Merge pull request #35987 from sberyozkin/improve_http_authorizer_exc…

…eption_log_message Improve the way HTTP authorizer logs exceptions
quarkusio · Sep 18, 2023 · f974941 · f974941
2 parents 4de127f + 40b4739
commit f974941
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.../runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractHttpAuthorizer.java b/.../runtime/src/main/java/io/quarkus/vertx/http/runtime/security/AbstractHttpAuthorizer.java
@@ -10,6 +10,7 @@
 import org.jboss.logging.Logger;
 
 import io.quarkus.security.AuthenticationFailedException;
+import io.quarkus.security.AuthenticationRedirectException;
 import io.quarkus.security.ForbiddenException;
 import io.quarkus.security.identity.IdentityProviderManager;
 import io.quarkus.security.identity.SecurityIdentity;
@@ -120,10 +121,15 @@ public void accept(Throwable throwable) {
                         // the exception twice;at this point, the exception could be failed by the default auth failure handler
                         if (!routingContext.response().ended() && !throwable.equals(routingContext.failure())) {
                             routingContext.fail(throwable);
-                        } else if (!(throwable instanceof AuthenticationFailedException)) {
-                            //don't log auth failure
+                        } else if (throwable instanceof AuthenticationFailedException) {
+                            log.debug("Authentication challenge is required");
+                        } else if (throwable instanceof AuthenticationRedirectException) {
+                            log.debugf("Completing authentication with a redirect to %s",
+                                    ((AuthenticationRedirectException) throwable).getRedirectUri());
+                        } else {
                             log.error("Exception occurred during authorization", throwable);
                         }
+
                     }
                 });
     }