diff --git a/src/main/java/com/eactive/eai/authserver/config/CustomOAuth2AuthenticationEntryPoint.java b/src/main/java/com/eactive/eai/authserver/config/CustomOAuth2AuthenticationEntryPoint.java new file mode 100644 index 0000000..cdf46ba --- /dev/null +++ b/src/main/java/com/eactive/eai/authserver/config/CustomOAuth2AuthenticationEntryPoint.java @@ -0,0 +1,122 @@ +package com.eactive.eai.authserver.config; + +import java.io.IOException; +import java.time.LocalDateTime; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint; + +import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO; +import com.eactive.eai.authserver.service.OAuth2Manager; +import com.eactive.eai.authserver.vo.ClientVO; +import com.eactive.eai.common.logger.EAIDBLogControl; +import com.eactive.eai.common.util.Logger; +import com.eactive.eai.common.util.MessageUtil; +import com.eactive.eai.data.entity.onl.authserver.TokenIssuanceLog; +import com.fasterxml.jackson.databind.ObjectMapper; + +public class CustomOAuth2AuthenticationEntryPoint extends OAuth2AuthenticationEntryPoint { + + static Logger logger = Logger.getLogger(Logger.LOGGER_DEFAULT); + + private final ObjectMapper objectMapper = new ObjectMapper(); + + private final TokenIssuanceLogDAO tokenIssuanceLogDAO; + + public CustomOAuth2AuthenticationEntryPoint(TokenIssuanceLogDAO dao) { + this.tokenIssuanceLogDAO = dao; + } + + @Override + public void commence(HttpServletRequest request, + HttpServletResponse response, + AuthenticationException authException) throws IOException { + + try { + RequestContextData data = new RequestContextData(); + data.setClientId(request.getParameter("client_id")); + data.setIpAddress(extractIpAddress(request)); + data.setGrantType(request.getParameter("grant_type")); + data.setScope(request.getParameter("scope")); + data.setUsername(request.getParameter("username")); + data.setResource(request.getParameter("resource")); + + RequestContextData.ThreadLocalRequestContext.set(data); + logTokenIssuance(false,false, authException.getMessage(), null); + } finally { + RequestContextData.ThreadLocalRequestContext.clear(); + } + + response.setContentType("application/json;charset=UTF-8"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + + String errorMessage = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, authException.getMessage()); + + response.getWriter().write(errorMessage); + response.getWriter().flush(); + } + + private String extractIpAddress(HttpServletRequest request) { + String ipAddress = request.getHeader("X-Forwarded-For"); + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("WL-Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_CLIENT_IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_X_FORWARDED_FOR"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getRemoteAddr(); + } + return ipAddress; + } + + private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, String accessToken) { + try { + if (!EAIDBLogControl.isEnable()) { + logger.warn("DB logging is disabled. Skipping token issuance logging."); + return; + } + RequestContextData data = RequestContextData.ThreadLocalRequestContext.get(); + OAuth2Manager.getInstance(); + + TokenIssuanceLog log = new TokenIssuanceLog(); + String clientId = data.getClientId(); + log.setClientId(clientId); + + if(StringUtils.isNotBlank(clientId)) { + ClientVO clientVO = OAuth2Manager.getInstance().getClientInfo(clientId); + log.setAppName(clientVO.getClientName()); + log.setOrgId(clientVO.getOrgId()); + log.setOrgName(clientVO.getOrgName()); + } + + log.setGrantType(data.getGrantType()); + log.setScope(data.getScope()); + log.setIpAddress(data.getIpAddress()); + log.setSuccessYn(isSuccess ? "Y" : "N"); + log.setIssuanceDateTime(LocalDateTime.now()); + log.setRestrictionExemptYn(isRestrictionExempt ? "Y" : "N"); + log.setResultMessage(resultMessage); + log.setAccessToken(accessToken); // Add access token value to the log + + logger.info("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, data.getGrantType(), data.getScope()); + + tokenIssuanceLogDAO.saveTokenIssuanceLog(log); + } catch (Throwable th) { + logger.error("Error while logging token issuance: " + th.getMessage(), th); + } + } +} + + diff --git a/src/main/java/com/eactive/eai/authserver/config/CustomTokenEndpointExceptionResolver.java b/src/main/java/com/eactive/eai/authserver/config/CustomTokenEndpointExceptionResolver.java new file mode 100644 index 0000000..0931078 --- /dev/null +++ b/src/main/java/com/eactive/eai/authserver/config/CustomTokenEndpointExceptionResolver.java @@ -0,0 +1,131 @@ +package com.eactive.eai.authserver.config; + +import java.io.IOException; +import java.time.LocalDateTime; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; +import org.springframework.security.oauth2.common.exceptions.InvalidRequestException; +import