diff --git a/authenticators/idtoken.go b/authenticators/idtoken.go index 3e58d3df..9afa1dcc 100644 --- a/authenticators/idtoken.go +++ b/authenticators/idtoken.go @@ -24,7 +24,7 @@ func (s *IDTokenAuthenticator) AuthenticateRequest(r *http.Request) (*authentica // get id-token from header bearer := common.GetBearerToken(r.Header.Get(s.Header)) if len(bearer) == 0 { - logger.Info("No bearer token found") + logger.Debug("No bearer token found") return nil, false, nil } diff --git a/authenticators/jwt.go b/authenticators/jwt.go index a6abec0a..778efc27 100644 --- a/authenticators/jwt.go +++ b/authenticators/jwt.go @@ -37,7 +37,7 @@ func (s *JWTTokenAuthenticator) AuthenticateRequest(r *http.Request) (*authentic // Get JWT access token from header bearer := common.GetBearerToken(r.Header.Get(s.Header)) if len(bearer) == 0 { - logger.Info("No bearer token found") + logger.Debug("No bearer token found") return nil, false, nil } diff --git a/authenticators/opaque.go b/authenticators/opaque.go index bb5fe6ba..fde9923c 100644 --- a/authenticators/opaque.go +++ b/authenticators/opaque.go @@ -26,7 +26,7 @@ func (s *OpaqueTokenAuthenticator) AuthenticateRequest(r *http.Request) (*authen // get id-token from header bearer := common.GetBearerToken(r.Header.Get(s.Header)) if len(bearer) == 0 { - logger.Info("No bearer token found") + logger.Debug("No bearer token found") return nil, false, nil } diff --git a/common/settings.go b/common/settings.go index 5706bbce..78661e87 100644 --- a/common/settings.go +++ b/common/settings.go @@ -169,7 +169,7 @@ func validAccessTokenAuthn(AccessTokenAuthnEnabledEnv bool, AccessTokenAuthnEnv return true } - log.Info("Please select exactly one of the supported options: " + + log.Warn("Please select exactly one of the supported options: " + "i) jwt: to enable the JWT access token authentication method, " + "ii) opaque: to enable the opaque access token authentication method") @@ -186,7 +186,7 @@ func validSessionStoreType(SessionStoreType string) (bool){ return true } - log.Info("Please select exactly one of the options: " + + log.Warn("Please select exactly one of the options: " + "i) boltdb: to select the BoltDB supported session store, " + "ii) redis: to select the Redis supported session store") diff --git a/server.go b/server.go index 6cda17a2..d439e88e 100644 --- a/server.go +++ b/server.go @@ -184,12 +184,12 @@ func (s *server) tryAuthenticators(w http.ResponseWriter, r *http.Request, promp if userInfo != nil { logger.Infof("Successfully authenticated request using the cache.") - logger.Infof("UserInfo: %+v", userInfo) + logger.Debugf("UserInfo: %+v", userInfo) return userInfo, true } } - logger.Infof("%s starting...", strings.Title(authenticatorsMapping[i])) + logger.Debugf("%s starting...", strings.Title(authenticatorsMapping[i])) resp, found, err := auth.AuthenticateRequest(r) if err != nil { logger.Errorf("Error authenticating request using %s: %v", authenticatorsMapping[i], err) @@ -215,11 +215,14 @@ func (s *server) tryAuthenticators(w http.ResponseWriter, r *http.Request, promp if found { logger.Infof("Successfully authenticated request using %s", authenticatorsMapping[i]) userInfo = resp.User - logger.Infof("UserInfo: %+v", userInfo) + logger.Debugf("UserInfo: %+v", userInfo) if s.cacheEnabled && cacheKey != "" && promptLogin { - // If cache is enabled and the current authenticator is Cacheable, store the UserInfo to cache. - logger.Infof("Caching authenticated UserInfo...") + // If cache is enabled and the current + // authenticator is Cacheable, store the UserInfo + // to cache. + + logger.Debugf("Caching authenticated UserInfo...") s.bearerUserInfoCache.Set(cacheKey, userInfo, time.Duration(s.cacheExpirationMinutes)*time.Minute) } return userInfo, true @@ -292,14 +295,14 @@ func (s *server) getCachedUser(auth authenticators.AuthenticatorRequest, r *http cachedUserInfo, found := s.bearerUserInfoCache.Get(cacheKey) if found { userInfo := cachedUserInfo.(user.Info) - logger.Infof("Found Cached UserInfo: %+v", userInfo) + logger.Debugf("Found Cached UserInfo: %+v", userInfo) return userInfo, cacheKey } return nil, cacheKey } } - logger.Info("The UserInfo is not cached.") + logger.Debug("The UserInfo is not cached.") return nil, "" } @@ -551,7 +554,7 @@ func (s *server) whitelistMiddleware(whitelist []string, isReady *abool.AtomicBo // Check whitelist for _, prefix := range whitelist { if strings.HasPrefix(path, prefix) { - logger.Infof("URI is whitelisted. Accepted without authorization.") + logger.Debugf("URI is whitelisted. Accepted without authorization.") if verify { w.WriteHeader(http.StatusNoContent) } else { diff --git a/sessions/session.go b/sessions/session.go index c0821d36..f200026c 100644 --- a/sessions/session.go +++ b/sessions/session.go @@ -65,15 +65,15 @@ func SessionFromRequest(r *http.Request, store sessions.Store, cookie, if sessionID != "" { s, err := SessionFromID(sessionID, store) if err == nil && !s.IsNew { - logger.Infof("Loading session from header %s", header) + logger.Debugf("Loading session from header %s", header) // Authentication using header successfully completed authMethod = "header" return s, authMethod, nil } - logger.Infof("Header %s didn't contain a valid session id: %v", header, err) + logger.Debugf("Header %s didn't contain a valid session id: %v", header, err) } // Header failed, try to get session from cookie - logger.Infof("Loading session from cookie %s", cookie) + logger.Debugf("Loading session from cookie %s", cookie) s, err := store.Get(r, cookie) if err == nil && !s.IsNew { authMethod = "cookie"