This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit f499197c3ae9459ab4e285f9091644cbb825e6e3
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Fri Jul 27 12:20:28 2018 +0100
Improve logging when the audience restriction fails
(cherry picked from commit fbbd85c9c4efb9a57a8d26b90ef475f651ab9b66)
---
.../apache/cxf/rs/security/oauth2/services/AccessTokenService.java | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
index fc31db8..5ac6340 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
@@ -154,7 +154,9 @@ public class AccessTokenService extends
AbstractTokenService {
protected void checkAudience(Client c, MultivaluedMap<String, String>
params) {
String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE);
if (!OAuthUtils.validateAudience(audienceParam,
c.getRegisteredAudiences())) {
- LOG.fine("Error validating the audience parameter");
+ LOG.log(Level.FINE, "Error validating the audience parameter.
Supplied audience {0} "
+ + "does not match with the registered audiences {1}",
+ new Object[] {audienceParam, c.getRegisteredAudiences() });
throw new OAuthServiceException(new
OAuthError(OAuthConstants.ACCESS_DENIED));
}
