From d3225ca61a29eb4e3d83e05147ff27d01683445c Mon Sep 17 00:00:00 2001 From: Yared Yemane Date: Tue, 26 May 2026 06:32:15 -0700 Subject: [PATCH] Improve Google Android login error diagnostics. Preserve the underlying Google token validation failure and log safe request context so ID token issues are easier to debug. Co-authored-by: Cursor --- internal/services/authentication/google.go | 2 +- internal/web_server/handlers/auth_handler.go | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/internal/services/authentication/google.go b/internal/services/authentication/google.go index ccaf50b..d791965 100644 --- a/internal/services/authentication/google.go +++ b/internal/services/authentication/google.go @@ -106,7 +106,7 @@ func (s *Service) LoginWithGoogleAndroid( payload, err := idtoken.Validate(ctx, idToken, clientID) if err != nil { - return domain.LoginSuccess{}, errors.New("invalid google id token") + return domain.LoginSuccess{}, fmt.Errorf("invalid google id token: %w", err) } email, _ := payload.Claims["email"].(string) diff --git a/internal/web_server/handlers/auth_handler.go b/internal/web_server/handlers/auth_handler.go index d5abd88..bdcb329 100644 --- a/internal/web_server/handlers/auth_handler.go +++ b/internal/web_server/handlers/auth_handler.go @@ -51,6 +51,11 @@ func (h *Handler) GoogleAndroidLogin(c *fiber.Ctx) error { loginRes, err := h.authSvc.LoginWithGoogleAndroid(c.Context(), req.IDToken, h.Cfg.GoogleOAuthClientID) if err != nil { + h.mongoLoggerSvc.Error("Google Android login failed", + zap.Error(err), + zap.Int("id_token_length", len(req.IDToken)), + zap.Bool("google_client_id_configured", h.Cfg.GoogleOAuthClientID != ""), + ) return c.Status(fiber.StatusUnauthorized).JSON(domain.ErrorResponse{ Message: "Google login failed", Error: err.Error(),