fix: standardize OAuth logging levels for production readiness

bgaidioz · bgaidioz · commit 0013dbe53c2c · 2025-09-11T15:02:24.000+02:00
- DEBUG: Normal operations (cache hits/stores, token validation, client lookups)
- INFO: Important events (token refresh attempts/success, errors)
- Reduces log noise in production while keeping essential information
diff --git a/src/mxcp/sdk/auth/base.py b/src/mxcp/sdk/auth/base.py
@@ -257,7 +257,7 @@ async def get_client(self, client_id: str) -> OAuthClientInformationFull | None:
             # First check memory cache
             client = self._clients.get(client_id)
             if client:
-                logger.info(f"Looking up client_id: {client_id}, found in memory cache")
+                logger.debug(f"Looking up client_id: {client_id}, found in memory cache")
                 return client
 
             # If not in cache and persistence is available, check persistence
@@ -300,7 +300,7 @@ async def get_client(self, client_id: str) -> OAuthClientInformationFull | None:
                             client_name=persisted_client.client_name,
                         )
                         self._clients[client_id] = client
-                        logger.info(f"Looking up client_id: {client_id}, found in persistence")
+                        logger.debug(f"Looking up client_id: {client_id}, found in persistence")
                         return client
                 except Exception as e:
                     logger.error(f"Error loading client from persistence: {e}")
@@ -557,7 +557,7 @@ async def load_authorization_code(
                             code_challenge=persisted_code.code_challenge or "",
                         )
                         self._auth_codes[code] = auth_code
-                        logger.info(f"Loaded auth code from persistence: {code}")
+                        logger.debug(f"Loaded auth code from persistence: {code}")
                 except Exception as e:
                     logger.error(f"Error loading auth code from persistence: {e}")
 
diff --git a/src/mxcp/sdk/auth/middleware.py b/src/mxcp/sdk/auth/middleware.py
@@ -219,7 +219,7 @@ async def check_authentication(self) -> UserContext | None:
                     )
                     return None
 
-                logger.info("Access token found in request context")
+                logger.debug("Access token found in request context")
                 if span:
                     span.set_attribute("mxcp.auth.has_token", True)
 
@@ -245,7 +245,7 @@ async def check_authentication(self) -> UserContext | None:
                         token_span.set_attribute("mxcp.auth.token_valid", True)
                         token_span.set_attribute("mxcp.auth.client_id", token_info.client_id)
 
-                logger.info(f"Token validated successfully for client: {token_info.client_id}")
+                logger.debug(f"Token validated successfully for client: {token_info.client_id}")
 
                 # Get the external token to fetch user context
                 if not self.oauth_server:
@@ -257,7 +257,7 @@ async def check_authentication(self) -> UserContext | None:
                     logger.warning("No external token mapping found")
                     return None
 
-                logger.info("External token mapping found")
+                logger.debug("External token mapping found")
 
                 # Get standardized user context from the provider (with caching)
                 try:
@@ -274,7 +274,7 @@ async def check_authentication(self) -> UserContext | None:
                             provider_name = getattr(
                                 self.oauth_handler, "__class__", type(self.oauth_handler)
                             ).__name__
-                            logger.info(
+                            logger.debug(
                                 f"🔄 Cache MISS - calling {provider_name}.get_user_context() - Provider API call #{hash(external_token) % 10000}"
                             )
 
@@ -320,7 +320,7 @@ async def check_authentication(self) -> UserContext | None:
                         asyncio.create_task(self._cleanup_expired_cache_entries())
                         # Add external token to the user context for use in DuckDB functions
                         user_context.external_token = external_token
-                        logger.info(
+                        logger.debug(
                             f"Successfully retrieved user context for {user_context.username} (provider: {user_context.provider})"
                         )
 
@@ -392,7 +392,7 @@ async def wrapper(*args: Any, **kwargs: Any) -> Any:
                 user_context = await self.check_authentication()
                 if user_context:
                     # Log authentication status without PII
-                    logger.info(
+                    logger.debug(
                         f"Executing {func.__name__} for authenticated user "
                         f"(provider: {user_context.provider})"
                     )
