From 8992506a1d47c74b6fc74295a62c892d6b13a1d8 Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Fri, 8 Mar 2013 09:52:24 -0500 Subject: [PATCH] Fixing up logging changes --- .../oauth2/web/IntrospectionEndpoint.java | 16 ++++++-------- .../web/OAuthConfirmationController.java | 10 ++++----- .../mitre/oauth2/web/RevocationEndpoint.java | 2 +- .../java/org/mitre/oauth2/web/ScopeAPI.java | 12 +++++----- .../openid/connect/web/ApprovedSiteAPI.java | 10 ++++----- .../openid/connect/web/BlacklistAPI.java | 16 +++++++------- .../mitre/openid/connect/web/ClientAPI.java | 16 +++++++------- .../ClientDynamicRegistrationEndpoint.java | 10 ++++----- .../RequestObjectAuthorizationEndpoint.java | 22 +++++++++++-------- .../connect/web/ServerConfigInterceptor.java | 3 --- .../openid/connect/web/UserInfoEndpoint.java | 8 +++---- .../openid/connect/web/WhitelistAPI.java | 17 +++++++------- 12 files changed, 69 insertions(+), 73 deletions(-) diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java index 77e121ce9..8693e6569 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java @@ -29,8 +29,6 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.AuthenticationException; -import org.springframework.security.oauth2.common.exceptions.InvalidClientException; -import org.springframework.security.oauth2.common.exceptions.InvalidScopeException; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.ExceptionHandler; @@ -50,7 +48,7 @@ public class IntrospectionEndpoint { @Autowired private ClientDetailsEntityService clientService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(IntrospectionEndpoint.class); public IntrospectionEndpoint() { @@ -66,7 +64,7 @@ public class IntrospectionEndpoint { Map model = new HashMap(); model.put("entity", e); - logger.error("IntrospectionEndpoint InvalidTokenException: " + ex.getStackTrace().toString()); + logger.error("InvalidTokenException: " + ex.getStackTrace().toString()); model.put("code", HttpStatus.BAD_REQUEST); @@ -97,7 +95,7 @@ public class IntrospectionEndpoint { }*/ if (Strings.isNullOrEmpty(tokenValue)) { - logger.error("IntrospectionEndpoint: verify failed; token value is null"); + logger.error("Verify failed; token value is null"); modelAndView.addObject("code", HttpStatus.BAD_REQUEST); modelAndView.setViewName("httpCodeView"); return modelAndView; @@ -108,7 +106,7 @@ public class IntrospectionEndpoint { try { token = tokenServices.readAccessToken(tokenValue); } catch (AuthenticationException e) { - logger.error("IntrospectionEndpoint: verify failed; AuthenticationException: " + e.getStackTrace().toString()); + logger.error("Verify failed; AuthenticationException: " + e.getStackTrace().toString()); modelAndView.addObject("code", HttpStatus.FORBIDDEN); modelAndView.setViewName("httpCodeView"); return modelAndView; @@ -130,20 +128,20 @@ public class IntrospectionEndpoint { modelAndView.addObject("entity", token); return modelAndView; } else { - logger.error("IntrospectionEndpoint: verify failed; client tried to introspect a token of an incorrect scope"); + logger.error("Verify failed; client tried to introspect a token of an incorrect scope"); modelAndView.addObject("code", HttpStatus.BAD_REQUEST); modelAndView.setViewName("httpCodeView"); return modelAndView; } } else { - logger.error("IntrospectionEndpoint: verify failed; client " + clientId + " is not allowed to call introspection endpoint"); + logger.error("Verify failed; client " + clientId + " is not allowed to call introspection endpoint"); modelAndView.addObject("code", HttpStatus.BAD_REQUEST); modelAndView.setViewName("httpCodeView"); return modelAndView; } } else { //TODO: Log error client not found - logger.error("IntrospectionEndpoint: verify failed; client " + clientId + " not found."); + logger.error("Verify failed; client " + clientId + " not found."); modelAndView.addObject("code", HttpStatus.NOT_FOUND); modelAndView.setViewName("httpCodeView"); return modelAndView; diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java index 3154cc28c..bfffc158a 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java @@ -22,7 +22,6 @@ import java.util.LinkedHashSet; import java.util.Map; import java.util.Set; -import org.mitre.oauth2.exception.ClientNotFoundException; import org.mitre.oauth2.model.SystemScope; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.SystemScopeService; @@ -31,7 +30,6 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.security.oauth2.common.exceptions.InvalidClientException; import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.ClientDetails; @@ -57,7 +55,7 @@ public class OAuthConfirmationController { @Autowired private SystemScopeService