Merge pull request quarkusio#38819 from sberyozkin/improve_oidc_boots…

…trap_error_log Add response text to the OIDC bootstrap log errors
manofthepeace · Feb 16, 2024 · 234e0e9 · 234e0e9
2 parents 1092bbc + c4433ba
commit 234e0e9
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 13 deletions.
diff --git a/...ons/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java b/...ons/oidc-common/runtime/src/main/java/io/quarkus/oidc/common/runtime/OidcCommonUtils.java
@@ -447,7 +447,13 @@ public static Uni<JsonObject> discoverMetadata(WebClient client, Map<OidcEndpoin
             if (resp.statusCode() == 200) {
                 return resp.bodyAsJsonObject();
             } else {
-                LOG.warnf("Discovery has failed, status code: %d", resp.statusCode());
+                String errorMessage = resp.bodyAsString();
+                if (errorMessage != null && !errorMessage.isEmpty()) {
+                    LOG.warnf("Discovery request %s has failed, status code: %d, error message: %s", discoveryUrl,
+                            resp.statusCode(), errorMessage);
+                } else {
+                    LOG.warnf("Discovery request %s has failed, status code: %d", discoveryUrl, resp.statusCode());
+                }
                 throw new OidcEndpointAccessException(resp.statusCode());
             }
         }).onFailure(oidcEndpointNotAvailable())

diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcProviderClient.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcProviderClient.java
@@ -22,7 +22,6 @@
 import io.quarkus.oidc.common.runtime.OidcCommonConfig.Credentials.Secret.Method;
 import io.quarkus.oidc.common.runtime.OidcCommonUtils;
 import io.quarkus.oidc.common.runtime.OidcConstants;
-import io.quarkus.oidc.common.runtime.OidcEndpointAccessException;
 import io.smallrye.mutiny.Uni;
 import io.smallrye.mutiny.groups.UniOnItem;
 import io.vertx.core.Vertx;
@@ -109,7 +108,7 @@ private JsonWebKeySet getJsonWebKeySet(HttpResponse<Buffer> resp) {
         if (resp.statusCode() == 200) {
             return new JsonWebKeySet(resp.bodyAsString(StandardCharsets.UTF_8.name()));
         } else {
-            throw new OidcEndpointAccessException(resp.statusCode());
+            throw responseException(metadata.getJsonWebKeySetUri(), resp);
         }
     }
 
@@ -201,43 +200,49 @@ private UniOnItem<HttpResponse<Buffer>> getHttpResponse(String uri, MultiMap for
     }
 
     private AuthorizationCodeTokens getAuthorizationCodeTokens(HttpResponse<Buffer> resp) {
-        JsonObject json = getJsonObject(resp);
+        JsonObject json = getJsonObject(metadata.getAuthorizationUri(), resp);
         final String idToken = json.getString(OidcConstants.ID_TOKEN_VALUE);
         final String accessToken = json.getString(OidcConstants.ACCESS_TOKEN_VALUE);
         final String refreshToken = json.getString(OidcConstants.REFRESH_TOKEN_VALUE);
         return new AuthorizationCodeTokens(idToken, accessToken, refreshToken);
     }
 
     private UserInfo getUserInfo(HttpResponse<Buffer> resp) {
-        return new UserInfo(getString(resp));
+        return new UserInfo(getString(metadata.getUserInfoUri(), resp));
     }
 
     private TokenIntrospection getTokenIntrospection(HttpResponse<Buffer> resp) {
-        return new TokenIntrospection(getString(resp));
+        return new TokenIntrospection(getString(metadata.getIntrospectionUri(), resp));
     }
 
-    private static JsonObject getJsonObject(HttpResponse<Buffer> resp) {
+    private static JsonObject getJsonObject(String requestUri, HttpResponse<Buffer> resp) {
         if (resp.statusCode() == 200) {
             LOG.debugf("Request succeeded: %s", resp.bodyAsJsonObject());
             return resp.bodyAsJsonObject();
         } else {
-            throw responseException(resp);
+            throw responseException(requestUri, resp);
         }
     }
 
-    private static String getString(HttpResponse<Buffer> resp) {
+    private static String getString(String requestUri, HttpResponse<Buffer> resp) {
         if (resp.statusCode() == 200) {
             LOG.debugf("Request succeeded: %s", resp.bodyAsString());
             return resp.bodyAsString();
         } else {
-            throw responseException(resp);
+            throw responseException(requestUri, resp);
         }
     }
 
-    private static OIDCException responseException(HttpResponse<Buffer> resp) {
+    private static OIDCException responseException(String requestUri, HttpResponse<Buffer> resp) {
         String errorMessage = resp.bodyAsString();
-        LOG.debugf("Request has failed: status: %d, error message: %s", resp.statusCode(), errorMessage);
-        throw new OIDCException(errorMessage);
+
+        if (errorMessage != null && !errorMessage.isEmpty()) {
+            LOG.errorf("Request %s has failed: status: %d, error message: %s", requestUri, resp.statusCode(), errorMessage);
+            throw new OIDCException(errorMessage);
+        } else {
+            LOG.errorf("Request %s has failed: status: %d", requestUri, resp.statusCode());
+            throw new OIDCException("Error status:" + resp.statusCode());
+        }
     }
 
     @Override