From 4314ae6c038b96c080dfd13938678e358e5574e7 Mon Sep 17 00:00:00 2001 From: Joe Heck Date: Fri, 30 Mar 2012 22:04:16 -0700 Subject: [PATCH] additional logging to support debugging auth issue fixes bug 969801 Change-Id: Iaf752e5f3692c91030cfd8575114f2c3293d1dba --- keystone/middleware/auth_token.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/keystone/middleware/auth_token.py b/keystone/middleware/auth_token.py index 44cee377c2..4e3a629aa5 100644 --- a/keystone/middleware/auth_token.py +++ b/keystone/middleware/auth_token.py @@ -224,6 +224,7 @@ class AuthProtocol(object): if token: return token else: + LOG.warn("Unable to find authentication token in headers: %s", env) raise InvalidUserToken('Unable to find token in headers') def _reject_request(self, env, start_response): @@ -324,6 +325,7 @@ class AuthProtocol(object): assert token return token except (AssertionError, KeyError): + LOG.warn("Unexpected response from keystone service: %s", data) raise ServiceError('invalid json response') def _validate_user_token(self, user_token, retry=True): @@ -354,9 +356,10 @@ class AuthProtocol(object): # FIXME(ja): I'm assuming the 404 status means that user_token is # invalid - not that the admin_token is invalid self._cache_store_invalid(user_token) + LOG.warn("Authorization failed for token %s", user_token) raise InvalidUserToken('Token authorization failed') if response.status == 401: - LOG.info('Keystone rejected admin token, resetting') + LOG.info('Keystone rejected admin token %s, resetting', headers) self.admin_token = None else: LOG.error('Bad response code while validating token: %s' % @@ -365,6 +368,9 @@ class AuthProtocol(object): LOG.info('Retrying validation') return self._validate_user_token(user_token, False) else: + LOG.warn("Invalid user token: %s. Keystone response: %s.", + user_token, data) + raise InvalidUserToken() def _build_user_headers(self, token_info):