debugging

openshift · Apr 23, 2024 · 2ca2824 · 2ca2824
1 parent 34ad1f1
commit 2ca2824
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 2 deletions.
diff --git a/cmd/agentbasedinstaller/client/main.go b/cmd/agentbasedinstaller/client/main.go
@@ -133,7 +133,7 @@ func main() {
 			log.WithError(err).Fatalf(msg, args...)
 		}
 	}
-	failOnError(err, "failed to create authenticator")
+	failOnError(err, "failed to create agent authenticator")
 
 	h, err := restapi.Handler(restapi.Config{
 		AuthAgentAuth:       authHandler.AuthAgentAuth,

diff --git a/cmd/main.go b/cmd/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"bytes"
 	"context"
 	"encoding/json"
 	"flag"
@@ -289,6 +290,12 @@ func main() {
 	usageManager := usage.NewManager(log, notificationStream)
 	ocmClient := getOCMClient(log)
 
+	logrus.Infof("******* AuthType = %s", Options.Auth.AuthType)
+
+	logrus.Infof("******* ECPublicKeyPEM:\n%s", Options.Auth.ECPublicKeyPEM)
+	runeCount := len(bytes.Runes([]byte(Options.Auth.ECPublicKeyPEM)))
+	logrus.Infof("******* Length of ECPublicKeyPEM = %d", runeCount)
+
 	authHandler, err := auth.NewAuthenticator(&Options.Auth, ocmClient, log.WithField("pkg", "auth"), db)
 	failOnError(err, "failed to create authenticator")
 	authzHandler := auth.NewAuthzHandler(&Options.Auth, ocmClient, log.WithField("pkg", "authz"), db)

diff --git a/pkg/auth/agent_local_authenticator.go b/pkg/auth/agent_local_authenticator.go
@@ -60,6 +60,7 @@ func (a *AgentLocalAuthenticator) EnableOrgBasedFeatureGates() bool {
 }
 
 func (a *AgentLocalAuthenticator) AuthAgentAuth(token string) (interface{}, error) {
+	a.log.Infof(" **** token = %s, public key = %s", token, a.publicKey)
 	t, err := validateToken(token, a.publicKey)
 	if err != nil {
 		a.log.WithError(err).Error("failed to validate token")
@@ -73,6 +74,7 @@ func (a *AgentLocalAuthenticator) AuthAgentAuth(token string) (interface{}, erro
 	}
 
 	infraEnvID, infraEnvOk := claims[string(gencrypto.InfraEnvKey)].(string)
+	logrus.Infof("infraEnvID=%s", infraEnvID)
 	if !infraEnvOk {
 		err := errors.Errorf("claims are incorrectly formatted")
 		a.log.Error(err)
@@ -89,7 +91,7 @@ func (a *AgentLocalAuthenticator) AuthAgentAuth(token string) (interface{}, erro
 				return nil, common.NewInfraError(http.StatusUnauthorized, err)
 			}
 		}
-		a.log.Debugf("Authenticating infraEnv %s JWT", infraEnvID)
+		a.log.Infof("Authenticating infraEnv %s JWT", infraEnvID)
 	}
 
 	return ocm.AdminPayload(), nil

diff --git a/pkg/auth/authenticator.go b/pkg/auth/authenticator.go
@@ -52,6 +52,7 @@ func NewAuthenticator(cfg *Config, ocmClient *ocm.Client, log logrus.FieldLogger
 	case TypeLocal:
 		a, err = NewLocalAuthenticator(cfg, log, db)
 	case TypeAgentLocal:
+		log.Infof("About to create %s authenticator", cfg.AuthType)
 		a, err = NewAgentLocalAuthenticator(cfg, log, db)
 	default:
 		err = fmt.Errorf("invalid authenticator type %v", cfg.AuthType)

diff --git a/pkg/auth/local_authenticator.go b/pkg/auth/local_authenticator.go
@@ -123,6 +123,8 @@ func (a *LocalAuthenticator) CreateAuthenticator() func(_, _ string, _ security.
 }
 
 func validateToken(token string, pub crypto.PublicKey) (*jwt.Token, error) {
+	logrus.Infof("**** token=%s", token)
+	logrus.Infof("****  pub=%s", pub)
 	parser := &jwt.Parser{ValidMethods: []string{jwt.SigningMethodES256.Alg()}}
 	parsed, err := parser.Parse(token, func(t *jwt.Token) (interface{}, error) { return pub, nil })