This is an automated email from the ASF dual-hosted git repository.
adutra pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new a0f3f0d8a JWTBroker: move error message (#2330)
a0f3f0d8a is described below
commit a0f3f0d8acfc33d5208c93fb549c4fe2e3d1e4fc
Author: Alexandre Dutra <adu...@apache.org>
AuthorDate: Wed Aug 13 12:25:33 2025 +0200
JWTBroker: move error message (#2330)
This change moves the `LOGGER.error` call when a token cannot be verified
from `verify()` to `generateFromToken()`.
On the token generation path, this should be a no-op; however, on the
authentication path, this log message was excessive, especially when using
mixed authentication since a failure to decode a token is perfectly normal when
the token is from an external IDP.
---
.../src/main/java/org/apache/polaris/service/auth/JWTBroker.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git
a/runtime/service/src/main/java/org/apache/polaris/service/auth/JWTBroker.java
b/runtime/service/src/main/java/org/apache/polaris/service/auth/JWTBroker.java
index 48d5735a1..c591ca123 100644
---
a/runtime/service/src/main/java/org/apache/polaris/service/auth/JWTBroker.java
+++
b/runtime/service/src/main/java/org/apache/polaris/service/auth/JWTBroker.java
@@ -89,8 +89,8 @@ public abstract class JWTBroker implements TokenBroker {
};
} catch (JWTVerificationException e) {
- LOGGER.error("Failed to verify the token with error", e);
- throw new NotAuthorizedException("Failed to verify the token");
+ throw (NotAuthorizedException)
+ new NotAuthorizedException("Failed to verify the
token").initCause(e);
}
}
@@ -115,6 +115,7 @@ public abstract class JWTBroker implements TokenBroker {
try {
decodedToken = verify(subjectToken);
} catch (NotAuthorizedException e) {
+ LOGGER.error("Failed to verify the token", e.getCause());
return new TokenResponse(Error.invalid_client);
}
EntityResult principalLookup =