scopeService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(OAuthConfirmationController.class); public OAuthConfirmationController() { @@ -78,19 +76,19 @@ public class OAuthConfirmationController { try { client = clientService.loadClientByClientId(clientAuth.getClientId()); } catch (OAuth2Exception e) { - logger.error("OAuthConfirmationController: confirmAccess: OAuth2Exception was thrown when attempting to load client: " + logger.error("confirmAccess: OAuth2Exception was thrown when attempting to load client: " + e.getStackTrace().toString()); model.put("code", HttpStatus.BAD_REQUEST); return new ModelAndView("httpCodeView"); } catch (IllegalArgumentException e) { - logger.error("OAuthConfirmationController: confirmAccess: IllegalArgumentException was thrown when attempting to load client: " + logger.error("confirmAccess: IllegalArgumentException was thrown when attempting to load client: " + e.getStackTrace().toString()); model.put("code", HttpStatus.BAD_REQUEST); return new ModelAndView("httpCodeView"); } if (client == null) { - logger.error("OAuthConfirmationController: confirmAccess: could not find client " + clientAuth.getClientId()); + logger.error("confirmAccess: could not find client " + clientAuth.getClientId()); model.put("code", HttpStatus.NOT_FOUND); return new ModelAndView("httpCodeView"); } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java index 420734c96..b352f19d5 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java @@ -39,7 +39,7 @@ public class RevocationEndpoint { @Autowired OAuth2TokenEntityService tokenServices; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(RevocationEndpoint.class); public RevocationEndpoint() { diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java index 8a4c977e4..629626085 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java @@ -33,7 +33,7 @@ public class ScopeAPI { @Autowired private SystemScopeService scopeService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(ScopeAPI.class); private Gson gson = new Gson(); @@ -59,7 +59,7 @@ public class ScopeAPI { return "jsonEntityView"; } else { - logger.error("ScopeAPI: getScope failed; scope not found: " + id); + logger.error("getScope failed; scope not found: " + id); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; @@ -86,7 +86,7 @@ public class ScopeAPI { return "jsonEntityView"; } else { - logger.error("ScopeAPI: updateScope failed; scope ids to not match: got " + logger.error("updateScope failed; scope ids to not match: got " + existing.getId() + " and " + scope.getId()); m.put("code", HttpStatus.BAD_REQUEST); @@ -96,7 +96,7 @@ public class ScopeAPI { } else { - logger.error("ScopeAPI: updateScope failed; scope with id " + id + " not found."); + logger.error("updateScope failed; scope with id " + id + " not found."); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; @@ -117,7 +117,7 @@ public class ScopeAPI { return "jsonEntityView"; } else { - logger.error("ScopeAPI: createScope failed; JSON was invalid: " + json); + logger.error("createScope failed; JSON was invalid: " + json); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; @@ -137,7 +137,7 @@ public class ScopeAPI { return "httpCodeView"; } else { - logger.error("ScopeAPI: deleteScope failed; scope with id " + id + " not found."); + logger.error("deleteScope failed; scope with id " + id + " not found."); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java index e3ea528d7..a233ace1b 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java @@ -31,7 +31,7 @@ public class ApprovedSiteAPI { @Autowired private ApprovedSiteService approvedSiteService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(ApprovedSiteAPI.class); /** * Get a list of all of this user's approved sites @@ -57,10 +57,10 @@ public class ApprovedSiteAPI { ApprovedSite approvedSite = approvedSiteService.getById(id); if (approvedSite == null) { - logger.error("ApprovedSiteAPI: deleteApprovedSite failed; no approved site found for id: " + id); + logger.error("deleteApprovedSite failed; no approved site found for id: " + id); m.put("code", HttpStatus.NOT_FOUND); } else if (!approvedSite.getUserId().equals(p.getName())) { - logger.error("ApprovedSiteAPI: deleteApprovedSite failed; principal " + logger.error("deleteApprovedSite failed; principal " + p.getName() + " does not own approved site" + id); m.put("code", HttpStatus.FORBIDDEN); } else { @@ -78,11 +78,11 @@ public class ApprovedSiteAPI { public String getApprovedSite(@PathVariable("id") Long id, ModelMap m, Principal p) { ApprovedSite approvedSite = approvedSiteService.getById(id); if (approvedSite == null) { - logger.error("ApprovedSiteAPI: getApprovedSite failed; no approved site found for id: " + id); + logger.error("getApprovedSite