token storage logging improvements

server/src/main/java/password/pwm/svc/token/CryptoTokenMachine.java

@@ -24,6 +24,8 @@ import password.pwm.bean.SessionLabel;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 
+import java.util.Optional;
+
 class CryptoTokenMachine implements TokenMachine
 {
 
@@ -35,6 +37,7 @@ class CryptoTokenMachine implements TokenMachine
         this.tokenService = tokenService;
     }
 
+    @Override
     public String generateToken(
             final SessionLabel sessionLabel,
             final TokenPayload tokenPayload
@@ -50,14 +53,15 @@ class CryptoTokenMachine implements TokenMachine
         return returnString.toString();
     }
 
-    public TokenPayload retrieveToken( final TokenKey tokenKey )
+    @Override
+    public Optional<TokenPayload> retrieveToken( final SessionLabel sessionLabel, final TokenKey tokenKey )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         if ( tokenKey == null || tokenKey.getStoredHash().length() < 1 )
         {
-            return null;
+            return Optional.empty();
         }
-        return tokenService.fromEncryptedString( tokenKey.getStoredHash() );
+        return Optional.of( tokenService.fromEncryptedString( tokenKey.getStoredHash() ) );
     }
 
     public void storeToken( final TokenKey tokenKey, final TokenPayload tokenPayload ) throws PwmOperationalException, PwmUnrecoverableException

server/src/main/java/password/pwm/svc/token/DataStoreTokenMachine.java

@@ -33,6 +33,7 @@ import password.pwm.util.java.TimeDuration;
 import password.pwm.util.logging.PwmLogger;
 
 import java.time.Instant;
+import java.util.Optional;
 
 public class DataStoreTokenMachine implements TokenMachine
 {
@@ -92,7 +93,7 @@ public class DataStoreTokenMachine implements TokenMachine
                 final TokenKey loopKey = keyFromStoredHash( storedHash );
 
                 // retrieving token tests validity and causes purging
-                retrieveToken( loopKey );
+                retrieveToken( null, loopKey );
             }
         }
         catch ( final Exception e )
@@ -135,7 +136,7 @@ public class DataStoreTokenMachine implements TokenMachine
         return tokenService.makeUniqueTokenForMachine( sessionLabel, this );
     }
 
-    public TokenPayload retrieveToken( final TokenKey tokenKey )
+    public Optional<TokenPayload> retrieveToken( final SessionLabel sessionLabel, final TokenKey tokenKey )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final String storedHash = tokenKey.getStoredHash();
@@ -150,23 +151,24 @@ public class DataStoreTokenMachine implements TokenMachine
             }
             catch ( final PwmException e )
             {
-                LOGGER.trace( () -> "error while trying to decrypted stored token payload for key '" + storedHash + "', will purge record, error: " + e.getMessage() );
+                LOGGER.trace( sessionLabel, () -> "error while trying to decrypted stored token payload for key '" + storedHash
+                        + "', will purge record, error: " + e.getMessage() );
                 dataStore.remove( storedHash );
-                return null;
+                return Optional.empty();
             }
 
             if ( testIfTokenNeedsPurging( tokenPayload ) )
             {
-                LOGGER.trace( () -> "stored token key '" + storedHash + "', has an outdated issue/expire date and will be purged" );
+                LOGGER.trace( sessionLabel, () -> "stored token key '" + storedHash + "', has an outdated issue/expire date and will be purged" );
                 dataStore.remove( storedHash );
             }
             else
             {
-                return tokenPayload;
+                return Optional.of( tokenPayload );
             }
         }
 
-        return null;
+        return Optional.empty();
     }
 
     public void storeToken( final TokenKey tokenKey, final TokenPayload tokenPayload ) throws PwmOperationalException, PwmUnrecoverableException

server/src/main/java/password/pwm/svc/token/LdapTokenMachine.java

@@ -38,6 +38,7 @@ import password.pwm.ldap.search.UserSearchEngine;
 
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Optional;
 
 class LdapTokenMachine implements TokenMachine
 {
@@ -65,7 +66,7 @@ class LdapTokenMachine implements TokenMachine
         return tokenService.makeUniqueTokenForMachine( sessionLabel, this );
     }
 
-    public TokenPayload retrieveToken( final TokenKey tokenKey )
+    public Optional<TokenPayload> retrieveToken( final SessionLabel sessionLabel, final TokenKey tokenKey )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final String searchFilter;
@@ -88,12 +89,12 @@ class LdapTokenMachine implements TokenMachine
             final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                     .filter( searchFilter )
                     .build();
-            final UserIdentity user = userSearchEngine.performSingleUserSearch( searchConfiguration, null );
+            final UserIdentity user = userSearchEngine.performSingleUserSearch( searchConfiguration, sessionLabel );
             if ( user == null )
             {
-                return null;
+                return Optional.empty();
             }
-            final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy( pwmApplication, null, user, null );
+            final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy( pwmApplication, sessionLabel, user, null );
             final String tokenAttributeValue = userInfo.readStringAttribute( tokenAttribute );
             if ( tokenAttribute != null && tokenAttributeValue.length() > 0 )
             {
@@ -104,14 +105,14 @@ class LdapTokenMachine implements TokenMachine
                     final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_TOKEN_INCORRECT, errorMsg );
                     throw new PwmOperationalException( errorInformation );
                 }
-                return tokenService.fromEncryptedString( splitString[ 1 ] );
+                return Optional.of( tokenService.fromEncryptedString( splitString[ 1 ] ) );
             }
         }
         catch ( final PwmOperationalException e )
         {
             if ( e.getError() == PwmError.ERROR_CANT_MATCH_USER )
             {
-                return null;
+                return Optional.empty();
             }
             throw e;
         }
@@ -121,7 +122,7 @@ class LdapTokenMachine implements TokenMachine
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_TOKEN_INCORRECT, errorMsg );
             throw new PwmOperationalException( errorInformation );
         }
-        return null;
+        return Optional.empty();
     }
 
     public void storeToken( final TokenKey tokenKey, final TokenPayload tokenPayload )
@@ -147,10 +148,10 @@ class LdapTokenMachine implements TokenMachine
     public void removeToken( final TokenKey tokenKey )
             throws PwmOperationalException, PwmUnrecoverableException
     {
-        final TokenPayload payload = retrieveToken( tokenKey );
-        if ( payload != null )
+        final Optional<TokenPayload> payload = retrieveToken( null, tokenKey );
+        if ( payload.isPresent() )
         {
-            final UserIdentity userIdentity = payload.getUserIdentity();
+            final UserIdentity userIdentity = payload.get().getUserIdentity();
             try
             {
                 final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser( userIdentity );

server/src/main/java/password/pwm/svc/token/TokenMachine.java

@@ -24,12 +24,14 @@ import password.pwm.bean.SessionLabel;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 
+import java.util.Optional;
+
 interface TokenMachine
 {
     String generateToken( SessionLabel sessionLabel, TokenPayload tokenPayload )
             throws PwmUnrecoverableException, PwmOperationalException;
 
-    TokenPayload retrieveToken( TokenKey tokenKey )
+    Optional<TokenPayload> retrieveToken( SessionLabel sessionLabel, TokenKey tokenKey )
             throws PwmOperationalException, PwmUnrecoverableException;
 
     void storeToken( TokenKey tokenKey, TokenPayload tokenPayload )

server/src/main/java/password/pwm/svc/token/TokenService.java

@@ -75,6 +75,7 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.TimerTask;
 import java.util.concurrent.ExecutorService;
 
@@ -289,16 +290,16 @@ public class TokenService implements PwmService
 
         try
         {
-            final TokenPayload storedToken = tokenMachine.retrieveToken( tokenMachine.keyFromKey( tokenKey ) );
-            if ( storedToken != null )
+            final Optional<TokenPayload> storedToken = tokenMachine.retrieveToken( sessionLabel, tokenMachine.keyFromKey( tokenKey ) );
+            if ( storedToken.isPresent() )
             {
 
-                if ( testIfTokenIsExpired( sessionLabel, storedToken ) )
+                if ( testIfTokenIsExpired( sessionLabel, storedToken.get() ) )
                 {
                     throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_TOKEN_EXPIRED ) );
                 }
 
-                return storedToken;
+                return storedToken.get();
             }
         }
         catch ( final PwmException e )
@@ -446,8 +447,8 @@ public class TokenService implements PwmService
         {
             tokenKey = makeRandomCode( configuration );
             LOGGER.trace( sessionLabel, () -> "generated new token random code, checking for uniqueness" );
-            final TokenPayload existingPayload = machine.retrieveToken( tokenMachine.keyFromKey( tokenKey ) );
-            if ( existingPayload != null )
+            final Optional<TokenPayload> existingPayload = machine.retrieveToken( sessionLabel, tokenMachine.keyFromKey( tokenKey ) );
+            if ( existingPayload.isPresent() )
             {
                 tokenKey = null;
             }