Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added debug information for expired jwt #214

Merged
merged 9 commits into from
Sep 27, 2024

Conversation

Mme-adorsys
Copy link
Collaborator

Add BadJOSEException handling for token processing

This commit introduces exception handling for BadJOSEException across the codebase, ensuring that invalid JWT tokens are appropriately handled. The changes include method signatures updates to propagate the exception and modifications in various services, controllers, and tests to handle the exception correctly and provide proper feedback in case of an error.

Added detailed claim data to logs on JWT expiration and not-before time checks. This improves the ability to diagnose issues by providing comprehensive context in error messages.
This commit adds Mockito dependencies to the pom.xml file to facilitate mocking in unit tests. It also introduces the JWTClaimsSetVerifierWithLogsTest class to test JWT claim set verification, ensuring proper handling of expired and not-before JWT conditions.
This commit introduces exception handling for BadJOSEException across the codebase, ensuring that invalid JWT tokens are appropriately handled. The changes include method signatures updates to propagate the exception and modifications in various services, controllers, and tests to handle the exception correctly and provide proper feedback in case of an error.
Introduce MDC logging for subject, issue time, and token ID in JWTClaimsSetVerifierWithLogs. This enhancement allows for better traceability and debugging by including these details in the log context.
Copy link

@jonnytest1 jonnytest1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm 🚀

…pired-jwt

# Conflicts:
#	sts-token-auth/src/main/java/de/adorsys/sts/tokenauth/JWTClaimsSetVerifierWithLogs.java
Added detailed trace ID and span ID headers in error responses across TokenExchangeController and JWTAuthenticationFilter. These changes improve debuggability by providing clearer error context and extended log information.
Added support for passing additional headers to `getSecret` method in `SecretServerClient` and its implementations. Updated method signatures and internal logic to accommodate the new parameter, facilitating enhanced customization and control over secret retrieval.
…pired-jwt

# Conflicts:
#	sts-token-auth/src/test/java/de/adorsys/sts/tokenauth/JWTClaimsSetVerifierWithLogsTest.java
This ensures that the JWT claims set contains an issued time, which is necessary for some verifications. The additional issued time makes the test cases more comprehensive and accurate.
Copy link

Copy link

codecov bot commented Sep 27, 2024

Codecov Report

Attention: Patch coverage is 33.33333% with 30 lines in your changes missing coverage. Please review.

Project coverage is 39.88%. Comparing base (6da662a) to head (2d7f244).
Report is 1 commits behind head on develop.

Files with missing lines Patch % Lines
.../secretserver/TokenExchangeSecretServerClient.java 0.00% 10 Missing ⚠️
...ken/authentication/TokenAuthenticationService.java 12.50% 4 Missing and 3 partials ⚠️
.../tokenexchange/server/TokenExchangeController.java 53.84% 4 Missing and 2 partials ⚠️
...de/adorsys/sts/filter/JWTAuthenticationFilter.java 33.33% 4 Missing ⚠️
.../adorsys/sts/secret/LoggingSecretServerClient.java 0.00% 1 Missing ⚠️
...java/de/adorsys/sts/secret/SecretServerClient.java 0.00% 1 Missing ⚠️
...de/adorsys/sts/tokenauth/BearerTokenValidator.java 0.00% 1 Missing ⚠️
Additional details and impacted files
@@              Coverage Diff              @@
##             develop     #214      +/-   ##
=============================================
- Coverage      40.25%   39.88%   -0.38%     
  Complexity        24       24              
=============================================
  Files            165      166       +1     
  Lines           2586     2600      +14     
  Branches         233      233              
=============================================
- Hits            1041     1037       -4     
- Misses          1465     1483      +18     
  Partials          80       80              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Mme-adorsys Mme-adorsys merged commit 37c6aa5 into develop Sep 27, 2024
3 of 5 checks passed
@Mme-adorsys Mme-adorsys deleted the added-debug-information-for-expired-jwt branch September 27, 2024 08:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants