From 10457c67e3e5aabd332f4ebe08567dc710becba1 Mon Sep 17 00:00:00 2001
From: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Date: Wed, 13 Mar 2024 09:56:53 -0400
Subject: [PATCH] [PM-6577] Handle any exceptions in Duo HealthCheck (#3861)

* Handle any exceptions in health check to avoid returning a 500.

* Added log message.
---
 src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs b/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs
index 0f9f982a8b..b3f39347ed 100644
--- a/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs
+++ b/src/Core/Auth/Identity/TemporaryDuoWebV4SDKService.cs
@@ -4,6 +4,7 @@ using Bit.Core.Context;
 using Bit.Core.Entities;
 using Bit.Core.Settings;
 using Bit.Core.Tokens;
+using Microsoft.Extensions.Logging;
 using Duo = DuoUniversal;
 
 namespace Bit.Core.Auth.Identity;
@@ -25,6 +26,7 @@ public class TemporaryDuoWebV4SDKService : ITemporaryDuoWebV4SDKService
     private readonly ICurrentContext _currentContext;
     private readonly GlobalSettings _globalSettings;
     private readonly IDataProtectorTokenFactory<DuoUserStateTokenable> _tokenDataFactory;
+    private readonly ILogger<TemporaryDuoWebV4SDKService> _logger;
 
     /// <summary>
     /// Constructor for the DuoUniversalPromptService. Used to supplement v2 implementation of Duo with v4 SDK
@@ -34,11 +36,13 @@ public class TemporaryDuoWebV4SDKService : ITemporaryDuoWebV4SDKService
     public TemporaryDuoWebV4SDKService(
         ICurrentContext currentContext,
         GlobalSettings globalSettings,
-        IDataProtectorTokenFactory<DuoUserStateTokenable> tokenDataFactory)
+        IDataProtectorTokenFactory<DuoUserStateTokenable> tokenDataFactory,
+        ILogger<TemporaryDuoWebV4SDKService> logger)
     {
         _currentContext = currentContext;
         _globalSettings = globalSettings;
         _tokenDataFactory = tokenDataFactory;
+        _logger = logger;
     }
 
     /// <summary>
@@ -129,8 +133,9 @@ public class TemporaryDuoWebV4SDKService : ITemporaryDuoWebV4SDKService
             (string)provider.MetaData["Host"],
             redirectUri).Build();
 
-        if (!await client.DoHealthCheck())
+        if (!await client.DoHealthCheck(true))
         {
+            _logger.LogError("Unable to connect to Duo. Health check failed.");
             return null;
         }
         return client;