite=Strict to SameSite=None
  because Discord redirects from discord.com (cross-site) and Strict
  prevents the cookie from being sent on the callback request.
- Added logging for CSRF validation failure to aid future diagnostics.

Bump version → 2.8.1

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Toutsu referenced this issue from a commit 2026-05-25 13:09:24 +03:00

Merge pull request #92: fix Discord OAuth CSRF cookie SameSite

Toutsu closed this pull request 2026-05-25 13:31:33 +03:00

Some checks are pending

Hide all checks

PR Checks / test-and-build (pull_request) Successful in 6m34s

Details

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

area:bot

Telegram bot and worker logic

area:data

Database schema, migrations and persistence model

area:discord

Discord bot service and Discord adapter

area:infra

Infrastructure, runtime and deployment

area:miniapp

Telegram Mini App dashboard

area:platform

Platform-neutral abstractions and adapter boundaries

area:shared

Shared domain and rendering contracts

area:web

Blazor web dashboard

in-progress

В работе (issue взят агентом)

next-up

Recommended immediate backlog

pending-approval

Ждёт согласования плана решения

platform:discord

Discord-specific behavior or adapter work

platform:multi

Cross-platform or platform-neutral work

platform:telegram

Telegram-specific behavior or adapter work

priority:p0

Critical priority

priority:p0

Блокирующий приоритет: задача должна быть выполнена до признания решения production-ready

priority:p1

High priority

priority:p2

Medium priority

priority:p3

Lower priority

security

Security-sensitive work

type:bug

Bug fix or corrective work

type:chore

Maintenance and supporting work

type:feature

New product functionality

type:refactor

Structural change without direct feature growth

type:test

Testing and coverage work

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

Toutsu

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: Toutsu/GmRelayBot#92