[ALS-5514] Update Okta error message logging

The error logging code for the Okta provider check has been updated to include the exception message before displaying its custom error. This will facilitate troubleshooting by providing the actual error message alongside potential configuration fixes. Code readability has also been enhanced with minor formatting adjustments.
hms-dbmi · Jan 11, 2024 · 9b20983 · 9b20983
1 parent 8d3347e
commit 9b20983
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/...re-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/JAXRSConfiguration.java b/...re-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/JAXRSConfiguration.java
@@ -102,6 +102,8 @@ public class JAXRSConfiguration extends Application {
     public static String fence_harmonized_consent_group_concept_path;
     public static String fence_topmed_consent_group_concept_path;
     public static String fence_allowed_query_types;
+
+    // See checkOKTAProvider method for setting these variables
     public static String oktaDomain;
     public static String oktaSessionApiToken;
 
@@ -155,10 +157,7 @@ public void init() {
         initializeLongTermTokenExpirationTime(ctx);
         logger.info("Finished initializing token expiration time.");
 
-        logger.info("Determine IDP provider");
         checkIDPProvider(ctx);
-
-        logger.info("Determine OKTA provider");
         checkOKTAProvider(ctx);
 
         mailSession.getProperties().put("mail.smtp.ssl.trust", "smtp.gmail.com");
@@ -177,11 +176,13 @@ public void init() {
     }
 
     private void checkOKTAProvider(Context ctx) {
+        logger.info("Determine OKTA provider");
         try {
             oktaSessionApiToken = (String) ctx.lookup("java:global/okta_client_api_token");
             oktaDomain = (String) ctx.lookup("java:global/okta_client_origin");
         } catch (NamingException | ClassCastException | NumberFormatException ex) {
-            logger.info("checkOKTAProvider() OKTA provider is not configured. Please check standalone.xml for missing configuration.\n" +
+            logger.info(ex.getMessage());
+            logger.info("checkOKTAProvider() OKTA provider is not configured. Please check standalone.xml for missing configuration. " +
                     "If you are not using OKTA, please set okta_client_api_token to disabled and okta_client_origin to disabled");
         }
     }
@@ -278,6 +279,8 @@ public void checkIDPProvider(Context ctx) {
             }
         }
         logger.debug("checkIDPProvider() finished");
+
+
     }
 
     private void initializeTokenExpirationTime(Context ctx) {

diff --git a/...ices/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/OktaAuthenticationService.java b/...ices/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/OktaAuthenticationService.java
@@ -30,6 +30,7 @@ public class OktaAuthenticationService {
     @Path("/authentication")
     public Response authenticate(@Context HttpHeaders httpHeaders, @Context UriInfo uriInfo) {
         if (StringUtils.isBlank(JAXRSConfiguration.oktaDomain) || StringUtils.isBlank(JAXRSConfiguration.oktaSessionApiToken)) {
+            logger.info("Okta Domain: " + JAXRSConfiguration.oktaDomain + " Okta Session API Token: " + JAXRSConfiguration.oktaSessionApiToken);
             return PICSUREResponse.error("OKTA is not configured");
         }