GitLab oppdateres til siste versjon den 21.08.2019 ifra 08:00/08:30. Oppdatering estimert til å ta omtrent 20/30+ minutter.

Improve logging from resolve-key

The resolve-key function now logs first resolve attempt as a debug
statement. For usual INFO-level logging this will effectively turn off
logging of the first key resolve attempt which covers most resolve
calls.

If the key is not found the clj-jwt library will log the error with
error level before throwing the exception. This might help with
debugging when encountering problems with token validation.
Signed-off-by: Snorre Magnus Davøen's avatarSnorre Magnus Davøen <snorre.davoen@nsd.no>
parent 979c2290
Pipeline #13873 passed with stage
in 30 seconds
......@@ -5,7 +5,7 @@
A Clojure library to handle validation of JWTs.
```clojure
[no.nsd/clj-jwt "0.2.0"]
[no.nsd/clj-jwt "0.2.1"]
```
The library exposes functions to handle validation of JSON web tokens. It wraps
......
(defproject no.nsd/clj-jwt "0.2.0"
(defproject no.nsd/clj-jwt "0.2.1"
:description "A Clojure library to fetch json web keys and validate json web tokens. Wraps Buddy."
:url "https://gitlab.nsd.no/clojure/clj-jwt"
:license {:name "Eclipse Public License"
......
......@@ -118,7 +118,7 @@
"Returns java.security.PublicKey given jwks-url and :kid in jwt-header.
If no key is found refreshes"
[jwks-url jwt-header]
(log/info "Resolving key " jwt-header " from " jwks-url)
(log/debug "Resolving key " jwt-header " from " jwks-url)
(let [key-fn (fn [] (get @public-keys (:kid jwt-header)))]
(if-let [key (key-fn)]
key
......@@ -126,8 +126,10 @@
(reset! public-keys (or (fetch-keys jwks-url) @public-keys))
(if-let [key (key-fn)]
key
(throw (ex-info (str "Could not locate public key corresponding to jwt header's kid: " (:kid jwt-header))
{:type :validation :cause :unknown-key})))))))
(do
(log/error "Could not locate public key corresponding to jwt header's kid: " (:kid jwt-header))
(throw (ex-info (str "Could not locate public key corresponding to jwt header's kid: " (:kid jwt-header))
{:type :validation :cause :unknown-key}))))))))
(s/fdef unsign
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment