Use DEBUG to log invalid authorization header in OAuth2TokenExtractor (#5874)

ikhoon · web-flow · commit b91d432dc9df · 2024-09-24T11:26:39.000+09:00
Motivation:

Invalid authorization is a client error so there isn't much a server
maintainer can do. It seems better to use `DEBUG` to detect problems
during development. `WARN` could be noisy because it may be related to a
monitoring system.

Modifications:

- Use `DEBUG` to log an invalid authorization header.

Result:

An invalid authorization header is now logged at `DEBUG` by the OAuth2
token extractor.
diff --git a/core/src/main/java/com/linecorp/armeria/server/auth/OAuth2TokenExtractor.java b/core/src/main/java/com/linecorp/armeria/server/auth/OAuth2TokenExtractor.java
@@ -61,7 +61,7 @@ public OAuth2Token apply(RequestHeaders headers) {
 
         final Matcher matcher = AUTHORIZATION_HEADER_PATTERN.matcher(authorization);
         if (!matcher.matches()) {
-            logger.warn("Invalid authorization header: " + authorization);
+            logger.debug("Invalid authorization header: {}", authorization);
             return null;
         }
 

Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,7 @@ public OAuth2Token apply(RequestHeaders headers) {`
`61`	`61`
`62`	`62`	`final Matcher matcher = AUTHORIZATION_HEADER_PATTERN.matcher(authorization);`
`63`	`63`	`if (!matcher.matches()) {`
`64`		`- logger.warn("Invalid authorization header: " + authorization);`
	`64`	`+ logger.debug("Invalid authorization header: {}", authorization);`
`65`	`65`	`return null;`
`66`	`66`	`}`
`67`	`67`