@@ -45,11 +45,16 @@ const getUser = async (req, res) => {
4545 try {
4646 credentials = Buffer . from ( token . split ( ' ' ) [ 1 ] , 'base64' ) . toString ( 'utf-8' ) . split ( ':' ) ;
4747 } catch ( err ) {
48+ logger . error ( 'The authentication header you provided was not properly formatted.' ) ;
4849 return res . status ( HTTP_STATUS . BAD_REQUEST ) . json ( { message : 'The authentication header you provided was not properly formatted.' } ) ;
4950 }
5051 try {
5152 const respAccess = await keycloak . getToken ( credentials [ 0 ] , credentials [ 1 ] ) ;
52- token = respAccess . access_token ;
53+ if ( respAccess . error ) {
54+ logger . error ( `Failed to get the keycloak token "${ respAccess . error } ": ${ respAccess . error_description } ` ) ;
55+ } else {
56+ token = respAccess . access_token ;
57+ }
5358 } catch ( error ) {
5459 let errorDescription ;
5560 try {
@@ -63,6 +68,7 @@ const getUser = async (req, res) => {
6368 }
6469 }
6570 if ( ! token ) {
71+ logger . error ( 'Missing required Authorization token' ) ;
6672 return res . status ( HTTP_STATUS . FORBIDDEN ) . json ( { message : 'Missing required Authorization token' } ) ;
6773 }
6874
@@ -72,10 +78,12 @@ const getUser = async (req, res) => {
7278 decoded = await jwt . verify ( token , pubKey , { algorithms : [ 'RS256' ] } ) ;
7379 } catch ( err ) {
7480 logger . debug ( `token verification failed against key ${ nconf . get ( 'keycloak:keyfile' ) } ` ) ;
81+ logger . error ( `Invalid or expired authorization token: (${ err . message } )` ) ;
7582 return res . status ( HTTP_STATUS . FORBIDDEN ) . json ( { message : `Invalid or expired authorization token: (${ err . message } )` } ) ;
7683 }
7784 // Check for IPR access
7885 if ( ! decoded . realm_access . roles . includes ( nconf . get ( 'keycloak:role' ) ) ) {
86+ logger . error ( 'IPR Access Error: Keycloak role missing' ) ;
7987 return res . status ( HTTP_STATUS . FORBIDDEN ) . json ( { message : 'IPR Access Error: Keycloak role missing' } ) ;
8088 }
8189 const username = decoded . preferred_username ;
@@ -107,7 +115,7 @@ const getUser = async (req, res) => {
107115 include,
108116 } ) ;
109117 } catch ( err ) {
110- logger . error ( err ) ;
118+ logger . error ( `Invalid authorization token: ${ err } ` ) ;
111119 return res . status ( HTTP_STATUS . BAD_REQUEST ) . json ( { message : 'Invalid authorization token' } ) ;
112120 }
113121
0 commit comments