feat(jans-auth-server): made not found exceptions logging level confi…

…gurable #4973 (#4982)

docs/admin/reference/json/properties/janssenauthserver-properties.md

@@ -172,6 +172,7 @@ tags:
 | logClientNameOnClientAuthentication | Choose if application should log the Client Name on client authentication | [Details](#logclientnameonclientauthentication) |
 | loggingLayout | Logging layout used for Jans Authorization Server loggers | [Details](#logginglayout) |
 | loggingLevel | Specify the logging level for oxAuth loggers | [Details](#logginglevel) |
+| logNotFoundEntityAsError | Boolean value specifying whether to log not_found entity exception as error or as trace. Default value is false (trace). | [Details](#lognotfoundentityaserror) |
 | metricReporterInterval | The interval for metric reporter in seconds | [Details](#metricreporterinterval) |
 | metricReporterKeepDataDays | The days to keep metric reported data | [Details](#metricreporterkeepdatadays) |
 | mtlsAuthorizationEndpoint | URL for Mutual TLS (mTLS) Client Authentication and Certificate-Bound Access Tokens (MTLS) Endpoint | [Details](#mtlsauthorizationendpoint) |

jans-auth-server/model/src/main/java/io/jans/as/model/configuration/AppConfiguration.java

@@ -469,6 +469,9 @@ public class AppConfiguration implements Configuration {
     @DocProperty(description = "The interval for configuration update in seconds")
     private int configurationUpdateInterval;
 
+    @DocProperty(description = "Boolean value specifying whether to log not_found entity exception as error or as trace. Default value is false (trace).")
+    private Boolean logNotFoundEntityAsError;
+
     @DocProperty(description = "Choose if client can update Grant Type values")
     private Boolean enableClientGrantTypeUpdate;
 
@@ -881,6 +884,15 @@ public void setRotateDeviceSecret(Boolean rotateDeviceSecret) {
         this.rotateDeviceSecret = rotateDeviceSecret;
     }
 
+    public Boolean getLogNotFoundEntityAsError() {
+        if (logNotFoundEntityAsError == null) logNotFoundEntityAsError = false;
+        return logNotFoundEntityAsError;
+    }
+
+    public void setLogNotFoundEntityAsError(Boolean logNotFoundEntityAsError) {
+        this.logNotFoundEntityAsError = logNotFoundEntityAsError;
+    }
+
     public Boolean getRequirePkce() {
         if (requirePkce == null) requirePkce = false;
         return requirePkce;

jans-auth-server/server/src/main/java/io/jans/as/server/service/GrantService.java

@@ -21,7 +21,6 @@
 import jakarta.ejb.Stateless;
 import jakarta.inject.Inject;
 import jakarta.inject.Named;
-import org.apache.commons.lang.BooleanUtils;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 
@@ -30,6 +29,8 @@
 import java.util.List;
 import java.util.UUID;
 
+import static org.apache.commons.lang.BooleanUtils.isTrue;
+
 /**
  * @author Yuriy Zabrovarnyy
  * @author Javier Rojas Blum
@@ -140,7 +141,7 @@ public List<TokenEntity> getGrantsOfClient(String clientId) {
             final String baseDn = clientService.buildClientDn(clientId);
             return persistenceEntryManager.findEntries(baseDn, TokenEntity.class, Filter.createPresenceFilter("tknCde"));
         } catch (Exception e) {
-            log.error(e.getMessage(), e);
+            logException(e);
         }
         return Collections.emptyList();
     }
@@ -154,11 +155,19 @@ public TokenEntity getGrantByCode(String code) {
         }
     }
 
+    private void logException(Exception e) {
+        if (isTrue(appConfiguration.getLogNotFoundEntityAsError())) {
+            log.error(e.getMessage(), e);
+        } else {
+            log.trace(e.getMessage(), e);
+        }
+    }
+
     private TokenEntity load(String tokenDn) {
         try {
             return persistenceEntryManager.find(TokenEntity.class, tokenDn);
         } catch (Exception e) {
-            log.error(e.getMessage(), e);
+            logException(e);
         }
         return null;
     }
@@ -167,7 +176,7 @@ public List<TokenEntity> getGrantsByGrantId(String grantId) {
         try {
             return persistenceEntryManager.findEntries(tokenBaseDn(), TokenEntity.class, Filter.createEqualityFilter("grtId", grantId));
         } catch (Exception e) {
-            log.error(e.getMessage(), e);
+            logException(e);
         }
         return Collections.emptyList();
     }
@@ -176,7 +185,7 @@ public List<TokenEntity> getGrantsByAuthorizationCode(String authorizationCode)
         try {
             return persistenceEntryManager.findEntries(tokenBaseDn(), TokenEntity.class, Filter.createEqualityFilter("authzCode", TokenHashUtil.hash(authorizationCode)));
         } catch (Exception e) {
-            log.error(e.getMessage(), e);
+            logException(e);
         }
         return Collections.emptyList();
     }
@@ -189,7 +198,7 @@ public List<TokenEntity> getGrantsBySessionDn(String sessionDn) {
                 grants.addAll(ldapGrants);
             }
         } catch (Exception e) {
-            log.error(e.getMessage(), e);
+            logException(e);
         }
         return grants;
     }
@@ -201,7 +210,7 @@ public void logout(String sessionDn) {
     }
 
