chore: Log HTTP request body on signature verification failure

rs/http_endpoints/public/src/call.rs

@@ -251,7 +251,7 @@ impl IngressValidator {
             message: "".into(),
         })?
         .map_err(|validation_error| {
-            validation_error_to_http_error(message_id, validation_error, &log)
+            validation_error_to_http_error(msg.as_ref(), validation_error, &log)
         })?;
 
         let ingress_filter = ingress_filter.lock().unwrap().clone();

rs/http_endpoints/public/src/common.rs

@@ -20,7 +20,7 @@ use ic_replicated_state::ReplicatedState;
 use ic_types::{
     crypto::threshold_sig::ThresholdSigPublicKey,
     malicious_flags::MaliciousFlags,
-    messages::{HttpRequest, HttpRequestContent, MessageId},
+    messages::{HttpRequest, HttpRequestContent},
     RegistryVersion, SubnetId, Time,
 };
 use ic_validator::{
@@ -246,12 +246,22 @@ impl IntoResponse for CborUserError {
     }
 }
 
-pub(crate) fn validation_error_to_http_error(
-    message_id: MessageId,
+pub(crate) fn validation_error_to_http_error<C: std::fmt::Debug + HttpRequestContent>(
+    request: &HttpRequest<C>,
     err: RequestValidationError,
     log: &ReplicaLogger,
 ) -> HttpError {
-    info!(log, "msg_id: {}, err: {}", message_id, err);
+    let message_id = request.id();
+    match err {
+        RequestValidationError::InvalidSignature(_) => {
+            info!(
+                log,
+                "msg_id: {}, err: {}, request: {:?}", message_id, err, request
+            )
+        }
+        _ => info!(log, "msg_id: {}, err: {}", message_id, err),
+    }
+
     HttpError {
         status: StatusCode::BAD_REQUEST,
         message: format!("{err}"),

rs/http_endpoints/public/src/query.rs

@@ -194,7 +194,7 @@ pub(crate) async fn query(
     {
         Ok(Ok(_)) => {}
         Ok(Err(err)) => {
-            let http_err = validation_error_to_http_error(request.id(), err, &log);
+            let http_err = validation_error_to_http_error(&request, err, &log);
             return (http_err.status, http_err.message).into_response();
         }
         Err(_) => {

rs/http_endpoints/public/src/read_state/canister.rs

@@ -169,7 +169,7 @@ pub(crate) async fn canister_read_state(
             match validator.validate_request(&request_c, current_time(), &root_of_trust_provider) {
                 Ok(targets) => targets,
                 Err(err) => {
-                    let http_err = validation_error_to_http_error(request.id(), err, &log);
+                    let http_err = validation_error_to_http_error(&request, err, &log);
                     return (http_err.status, http_err.message).into_response();
                 }
             };