diff --git a/controller/app/modules/OnRequestHandler.java b/controller/app/modules/OnRequestHandler.java
index 9dc4a58ffb55d026f2245f39d3a928a8f2b8df3c..b02a02fb23b7bc2e7442f86abfe079dce38f446f 100644
--- a/controller/app/modules/OnRequestHandler.java
+++ b/controller/app/modules/OnRequestHandler.java
@@ -53,6 +53,9 @@ public class OnRequestHandler implements ActionCreator {
request.getHeaders();
CompletionStage<Result> result = checkForServiceHealth(request);
if (result != null) return result;
+ logger.info("**learner request :"+request);
+ logger.info("**learner request header :"+request.getHeaders().toMap());
+ logger.info("**learner request body :"+request.body().asJson());
// From 3.0.0 checking user access-token and managed-by from the request header
Map userAuthentication = RequestInterceptor.verifyRequestData(request);
String message = (String) userAuthentication.get(JsonKey.USER_ID);
diff --git a/controller/app/util/RequestInterceptor.java b/controller/app/util/RequestInterceptor.java
index 66d40069612bef1b7c80679fa6484c95f870c8fe..1c827477392c8aadbecd9ea0c15282e0b212debc 100644
--- a/controller/app/util/RequestInterceptor.java
+++ b/controller/app/util/RequestInterceptor.java
@@ -131,6 +131,7 @@ public class RequestInterceptor {
// The API must be invoked with either access token or client token.
if (accessToken.isPresent()) {
clientId = AccessTokenValidator.verifyUserToken(accessToken.get());
+ logger.info("**learner accesstoken verified :" + clientId);
if (!JsonKey.USER_UNAUTH_STATES.contains(clientId)) {
// Now we have some valid token, next verify if the token is matching the request.
String requestedForUserID = getUserRequestedFor(request);
@@ -148,11 +149,13 @@ public class RequestInterceptor {
} else {
clientId = JsonKey.UNAUTHORIZED;
}
+ logger.info("**learner managed accesstoken verified :" + clientId);
}
} else {
logger.debug("Ignoring x-authenticated-for token...");
}
}
+ logger.info("**learner added userid to userAuthentication :" + clientId);
userAuthentication.put(JsonKey.USER_ID, clientId);
userAuthentication.put(JsonKey.MANAGED_FOR, managedForId);
}
@@ -175,6 +178,7 @@ public class RequestInterceptor {
userAuthentication.put(JsonKey.USER_ID, JsonKey.ANONYMOUS);
}
}
+ logger.info("**learner userAuthentication :" + userAuthentication.toString());
return userAuthentication;
}
diff --git a/core/platform-common/src/main/java/org/sunbird/auth/verifier/AccessTokenValidator.java b/core/platform-common/src/main/java/org/sunbird/auth/verifier/AccessTokenValidator.java
index 7805eb14138b1c9d9aac18b78b7da69cefa7a05a..9be5d113079681a94eb43d9554f6b6ac5d13db2a 100755
--- a/core/platform-common/src/main/java/org/sunbird/auth/verifier/AccessTokenValidator.java
+++ b/core/platform-common/src/main/java/org/sunbird/auth/verifier/AccessTokenValidator.java
@@ -25,12 +25,15 @@ public class AccessTokenValidator {
Map<Object, Object> headerData =
mapper.readValue(new String(decodeFromBase64(header)), Map.class);
String keyId = headerData.get("kid").toString();
+ logger.info("**learner calling accesstoken verifyRSASign()");
boolean isValid =
CryptoUtil.verifyRSASign(
payLoad,
decodeFromBase64(signature),
KeyManager.getPublicKey(keyId).getPublicKey(),
JsonKey.SHA_256_WITH_RSA);
+
+ logger.info("**learner accesstoken verifyRSASign() :" + isValid);
if (isValid) {
Map<String, Object> tokenBody =
mapper.readValue(new String(decodeFromBase64(body)), Map.class);
@@ -38,6 +41,7 @@ public class AccessTokenValidator {
if (isExp) {
return Collections.EMPTY_MAP;
}
+ logger.info("**learner accesstoken validated token tokenBody :" + tokenBody);
return tokenBody;
}
return Collections.EMPTY_MAP;
@@ -86,6 +90,8 @@ public class AccessTokenValidator {
String userId = JsonKey.UNAUTHORIZED;
try {
Map<String, Object> payload = validateToken(token);
+
+ logger.info("learner accesstoken validateToken() :" + payload.toString());
if (MapUtils.isNotEmpty(payload) && checkIss((String) payload.get("iss"))) {
userId = (String) payload.get(JsonKey.SUB);
if (StringUtils.isNotBlank(userId)) {