Add more logs to auth related classes (#246)

fingo · Oct 22, 2024 · 28aff99 · 28aff99
1 parent 3822216
commit 28aff99
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/src/main/java/info/fingo/urlopia/config/authentication/AccessDeniedExceptionHandler.java b/src/main/java/info/fingo/urlopia/config/authentication/AccessDeniedExceptionHandler.java
@@ -1,5 +1,7 @@
 package info.fingo.urlopia.config.authentication;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
@@ -11,10 +13,13 @@
 
 public class AccessDeniedExceptionHandler implements AccessDeniedHandler
 {
+    private static final Logger LOGGER = LoggerFactory.getLogger(AccessDeniedExceptionHandler.class);
+
     @Override
     public void handle(HttpServletRequest request,
                        HttpServletResponse response,
                        AccessDeniedException ex) throws IOException, ServletException {
+        LOGGER.warn("Access denied", ex);
         response.setStatus(HttpStatus.FORBIDDEN.value());
     }
 }
diff --git a/src/main/java/info/fingo/urlopia/config/authentication/oauth/JwtFilter.java b/src/main/java/info/fingo/urlopia/config/authentication/oauth/JwtFilter.java
@@ -4,6 +4,8 @@
 import info.fingo.urlopia.api.v2.authentication.oauth.OAuthRedirectService;
 import info.fingo.urlopia.user.NoSuchUserException;
 import lombok.RequiredArgsConstructor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -21,6 +23,7 @@
 @RequiredArgsConstructor
 @ConditionalOnProperty(name = "ad.configuration.enabled", havingValue = "true", matchIfMissing = true)
 public class JwtFilter extends OncePerRequestFilter {
+    private static final Logger LOGGER = LoggerFactory.getLogger(OncePerRequestFilter.class);
     private final JwtTokenValidator jwtTokenValidator;
 
     @Override
@@ -46,6 +49,7 @@ private Authentication getAuthenticationByToken(String header,
             var authorities = accessToken.getAuthorities();
             return new UsernamePasswordAuthenticationToken(accountName, null, authorities);
         }catch (InvalidTokenException | NoSuchUserException exception){
+            LOGGER.warn("Invalid authentication token", exception);
             response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
             return null;
         }