failed; no approved site found for id: " + id); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } else if (!approvedSite.getUserId().equals(p.getName())) { - logger.error("ApprovedSiteAPI: getApprovedSite failed; principal " + logger.error("getApprovedSite failed; principal " + p.getName() + " does not own approved site" + id); m.put("code", HttpStatus.FORBIDDEN); return "httpCodeView"; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java index a79b06263..527054915 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java @@ -37,7 +37,7 @@ public class BlacklistAPI { @Autowired private BlacklistedSiteService blacklistService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(BlacklistAPI.class); private Gson gson = new Gson(); private JsonParser parser = new JsonParser(); @@ -80,11 +80,11 @@ public class BlacklistAPI { } catch (JsonSyntaxException e) { - logger.error("BlacklistAPI: addNewBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); + logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("BlacklistAPI: addNewBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("addNewBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -110,11 +110,11 @@ public class BlacklistAPI { } catch (JsonSyntaxException e) { - logger.error("BlacklistAPI: updateBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); + logger.error("updateBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("BlacklistAPI: updateBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("updateBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -123,7 +123,7 @@ public class BlacklistAPI { BlacklistedSite oldBlacklist = blacklistService.getById(id); if (oldBlacklist == null) { - logger.error("BlacklistAPI: updateBlacklistedSite failed; blacklist with id " + id + " could not be found"); + logger.error("updateBlacklistedSite failed; blacklist with id " + id + " could not be found"); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } else { @@ -145,7 +145,7 @@ public class BlacklistAPI { BlacklistedSite blacklist = blacklistService.getById(id); if (blacklist == null) { - logger.error("BlacklistAPI: deleteBlacklistedSite failed; blacklist with id " + id + " could not be found"); + logger.error("deleteBlacklistedSite failed; blacklist with id " + id + " could not be found"); m.put("code", HttpStatus.NOT_FOUND); } else { m.put("code", HttpStatus.OK); @@ -162,7 +162,7 @@ public class BlacklistAPI { public String getBlacklistedSite(@PathVariable("id") Long id, ModelMap m) { BlacklistedSite blacklist = blacklistService.getById(id); if (blacklist == null) { - logger.error("BlacklistAPI: getBlacklistedSite failed; blacklist with id " + id + " could not be found"); + logger.error("getBlacklistedSite failed; blacklist with id " + id + " could not be found"); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } else { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java index e5f2709ff..1fd0bec06 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java @@ -97,7 +97,7 @@ public class ClientAPI { .setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ") .create(); - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(ClientAPI.class); /** * Get a list of all clients @@ -136,11 +136,11 @@ public class ClientAPI { client = gson.fromJson(json, ClientDetailsEntity.class); } catch (JsonSyntaxException e) { - logger.error("ClientAPI: apiAddClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); + logger.error("apiAddClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("ClientAPI: apiAddClient failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("apiAddClient failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -191,11 +191,11 @@ public class ClientAPI { client = gson.fromJson(json, ClientDetailsEntity.class); } catch (JsonSyntaxException e) { - logger.error("ClientAPI: apiUpdateClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); + logger.error("apiUpdateClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("ClientAPI: apiUpdateClient failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("apiUpdateClient failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -203,7 +203,7 @@ public class ClientAPI { ClientDetailsEntity oldClient = clientService.getClientById(id); if (oldClient == null) { - logger.error("ClientAPI: apiUpdateClient failed; client with id " + id + " could not be found."); + logger.error("apiUpdateClient failed; client with id " + id + " could not be found."); m.addAttribute("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } @@ -245,7 +245,7 @@ public class ClientAPI { ClientDetailsEntity client = clientService.getClientById(id); if (client == null) { - logger.error("ClientAPI: