Debugging
Debugging guide for SVA OAuth integration issues.
Enable Debug Logging
Django Settings
# settings.py
LOGGING = {
'version': 1,
'handlers': {
'console': {
'class': 'logging.StreamHandler',
},
},
'loggers': {
'sva_oauth_client': {
'handlers': ['console'],
'level': 'DEBUG',
},
},
}
Check Configuration
Validate Settings
# management/commands/check_oauth_config.py
from django.core.management.base import BaseCommand
from django.conf import settings
class Command(BaseCommand):
help = 'Check OAuth configuration'
def handle(self, *args, **options):
required = [
'SVA_OAUTH_BASE_URL',
'SVA_OAUTH_CLIENT_ID',
'SVA_OAUTH_CLIENT_SECRET',
'SVA_OAUTH_REDIRECT_URI',
'SVA_DATA_TOKEN_SECRET',
]
for setting in required:
value = getattr(settings, setting, None)
if value:
# Mask sensitive values
if 'SECRET' in setting:
masked = value[:4] + '...' + value[-4:] if len(value) > 8 else '***'
self.stdout.write(f"✓ {setting}: {masked}")
else:
self.stdout.write(f"✓ {setting}: {value}")
else:
self.stdout.write(self.style.ERROR(f"✗ {setting}: Not set"))
Debug Session Data
View Session Contents
def debug_session(request):
"""Debug view to check session data"""
return JsonResponse({
'has_access_token': 'sva_oauth_access_token' in request.session,
'has_refresh_token': 'sva_oauth_refresh_token' in request.session,
'has_data_token': 'sva_oauth_data_token' in request.session,
'session_keys': list(request.session.keys()),
'is_authenticated': is_authenticated(request.session),
})
Debug Token
Inspect Data Token
from sva_oauth_client.utils import get_data_token
import jwt
def debug_token(request):
"""Debug view to inspect token"""
data_token = get_data_token(request.session)
if not data_token:
return JsonResponse({'error': 'No token'})
# Decode without verification (for debugging only!)
decoded = jwt.decode(data_token, options={"verify_signature": False})
return JsonResponse({
'token_present': True,
'header': jwt.get_unverified_header(data_token),
'payload': decoded,
'expires_at': datetime.fromtimestamp(decoded.get('exp', 0)),
})
Debug OAuth Flow
Log OAuth Steps
import logging
logger = logging.getLogger(__name__)
def debug_oauth_flow(request):
"""Debug OAuth flow"""
logger.debug(f"OAuth flow started: {request.path}")
logger.debug(f"Session keys: {list(request.session.keys())}")
logger.debug(f"Query params: {dict(request.GET)}")
# Continue with OAuth flow
# ...
Common Debug Scenarios
Token Not Found
Problem: get_sva_claims() returns None
Debug:
def debug_token_issue(request):
has_token = 'sva_oauth_data_token' in request.session
has_access = 'sva_oauth_access_token' in request.session
return JsonResponse({
'has_data_token': has_token,
'has_access_token': has_access,
'session_keys': list(request.session.keys()),
})
Token Expired
Problem: SVATokenError: Data token has expired
Debug:
from sva_oauth_client.utils import get_data_token
import jwt
from datetime import datetime
def debug_token_expiry(request):
data_token = get_data_token(request.session)
if data_token:
decoded = jwt.decode(data_token, options={"verify_signature": False})
exp = decoded.get('exp')
exp_datetime = datetime.fromtimestamp(exp) if exp else None
now = datetime.now()
return JsonResponse({
'expires_at': exp_datetime.isoformat() if exp_datetime else None,
'is_expired': exp_datetime < now if exp_datetime else None,
'time_until_expiry': (exp_datetime - now).total_seconds() if exp_datetime else None,
})
Redirect URI Mismatch
Problem: redirect_uri_mismatch error
Debug:
def debug_redirect_uri(request):
configured = settings.SVA_OAUTH_REDIRECT_URI
current = request.build_absolute_uri('/oauth/callback/')
return JsonResponse({
'configured': configured,
'current': current,
'match': configured.rstrip('/') == current.rstrip('/'),
})
Network Debugging
Check OAuth Provider
import requests
def debug_oauth_provider(request):
"""Check OAuth provider connectivity"""
base_url = settings.SVA_OAUTH_BASE_URL
try:
response = requests.get(f"{base_url}/.well-known/openid-configuration", timeout=5)
return JsonResponse({
'status': 'connected',
'status_code': response.status_code,
'provider_url': base_url,
})
except requests.exceptions.RequestException as e:
return JsonResponse({
'status': 'error',
'error': str(e),
'provider_url': base_url,
})
Browser DevTools
Check Network Requests
- Open browser DevTools (F12)
- Go to Network tab
- Initiate OAuth flow
- Check requests:
- Authorization request
- Callback request
- Token exchange request
Check Session Storage
- Open browser DevTools
- Go to Application tab
- Check Cookies:
- Session cookie
- CSRF token
- Check Local Storage:
- PKCE code verifier (temporary)
Production Debugging
Enable Error Reporting
# settings.py
LOGGING = {
'version': 1,
'handlers': {
'file': {
'class': 'logging.FileHandler',
'filename': 'oauth_errors.log',
},
},
'loggers': {
'sva_oauth_client': {
'handlers': ['file'],
'level': 'ERROR',
},
},
}
Monitor Errors
import logging
import sentry_sdk
# Configure Sentry for error tracking
sentry_sdk.init(
dsn="your-sentry-dsn",
traces_sample_rate=1.0,
)
logger = logging.getLogger(__name__)
@sva_oauth_required
def my_view(request):
try:
claims = get_sva_claims(request)
except Exception as e:
logger.exception("OAuth error")
raise
Next Steps
- Check Common Issues for solutions
- Read FAQ for answers
- Review Security Best Practices