org.springframework.web.servlet.HandlerExceptionResolver; +import org.springframework.web.servlet.ModelAndView; + +import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO; +import com.eactive.eai.authserver.service.OAuth2Manager; +import com.eactive.eai.authserver.vo.ClientVO; +import com.eactive.eai.common.logger.EAIDBLogControl; +import com.eactive.eai.common.util.Logger; +import com.eactive.eai.common.util.MessageUtil; +import com.eactive.eai.data.entity.onl.authserver.TokenIssuanceLog; + +@Configuration +@Order(Ordered.HIGHEST_PRECEDENCE) // 다른 HandlerExceptionResolver보다 우선 적용 +public class CustomTokenEndpointExceptionResolver implements HandlerExceptionResolver { + + static Logger logger = Logger.getLogger(Logger.LOGGER_DEFAULT); + + @Autowired + private TokenIssuanceLogDAO tokenIssuanceLogDAO; + + @Override + public ModelAndView resolveException(HttpServletRequest request, HttpServletResponse response, Object handler, + Exception ex) { + + // OAuth2 Token 요청 grant_type 누락 시 + if (ex instanceof InvalidRequestException) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + + String errorMessage = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, ex.getMessage()); + + try { + + RequestContextData data = new RequestContextData(); + data.setClientId(request.getParameter("client_id")); + data.setIpAddress(extractIpAddress(request)); + data.setGrantType(request.getParameter("grant_type")); + data.setScope(request.getParameter("scope")); + data.setUsername(request.getParameter("username")); + data.setResource(request.getParameter("resource")); + + RequestContextData.ThreadLocalRequestContext.set(data); + logTokenIssuance(false, false, errorMessage, null); + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write(errorMessage); + response.getWriter().flush(); + } catch (IOException e) { + e.printStackTrace(); + } finally { + RequestContextData.ThreadLocalRequestContext.clear(); + } + + return new ModelAndView(); + } + + // 다른 예외는 다른 HandlerExceptionResolver에게 위임 + return null; + } + + private String extractIpAddress(HttpServletRequest request) { + String ipAddress = request.getHeader("X-Forwarded-For"); + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("WL-Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_CLIENT_IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_X_FORWARDED_FOR"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getRemoteAddr(); + } + return ipAddress; + } + + private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, + String accessToken) { + try { + if (!EAIDBLogControl.isEnable()) { + logger.warn("DB logging is disabled. Skipping token issuance logging."); + return; + } + RequestContextData data = RequestContextData.ThreadLocalRequestContext.get(); + OAuth2Manager.getInstance(); + + TokenIssuanceLog log = new TokenIssuanceLog(); + String clientId = data.getClientId(); + log.setClientId(clientId); + + if (StringUtils.isNotBlank(clientId)) { + ClientVO clientVO = OAuth2Manager.getInstance().getClientInfo(clientId); + log.setAppName(clientVO.getClientName()); + log.setOrgId(clientVO.getOrgId()); + log.setOrgName(clientVO.getOrgName()); + } + + log.setGrantType(data.getGrantType()); + log.setScope(data.getScope()); + log.setIpAddress(data.getIpAddress()); + log.setSuccessYn(isSuccess ? "Y" : "N"); + log.setIssuanceDateTime(LocalDateTime.now()); + log.setRestrictionExemptYn(isRestrictionExempt ? "Y" : "N"); + log.setResultMessage(resultMessage); + log.setAccessToken(accessToken); // Add access token value to the log + + logger.info("Token request[/oauth/token or /oauth2/token] => clientId: {}, grantType: {}, scope: {}", + clientId, data.getGrantType(), data.getScope()); + + tokenIssuanceLogDAO.saveTokenIssuanceLog(log); + } catch (Throwable th) { + logger.error("Error while logging token issuance: " + th.getMessage(), th); + } + } +} diff --git a/src/main/java/com/eactive/eai/authserver/config/OAuth2FilterCustomizer.java b/src/main/java/com/eactive/eai/authserver/config/OAuth2FilterCustomizer.java new file mode 100644 index 0000000..25eb6bf --- /dev/null +++ b/src/main/java/com/eactive/eai/authserver/config/OAuth2FilterCustomizer.java @@ -0,0 +1,39 @@ +package com.eactive.eai.authserver.config; + +import javax.servlet.Filter; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter; +import org.springframework.security.web.FilterChainProxy; +import org.springframework.stereotype.Component; + +import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO; + +@Component +public class OAuth2FilterCustomizer implements ApplicationListener { + + private boolean initialized = false; + + @Autowired + private TokenIssuanceLogDAO tokenIssuanceLogDAO; + + @Override + public void onApplicationEvent(ContextRefreshedEvent event) { + if (initialized) return; + + Filter springSecurityFilterChain = event.getApplicationContext() + .getBean("springSecurityFilterChain", Filter.class); + + FilterChainProxy filterChainProxy = (FilterChainProxy) springSecurityFilterChain; + + filterChainProxy.getFilterChains().stream() + .flatMap(chain -> chain.getFilters().stream()) + .filter(filter -> filter instanceof ClientCredentialsTokenEndpointFilter) + .forEach(filter -> ((ClientCredentialsTokenEndpointFilter) filter) + .setAuthenticationEntryPoint(new CustomOAuth2AuthenticationEntryPoint(tokenIssuanceLogDAO))); + + initialized = true; + } +} \ No newline at end of file diff --git a/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java b/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java index 53b23a2..abfd5f5 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/BearerTokenContoller.java @@ -1,12 +1,16 @@ package com.eactive.eai.authserver.custom; +import java.time.LocalDateTime; import java.util.HashMap; import java.util.HashSet; import java.util.Map; import java.util.Set; +import javax.servlet.http.HttpServletRequest; + import org.apache.commons.lang3.StringUtils; import org.json.simple.JSONObject; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.ResponseEntity; import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.util.MultiValueMap; @@ -19,10 +23,15 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import com.eactive.eai.adapter.http.dynamic.filter.JwtAuthException; +import com.eactive.eai.authserver.config.RequestContextData; +import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO; import com.eactive.eai.authserver.service.BearerTokenService; import com.eactive.eai.authserver.service.OAuth2Manager; +import com.eactive.eai.authserver.vo.ClientVO; +import com.eactive.eai.common.logger.EAIDBLogControl; import com.eactive.eai.common.util.Logger; import com.eactive.eai.common.util.MessageUtil; +import com.eactive.eai.data.entity.onl.authserver.TokenIssuanceLog; @RestController @RequestMapping("/auth/oauth/v2") @@ -30,6 +39,9 @@ public class BearerTokenContoller { public static Logger logger = Logger.getLogger(Logger.LOGGER_DEFAULT); private final BearerTokenService tokenService; + + @Autowired + private TokenIssuanceLogDAO tokenIssuanceLogDAO; public BearerTokenContoller(BearerTokenService tokenService) { this.tokenService = tokenService; @@ -39,7 +51,7 @@ public class BearerTokenContoller { value = "/token", method = {RequestMethod.POST, RequestMethod.GET} ) - public ResponseEntity issueCAToken(@RequestParam MultiValueMap req) throws JwtAuthException { + public ResponseEntity issueCAToken(HttpServletRequest request, @RequestParam MultiValueMap req) throws JwtAuthException { JSONObject resObject = new JSONObject(); try { @@ -48,6 +60,16 @@ public class BearerTokenContoller { String clientSecret = req.getFirst("client_secret"); String scopes = req.getFirst("scope"); + RequestContextData data = new RequestContextData(); + data.setClientId(request.getParameter("client_id")); + data.setIpAddress(extractIpAddress(request)); + data.setGrantType(request.getParameter("grant_type")); + data.setScope(request.getParameter("scope")); + data.setUsername(request.getParameter("username")); + data.setResource(request.getParameter("resource")); + + RequestContextData.ThreadLocalRequestContext.set(data); + logger.info("Token request[/auth/oauth/v2/token] => clientId: {}, grantType: {}, scope: {}", clientId, grantType, scopes); @@ -83,18 +105,79 @@ public class BearerTokenContoller { tokenMap.put("scope", scopes); // ... and so on for all key-value pairs resObject.putAll(tokenMap); + + logTokenIssuance(true,false, resObject.toJSONString(), token); return ResponseEntity.ok(resObject); } catch (JwtAuthException e) { logger.error(e); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage()); + logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(401).body(errorJson); } catch (Exception e) { logger.error(e); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AP_ERROR, e.getMessage()); + logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(500).body(errorJson); + }finally { + RequestContextData.ThreadLocalRequestContext.clear(); } } + + private String extractIpAddress(HttpServletRequest request) { + String ipAddress = request.getHeader("X-Forwarded-For"); + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("WL-Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_CLIENT_IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_X_FORWARDED_FOR"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getRemoteAddr(); + } + return ipAddress; + } + + private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, String accessToken) { + try { + if (!EAIDBLogControl.isEnable()) { + logger.warn("DB logging is disabled. Skipping