apiDeleteClient failed; client with id " + id + " could not be found."); + logger.error("apiDeleteClient failed; client with id " + id + " could not be found."); modelAndView.getModelMap().put("code", HttpStatus.NOT_FOUND); } else { modelAndView.getModelMap().put("code", HttpStatus.OK); @@ -268,7 +268,7 @@ public class ClientAPI { ClientDetailsEntity client = clientService.getClientById(id); if (client == null) { - logger.error("ClientAPI: apiShowClient failed; client with id " + id + " could not be found."); + logger.error("apiShowClient failed; client with id " + id + " could not be found."); model.addAttribute("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java index 3e06ec678..83cf323be 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java @@ -56,7 +56,7 @@ public class ClientDynamicRegistrationEndpoint { @Autowired private SystemScopeService scopeService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class); private JsonParser parser = new JsonParser(); private Gson gson = new Gson(); @@ -146,7 +146,7 @@ public class ClientDynamicRegistrationEndpoint { return "clientInformationResponseView"; } else { // didn't parse, this is a bad request - logger.error("ClientDynamicRegistrationEndpoint: registerNewClient failed; submitted JSON is malformed"); + logger.error("registerNewClient failed; submitted JSON is malformed"); m.addAttribute("code", HttpStatus.BAD_REQUEST); // http 400 return "httpCodeView"; @@ -182,7 +182,7 @@ public class ClientDynamicRegistrationEndpoint { return "clientInformationResponseView"; } else { // client mismatch - logger.error("ClientDynamicRegistrationEndpoint: readClientConfiguration failed, client ID mismatch: " + logger.error("readClientConfiguration failed, client ID mismatch: " + clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match."); m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403 @@ -253,7 +253,7 @@ public class ClientDynamicRegistrationEndpoint { return "clientInformationResponseView"; } else { // client mismatch - logger.error("ClientDynamicRegistrationEndpoint: readClientConfiguration failed, client ID mismatch: " + logger.error("readClientConfiguration failed, client ID mismatch: " + clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match."); m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403 @@ -290,7 +290,7 @@ public class ClientDynamicRegistrationEndpoint { return "clientInformationResponseView"; } else { // client mismatch - logger.error("ClientDynamicRegistrationEndpoint: readClientConfiguration failed, client ID mismatch: " + logger.error("readClientConfiguration failed, client ID mismatch: " + clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match."); m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403 diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java index 39098af0a..18b6d20a9 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java @@ -6,13 +6,14 @@ import java.text.ParseException; import javax.servlet.http.HttpServletRequest; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.apache.http.client.utils.URIBuilder; -import org.springframework.stereotype.Component; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.http.HttpStatus; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.servlet.ModelAndView; import com.google.common.base.Strings; import com.nimbusds.jwt.JWT; @@ -29,10 +30,10 @@ import com.nimbusds.jwt.JWTParser; //@Component public class RequestObjectAuthorizationEndpoint { - protected final Log logger = LogFactory.getLog(getClass()); + private static Logger logger = LoggerFactory.getLogger(RequestObjectAuthorizationEndpoint.class); @RequestMapping(value = "/authorize", params = "request") - public String authorizeRequestObject(@RequestParam("request") String jwtString, @RequestParam(value = "response_type", required = false) String responseType, HttpServletRequest request) { + public String authorizeRequestObject(@RequestParam("request") String jwtString, @RequestParam(value = "response_type", required = false) String responseType, HttpServletRequest request, ModelAndView mav) { String query = request.getQueryString(); @@ -48,11 +49,14 @@ public class RequestObjectAuthorizationEndpoint { query = uri.getRawQuery();//uri.toString(); } catch (ParseException e) { - // TODO Auto-generated catch block - e.printStackTrace(); + logger.error("ParseException while attempting to authorize request object: " + e.getStackTrace().toString()); + mav.addObject("code", HttpStatus.BAD_REQUEST); + return "httpCodeView"; + } catch (URISyntaxException e) { - // TODO Auto-generated catch block - e.printStackTrace(); + logger.error("URISyntaxError while attempting to authorize request