Merge "additional logging to support debugging auth issue" into milestone-proposed

2012-04-03 19:29:19 +00:00 · 2012-04-03 19:29:19 +00:00 · a05daf5f53
parent bc153d5ad9 4314ae6c03
commit a05daf5f53
1 changed files with 7 additions and 1 deletions
--- a/keystone/middleware/auth_token.py
+++ b/keystone/middleware/auth_token.py
@ -224,6 +224,7 @@ class AuthProtocol(object):
        if token:
            return token
        else:
+            LOG.warn("Unable to find authentication token in headers: %s", env)
            raise InvalidUserToken('Unable to find token in headers')

    def _reject_request(self, env, start_response):
@ -324,6 +325,7 @@ class AuthProtocol(object):
            assert token
            return token
        except (AssertionError, KeyError):
+            LOG.warn("Unexpected response from keystone service: %s", data)
            raise ServiceError('invalid json response')

    def _validate_user_token(self, user_token, retry=True):
@ -354,9 +356,10 @@ class AuthProtocol(object):
            # FIXME(ja): I'm assuming the 404 status means that user_token is
            #            invalid - not that the admin_token is invalid
            self._cache_store_invalid(user_token)
+            LOG.warn("Authorization failed for token %s", user_token)
            raise InvalidUserToken('Token authorization failed')
        if response.status == 401:
-            LOG.info('Keystone rejected admin token, resetting')
+            LOG.info('Keystone rejected admin token %s, resetting', headers)
            self.admin_token = None
        else:
            LOG.error('Bad response code while validating token: %s' %
@ -365,6 +368,9 @@ class AuthProtocol(object):
            LOG.info('Retrying validation')
            return self._validate_user_token(user_token, False)
        else:
+            LOG.warn("Invalid user token: %s. Keystone response: %s.",
+                     user_token, data)
+
            raise InvalidUserToken()

    def _build_user_headers(self, token_info):