     public void filterOutRefreshTokenFromDeletion(List<TokenEntity> tokens) {
-        if (BooleanUtils.isTrue(appConfiguration.getRemoveRefreshTokensForClientOnLogout())) {
+        if (isTrue(appConfiguration.getRemoveRefreshTokensForClientOnLogout())) {
             return;
         }
 

jans-auth-server/server/src/main/java/io/jans/as/server/service/SessionIdService.java

@@ -49,6 +49,7 @@
 import jakarta.inject.Named;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.apache.commons.lang.BooleanUtils;
 import org.apache.commons.lang.StringUtils;
 import org.jetbrains.annotations.Nullable;
 import org.json.JSONException;
@@ -289,15 +290,15 @@ public SessionId resetToStep(SessionId session, int resetToStep) {
         }
 
         if (resetToStep <= currentStep) {
-	        for (int i = resetToStep; i <= currentStep; i++) {
-	            String key = String.format("auth_step_passed_%d", i);
-	            sessionAttributes.remove(key);
-	        }
+            for (int i = resetToStep; i <= currentStep; i++) {
+                String key = String.format("auth_step_passed_%d", i);
+                sessionAttributes.remove(key);
+            }
         } else {
-        	// Scenario when we sckip steps. In this case we need to mark all previous steps as passed
-	        for (int i = currentStep + 1; i < resetToStep; i++) {
-	            sessionAttributes.put(String.format("auth_step_passed_%d", i), Boolean.TRUE.toString());
-	        }
+            // Scenario when we sckip steps. In this case we need to mark all previous steps as passed
+            for (int i = currentStep + 1; i < resetToStep; i++) {
+                sessionAttributes.put(String.format("auth_step_passed_%d", i), Boolean.TRUE.toString());
+            }
         }
 
         sessionAttributes.put(io.jans.as.model.config.Constants.AUTH_STEP, String.valueOf(resetToStep));
@@ -342,16 +343,16 @@ public SessionId getSessionId() {
             sessionId = identity.getSessionId().getId();
         }
 
-        SessionId result = null; 
+        SessionId result = null;
         if (StringHelper.isNotEmpty(sessionId)) {
-        	result = getSessionId(sessionId);
-        	if ((result == null) && identity.getSessionId() != null) {
-        		// Here we cover scenario when user were redirected from /device-code to ACR method
-        		// which call this method in prepareForStep for step 1. The cookie in this case is not updated yet.
-        		// hence actual information about session_id only in identity.
+            result = getSessionId(sessionId);
+            if ((result == null) && identity.getSessionId() != null) {
+                // Here we cover scenario when user were redirected from /device-code to ACR method
+                // which call this method in prepareForStep for step 1. The cookie in this case is not updated yet.
+                // hence actual information about session_id only in identity.
                 sessionId = identity.getSessionId().getId();
-            	result = getSessionId(sessionId);
-        	}
+                result = getSessionId(sessionId);
+            }
         } else {
             log.trace("Session cookie not exists");
         }
@@ -792,7 +793,11 @@ public SessionId getSessionByDn(@Nullable String dn, boolean silently) {
             return sessionId;
         } catch (Exception e) {
             if (!silently) {
-                log.error("Failed to get session by dn: {}. {}", dn, e.getMessage());
+                if (BooleanUtils.isTrue(appConfiguration.getLogNotFoundEntityAsError())) {
+                    log.error("Failed to get session by dn: {}. {}", dn, e.getMessage());
+                } else {
+                    log.trace("Failed to get session by dn: {}. {}", dn, e.getMessage());
+                }
             }
         }
         return null;

jans-config-api/docs/jans-config-api-swagger.yaml

@@ -8469,6 +8469,8 @@ components:
           type: boolean
         allowBlankValuesInDiscoveryResponse:
           type: boolean
+        logNotFoundEntityAsError:
+          type: boolean
         checkUserPresenceOnRefreshToken:
           type: boolean
         consentGatheringScriptBackwardCompatibility: