add new user logging output

server/src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java

@@ -197,8 +197,6 @@ public class NewUserServlet extends ControlledPwmServlet
     protected void nextStep( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        TimeDuration.of( 8, TimeDuration.Unit.SECONDS ).pause();
-
         final NewUserBean newUserBean = getNewUserBean( pwmRequest );
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
@@ -238,7 +236,11 @@ public class NewUserServlet extends ControlledPwmServlet
 
 
         // try to read the new user policy to make sure it's readable, that way an exception is thrown here instead of by the jsp
-        newUserProfile.getNewUserPasswordPolicy( pwmApplication, pwmSession.getSessionStateBean().getLocale() );
+        {
+            final Instant startTime = Instant.now();
+            newUserProfile.getNewUserPasswordPolicy( pwmApplication, pwmSession.getSessionStateBean().getLocale() );
+            LOGGER.trace( () -> "read new user password policy in " + TimeDuration.compactFromCurrent( startTime ) );
+        }
 
         if ( !newUserBean.isFormPassed() )
         {
@@ -409,6 +411,7 @@ public class NewUserServlet extends ControlledPwmServlet
     )
             throws PwmDataValidationException, PwmUnrecoverableException, ChaiUnavailableException
     {
+        final Instant startTime = Instant.now();
         final Locale locale = pwmRequest.getLocale();
         final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
         final NewUserProfile newUserProfile = getNewUserProfile( pwmRequest );
@@ -427,7 +430,7 @@ public class NewUserServlet extends ControlledPwmServlet
                 formValueData,
                 locale,
                 Collections.emptyList(),
-                validationFlags.toArray( new FormUtility.ValidationFlag[ validationFlags.size() ] )
+                validationFlags.toArray( new FormUtility.ValidationFlag[0] )
         );
 
         NewUserUtils.remoteVerifyFormData( pwmRequest, newUserForm );
@@ -439,9 +442,11 @@ public class NewUserServlet extends ControlledPwmServlet
 
         final boolean promptForPassword = newUserProfile.readSettingAsBoolean( PwmSetting.NEWUSER_PROMPT_FOR_PASSWORD );
 
+
+        final PasswordUtility.PasswordCheckInfo passwordCheckInfo;
         if ( promptForPassword )
         {
-            return PasswordUtility.checkEnteredPassword(
+            passwordCheckInfo =  PasswordUtility.checkEnteredPassword(
                     pwmApplication,
                     locale,
                     null,
@@ -451,8 +456,13 @@ public class NewUserServlet extends ControlledPwmServlet
                     newUserForm.getConfirmPassword()
             );
         }
+        else
+        {
+            passwordCheckInfo = new PasswordUtility.PasswordCheckInfo( null, true, 0, PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH, 0 );
+        }
 
-        return new PasswordUtility.PasswordCheckInfo( null, true, 0, PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH, 0 );
+        LOGGER.trace( () -> "competed form validation in " + TimeDuration.compactFromCurrent( startTime ) );
+        return passwordCheckInfo;
     }
 
     @ActionHandler( action = "enterCode" )
@@ -557,7 +567,7 @@ public class NewUserServlet extends ControlledPwmServlet
 
     @ActionHandler( action = "enterRemoteResponse" )
     private ProcessStatus processEnterRemoteResponse( final PwmRequest pwmRequest )
-        throws PwmUnrecoverableException, IOException, ServletException
+            throws PwmUnrecoverableException, IOException, ServletException
     {
         final String prefix = "remote-";
         final NewUserBean newUserBean = getNewUserBean( pwmRequest );

server/src/main/java/password/pwm/ws/server/rest/RestFormSigningServer.java

@@ -20,8 +20,7 @@
 
 package password.pwm.ws.server.rest;
 
-import lombok.AllArgsConstructor;
-import lombok.Getter;
+import lombok.Value;
 import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
@@ -35,7 +34,9 @@ import password.pwm.http.PwmHttpRequestWrapper;
 import password.pwm.svc.stats.Statistic;
 import password.pwm.svc.stats.StatisticsManager;
 import password.pwm.util.java.JavaHelper;
+import password.pwm.util.java.JsonUtil;
 import password.pwm.util.java.TimeDuration;
+import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.secure.SecureService;
 import password.pwm.ws.server.RestAuthenticationType;
 import password.pwm.ws.server.RestMethodHandler;
@@ -58,6 +59,7 @@ import java.util.Map;
 @RestWebServer( webService = WebServiceUsage.SigningForm )
 public class RestFormSigningServer extends RestServlet
 {
+    private static final PwmLogger LOGGER = PwmLogger.forClass( RestFormSigningServer.class );
 
     @Override
     public void preCheckRequest( final RestRequest restRequest )
@@ -99,9 +101,13 @@ public class RestFormSigningServer extends RestServlet
                 final SignedFormData signedFormData = new SignedFormData( Instant.now(), inputFormData );
                 final String signedValue = securityService.encryptObjectToString( signedFormData );
                 StatisticsManager.incrementStat( restRequest.getPwmApplication(), Statistic.REST_SIGNING_FORM );
+                LOGGER.trace( () -> "processed request signing form for form with keys '"
+                        + JsonUtil.serializeCollection( inputFormData.keySet() )
+                        + "' and timestamp " + signedFormData.getTimestamp().toString() );
                 return RestResultBean.withData( signedValue );
             }
-            throw PwmUnrecoverableException.newException( PwmError.ERROR_MISSING_PARAMETER, "POST body should be a json object" );
+
+            throw PwmUnrecoverableException.newException( PwmError.ERROR_MISSING_PARAMETER, "unable to read form data for request" );
         }
         catch ( final Exception e )
         {
@@ -118,26 +124,29 @@ public class RestFormSigningServer extends RestServlet
 
     public static Map<String, String> readSignedFormValue( final PwmApplication pwmApplication, final String input ) throws PwmUnrecoverableException
     {
-        final Integer maxAgeSeconds = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.WS_REST_SERVER_SIGNING_FORM_TIMEOUT_SECONDS ) );
+        final int maxAgeSeconds = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.WS_REST_SERVER_SIGNING_FORM_TIMEOUT_SECONDS ) );
         final TimeDuration maxAge = TimeDuration.of( maxAgeSeconds, TimeDuration.Unit.SECONDS );
         final SignedFormData signedFormData = pwmApplication.getSecureService().decryptObject( input, SignedFormData.class );
-        if ( signedFormData != null )
+
+        if ( signedFormData == null )
         {
-            if ( signedFormData.getTimestamp() != null )
-            {
-                if ( TimeDuration.fromCurrent( signedFormData.getTimestamp() ).isLongerThan( maxAge ) )
-                {
-                    throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_SECURITY_VIOLATION, "signedForm data is too old" ) );
-                }
+            throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_SECURITY_VIOLATION, "signedForm data is not valid" ) );
+        }
 
-                return signedFormData.getFormData();
-            }
+        if ( signedFormData.getTimestamp() == null )
+        {
+            throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_SECURITY_VIOLATION, "signedForm data is missing timestamp" ) );
         }
-        return null;
+
+        if ( TimeDuration.fromCurrent( signedFormData.getTimestamp() ).isLongerThan( maxAge ) )
+        {
+            throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_SECURITY_VIOLATION, "signedForm data is expired" ) );
+        }
+
+        return signedFormData.getFormData();
     }
 
-    @Getter
-    @AllArgsConstructor
+    @Value
     private static class SignedFormData implements Serializable
     {
         private Instant timestamp;