Skip to content

Commit

Permalink
Additional logging.
Browse files Browse the repository at this point in the history
  • Loading branch information
@rfc3092
rfc3092 committed Feb 26, 2025
1 parent 7d1512e commit de36bbe
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 20 deletions.
26 changes: 11 additions & 15 deletions .../java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,21 +22,17 @@ public class GetAuthenticatedResourceServerType extends JwtResolver implements C
private Optional<ResourceServerType> getResourceTypeFrom(JwtAuthenticationToken token) {
return resourceServerProperties
.stream()
.filter(properties -> {
if (token == null) {
log.warn("Token is null");
} else if (token.getToken() == null) {
log.warn("Token.getToken() is null");
} else if (token.getToken().getIssuer() == null) {
log.warn("Token.getToken().getIssuer() is null");
}
return Optional
.ofNullable(token)
.map(JwtAuthenticationToken::getToken)
.map(JwtClaimAccessor::getIssuer)
.map(issuerFromToken -> issuerFromToken.toString().equalsIgnoreCase(properties.getIssuerUri()))
.orElse(false);
})
.filter(properties ->
Optional
.ofNullable(token)
.map(JwtAuthenticationToken::getToken)
.map(JwtClaimAccessor::getIssuer)
.map(issuerFromToken -> {
var issuer = issuerFromToken.toString().equalsIgnoreCase(properties.getIssuerUri());
log.info("issuerFromToken: {}, properties.getIssuerUri(): {}, issuer: {}", issuerFromToken, properties.getIssuerUri(), issuer);
return issuer;
})
.orElse(false))
.findFirst()
.map(ResourceServerProperties::getType);
}
Expand Down
5 changes: 2 additions & 3 deletions ...ctive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,14 @@ Mono<Authentication> getJwtAuthenticationToken() {
.getContext()
.switchIfEmpty(Mono.error(new EmptyReactiveSecurityContextException()))
.doOnNext(context -> log.info("JwtResolver context.authentication {} {}", context.getAuthentication().getClass().getCanonicalName(), context.getAuthentication()))
.map(SecurityContext::getAuthentication);
.map(SecurityContext::getAuthentication)
.doOnNext(authentication -> log.info("JwtResolver authentication {} {}", authentication.getClass().getCanonicalName(), authentication));
}

static class EmptyReactiveSecurityContextException extends IllegalStateException {

EmptyReactiveSecurityContextException() {
super();
}

}

}
2 changes: 1 addition & 1 deletion ...rity/src/main/java/no/nav/testnav/libs/servletsecurity/jwt/MultipleIssuersJwtDecoder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ private static OAuth2TokenValidator<Jwt> customAudienceValidator(ResourceServerP
.stream()
.anyMatch(audience -> properties.getAcceptedAudience().contains(audience));
if (!valid) {
log.error("Fant ikke påkrevd audience {} i tokenet, bare {}", properties.getAcceptedAudience(), token.getAudience());
log.warn("Fant ikke påkrevd audience {} i tokenet, bare {}", properties.getAcceptedAudience(), token.getAudience());
}
return OAuth2TokenValidatorResult.success();
};
Expand Down
2 changes: 1 addition & 1 deletion .../no/nav/testnav/libs/servletsecurity/jwt/SecureOAuth2ServerToServerAutoConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ public class SecureOAuth2ServerToServerAutoConfiguration {
@Bean
@Profile("!test")
@ConditionalOnMissingBean
JwtDecoder jwtDecoder(List<ResourceServerProperties> properties) {
MultipleIssuersJwtDecoder jwtDecoder(List<ResourceServerProperties> properties) {
return new MultipleIssuersJwtDecoder(properties);
}

Expand Down

0 comments on commit de36bbe

Please sign in to comment.