feat(logging): emit typed structured events from route handlers (wave 1)

Converts chat-ingestion, widget-content, tunnels, and OAuth proxy error
paths to emit typed structured events via getRequestLogger when a Hono
Context is available, falling back to legacy logger.warn for callers
without a request context.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: Vu-John

mcpjam-inspector/server/routes/apps/mcp-apps/index.ts

@@ -9,6 +9,8 @@
 import { Hono } from "hono";
 import "../../../types/hono";
 import { logger } from "../../../utils/logger";
+import { getRequestLogger } from "../../../utils/request-logger";
+import { classifyWidgetError } from "../../../utils/error-classify";
 import { RESOURCE_MIME_TYPE } from "@modelcontextprotocol/ext-apps/app-bridge";
 import type {
   McpUiResourceCsp,
@@ -92,6 +94,12 @@ apps.post("/widget-content", async (c) => {
     const content = contents[0];
 
     if (!content) {
+      getRequestLogger(c, "routes.apps.mcp-apps").event("widget.resource.failed", {
+        widgetType: "mcp_apps",
+        resourceUri: resolvedResourceUri,
+        cspMode: effectiveCspMode,
+        errorCode: classifyWidgetError(null, "resource_missing"),
+      });
       return c.json({ error: "No content in resource" }, 404);
     }
 
@@ -116,6 +124,12 @@ apps.post("/widget-content", async (c) => {
     } else if ("blob" in content && typeof content.blob === "string") {
       html = Buffer.from(content.blob, "base64").toString("utf-8");
     } else {
+      getRequestLogger(c, "routes.apps.mcp-apps").event("widget.resource.failed", {
+        widgetType: "mcp_apps",
+        resourceUri: resolvedResourceUri,
+        cspMode: effectiveCspMode,
+        errorCode: classifyWidgetError(null, "html_missing"),
+      });
       return c.json({ error: "No HTML content in resource" }, 404);
     }
 
@@ -163,6 +177,12 @@ apps.post("/widget-content", async (c) => {
     });
 
     // Return JSON with HTML and metadata for CSP enforcement
+    getRequestLogger(c, "routes.apps.mcp-apps").event("widget.resource.served", {
+      widgetType: "mcp_apps",
+      resourceUri: resolvedResourceUri,
+      cspMode: effectiveCspMode,
+      mimeTypeValid,
+    });
     c.header("Cache-Control", "no-cache, no-store, must-revalidate");
     return c.json({
       html,
@@ -177,6 +197,10 @@ apps.post("/widget-content", async (c) => {
       mimeTypeWarning,
     });
   } catch (error) {
+    getRequestLogger(c, "routes.apps.mcp-apps").event("widget.resource.failed", {
+      widgetType: "mcp_apps",
+      errorCode: classifyWidgetError(error),
+    });
     logger.error("[MCP Apps] Error fetching resource", error);
     return c.json(
       { error: error instanceof Error ? error.message : "Unknown error" },

mcpjam-inspector/server/routes/mcp/oauth.ts

@@ -1,6 +1,8 @@
 import { Hono } from "hono";
 import type { ContentfulStatusCode } from "hono/utils/http-status";
 import { logger } from "../../utils/logger";
+import { getRequestLogger } from "../../utils/request-logger";
+import { classifyError } from "../../utils/error-classify";
 import {
   executeOAuthProxy,
   executeDebugOAuthProxy,
@@ -10,6 +12,15 @@ import {
 
 const oauth = new Hono();
 
+function safeHostname(url: string | undefined): string {
+  if (!url) return "unknown";
+  try {
+    return new URL(url).hostname || url;
+  } catch {
+    return url;
+  }
+}
+
 /**
  * Debug proxy for OAuth flow visualization and testing
  * POST /api/mcp/oauth/debug/proxy
@@ -20,17 +31,31 @@ const oauth = new Hono();
  * Body: { url: string, method?: string, body?: object, headers?: object }
  */
 oauth.post("/debug/proxy", async (c) => {
+  let proxyUrl: string | undefined;
   try {
     const { url, method, body, headers } = await c.req.json();
+    proxyUrl = url;
     const result = await executeDebugOAuthProxy({ url, method, body, headers });
     return c.json(result);
   } catch (error) {
+    const targetUrlHost = safeHostname(proxyUrl);
     if (error instanceof OAuthProxyError) {
+      getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+        targetUrlHost,
+        oauthPhase: "proxy",
+        errorCode: classifyError(error),
+        statusCode: error.status,
+      });
       return c.json(
         { error: error.message },
         error.status as ContentfulStatusCode,
       );
     }
+    getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+      targetUrlHost,
+      oauthPhase: "proxy",
+      errorCode: classifyError(error),
+    });
     logger.error("[OAuth Debug Proxy] Error", error);
     return c.json(
       {
@@ -50,17 +75,31 @@ oauth.post("/debug/proxy", async (c) => {
  * @deprecated Use /debug/proxy for debugging or implement proper OAuth client
  */
 oauth.post("/proxy", async (c) => {
+  let proxyUrl: string | undefined;
   try {
     const { url, method, body, headers } = await c.req.json();
+    proxyUrl = url;
     const result = await executeOAuthProxy({ url, method, body, headers });
     return c.json(result);
   } catch (error) {
+    const targetUrlHost = safeHostname(proxyUrl);
     if (error instanceof OAuthProxyError) {
+      getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+        targetUrlHost,
+        oauthPhase: "proxy",
+        errorCode: classifyError(error),
+        statusCode: error.status,
+      });
       return c.json(
         { error: error.message },
         error.status as ContentfulStatusCode,
       );
     }
+    getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+      targetUrlHost,
+      oauthPhase: "proxy",
+      errorCode: classifyError(error),
+    });
     logger.error("OAuth proxy error", error);
     return c.json(
       {
@@ -77,13 +116,13 @@ oauth.post("/proxy", async (c) => {
  * GET /api/mcp/oauth/metadata?url=https://mcp.asana.com/.well-known/oauth-authorization-server/sse
  */
 oauth.get("/metadata", async (c) => {
+  const metadataUrl = c.req.query("url");
   try {
-    const url = c.req.query("url");
-    if (!url) {
+    if (!metadataUrl) {
       return c.json({ error: "Missing url parameter" }, 400);
     }
 
-    const result = await fetchOAuthMetadata(url);
+    const result = await fetchOAuthMetadata(metadataUrl);
     if ("status" in result && result.status !== undefined) {
       return c.json(
         {
@@ -95,12 +134,24 @@ oauth.get("/metadata", async (c) => {
 
     return c.json(result.metadata);
   } catch (error) {
+    const targetUrlHost = safeHostname(metadataUrl);
     if (error instanceof OAuthProxyError) {
+      getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+        targetUrlHost,
+        oauthPhase: "metadata",
+        errorCode: classifyError(error),
+        statusCode: error.status,
+      });
       return c.json(
         { error: error.message },
         error.status as ContentfulStatusCode,
       );
     }
+    getRequestLogger(c, "routes.mcp.oauth").event("mcp.oauth.proxy.failed", {
+      targetUrlHost,
+      oauthPhase: "metadata",
+      errorCode: classifyError(error),
+    });
     logger.error("OAuth metadata proxy error", error);
     return c.json(
       {

mcpjam-inspector/server/routes/mcp/tunnels.ts

@@ -1,9 +1,12 @@
 import { Hono } from "hono";
+import type { Context } from "hono";
 import { tunnelManager } from "../../services/tunnel-manager";
 import { LOCAL_SERVER_ADDR } from "../../config";
 import { cleanupOrphanedTunnels } from "../../services/tunnel-cleanup";
 import "../../types/hono";
 import { logger } from "../../utils/logger";
+import { getRequestLogger } from "../../utils/request-logger";
+import { classifyTunnelError } from "../../utils/error-classify";
 
 const tunnels = new Hono();
 
@@ -62,6 +65,14 @@ async function fetchNgrokToken(authHeader?: string): Promise<{
   };
 }
 
+function safeHostname(url: string): string {
+  try {
+    return new URL(url).hostname || url;
+  } catch {
+    return url;
+  }
+}
+
 // Report tunnel creation to Convex backend
 async function recordTunnel(
   serverId: string,
@@ -70,6 +81,7 @@ async function recordTunnel(
   domainId?: string,
   domain?: string,
   authHeader?: string,
+  c?: Context,
 ): Promise<void> {
   const convexUrl = process.env.CONVEX_HTTP_URL;
   if (!convexUrl) {
@@ -92,6 +104,14 @@ async function recordTunnel(
       body: JSON.stringify({ serverId, url, credentialId, domainId, domain }),
     });
   } catch (error) {
+    const tunnelKind = serverId === "shared" ? "shared" : "server";
+    if (c) {
+      getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.record_failed", {
+        tunnelKind,
+        tunnelDomain: domain,
+        errorCode: classifyTunnelError(error, "convex_record_failed"),
+      });
+    }
     logger.error("Failed to record tunnel", error, { serverId, url });
     // Don't throw - tunnel is already created, just log the error
   }
@@ -167,6 +187,11 @@ tunnels.post("/create", async (c) => {
     // Check if tunnel already exists
     const existingUrl = tunnelManager.getTunnelUrl();
     if (existingUrl) {
+      getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.created", {
+        tunnelKind: "shared",
+        tunnelDomain: safeHostname(existingUrl),
+        existed: true,
+      });
       return c.json({
         url: existingUrl,
         existed: true,
@@ -189,13 +214,24 @@ tunnels.post("/create", async (c) => {
       domainId,
       domain,
       authHeader,
+      c,
     );
 
+    getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.created", {
+      tunnelKind: "shared",
+      tunnelDomain: domain,
+      existed: false,
+      credentialIdPresent: !!credentialId,
+    });
     return c.json({
       url,
       existed: false,
     });
   } catch (error: any) {
+    getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.creation_failed", {
+      tunnelKind: "shared",
+      errorCode: classifyTunnelError(error),
+    });
     logger.error("Error creating tunnel", error);
     return c.json(
       {
@@ -214,6 +250,11 @@ tunnels.post("/create/:serverId", async (c) => {
   try {
     const existingUrl = tunnelManager.getServerTunnelUrl(serverId);
     if (existingUrl) {
+      getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.created", {
+        tunnelKind: "server",
+        tunnelDomain: safeHostname(existingUrl),
+        existed: true,
+      });
       return c.json({
         url: existingUrl,
         existed: true,
@@ -236,19 +277,30 @@ tunnels.post("/create/:serverId", async (c) => {
       domainId,
       domain,
       authHeader,
+      c,
     );
 
     const serverTunnelUrl = tunnelManager.getServerTunnelUrl(serverId);
     if (!serverTunnelUrl) {
       throw new Error("Failed to build server tunnel URL");
     }
 
+    getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.created", {
+      tunnelKind: "server",
+      tunnelDomain: domain,
+      existed: false,
+      credentialIdPresent: !!credentialId,
+    });
     return c.json({
       url: serverTunnelUrl,
       serverId,
       existed: false,
     });
   } catch (error: any) {
+    getRequestLogger(c, "routes.mcp.tunnels").event("tunnel.creation_failed", {
+      tunnelKind: "server",
+      errorCode: classifyTunnelError(error),
+    });
     logger.error("Error creating server-specific tunnel", error, { serverId });
     return c.json(
       {