Skip to content

Commit

Permalink
change MSAL logging info to FINER (#2489)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lilgreenbird
lilgreenbird committed Aug 19, 2024
1 parent 0e97689 commit 4ccc3a0
Showing 1 changed file with 39 additions and 37 deletions.
76 changes: 39 additions & 37 deletions src/main/java/com/microsoft/sqlserver/jdbc/SQLServerMSAL4JUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,12 +99,12 @@ static SqlAuthenticationToken getSqlFedAuthToken(SqlFedAuthInfo fedAuthInfo, Str
persistentTokenCacheAccessAspect = new PersistentTokenCacheAccessAspect();
TOKEN_CACHE_MAP.addEntry(hashedSecret, persistentTokenCacheAccessAspect);

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": cache token for user: " + user);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": cache token for user: " + user);
}
} else {
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": retrieved cached token for user: " + user);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": retrieved cached token for user: " + user);
}
}

Expand All @@ -118,8 +118,8 @@ static SqlAuthenticationToken getSqlFedAuthToken(SqlFedAuthInfo fedAuthInfo, Str

final IAuthenticationResult authenticationResult = future.get();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(
if (logger.isLoggable(Level.FINER)) {
logger.finer(
LOGCONTEXT + (authenticationResult.account() != null ? authenticationResult.account().username()
+ ": " : "" + ACCESS_TOKEN_EXPIRE + authenticationResult.expiresOnDate()));
}
Expand Down Expand Up @@ -165,12 +165,12 @@ static SqlAuthenticationToken getSqlFedAuthTokenPrincipal(SqlFedAuthInfo fedAuth
persistentTokenCacheAccessAspect = new PersistentTokenCacheAccessAspect();
TOKEN_CACHE_MAP.addEntry(hashedSecret, persistentTokenCacheAccessAspect);

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": cache token for principal id: " + aadPrincipalID);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": cache token for principal id: " + aadPrincipalID);
}
} else {
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": retrieved cached token for principal id: " + aadPrincipalID);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": retrieved cached token for principal id: " + aadPrincipalID);
}
}

Expand All @@ -183,8 +183,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenPrincipal(SqlFedAuthInfo fedAuth
.acquireToken(ClientCredentialParameters.builder(scopes).build());
final IAuthenticationResult authenticationResult = future.get();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(
if (logger.isLoggable(Level.FINER)) {
logger.finer(
LOGCONTEXT + (authenticationResult.account() != null ? authenticationResult.account().username()
+ ": " : "" + ACCESS_TOKEN_EXPIRE + authenticationResult.expiresOnDate()));
}
Expand Down Expand Up @@ -232,12 +232,12 @@ static SqlAuthenticationToken getSqlFedAuthTokenPrincipalCertificate(SqlFedAuthI
persistentTokenCacheAccessAspect = new PersistentTokenCacheAccessAspect();
TOKEN_CACHE_MAP.addEntry(hashedSecret, persistentTokenCacheAccessAspect);

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": cache token for principal id: " + aadPrincipalID);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": cache token for principal id: " + aadPrincipalID);
}
} else {
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": retrieved cached token for principal id: " + aadPrincipalID);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": retrieved cached token for principal id: " + aadPrincipalID);
}
}

Expand Down Expand Up @@ -270,21 +270,21 @@ static SqlAuthenticationToken getSqlFedAuthTokenPrincipalCertificate(SqlFedAuthI
0, null);
} catch (CertificateException | NoSuchAlgorithmException | IOException e) {
// ignore not PKCS12 cert error, will try another format after this
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + "Error loading PKCS12 certificate: " + e.getMessage());
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + "Error loading PKCS12 certificate: " + e.getMessage());
}
}

if (clientApplication == null) {
// try loading X509 cert
X509Certificate cert = (X509Certificate) SQLServerCertificateUtils.loadCertificate(certFile);

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + "certificate type: " + cert.getType());
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + "certificate type: " + cert.getType());

// we don't really need to do this, MSAL will fail if cert is not valid, but good to check here and throw with proper error message
cert.checkValidity();
logger.finest(LOGCONTEXT + "certificate: " + cert.toString());
logger.finer(LOGCONTEXT + "certificate: " + cert.toString());
}

