yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-12-24 14:08:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

- add Step logs for Auth (#15786)

Browse Source
This commit is contained in:
Mohit Yadav 2024-04-03 11:15:13 +05:30 committed by GitHub
parent 4948ab3766
commit 77bb725d5b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openmetadata-service/src/main/java/org/openmetadata/service/security/AuthCallbackServlet.java
View File

@ -69,6 +69,7 @@ public class AuthCallbackServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
try {
LOG.debug("Performing Auth Callback For User Session: {} ", req.getSession().getId());
String computedCallbackUrl = client.getCallbackUrl();
Map<String, List<String>> parameters = retrieveParameters(req);
AuthenticationResponse response =
@ -97,6 +98,12 @@ public class AuthCallbackServlet extends HttpServlet {
// Validations
validateAndSendTokenRequest(req, credentials, computedCallbackUrl);
// Log Error if the Refresh Token is null
if (credentials.getRefreshToken() == null) {
LOG.error("Refresh token is null for user session: {}", req.getSession().getId());
}
validateNonceIfRequired(req, credentials.getIdToken().getJWTClaimsSet());
// Put Credentials in Session
@ -186,6 +193,7 @@ public class AuthCallbackServlet extends HttpServlet {
HttpServletRequest req, OidcCredentials oidcCredentials, String computedCallbackUrl)
throws IOException, ParseException, URISyntaxException {
if (oidcCredentials.getCode() != null) {
LOG.debug("Initiating Token Request for User Session: {} ", req.getSession().getId());
CodeVerifier verifier =
(CodeVerifier)
req.getSession().getAttribute(client.getCodeVerifierSessionAttributeName());

3
openmetadata-service/src/main/java/org/openmetadata/service/security/AuthLoginServlet.java
View File

@ -45,10 +45,13 @@ public class AuthLoginServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
try {
LOG.debug("Performing Auth Login For User Session: {} ", req.getSession().getId());
Optional<OidcCredentials> credentials = getUserCredentialsFromSession(req, client);
if (credentials.isPresent()) {
LOG.debug("Auth Tokens Located from Session: {} ", req.getSession().getId());
sendRedirectWithToken(resp, credentials.get(), serverUrl, claimsOrder);
} else {
LOG.debug("Performing Auth Code Flow to Idp: {} ", req.getSession().getId());
Map<String, String> params = buildParams();
params.put(OidcConfiguration.REDIRECT_URI, client.getCallbackUrl());

5
openmetadata-service/src/main/java/org/openmetadata/service/security/AuthRefreshServlet.java
View File

@ -30,8 +30,10 @@ public class AuthRefreshServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
try {
LOG.debug("Performing Auth Refresh For User Session: {} ", req.getSession().getId());
Optional<OidcCredentials> credentials = getUserCredentialsFromSession(req, client);
if (credentials.isPresent()) {
LOG.debug("Credentials Found For User Session: {} ", req.getSession().getId());
JwtResponse jwtResponse = new JwtResponse();
jwtResponse.setAccessToken(credentials.get().getIdToken().getParsedString());
jwtResponse.setExpiryDuration(
@ -44,6 +46,9 @@ public class AuthRefreshServlet extends HttpServlet {
.getEpochSecond());
writeJsonResponse(resp, JsonUtils.pojoToJson(jwtResponse));
} else {
LOG.debug(
"Credentials Not Found For User Session: {}, Redirect to Logout ",
req.getSession().getId());
resp.sendRedirect(String.format("%s/logout", baseUrl));
}
} catch (Exception e) {