Support DwC - Avoid superflous WARN log messages (#1415)

* Avoid warn messages in case there is no service configuration * fix fragile test * make the class fields more restrictive Signed-off-by: liga-oz <[email protected]> --------- Signed-off-by: liga-oz <[email protected]> Co-authored-by: liga-oz <[email protected]>
SAP · Jan 4, 2024 · 1a4bac7 · 1a4bac7
1 parent e0d6349
commit 1a4bac7
Show file tree

Hide file tree

Showing 3 changed files with 72 additions and 18 deletions.
diff --git a/java-security/pom.xml b/java-security/pom.xml
@@ -97,11 +97,6 @@
 			<artifactId>assertj-core</artifactId>
 			<scope>test</scope>
 		</dependency>
-		<dependency> <!-- check if it's still needed when slf4j-api 1.8 is available -->
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-simple</artifactId>
-			<scope>test</scope>
-		</dependency>
 		<dependency>
 			<groupId>com.sap.cloud.security.xsuaa</groupId>
 			<artifactId>spring-xsuaa</artifactId>
@@ -125,6 +120,11 @@
 			<artifactId>spring-context</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>ch.qos.logback</groupId>
+			<artifactId>logback-classic</artifactId>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
 
 	<build>

diff --git a/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java b/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
@@ -18,6 +18,7 @@
 
 import javax.annotation.Nonnull;
 import java.util.Objects;
+import java.util.Optional;
 import java.util.regex.Pattern;
 
 import static com.sap.cloud.security.token.TokenClaims.XSUAA.EXTERNAL_ATTRIBUTE;
@@ -31,8 +32,8 @@
 public class HybridTokenFactory implements TokenFactory {
 
 	private static final Logger LOGGER = LoggerFactory.getLogger(HybridTokenFactory.class);
-	private static String xsAppId;
-	private static ScopeConverter xsScopeConverter;
+	static Optional<String> xsAppId;
+	static ScopeConverter xsScopeConverter;
 
 	/**
 	 * Determines whether the JWT token is issued by XSUAA or IAS identity service,
@@ -66,25 +67,28 @@ public Token create(String jwtToken) {
 	 */
 	static void withXsuaaAppId(@Nonnull String xsAppId) {
 		LOGGER.debug("XSUAA app id = {}", xsAppId);
-		HybridTokenFactory.xsAppId = xsAppId;
+		HybridTokenFactory.xsAppId = Optional.of(xsAppId);
 		getOrCreateScopeConverter();
 	}
 
 	private static ScopeConverter getOrCreateScopeConverter() {
-		if (xsScopeConverter == null && getXsAppId() != null) {
-			xsScopeConverter = new XsuaaScopeConverter(getXsAppId());
+		if (xsScopeConverter == null && getXsAppId().isPresent()) {
+			xsScopeConverter = new XsuaaScopeConverter(getXsAppId().get());
 		}
 		return xsScopeConverter;
 	}
 
-	private static String getXsAppId() {
-		if (xsAppId == null) {
-			OAuth2ServiceConfiguration serviceConfiguration = Environments.getCurrent().getXsuaaConfiguration();
-			if (serviceConfiguration == null) {
-				LOGGER.warn("There is no xsuaa service configuration: no local scope check possible.");
-			} else {
-				xsAppId = serviceConfiguration.getProperty(ServiceConstants.XSUAA.APP_ID);
-			}
+	private static Optional<String> getXsAppId() {
+		if (Objects.nonNull(xsAppId)) {
+			return xsAppId;
+		}
+		OAuth2ServiceConfiguration serviceConfiguration = Environments.getCurrent().getXsuaaConfiguration();
+		if (serviceConfiguration != null) {
+			xsAppId = Optional.of(serviceConfiguration.getProperty(ServiceConstants.XSUAA.APP_ID));
+		} else {
+			LOGGER.warn(
+					"There is no xsuaa service configuration with 'xsappname' property: no local scope check possible.");
+			xsAppId = Optional.empty();
 		}
 		return xsAppId;
 	}

diff --git a/java-security/src/test/java/com/sap/cloud/security/servlet/HybridTokenFactoryTest.java b/java-security/src/test/java/com/sap/cloud/security/servlet/HybridTokenFactoryTest.java
@@ -0,0 +1,50 @@
+package com.sap.cloud.security.servlet;
+
+import ch.qos.logback.core.read.ListAppender;
+import com.sap.cloud.security.token.XsuaaToken;
+import org.apache.commons.io.IOUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.slf4j.LoggerFactory;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import ch.qos.logback.classic.Logger;
+
+import java.io.IOException;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.*;
+
+class HybridTokenFactoryTest {
+
+    private ListAppender<ILoggingEvent> logWatcher;
+    private HybridTokenFactory cut;
+
+    @BeforeEach
+    public void setup() {
+        cut = new HybridTokenFactory();
+        cut.xsAppId = null;
+        cut.xsScopeConverter = null;
+        logWatcher = new ListAppender<>();
+        logWatcher.start();
+        ((Logger) LoggerFactory.getLogger(HybridTokenFactory.class)).addAppender(logWatcher);
+    }
+
+    @AfterEach
+    void teardown() {
+        ((Logger) LoggerFactory.getLogger(HybridTokenFactory.class)).detachAndStopAllAppenders();
+    }
+
+    @Test
+    void oneWarningMessageIncaseSecurityConfigIsMissing() throws IOException {
+        String jwt = IOUtils.resourceToString("/xsuaaJwtBearerTokenRSA256.txt", UTF_8);
+        XsuaaToken token = (XsuaaToken) cut.create(jwt);
+        cut.create(jwt);
+
+        assertThat(token.getIssuer()).isEqualTo("http://auth.com");
+        assertThrows(IllegalArgumentException.class, () -> token.hasLocalScope("abc"));
+        assertThat(logWatcher.list).isNotNull().hasSize(1);
+        assertThat(logWatcher.list.get(0).getMessage()).contains("There is no xsuaa service configuration");
+    }
+}