refactor(handler): reduce logging severity for spammy statements

pkg/handler/handler_default.go

@@ -10,6 +10,7 @@ import (
 
 // Default proxies all requests upstream.
 func (h *Handler) Default(w http.ResponseWriter, r *http.Request) {
+	logger := logentry.LogEntry(r).WithField("request_path", r.URL.Path)
 	isAuthenticated := false
 
 	sessionData, err := h.getSessionFromCookie(w, r)
@@ -23,12 +24,12 @@ func (h *Handler) Default(w http.ResponseWriter, r *http.Request) {
 		// force new authentication if loginstatus is enabled and cookie isn't set
 		if h.Loginstatus.NeedsLogin(r) {
 			isAuthenticated = false
-			logentry.LogEntry(r).Info("default: loginstatus was enabled, but no matching cookie was found; state is now unauthenticated")
+			logger.Info("default: loginstatus was enabled, but no matching cookie was found; state is now unauthenticated")
 		}
 	}
 
 	if h.AutoLogin.NeedsLogin(r, isAuthenticated) {
-		logentry.LogEntry(r).Info("default: request is unauthenticated; performing auto-login...")
+		logger.Debug("default: auto-login is enabled; request does not match skippable path")
 
 		r.Header.Add("Referer", r.URL.String())
 		h.Login(w, r)

pkg/handler/handler_frontchannellogout.go

@@ -21,7 +21,7 @@ func (h *Handler) FrontChannelLogout(w http.ResponseWriter, r *http.Request) {
 
 	logoutFrontchannel := h.Client.LogoutFrontchannel(r)
 	if logoutFrontchannel.MissingSidParameter() {
-		logger.Info("front-channel logout: sid parameter not set in request; ignoring")
+		logger.Debug("front-channel logout: sid parameter not set in request; ignoring")
 		h.DeleteSessionFallback(w, r)
 		w.WriteHeader(http.StatusAccepted)
 		return
@@ -31,7 +31,7 @@ func (h *Handler) FrontChannelLogout(w http.ResponseWriter, r *http.Request) {
 	sessionID := h.localSessionID(sid)
 	sessionData, err := h.getSession(r, sessionID)
 	if err != nil {
-		logger.Infof("front-channel logout: getting session (user might already be logged out): %+v", err)
+		logger.Debugf("front-channel logout: could not get session (user might already be logged out): %+v", err)
 		w.WriteHeader(http.StatusAccepted)
 		return
 	}
@@ -42,7 +42,7 @@ func (h *Handler) FrontChannelLogout(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusAccepted)
 		return
 	} else if sessionData != nil {
-		logger.WithField("jti", sessionData.IDTokenJwtID).Infof("front-channel logout: successful logout")
+		logger.WithField("jti", sessionData.IDTokenJwtID).Info("front-channel logout: successful logout")
 	}
 
 	metrics.ObserveLogout(metrics.LogoutOperationFrontChannel)

pkg/handler/handler_login.go

@@ -41,7 +41,7 @@ func (h *Handler) Login(w http.ResponseWriter, r *http.Request) {
 	fields := log.Fields{
 		"redirect_after_login": login.CanonicalRedirect(),
 	}
-	logentry.LogEntry(r).WithFields(fields).Info("login: redirecting to identity provider")
+	logentry.LogEntry(r).WithFields(fields).Debug("login: redirecting to identity provider")
 	http.Redirect(w, r, login.AuthCodeURL(), http.StatusTemporaryRedirect)
 }
 

pkg/handler/handler_logout.go

@@ -41,7 +41,7 @@ func (h *Handler) Logout(w http.ResponseWriter, r *http.Request) {
 		h.Loginstatus.ClearCookie(w, h.CookieOptions)
 	}
 
-	logger.Info("logout: redirecting to identity provider")
+	logger.Debug("logout: redirecting to identity provider")
 	metrics.ObserveLogout(metrics.LogoutOperationSelfInitiated)
 	http.Redirect(w, r, h.Client.Logout().SingleLogoutURL(idToken), http.StatusTemporaryRedirect)
 }

pkg/handler/handler_logout_callback.go

@@ -10,6 +10,6 @@ import (
 func (h *Handler) LogoutCallback(w http.ResponseWriter, r *http.Request) {
 	redirect := h.Client.LogoutCallback(r, h.Config.Ingress).PostLogoutRedirectURI()
 
-	logentry.LogEntry(r).Infof("logout/callback: redirecting to %s", redirect)
+	logentry.LogEntry(r).Debugf("logout/callback: redirecting to %s", redirect)
 	http.Redirect(w, r, redirect, http.StatusTemporaryRedirect)
 }