object: " + e.getStackTrace().toString()); + mav.addObject("code", HttpStatus.BAD_REQUEST); + return "httpCodeView"; } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java index db5e90ebd..e81ec11a5 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java @@ -3,13 +3,10 @@ */ package org.mitre.openid.connect.web; -import java.security.Principal; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.mitre.openid.connect.config.ConfigurationPropertiesBean; -import org.mitre.openid.connect.model.UserInfo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java index 51c5ac8d5..0cc620a37 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java @@ -49,7 +49,7 @@ public class UserInfoEndpoint { @Autowired private UserInfoService userInfoService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class); private Map schemaToViewNameMap = ImmutableMap.of( openIdSchema, jsonUserInfoViewName, @@ -74,14 +74,14 @@ public class UserInfoEndpoint { public String getInfo(Principal p, @RequestParam("schema") String schema, Model model) { if (p == null) { - logger.error("UserInfoEndpoint: getInfo failed; no principal. Requester is not authorized."); + logger.error("getInfo failed; no principal. Requester is not authorized."); model.addAttribute("code", HttpStatus.FORBIDDEN); return "httpCodeView"; } String viewName = schemaToViewNameMap.get(schema); if (viewName == null) { - logger.error("UserInfoEndpoint: getInfo failed; unknown User Info schema " + schema); + logger.error("getInfo failed; unknown User Info schema " + schema); model.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -90,7 +90,7 @@ public class UserInfoEndpoint { UserInfo userInfo = userInfoService.getByUserId(userId); if (userInfo == null) { - logger.error("UserInfoEndpoint: getInfo failed; user not found: " + userId); + logger.error("getInfo failed; user not found: " + userId); model.addAttribute("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java index 21831449b..4a72e4e73 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java @@ -24,7 +24,6 @@ import com.google.gson.Gson; import com.google.gson.JsonObject; import com.google.gson.JsonParseException; import com.google.gson.JsonParser; -import com.google.gson.JsonSyntaxException; /** * @author jricher @@ -38,7 +37,7 @@ public class WhitelistAPI { @Autowired private WhitelistedSiteService whitelistService; - private Logger logger = LoggerFactory.getLogger(this.getClass()); + private static Logger logger = LoggerFactory.getLogger(WhitelistAPI.class); private Gson gson = new Gson(); private JsonParser parser = new JsonParser(); @@ -77,11 +76,11 @@ public class WhitelistAPI { whitelist = gson.fromJson(json, WhitelistedSite.class); } catch (JsonParseException e) { - logger.error("WhitelistAPi: addNewWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); + logger.error("addNewWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("WhitelistAPi: addNewWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("addNewWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -112,11 +111,11 @@ public class WhitelistAPI { whitelist = gson.fromJson(json, WhitelistedSite.class); } catch (JsonParseException e) { - logger.error("WhitelistAPi: updateWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); + logger.error("updateWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } catch (IllegalStateException e) { - logger.error("WhitelistAPi: updateWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); + logger.error("updateWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); return "httpCodeView"; } @@ -124,7 +123,7 @@ public class WhitelistAPI { WhitelistedSite oldWhitelist = whitelistService.getById(id); if (oldWhitelist == null) { - logger.error("WhitelistAPi: updateWhitelistedSite failed; whitelist with id " + id + " could not be found."); + logger.error("updateWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } else { @@ -147,7 +146,7 @@ public class WhitelistAPI { WhitelistedSite whitelist = whitelistService.getById(id); if (whitelist == null) { - logger.error("WhitelistAPi: deleteWhitelistedSite failed; whitelist with id " + id + " could not be found."); + logger.error("deleteWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); } else { m.put("code", HttpStatus.OK); @@ -164,7 +163,7 @@ public class WhitelistAPI { public String getWhitelistedSite(@PathVariable("id") Long id, ModelMap m) { WhitelistedSite whitelist = whitelistService.getById(id); if (whitelist == null) { - logger.error("WhitelistAPi: getWhitelistedSite failed; whitelist with id " + id + " could not be found."); + logger.error("getWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); return "httpCodeView"; } else {