Changed OIDC/UMA refreshing errors log to DEBUG to avoid logs flood (#27536)

2024-11-12 11:52:56 +01:00 · 2024-11-12 11:52:56 +01:00 · 3eaf89964e
parent 5cd951d641
commit 3eaf89964e
2 changed files with 8 additions and 7 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,6 +5,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 ## [v1.4.0]
 - New handling for missing refresh token and refresh token expired in OIDC token when refreshing it.
 - Changed OIDC related exceptions: the cause exception can be an OpenIdConnectRESTHelperException only.
+- Changed OIDC/UMA refreshing errors log to DEBUG to avoid logs flood (#27536)

 ## [v1.3.2] - 2023-04-18
 - UserSitesToGroupsAndRolesMapper class is now more resilient to Groups that are not found in Liferay and for which the LiferayGroupManager returns -1 as its Id instead of exception throwing (#24831)
--- a/src/main/java/org/gcube/portal/oidc/lr62/OIDCUmaUtil.java
+++ b/src/main/java/org/gcube/portal/oidc/lr62/OIDCUmaUtil.java
@ -233,10 +233,10 @@ public class OIDCUmaUtil {
                                } else if (OpenIdConnectRESTHelper.isTokenNotActiveError(e.getResponseString())) {
                                    log.info("UMA token is no more active, get new one");
                                } else {
-                                    log.error("Other UMA token refresh error", e);
+                                    log.error("Other unexpected UMA token refresh error", e);
                                }
                            } else {
-                                log.error("Refreshing UMA token on server " + umaToken.getTokenEssentials(), e);
+                                log.warn("Refreshing UMA token on server for {}: {}", umaToken.getTokenEssentials(), e.getMessage());
                            }
                            umaToken = null;
                            log.debug(
@ -381,7 +381,7 @@ public class OIDCUmaUtil {
            return;
        } catch (MissingRefreshTokenException e) {
            if (FORCE_LOGOUT_ON_MISSING_OIDC_REFRESH_TOKEN) {
-                log.info("Force redirecting to logout URI: {}", e.getMessage());
+                log.debug("Force redirecting to logout URI: {}", e.getMessage());
                forceLogout(response);
            } else {
                log.info(e.getMessage());
@ -407,20 +407,20 @@ public class OIDCUmaUtil {
            return;
        } catch (RefreshException e) {
            if (FORCE_LOGOUT_ON_OIDC_REFRESH_ERROR) {
-                log.error("Error refreshing OIDC token, force redirect for {} to logout URI: {}", user.getScreenName(),
+                log.debug("Cannot refresh OIDC token, force redirect for {} to logout URI: {}", user.getScreenName(),
                        e.getCause().getMessage());

                forceLogout(response);
            } else {
-                log.error("Error refreshing OIDC token: {}", e.getCause().getMessage());
+                log.warn("Error refreshing OIDC token: {}", e.getCause().getMessage());
            }
            return;
        } catch (InvalidTokenException e) {
            if (FORCE_LOGOUT_ON_INVALID_TOKEN) {
-                log.warn("OIDC token is become invalid, forcing redirect to logout URI");
+                log.debug("OIDC token is become invalid, forcing redirect to logout URI");
                forceLogout(response);
            } else {
-                log.error("OIDC token is become invalid, cannot continue");
+                log.warn("OIDC token is become invalid, cannot continue");
            }
            return;
        } catch (NotAuthorizedException e) {