chore(logging): use stdlib logger with plain format strings for auth forwarding

2026-05-04 21:50:57 -04:00
parent 68b486d62a
commit 0435f97706
2 changed files with 18 additions and 27 deletions
--- a/pallas/_fastagent_patch.py
+++ b/pallas/_fastagent_patch.py
@@ -23,7 +23,7 @@ from fast_agent.config import MCPServerSettings as _MCPServerSettings
 from fast_agent.mcp import mcp_connection_manager as _mcm
 from fast_agent.mcp.auth.context import request_bearer_token

-logger = logging.getLogger(__name__)
+logger = logging.getLogger("pallas.forward")

 _AUTH_HEADER_KEYS = {"authorization", "x-hf-authorization"}
 _original_prepare = _mcm._prepare_headers_and_auth
@@ -35,41 +35,33 @@ def _prepare_headers_and_auth_with_forward(server_config, **kwargs):
    server_name = getattr(server_config, "name", None)
    forward_flag = getattr(server_config, "forward_inbound_auth", False)

+    logger.info(
+        "forward_check server=%s forward_flag=%s",
+        server_name, forward_flag,
+    )
+
    if not forward_flag:
        return headers, oauth_auth, user_auth_keys

    if user_auth_keys:
-        logger.info(
-            "fastagent_forward_skipped_user_auth",
-            extra={"server": server_name},
-        )
+        logger.info("forward_skipped_user_auth server=%s", server_name)
        return headers, oauth_auth, user_auth_keys

    if oauth_auth is not None:
-        logger.info(
-            "fastagent_forward_skipped_oauth",
-            extra={"server": server_name},
-        )
+        logger.info("forward_skipped_oauth server=%s", server_name)
        return headers, oauth_auth, user_auth_keys

    inbound = request_bearer_token.get()
    if not inbound:
-        logger.info(
-            "fastagent_forward_no_inbound",
-            extra={"server": server_name},
-        )
+        logger.info("forward_no_inbound server=%s", server_name)
        return headers, oauth_auth, user_auth_keys

    headers = dict(headers)
    headers["Authorization"] = f"Bearer {inbound}"
    user_auth_keys = set(user_auth_keys) | {"Authorization"}
    logger.info(
-        "fastagent_forward_inbound_auth",
-        extra={
-            "server": server_name,
-            "token_len": len(inbound),
-            "token_prefix": inbound[:8],
-        },
+        "forward_inbound_auth server=%s token_len=%d prefix=%s",
+        server_name, len(inbound), inbound[:8],
    )
    return headers, oauth_auth, user_auth_keys

--- a/pallas/multimodal_server.py
+++ b/pallas/multimodal_server.py
@@ -46,6 +46,8 @@ def _get_request_bearer_token() -> str | None:
    the request scope, so get_access_token() always returns None here. The token
    is an opaque string forwarded to opted-in downstream servers by _fastagent_patch.
    """
+    import logging as _stdlib_logging
+    _diag = _stdlib_logging.getLogger("pallas.bearer")
    try:
        from fastmcp.server.dependencies import get_http_request

@@ -53,17 +55,14 @@ def _get_request_bearer_token() -> str | None:
        auth = request.headers.get("authorization", "")
        if auth.lower().startswith("bearer "):
            token = auth[7:]
-            logger.info(
-                "pallas_inbound_bearer_captured",
-                data={"token_len": len(token), "token_prefix": token[:8]},
+            _diag.info(
+                "pallas_inbound_bearer_captured token_len=%d prefix=%s",
+                len(token), token[:8],
            )
            return token
-        logger.info(
-            "pallas_inbound_bearer_absent",
-            data={"has_auth_header": bool(auth)},
-        )
+        _diag.info("pallas_inbound_bearer_absent has_auth_header=%s", bool(auth))
    except Exception as exc:
-        logger.warning("pallas_inbound_bearer_error", data={"error": str(exc)})
+        _diag.warning("pallas_inbound_bearer_error error=%s", exc)
    return None