Merge pull request #895 from alphagov/capture-errors-in-controller

Capture exception in the controller to examine exact parameters
alphagov · Jun 6, 2024 · 6197ce8 · 6197ce8
2 parents 5bbd146 + 81d1f33
commit 6197ce8
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/app/controllers/oidc_events_controller.rb b/app/controllers/oidc_events_controller.rb
@@ -6,7 +6,8 @@ def backchannel_logout
       LogoutNotice.new(user_id).persist
       head :ok
     end
-  rescue OidcClient::BackchannelLogoutFailure
+  rescue OidcClient::BackchannelLogoutFailure => e
+    capture_sensitive_exception(e, { parameters: params.hash })
     head :bad_request
   end
 
@@ -24,4 +25,13 @@ def oidc_client
         OidcClient.new
       end
   end
+
+  def capture_sensitive_exception(error, extra_info = {})
+    captured = SensitiveException.create!(
+      message: error.message,
+      full_message: error.full_message,
+      extra_info: extra_info.to_json,
+    )
+    GovukError.notify("CapturedSensitiveException", { extra: { sensitive_exception_id: captured.id } })
+  end
 end
diff --git a/app/lib/oidc_client.rb b/app/lib/oidc_client.rb
@@ -118,8 +118,7 @@ def logout_token(logout_token_jwt)
   rescue JSON::JWS::VerificationFailed => e
     capture_sensitive_exception(e)
     raise BackchannelLogoutFailure
-  rescue NoMethodError => e
-    capture_sensitive_exception(e, { logout_token_jwt: })
+  rescue NoMethodError
     raise BackchannelLogoutFailure
   end