token issuance logging."); + return; + } + RequestContextData data = RequestContextData.ThreadLocalRequestContext.get(); + OAuth2Manager.getInstance(); + + TokenIssuanceLog log = new TokenIssuanceLog(); + String clientId = data.getClientId(); + log.setClientId(clientId); + + if(StringUtils.isNotBlank(clientId)) { + ClientVO clientVO = OAuth2Manager.getInstance().getClientInfo(clientId); + log.setAppName(clientVO.getClientName()); + log.setOrgId(clientVO.getOrgId()); + log.setOrgName(clientVO.getOrgName()); + } + + log.setGrantType(data.getGrantType()); + log.setScope(data.getScope()); + log.setIpAddress(data.getIpAddress()); + log.setSuccessYn(isSuccess ? "Y" : "N"); + log.setIssuanceDateTime(LocalDateTime.now()); + log.setRestrictionExemptYn(isRestrictionExempt ? "Y" : "N"); + log.setResultMessage(resultMessage); + log.setAccessToken(accessToken); // Add access token value to the log + + tokenIssuanceLogDAO.saveTokenIssuanceLog(log); + } catch (Throwable th) { + logger.error("Error while logging token issuance: " + th.getMessage(), th); + } + } private void veryfyClient(ClientDetails clientDetails, String clientSecret, Set scopeSet) throws JwtAuthException { if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { diff --git a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java index 932460a..e63949a 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java @@ -95,6 +95,17 @@ public class KjbMGOAuth2Controller { if (logger.isDebug()) { logger.debug(tokenRequest.toString()); } + + RequestContextData data = new RequestContextData(); + data.setClientId(tokenRequest.getClientId()); + data.setIpAddress(extractIpAddress(request)); + data.setGrantType(tokenRequest.getGrantType()); + data.setScope(tokenRequest.getScope()); + data.setUsername("none"); + data.setResource("none"); + + RequestContextData.ThreadLocalRequestContext.set(data); + KjbMGOAuth2AccessTokenResponse responseToken = new KjbMGOAuth2AccessTokenResponse(); try { @@ -158,22 +169,47 @@ public class KjbMGOAuth2Controller { // 성공 시 JSON 문자열로 변환하여 반환 ObjectMapper mapper = new ObjectMapper(); String successJson = mapper.writeValueAsString(responseToken); + return ResponseEntity.ok(successJson); } catch (JwtAuthException e) { String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage()); int statusCode = NumberUtils.toInt(StringUtils.left(e.getCode(), 3), HttpStatus.UNAUTHORIZED.value()); + logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(statusCode).body(errorJson); } catch (Exception e) { logger.error(e.getMessage()); String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, "Unauthorized. [Unknown]"); + logTokenIssuance(false ,false, e.getMessage(), null); return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(errorJson); + }finally { + RequestContextData.ThreadLocalRequestContext.clear(); } } + private String extractIpAddress(HttpServletRequest request) { + String ipAddress = request.getHeader("X-Forwarded-For"); + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("WL-Proxy-Client-IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_CLIENT_IP"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getHeader("HTTP_X_FORWARDED_FOR"); + } + if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { + ipAddress = request.getRemoteAddr(); + } + return ipAddress; + } + private void verifyClient(ClientDetails clientDetails, String clientId, String clientSecret, Set scopeSet) throws JwtAuthException { @@ -219,35 +255,6 @@ public class KjbMGOAuth2Controller { return BeanUtils.getBean("tokenEndpoint", TokenEndpoint.class); } - private class TokenIssuanceLogEnhancer implements TokenEnhancer { - @Override - public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { - if (!EAIDBLogControl.isEnable()) { - logger.warn("DB logging is disabled. Skipping token issuance logging."); - return accessToken; - } - - String clientId = authentication.getOAuth2Request().getClientId(); - LocalDateTime startDateTime = LocalDateTime.now().minusHours(24); - - int recentTokenCount = tokenIssuanceLogDAO.findRecentLogsForRestrictionCount(clientId, startDateTime); - - try { - ClientVO clientVO = OAuth2Manager.getInstance().getClientInfo(clientId); - int dailyTokenLimit = clientVO.getDailyTokenLimit(); - if (dailyTokenLimit > 0 && recentTokenCount >= dailyTokenLimit) { - throw new IssueLimitOAuth2Exception("Token issuance limit exceeded for this client"); - } - - // JWT 변환 이후의 최종 토큰 값 로깅 - logTokenIssuance(true, false, "Token issued successfully", accessToken.getValue()); - } catch (DAOException e) { - logger.warn("cannot find clientVo - " + clientId); - } - return accessToken; - } - } - private void logTokenIssuance(boolean isSuccess, boolean isRestrictionExempt, String resultMessage, String accessToken) { try { if (!EAIDBLogControl.isEnable()) {