토큰 요청 메세지 로깅 토큰 발급 에러시에만 파일로깅.

This commit is contained in:
cho
2026-01-30 17:00:17 +09:00
parent 902201a19d
commit d9bfc07850
3 changed files with 31 additions and 20 deletions
@@ -211,10 +211,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, String accessToken) {
try {
if (!EAIDBLogControl.isEnable()) {
logger.warn("DB logging is disabled. Skipping token issuance logging.");
return;
}
RequestContextData data = RequestContextData.ThreadLocalRequestContext.get();
OAuth2Manager.getInstance();
@@ -238,8 +235,15 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
log.setResultMessage(resultMessage);
log.setAccessToken(accessToken); // Add access token value to the log
logger.info("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, data.getGrantType(), data.getScope());
if( !isSuccess ) {
logger.error("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, data.getGrantType(), data.getScope());
}
if (!EAIDBLogControl.isEnable()) {
logger.warn("DB logging is disabled. Skipping token issuance logging.");
return;
}
tokenIssuanceLogDAO.saveTokenIssuanceLog(log);
} catch (Throwable th) {
@@ -53,12 +53,13 @@ public class BearerTokenContoller {
)
public ResponseEntity<?> issueCAToken(HttpServletRequest request, @RequestParam MultiValueMap<String, String> req) throws JwtAuthException {
JSONObject resObject = new JSONObject();
String clientId = req.getFirst("client_id");
String grantType = req.getFirst("grant_type");
String clientSecret = req.getFirst("client_secret");
String scopes = req.getFirst("scope");
try {
String clientId = req.getFirst("client_id");
String grantType = req.getFirst("grant_type");
String clientSecret = req.getFirst("client_secret");
String scopes = req.getFirst("scope");
RequestContextData data = new RequestContextData();
data.setClientId(request.getParameter("client_id"));
@@ -70,8 +71,7 @@ public class BearerTokenContoller {
RequestContextData.ThreadLocalRequestContext.set(data);
logger.info("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
if (!StringUtils.equals(grantType, "client_credentials") ) {
throw new JwtAuthException("unsupported_grant_type", "Unsupported grant type");
@@ -110,11 +110,15 @@ public class BearerTokenContoller {
return ResponseEntity.ok(resObject);
} catch (JwtAuthException e) {
logger.error("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
logger.error(e);
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage());
logTokenIssuance(false ,false, e.getMessage(), null);
return ResponseEntity.status(401).body(errorJson);
} catch (Exception e) {
logger.error("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
logger.error(e);
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AP_ERROR, e.getMessage());
logTokenIssuance(false ,false, e.getMessage(), null);
@@ -125,6 +125,12 @@ public class KjbMGOAuth2Controller {
KjbMGOAuth2AccessTokenResponse responseToken = new KjbMGOAuth2AccessTokenResponse();
String grantType = tokenRequest.getGrantType();
String clientId = tokenRequest.getClientId();
String clientSecret = tokenRequest.getClientSecret();
String scopes = tokenRequest.getScope();
try {
if (!StringUtils.equals(tokenRequest.getGrantType(), "client_credentials")) {
throw new JwtAuthException(
@@ -132,14 +138,6 @@ public class KjbMGOAuth2Controller {
"Invalid Mandatory Field {grantType}");
}
String grantType = tokenRequest.getGrantType();
String clientId = tokenRequest.getClientId();
String clientSecret = tokenRequest.getClientSecret();
String scopes = tokenRequest.getScope();
logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
String[] scopeArr = org.springframework.util.StringUtils.tokenizeToStringArray(scopes, " ");
Set<String> scopeSet = new HashSet<String>();
for (String scope : scopeArr) {
@@ -190,12 +188,17 @@ public class KjbMGOAuth2Controller {
return ResponseEntity.ok(successJson);
} catch (JwtAuthException e) {
logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
logger.error(e.getMessage());
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage());
int statusCode = NumberUtils.toInt(StringUtils.left(e.getCode(), 3), HttpStatus.UNAUTHORIZED.value());
logTokenIssuance(false ,false, e.getMessage(), null);
return ResponseEntity.status(statusCode).body(errorJson);
} catch (Exception e) {
logger.info("Token request[/mapi/oauth2/token] => clientId: {}, grantType: {}, scope: {}",
clientId, grantType, scopes);
logger.error(e.getMessage());
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, "Unauthorized. [Unknown]");
logTokenIssuance(false ,false, e.getMessage(), null);