diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java index 19f0f8f1ef..1b526eaff4 100755 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BasicAuthRequestAuthenticator.java @@ -51,6 +51,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat public AuthOutcome authenticate(HttpFacade exchange) { List authHeaders = exchange.getRequest().getHeaders("Authorization"); if (authHeaders == null || authHeaders.isEmpty()) { + log.debug("Authorization header not present"); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_AUTHORIZATION_HEADER, null, null); return AuthOutcome.NOT_ATTEMPTED; } @@ -64,6 +65,7 @@ public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticat } if (tokenString == null) { + log.debug("Token is not present in Authorization header"); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.INVALID_TOKEN, null, null); return AuthOutcome.NOT_ATTEMPTED; } diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java index f9de531fff..f1f52af9af 100755 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/BearerTokenRequestAuthenticator.java @@ -64,6 +64,7 @@ public class BearerTokenRequestAuthenticator { public AuthOutcome authenticate(HttpFacade exchange) { List authHeaders = exchange.getRequest().getHeaders("Authorization"); if (authHeaders == null || authHeaders.isEmpty()) { + log.debug("Authorization header not present"); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, null, null); return AuthOutcome.NOT_ATTEMPTED; } @@ -81,6 +82,7 @@ public class BearerTokenRequestAuthenticator { } if (tokenString == null) { + log.debug("Token is not present in Authorization header"); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_BEARER_TOKEN, null, null); return AuthOutcome.NOT_ATTEMPTED; } @@ -102,7 +104,7 @@ public class BearerTokenRequestAuthenticator { try { token = AdapterTokenVerifier.verifyToken(tokenString, deployment); } catch (VerificationException e) { - log.debug("Failed to verify token"); + log.debugf("Failed to verify token: %s", e.getMessage()); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.INVALID_TOKEN, "invalid_token", e.getMessage()); return AuthOutcome.FAILED; } diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/QueryParameterTokenRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/QueryParameterTokenRequestAuthenticator.java index 233bc09a0f..c7446c6f9c 100644 --- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/QueryParameterTokenRequestAuthenticator.java +++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/QueryParameterTokenRequestAuthenticator.java @@ -41,6 +41,7 @@ public class QueryParameterTokenRequestAuthenticator extends BearerTokenRequestA tokenString = null; tokenString = getAccessTokenFromQueryParameter(exchange); if (tokenString == null || tokenString.trim().isEmpty()) { + log.debug("Token is not present in query"); challenge = challengeResponse(exchange, OIDCAuthenticationError.Reason.NO_QUERY_PARAMETER_ACCESS_TOKEN, null, null); return AuthOutcome.NOT_ATTEMPTED; }