From 895022c4539a81543f5f0e946550cfc3feff3275 Mon Sep 17 00:00:00 2001 From: Sandor Molnar Date: Tue, 10 Oct 2023 14:26:26 +0200 Subject: [PATCH] KNOX-2966 - Improved logging around KnoxSSO cookie management (#802) --- .../apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java | 4 ++-- .../apache/knox/gateway/service/knoxsso/WebSSOResource.java | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java index 1b47a90f88..3e642219b1 100644 --- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java +++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java @@ -39,8 +39,8 @@ public interface KnoxSSOMessages { @Message( level = MessageLevel.ERROR, text = "Original URL not found in request.") void originalURLNotFound(); - @Message( level = MessageLevel.INFO, text = "JWT cookie successfully added.") - void addedJWTCookie(); + @Message( level = MessageLevel.INFO, text = "JWT cookie {0} successfully added.") + void addedJWTCookie(String token); @Message( level = MessageLevel.ERROR, text = "Unable to issue token.") void unableToIssueToken(@StackTrace( level = MessageLevel.DEBUG) Exception e); diff --git a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java index 94e2f34820..efdfdd9020 100644 --- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java +++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java @@ -398,7 +398,8 @@ private long getExpiry() { } private void addJWTHadoopCookie(String original, JWT token) { - LOGGER.addingJWTCookie(token.toString()); + final String logSafeToken = Tokens.getTokenDisplayText(token.toString()); + LOGGER.addingJWTCookie(logSafeToken); /* * In order to account for google chrome changing default value * of SameSite from None to Lax we need to craft Set-Cookie @@ -424,7 +425,7 @@ private void addJWTHadoopCookie(String original, JWT token) { } setCookie.append("; SameSite=").append(this.sameSiteValue); response.setHeader("Set-Cookie", setCookie.toString()); - LOGGER.addedJWTCookie(); + LOGGER.addedJWTCookie(logSafeToken); } catch (Exception e) { LOGGER.unableAddCookieToResponse(e.getMessage(), Arrays.toString(e.getStackTrace()));