fix(core): logger changes in underlying SDK within service module

[jakedoublev]

Proposed Changes

• stacked behind feat(sdk): sdk should optionally take in a logger #2754

Checklist

• I have added or updated unit tests
• I have added or updated integration tests (if appropriate)
• I have added or updated documentation

Testing Instructions

[gemini-code-assist]

Summary of Changes

Hello @jakedoublev, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces significant improvements to the logging infrastructure within the service module's underlying SDK, specifically targeting the ERS connection authentication. By integrating a logger instance directly into the authentication configuration functions, it provides enhanced visibility and debuggability for the authentication flow, allowing for more detailed insights into potential issues or successful operations.

Highlights

• Logger parameter addition: The configureERSAuthentication function now accepts a logger.Logger instance as a parameter, enabling more granular logging within the authentication setup.
• SDK token source logging: The newly introduced logger parameter is passed down to sdk.NewIDPAccessTokenSource, ensuring that the SDK's token acquisition process can utilize the provided logger for its operations.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

---

Logs flow, clear the path, SDK's heart now can speak, Errors softly shown.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly propagates the logger instance down to the sdk.NewIDPAccessTokenSource function, which will improve debuggability of token acquisition. The changes are straightforward and correct. However, during the review, I discovered a critical security vulnerability in the related sdk code that is being called. The getNewDPoPKey function incorrectly handles cryptographic keys, potentially leading to private key exposure. I've added a critical comment detailing the issue.

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	185.736589ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	100.563044ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	352.11903ms
Throughput	283.99 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	37.853229441s
Average Latency	376.907581ms
Throughput	132.09 requests/second

NANOTDF Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	26.513270086s
Average Latency	263.826643ms
Throughput	188.58 requests/second