root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 12 Packages Projects Releases Wiki Activity

make logging consistent for Jwt issuer resolvers

This commit is contained in:
Baljit Singh 2023-07-13 10:50:15 -04:00 committed by Josh Cummings
parent af00be8a3d
commit da35fa0485
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java
View File

@ -192,7 +192,8 @@ public final class JwtIssuerAuthenticationManagerResolver implements Authenticat
return authenticationManager; return authenticationManager;
} }
else { else {
this.logger.debug("Did not resolve AuthenticationManager since issuer is not trusted"); this.logger.debug(LogMessage
.format("Did not resolve AuthenticationManager since issuer '%s' is not trusted", issuer));
} }
return null; return null;
} }

8
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
View File

@ -25,10 +25,13 @@ import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Predicate; import java.util.function.Predicate;
import com.nimbusds.jwt.JWTParser; import com.nimbusds.jwt.JWTParser;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers; import reactor.core.scheduler.Schedulers;
import org.springframework.core.convert.converter.Converter; import org.springframework.core.convert.converter.Converter;
import org.springframework.core.log.LogMessage;
import org.springframework.lang.NonNull; import org.springframework.lang.NonNull;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
@ -169,6 +172,8 @@ public final class JwtIssuerReactiveAuthenticationManagerResolver
static class TrustedIssuerJwtAuthenticationManagerResolver static class TrustedIssuerJwtAuthenticationManagerResolver
implements ReactiveAuthenticationManagerResolver<String> { implements ReactiveAuthenticationManagerResolver<String> {
private final Log logger = LogFactory.getLog(getClass());
private final Map<String, Mono<ReactiveAuthenticationManager>> authenticationManagers = new ConcurrentHashMap<>(); private final Map<String, Mono<ReactiveAuthenticationManager>> authenticationManagers = new ConcurrentHashMap<>();
private final Predicate<String> trustedIssuer; private final Predicate<String> trustedIssuer;
@ -180,11 +185,14 @@ public final class JwtIssuerReactiveAuthenticationManagerResolver
@Override @Override
public Mono<ReactiveAuthenticationManager> resolve(String issuer) { public Mono<ReactiveAuthenticationManager> resolve(String issuer) {
if (!this.trustedIssuer.test(issuer)) { if (!this.trustedIssuer.test(issuer)) {
this.logger.debug(LogMessage
.format("Did not resolve AuthenticationManager since issuer '%s' is not trusted", issuer));
return Mono.empty(); return Mono.empty();
} }
// @formatter:off // @formatter:off
return this.authenticationManagers.computeIfAbsent(issuer, return this.authenticationManagers.computeIfAbsent(issuer,
(k) -> Mono.<ReactiveAuthenticationManager>fromCallable(() -> new JwtReactiveAuthenticationManager(ReactiveJwtDecoders.fromIssuerLocation(k))) (k) -> Mono.<ReactiveAuthenticationManager>fromCallable(() -> new JwtReactiveAuthenticationManager(ReactiveJwtDecoders.fromIssuerLocation(k)))
.doOnNext((manager) -> this.logger.debug(LogMessage.format("Resolved AuthenticationManager for issuer '%s'", issuer)))
.subscribeOn(Schedulers.boundedElastic()) .subscribeOn(Schedulers.boundedElastic())
.cache((manager) -> Duration.ofMillis(Long.MAX_VALUE), (ex) -> Duration.ZERO, () -> Duration.ZERO) .cache((manager) -> Duration.ofMillis(Long.MAX_VALUE), (ex) -> Duration.ZERO, () -> Duration.ZERO)
); );