Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log in smallrye-jwt and oauth2 extensions when no bearer access token is available #44505

Merged
merged 1 commit into from
Nov 14, 2024
Merged

Log in smallrye-jwt and oauth2 extensions when no bearer access token is available #44505

merged 1 commit into from
Nov 14, 2024

Conversation

sberyozkin
Copy link
Member

If the endpoint is secured by a bearer access token verification mechanism then, when no token is provided, a debug log message should inform users about it.
It is already done in quarkus-oidc here.
But quarkus-smallrye-jwt does not log the same message, so this PR adds it there as well.

@sberyozkin
Copy link
Member Author

Sorry @gastaldi I just noticed the elytron oauth2 extension does not have the same message, so I copied it there as well, sorry for the noise

@sberyozkin sberyozkin changed the title Log in smallrye-jwt when no bearer access token is available Log in smallrye-jwt and oauth2 extensions when no bearer access token is available Nov 14, 2024
@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Nov 14, 2024
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 7e3f237.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

@sberyozkin sberyozkin merged commit e9a720f into quarkusio:main Nov 14, 2024
22 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.18 - main milestone Nov 14, 2024
@sberyozkin sberyozkin deleted the log_no_credentials_available branch November 14, 2024 13:01
@gsmet
Copy link
Member

gsmet commented Nov 14, 2024

Does it actually solve the issue? I mean do we expect people will go to debug mode to figure out what's going on?

Should we log it at the warn level in test/dev mode (and keep it as is for prod mode)?

@gsmet gsmet modified the milestones: 3.18 - main, 3.16.4 Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gastaldi gastaldi gastaldi approved these changes

Assignees
No one assigned
Labels
area/security area/smallrye triage/backport-3.15
Projects
None yet
Milestone
3.16.4
Development

Successfully merging this pull request may close these issues.
3 participants
@sberyozkin @gsmet @gastaldi