diff --git a/src/main/java/com/eactive/eai/authserver/config/AuthorizationServerConfig.java b/src/main/java/com/eactive/eai/authserver/config/AuthorizationServerConfig.java index 024a818..38e4362 100644 --- a/src/main/java/com/eactive/eai/authserver/config/AuthorizationServerConfig.java +++ b/src/main/java/com/eactive/eai/authserver/config/AuthorizationServerConfig.java @@ -211,10 +211,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, String accessToken) { try { - if (!EAIDBLogControl.isEnable()) { - logger.warn("DB logging is disabled. Skipping token issuance logging."); - return; - } + RequestContextData data = RequestContextData.ThreadLocalRequestContext.get(); OAuth2Manager.getInstance(); @@ -238,8 +235,15 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap log.setResultMessage(resultMessage); log.setAccessToken(accessToken); // Add access token value to the log - logger.info("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}", - clientId, data.getGrantType(), data.getScope()); + if( !isSuccess ) { + logger.error("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, data.getGrantType(), data.getScope()); + } + + if (!EAIDBLogControl.isEnable()) { + logger.warn("DB logging is disabled. Skipping token issuance logging."); + return; + } tokenIssuanceLogDAO.saveTokenIssuanceLog(log); } catch (Throwable th) { diff --git a/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java b/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java index abfd5f5..d5e14cf 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java @@ -53,12 +53,13 @@ public class BearerTokenContoller { ) public ResponseEntity issueCAToken(HttpServletRequest request, @RequestParam MultiValueMap req) throws JwtAuthException { JSONObject resObject = new JSONObject(); + String clientId = req.getFirst("client_id"); + String grantType = req.getFirst("grant_type"); + String clientSecret = req.getFirst("client_secret"); + String scopes = req.getFirst("scope"); try { - String clientId = req.getFirst("client_id"); - String grantType = req.getFirst("grant_type"); - String clientSecret = req.getFirst("client_secret"); - String scopes = req.getFirst("scope"); + RequestContextData data = new RequestContextData(); data.setClientId(request.getParameter("client_id")); @@ -70,8 +71,7 @@ public class BearerTokenContoller { RequestContextData.ThreadLocalRequestContext.set(data); - logger.info("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}", - clientId, grantType, scopes); + if (!StringUtils.equals(grantType, "client_credentials") ) { throw new JwtAuthException("unsupported_grant_type", "Unsupported grant type"); @@ -110,11 +110,15 @@ public class BearerTokenContoller { return ResponseEntity.ok(resObject); } catch (JwtAuthException e) { + logger.error("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, grantType, scopes); logger.error(e); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage()); logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(401).body(errorJson); } catch (Exception e) { + logger.error("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, grantType, scopes); logger.error(e); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AP_ERROR, e.getMessage()); logTokenIssuance(false ,false, e.getMessage(), null); diff --git a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java index 58e3a54..0731c52 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java @@ -125,6 +125,12 @@ public class KjbMGOAuth2Controller { KjbMGOAuth2AccessTokenResponse responseToken = new KjbMGOAuth2AccessTokenResponse(); + + String grantType = tokenRequest.getGrantType(); + String clientId = tokenRequest.getClientId(); + String clientSecret = tokenRequest.getClientSecret(); + String scopes = tokenRequest.getScope(); + try { if (!StringUtils.equals(tokenRequest.getGrantType(), "client_credentials")) { throw new JwtAuthException( @@ -132,14 +138,6 @@ public class KjbMGOAuth2Controller { "Invalid Mandatory Field {grantType}"); } - String grantType = tokenRequest.getGrantType(); - String clientId = tokenRequest.getClientId(); - String clientSecret = tokenRequest.getClientSecret(); - String scopes = tokenRequest.getScope(); - - logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}", - clientId, grantType, scopes); - String[] scopeArr = org.springframework.util.StringUtils.tokenizeToStringArray(scopes, " "); Set scopeSet = new HashSet(); for (String scope : scopeArr) { @@ -190,12 +188,17 @@ public class KjbMGOAuth2Controller { return ResponseEntity.ok(successJson); } catch (JwtAuthException e) { + logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, grantType, scopes); + logger.error(e.getMessage()); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage()); int statusCode = NumberUtils.toInt(StringUtils.left(e.getCode(), 3), HttpStatus.UNAUTHORIZED.value()); logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(statusCode).body(errorJson); } catch (Exception e) { + logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, grantType, scopes); logger.error(e.getMessage()); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, "Unauthorized. [Unknown]"); logTokenIssuance(false ,false, e.getMessage(), null);