add some logs and improve if

jenkinsci · Jul 10, 2024 · e821217 · e821217
1 parent 11ee9a5
commit e821217
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java b/src/main/java/com/microsoft/jenkins/azuread/AzureSecurityRealm.java
@@ -820,7 +820,7 @@ public FormValidation doVerifyConfiguration(@QueryParameter final String clientI
              if (testObject.equals("")) {
                  return FormValidation.error("Please set a test user principal name or object ID");
              }
- 
+
              GraphServiceClient<Request> graphServiceClient = GraphClientCache.getClient(
                      new GraphClientCacheKey(
                              clientId,

diff --git a/src/main/java/com/microsoft/jenkins/azuread/GraphClientCache.java b/src/main/java/com/microsoft/jenkins/azuread/GraphClientCache.java
@@ -20,6 +20,9 @@
 import static com.microsoft.jenkins.azuread.AzureEnvironment.getAuthorityHost;
 import static com.microsoft.jenkins.azuread.AzureEnvironment.getServiceRoot;
 
+import java.util.Arrays;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import hudson.ProxyConfiguration;
 import hudson.security.SecurityRealm;
 import hudson.util.Secret;
@@ -33,6 +36,7 @@
 public class GraphClientCache {
 
     private static final int TEN = 10;
+    private static final Logger LOGGER = Logger.getLogger(GraphClientCache.class.getName());
     private static final LoadingCache<GraphClientCacheKey, GraphServiceClient<Request>> TOKEN_CACHE = Caffeine.newBuilder()
             .maximumSize(TEN)
             .build(GraphClientCache::createGraphClient);
@@ -41,7 +45,7 @@ private static GraphServiceClient<Request> createGraphClient(GraphClientCacheKey
 
         TokenCredentialAuthProvider authProvider;
 
-        if (isEnableClientCertificate()) {
+        if (isEnableClientCertificate(key)) {
             ClientCertificateCredential clientCertificateCredential = getClientCertificateCredential(key);
             authProvider = new TokenCredentialAuthProvider(clientCertificateCredential);
         } else {
@@ -92,7 +96,8 @@ static ClientSecretCredential getClientSecretCredential(GraphClientCacheKey key)
     static InputStream getCertificate(GraphClientCacheKey key) {
 
         String secretString = key.getPemCertificate();
-
+        LOGGER.log(Level.FINE, "Itzik 1 : " + secretString);
+        LOGGER.log(Level.FINE, "Itzik 2 : " + Arrays.toString(secretString.getBytes(StandardCharsets.UTF_8)));
         return new ByteArrayInputStream(secretString.getBytes(StandardCharsets.UTF_8));
     }
 
@@ -135,12 +140,12 @@ public static OkHttpClient.Builder addProxyToHttpClientIfRequired(OkHttpClient.B
         return builder;
     }
 
-    public static boolean isEnableClientCertificate() {
+    public static boolean isEnableClientCertificate(GraphClientCacheKey key) {
         SecurityRealm securityRealm = Jenkins.get().getSecurityRealm();
         if (securityRealm instanceof AzureSecurityRealm) {
             AzureSecurityRealm azureSecurityRealm = (AzureSecurityRealm) securityRealm;
             return azureSecurityRealm.isEnableClientCertificate();
         }
-        return false;
+        else return key.isEnableClientCertificate();
     }
 }