PrivateKey privateKey = SQLServerCertificateUtils.loadPrivateKey(certKey, certKeyPassword);
Expand All @@ -299,8 +299,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenPrincipalCertificate(SqlFedAuthI
.acquireToken(ClientCredentialParameters.builder(scopes).build());
final IAuthenticationResult authenticationResult = future.get();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(
if (logger.isLoggable(Level.FINER)) {
logger.finer(
LOGCONTEXT + (authenticationResult.account() != null ? authenticationResult.account().username()
+ ": " : "" + ACCESS_TOKEN_EXPIRE + authenticationResult.expiresOnDate()));
}
Expand Down Expand Up @@ -335,8 +335,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenIntegrated(SqlFedAuthInfo fedAut
KerberosPrincipal kerberosPrincipal = new KerberosPrincipal("username");
String user = kerberosPrincipal.getName();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + authenticationString + ": get FedAuth token integrated, user: " + user
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + authenticationString + ": get FedAuth token integrated, user: " + user
+ "realm name:" + kerberosPrincipal.getRealm());
}

Expand All @@ -354,8 +354,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenIntegrated(SqlFedAuthInfo fedAut

final IAuthenticationResult authenticationResult = future.get();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(
if (logger.isLoggable(Level.FINER)) {
logger.finer(
LOGCONTEXT + (authenticationResult.account() != null ? authenticationResult.account().username()
+ ": " : "" + ACCESS_TOKEN_EXPIRE + authenticationResult.expiresOnDate()));
}
Expand All @@ -378,8 +378,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAu
String authenticationString) throws SQLServerException {
ExecutorService executorService = Executors.newSingleThreadExecutor();

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + authenticationString + ": get FedAuth token interactive for user: " + user);
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + authenticationString + ": get FedAuth token interactive for user: " + user);
}

lock.lock();
Expand All @@ -406,8 +406,10 @@ static SqlAuthenticationToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAu
acc.append(account.username());
}
}
logger.finest(LOGCONTEXT + "Accounts in cache = " + acc + ", size = "
+ (accountsInCache == null ? null : accountsInCache.size()) + ", user = " + user);
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + "Accounts in cache = " + acc + ", size = "
+ (accountsInCache == null ? null : accountsInCache.size()) + ", user = " + user);
}
}
if (null != accountsInCache && !accountsInCache.isEmpty() && null != user && !user.isEmpty()) {
IAccount account = getAccountByUsername(accountsInCache, user);
Expand Down Expand Up @@ -445,8 +447,8 @@ static SqlAuthenticationToken getSqlFedAuthTokenInteractive(SqlFedAuthInfo fedAu
authenticationResult = future.get();
}

if (logger.isLoggable(Level.FINEST)) {
logger.finest(
if (logger.isLoggable(Level.FINER)) {
logger.finer(
LOGCONTEXT + (authenticationResult.account() != null ? authenticationResult.account().username()
+ ": " : "" + ACCESS_TOKEN_EXPIRE + authenticationResult.expiresOnDate()));
}
Expand Down Expand Up @@ -526,8 +528,8 @@ PersistentTokenCacheAccessAspect getEntry(String value, String key) {

tokenCacheMap.put(key, persistentTokenCacheAccessAspect);

if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": entry expired for: " + value + " new entry will expire in: "
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": entry expired for: " + value + " new entry will expire in: "
+ TimeUnit.MILLISECONDS.toSeconds(PersistentTokenCacheAccessAspect.TIME_TO_LIVE) + "s");
}
}
Expand All @@ -539,8 +541,8 @@ PersistentTokenCacheAccessAspect getEntry(String value, String key) {
void addEntry(String key, PersistentTokenCacheAccessAspect value) {
value.setExpiryTime(System.currentTimeMillis() + PersistentTokenCacheAccessAspect.TIME_TO_LIVE);
tokenCacheMap.put(key, value);
if (logger.isLoggable(Level.FINEST)) {
logger.finest(LOGCONTEXT + ": add entry for: " + value + ", will expire in: "
if (logger.isLoggable(Level.FINER)) {
logger.finer(LOGCONTEXT + ": add entry for: " + value + ", will expire in: "
+ TimeUnit.MILLISECONDS.toSeconds(PersistentTokenCacheAccessAspect.TIME_TO_LIVE) + "s");
}
}
Expand Down

0 comments on commit 4ccc3a0

Please sign in to comment.