feat(oauth2): improve logging with token name (#4638)

#4455

spring-boot-starter/starter-security/src/main/java/org/camunda/bpm/spring/boot/starter/security/oauth2/OAuth2Properties.java

@@ -45,7 +45,7 @@ public static class OAuth2SSOLogoutProperties {
     private boolean enabled = false;
 
     /**
-     * Enable SSO Logout. Default {@code {baseUrl}}.
+     * URI the user is redirected after SSO logout from the provider. Default {@code {baseUrl}}.
      */
     private String postLogoutRedirectUri = "{baseUrl}";
 

spring-boot-starter/starter-security/src/main/java/org/camunda/bpm/spring/boot/starter/security/oauth2/impl/AuthorizeTokenFilter.java

@@ -100,16 +100,17 @@ protected void authorizeToken(OAuth2AuthenticationToken token,
         }).build();
     // @formatter:on
 
+    var name = token.getName();
     try {
       var res = clientManager.authorize(authRequest);
       if (res == null || hasTokenExpired(res.getAccessToken())) {
-        logger.warn("Authorize failed: could not re-authorize expired access token");
+        logger.warn("Authorize failed for '{}': could not re-authorize expired access token", name);
         clearContext(request);
       } else {
-        logger.debug("Authorize successful, access token expiry: {}", res.getAccessToken().getExpiresAt());
+        logger.debug("Authorize successful for '{}', access token expiry: {}", name, res.getAccessToken().getExpiresAt());
       }
     } catch (OAuth2AuthorizationException e) {
-      logger.warn("Authorize failed: {}", e.getMessage());
+      logger.warn("Authorize failed for '{}': {}", name, e.getMessage());
       clearContext(request);
     }
   }

spring-boot-starter/starter-security/src/main/java/org/camunda/bpm/spring/boot/starter/security/oauth2/impl/SsoLogoutSuccessHandler.java

@@ -20,6 +20,8 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.camunda.bpm.spring.boot.starter.security.oauth2.OAuth2Properties;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@@ -31,6 +33,8 @@
  */
 public class SsoLogoutSuccessHandler extends OidcClientInitiatedLogoutSuccessHandler {
 
+  private static final Logger logger = LoggerFactory.getLogger(SsoLogoutSuccessHandler.class);
+
   public SsoLogoutSuccessHandler(ClientRegistrationRepository clientRegistrationRepository,
                                  OAuth2Properties oAuth2Properties) {
     super(clientRegistrationRepository);
@@ -40,7 +44,7 @@ public SsoLogoutSuccessHandler(ClientRegistrationRepository clientRegistrationRe
   @Override
   public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
       throws IOException, ServletException {
-    logger.debug("Initiating SSO logout with provider.");
+    logger.debug("Initiating SSO logout for '{}'", authentication.getName());
     super.onLogoutSuccess(request, response, authentication);
   }
 }