androidlover5842/TrisolarisServer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add optional auth debug response header
All checks were successful
build-and-deploy / build-deploy (push) Successful in 27s
Details

Browse Source
This commit is contained in:
androidlover5842
2026-01-27 02:11:24 +05:30
parent d32c89d768
commit 3f05484498
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/kotlin/com/android/trisolarisserver/security/FirebaseAuthFilter.kt
View File

@@ -30,9 +30,17 @@ class FirebaseAuthFilter(
response: HttpServletResponse, response: HttpServletResponse,
filterChain: FilterChain filterChain: FilterChain
) { ) {
val debug = request.getHeader("X-Debug-Auth") == "1"
fun setDebug(value: String) {
if (debug) {
response.setHeader("X-Auth-Debug", value)
logger.info("Auth debug: {} {} -> {}", request.method, request.requestURI, value)
}
}
val header = request.getHeader(HttpHeaders.AUTHORIZATION) val header = request.getHeader(HttpHeaders.AUTHORIZATION)
if (header.isNullOrBlank() || !header.startsWith("Bearer ")) { if (header.isNullOrBlank() || !header.startsWith("Bearer ")) {
logger.debug("Auth missing/invalid header for {}", request.requestURI) logger.debug("Auth missing/invalid header for {}", request.requestURI)
setDebug(if (header.isNullOrBlank()) "missing_authorization" else "invalid_authorization")
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Missing Authorization token") response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Missing Authorization token")
return return
} }
@@ -41,7 +49,10 @@ class FirebaseAuthFilter(
val decoded = FirebaseAuth.getInstance().verifyIdToken(token) val decoded = FirebaseAuth.getInstance().verifyIdToken(token)
val firebaseUid = decoded.uid val firebaseUid = decoded.uid
val user = appUserRepo.findByFirebaseUid(firebaseUid) val user = appUserRepo.findByFirebaseUid(firebaseUid)
?: throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found") ?: run {
setDebug("user_not_found")
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
}
logger.debug("Auth verified uid={}, userId={}", firebaseUid, user.id) logger.debug("Auth verified uid={}, userId={}", firebaseUid, user.id)
val principal = MyPrincipal( val principal = MyPrincipal(
@@ -50,9 +61,11 @@ class FirebaseAuthFilter(
) )
val auth = UsernamePasswordAuthenticationToken(principal, token, emptyList()) val auth = UsernamePasswordAuthenticationToken(principal, token, emptyList())
SecurityContextHolder.getContext().authentication = auth SecurityContextHolder.getContext().authentication = auth
setDebug("ok:userId=${principal.userId},superAdmin=${user.superAdmin}")
filterChain.doFilter(request, response) filterChain.doFilter(request, response)
} catch (ex: Exception) { } catch (ex: Exception) {
logger.debug("Auth failed for {}: {}", request.requestURI, ex.message) logger.debug("Auth failed for {}: {}", request.requestURI, ex.message)
setDebug("verify_failed")
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid token") response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid token")
} }
} }