putting in some logging

actoaps · May 29, 2024 · 0a6a1da · 0a6a1da
1 parent 5591ed4
commit 0a6a1da
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 39 deletions.
diff --git a/client/src/main/java/dk/acto/fafnir/client/JwtValidator.java b/client/src/main/java/dk/acto/fafnir/client/JwtValidator.java
@@ -31,56 +31,61 @@ public class JwtValidator {
 
     public JwtAuthentication decodeToken(String authHeader) {
         var decoder = Optional.of(publicKeyProvider.getPublicKey())
-                .map(Base64.getDecoder()::decode)
-                .map(X509EncodedKeySpec::new)
-                .map(x -> Try.of(() -> KeyFactory.getInstance("RSA"))
-                        .mapTry(y -> y.generatePublic(x))
-                        .toJavaOptional()
-                        .orElseThrow(InvalidPublicKey::new))
-                .map(x -> Jwts.parserBuilder().setSigningKey(x).build())
-                .orElseThrow(InvalidPublicKey::new);
+            .map(Base64.getDecoder()::decode)
+            .map(X509EncodedKeySpec::new)
+            .map(x -> Try.of(() -> KeyFactory.getInstance("RSA"))
+                .mapTry(y -> y.generatePublic(x))
+                .toJavaOptional()
+                .orElseThrow(InvalidPublicKey::new))
+            .map(x -> Jwts.parserBuilder().setSigningKey(x).build())
+            .orElseThrow(InvalidPublicKey::new);
 
         var claims = Try.of(() -> auth.matcher(authHeader))
-                .filter(Matcher::matches)
-                .map(x -> x.group(2))
-                .mapTry(decoder::parseClaimsJws)
-                .map(Jwt::getBody)
-                .getOrNull();
+            .filter(Matcher::matches)
+            .map(x -> x.group(2))
+            .mapTry(decoder::parseClaimsJws)
+            .map(Jwt::getBody)
+            .getOrNull();
+
+        if (claims == null) {
+            System.err.println("Claims could not be parsed from the token.");
+            return null;
+        }
 
         return Optional.ofNullable(claims).map(c -> JwtAuthentication.builder()
-                        .details(mapClaims(claims))
-                        .authorities(ap.mapAuthorities(claims))
-                        .build())
-                .orElse(null);
+                .details(mapClaims(c))
+                .authorities(ap.mapAuthorities(c))
+                .build())
+            .orElse(null);
     }
 
     private FafnirUser mapClaims(Claims claims) {
         return FafnirUser.builder()
-                .data(UserData.builder()
-                        .subject(claims.getSubject())
-                        .name(claims.get("name", String.class))
-                        .locale(Optional.ofNullable(claims.get("locale", String.class))
-                                .map(Locale::forLanguageTag)
-                                .orElse(null))
-                        .metaId(claims.get("mId", String.class))
-                        .providerOrg(claims.get("provider_org", String.class))
-                        .created(claims.getIssuedAt().toInstant())
-                        .build())
-                .organisationId(claims.get("org_id", String.class))
-                .organisationName(claims.get("org_name", String.class))
-                .provider(claims.getIssuer())
-                .roles(mapRoles(claims.get("role")))
-                .build();
+            .data(UserData.builder()
+                .subject(claims.getSubject())
+                .name(claims.get("name", String.class))
+                .locale(Optional.ofNullable(claims.get("locale", String.class))
+                    .map(Locale::forLanguageTag)
+                    .orElse(null))
+                .metaId(claims.get("mId", String.class))
+                .providerOrg(claims.get("provider_org", String.class))
+                .created(claims.getIssuedAt().toInstant())
+                .build())
+            .organisationId(claims.get("org_id", String.class))
+            .organisationName(claims.get("org_name", String.class))
+            .provider(claims.getIssuer())
+            .roles(mapRoles(claims.get("role")))
+            .build();
     }
 
     private String[] mapRoles(Object roles) {
         var builder = Stream.<String>builder();
 
         Optional.ofNullable(roles)
-                .ifPresent(r -> Try.of(() -> (List<?>) r)
-                        .forEach(list -> list
-                                .forEach(each -> Try.of(() -> (String) each)
-                                        .forEach(builder))));
+            .ifPresent(r -> Try.of(() -> (List<?>) r)
+                .forEach(list -> list
+                    .forEach(each -> Try.of(() -> (String) each)
+                        .forEach(builder))));
 
         return builder.build().toArray(String[]::new);
     }

diff --git a/sso/src/main/java/dk/acto/fafnir/sso/provider/UniLoginProvider.java b/sso/src/main/java/dk/acto/fafnir/sso/provider/UniLoginProvider.java
@@ -67,7 +67,6 @@ public AuthenticationResult callback(UniloginTokenCredentials data, HttpSession
 
         var CODE_VERIFIER = (String) session.getAttribute("codeVerifier");
 
-
         var accessCode = data.getCode();
         AccessToken accessToken;
 
@@ -77,14 +76,13 @@ public AuthenticationResult callback(UniloginTokenCredentials data, HttpSession
 
         intro = getIntrospectToken(accessToken.getAccess_token(), UL_CLIENT_ID, UL_SECRET, OID_BASE_URL);
 
-
         if (intro == null) {
             return AuthenticationResult.failure(FailureReason.AUTHENTICATION_FAILED);
         }
 
         var userId = intro.getUniid();
-
         var institutions = getInstitutionList(userId);
+
         if (institutions.isEmpty()) {
             return AuthenticationResult.failure(FailureReason.CONNECTION_FAILED);
         } else if (institutions.size() == 1) {