cameleer/cameleer-server
1
0
Fork 0
Code Issues 44 Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove debug logging from OidcTokenExchanger
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m16s
Details
CI / docker (push) Successful in 1m2s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Successful in 37s
Details

Browse Source 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-07 10:50:27 +02:00
parent f601074e78
commit 7d5866bca8
1 changed files with 1 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcTokenExchanger.java
View File

@@ -124,25 +124,18 @@ public class OidcTokenExchanger {
// Try roles from access_token first (JWT providers like Logto, Keycloak), // Try roles from access_token first (JWT providers like Logto, Keycloak),
// then fall back to id_token // then fall back to id_token
List<String> roles = Collections.emptyList(); List<String> roles = Collections.emptyList();
log.info("OIDC access_token: isJwt={}, length={}, prefix='{}'",
accessTokenStr != null && accessTokenStr.contains("."),
accessTokenStr != null ? accessTokenStr.length() : 0,
accessTokenStr != null ? accessTokenStr.substring(0, Math.min(30, accessTokenStr.length())) : "null");
if (accessTokenStr != null && accessTokenStr.contains(".")) { if (accessTokenStr != null && accessTokenStr.contains(".")) {
try { try {
String audience = config.audience() != null ? config.audience() : ""; String audience = config.audience() != null ? config.audience() : "";
JWTClaimsSet atClaims = decodeAccessToken(accessTokenStr, config.issuerUri(), audience); JWTClaimsSet atClaims = decodeAccessToken(accessTokenStr, config.issuerUri(), audience);
if (atClaims != null) { if (atClaims != null) {
log.info("OIDC access_token claims: {}", atClaims.getClaims().keySet());
roles = extractRoles(atClaims, config.rolesClaim()); roles = extractRoles(atClaims, config.rolesClaim());
if (!roles.isEmpty()) { if (!roles.isEmpty()) {
log.info("OIDC roles from access_token: {}", roles); log.info("OIDC roles from access_token: {}", roles);
} }
} else {
log.info("OIDC access_token audience mismatch (expected='{}')", audience);
} }
} catch (Exception e) { } catch (Exception e) {
log.warn("Could not decode access_token as JWT: {}", e.getMessage()); log.debug("Could not decode access_token as JWT: {}", e.getMessage());
} }
} }
if (roles.isEmpty()) { if (roles.isEmpty()) {