0ct0pu5/fess
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add log messages

Browse source
This commit is contained in:
Shinsuke Sugaya 2019-10-31 07:15:39 +09:00
parent d19f020cca
commit f3e5858d00
4 changed files with 41 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/main/java/org/codelibs/fess/sso/SsoManager.java
View file

@ -33,7 +33,11 @@ public class SsoManager {
protected final List<SsoAuthenticator> authenticatorList = new ArrayList<>();
public boolean available() {
return !NONE.equals(getSsoType());
final String ssoType = getSsoType();
if (logger.isDebugEnabled()) {
logger.debug("sso.type: {}", ssoType);
}
return !NONE.equals(ssoType);
}
public LoginCredential getLoginCredential() {

9
src/main/java/org/codelibs/fess/sso/aad/AzureAdAuthenticator.java
View file

@ -123,6 +123,9 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
@Override
public LoginCredential getLoginCredential() {
return LaRequestUtil.getOptionalRequest().map(request -> {
if (logger.isDebugEnabled()) {
logger.debug("Logging in with Azure AD Authenticator");
}
final HttpSession session = request.getSession(false);
if (session != null && containsAuthenticationData(request)) {
try {
@ -336,10 +339,16 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
}
protected boolean containsAuthenticationData(final HttpServletRequest request) {
if (logger.isDebugEnabled()) {
logger.debug("HTTP Method: {}", request.getMethod());
}
if (!request.getMethod().equalsIgnoreCase("POST")) {
return false;
}
final Map<String, String[]> params = request.getParameterMap();
if (logger.isDebugEnabled()) {
logger.debug("params: {}", params);
}
return params.containsKey(ERROR) || params.containsKey(ID_TOKEN) || params.containsKey(CODE);
}

18
src/main/java/org/codelibs/fess/sso/oic/OpenIdConnectAuthenticator.java
View file

@ -84,6 +84,9 @@ public class OpenIdConnectAuthenticator implements SsoAuthenticator {
@Override
public LoginCredential getLoginCredential() {
return LaRequestUtil.getOptionalRequest().map(request -> {
if (logger.isDebugEnabled()) {
logger.debug("Logging in with OpenID Connect Authenticator");
}
final HttpSession session = request.getSession(false);
if (session != null) {
final String sesState = (String) session.getAttribute(OIC_STATE);
@ -91,12 +94,12 @@ public class OpenIdConnectAuthenticator implements SsoAuthenticator {
session.removeAttribute(OIC_STATE);
final String code = request.getParameter("code");
final String reqState = request.getParameter("state");
if (logger.isDebugEnabled()) {
logger.debug("code: {}, state(request): {}, state(session): {}", code, reqState, sesState);
}
if (sesState.equals(reqState) && StringUtil.isNotBlank(code)) {
return processCallback(request, code);
}
if (logger.isDebugEnabled()) {
logger.debug("code:" + code + " state(request):" + reqState + " state(session):" + sesState);
}
return null;
}
}
@ -126,9 +129,9 @@ public class OpenIdConnectAuthenticator implements SsoAuthenticator {
final String jwtSigniture = new String(Base64.decodeBase64(jwt[2]), Constants.UTF_8_CHARSET);
if (logger.isDebugEnabled()) {
logger.debug("jwtHeader: " + jwtHeader);
logger.debug("jwtClaim: " + jwtClaim);
logger.debug("jwtSigniture: " + jwtSigniture);
logger.debug("jwtHeader: {}", jwtHeader);
logger.debug("jwtClaim: {}", jwtClaim);
logger.debug("jwtSigniture: {}", jwtSigniture);
}
// TODO validate signiture
@ -142,6 +145,9 @@ public class OpenIdConnectAuthenticator implements SsoAuthenticator {
attributes.put("jwtclaim", jwtClaim);
attributes.put("jwtsign", jwtSigniture);
if (logger.isDebugEnabled()) {
logger.debug("attribute: {}", attributes);
}
parseJwtClaim(jwtClaim, attributes);
return new OpenIdConnectCredential(attributes);

16
src/main/java/org/codelibs/fess/sso/spnego/SpnegoAuthenticator.java
View file

@ -16,6 +16,7 @@
package org.codelibs.fess.sso.spnego;
import java.io.File;
import java.util.Arrays;
import java.util.Enumeration;
import javax.annotation.PostConstruct;
@ -102,6 +103,9 @@ public class SpnegoAuthenticator implements SsoAuthenticator {
return LaRequestUtil
.getOptionalRequest()
.map(request -> {
if (logger.isDebugEnabled()) {
logger.debug("Logging in with SPNEGO Authenticator");
}
final HttpServletResponse response = LaResponseUtil.getResponse();
final SpnegoHttpServletResponse spnegoResponse = new SpnegoHttpServletResponse(response);
@ -109,6 +113,9 @@ public class SpnegoAuthenticator implements SsoAuthenticator {
final SpnegoPrincipal principal;
try {
principal = getAuthenticator().authenticate(request, spnegoResponse);
if (logger.isDebugEnabled()) {
logger.debug("principal: {}", principal);
}
} catch (final Exception e) {
final String msg = "HTTP Authorization Header=" + request.getHeader(Constants.AUTHZ_HEADER);
if (logger.isDebugEnabled()) {
@ -118,7 +125,11 @@ public class SpnegoAuthenticator implements SsoAuthenticator {
}
// context/auth loop not yet complete
if (spnegoResponse.isStatusSet()) {
final boolean status = spnegoResponse.isStatusSet();
if (logger.isDebugEnabled()) {
logger.debug("isStatusSet: {}", status);
}
if (status) {
return new ActionResponseCredential(() -> {
throw new RequestLoggingFilter.RequestClientErrorException("Your request is not authorized.",
"401 Unauthorized", HttpServletResponse.SC_UNAUTHORIZED);
@ -139,6 +150,9 @@ public class SpnegoAuthenticator implements SsoAuthenticator {
}
final String[] username = principal.getName().split("@", 2);
if (logger.isDebugEnabled()) {
logger.debug("username: {}", Arrays.toString(username));
}
return new SpnegoCredential(username[0]);
}).orElseGet(() -> null);