UMA: Handle exceptions when requesting authorizations from keycloak

writer/src/main/java/com/opendatahub/timeseries/bdp/writer/writer/authz/Authorization.java

@@ -16,10 +16,13 @@
 import org.keycloak.representations.idm.authorization.AuthorizationRequest;
 import org.keycloak.representations.idm.authorization.Permission;
 import org.keycloak.representations.idm.authorization.ResourceRepresentation;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.cache.annotation.Cacheable;
 
 public class Authorization {
 	public static final String ATTRIBUTE_AUTHORIZATION = "bdp_authz";
+	private final static Logger log = LoggerFactory.getLogger(Authorization.class);
 
 	private AuthzClient authz;
 	private AuthorizationResource authzRes;
@@ -36,6 +39,11 @@ public boolean hasAnyAuthorization() {
 			authzRes.authorize();
 			return true;
 		} catch (AuthorizationDeniedException e) {
+			log.info("UMA: User does not have any relevant authorizations");
+			return false;
+		} catch (Exception e) {
+			log.error("UMA: Unexpected error getting user authorizations: {}", e.getMessage());
+			log.debug("Dumping stack trace", e);
 			return false;
 		}
 	}

writer/src/main/java/com/opendatahub/timeseries/bdp/writer/writer/authz/AuthorizeSyncStation.java

@@ -25,11 +25,13 @@ public class AuthorizeSyncStation {
 
     public static void authorize(HttpServletRequest req, String stationType, List<StationDto> dtos, boolean syncState,
             boolean onlyActivation) {
+
+        // First check if we are already authorized via other means. The presence of the attribute indicates we are not
         var authz = (Authorization) req.getAttribute(Authorization.ATTRIBUTE_AUTHORIZATION);
         if (authz == null) {
-            // User is already authorized via role
             return;
         }
+
         log.debug("Start authorizing station sync");
 
         var origins = dtos.stream()