From aa8bd17c91ba76b493ce51cd9adaba9427dc4483 Mon Sep 17 00:00:00 2001
From: Jon Marius Venstad <venstad@gmail.com>
Date: Fri, 18 Feb 2022 08:13:47 +0100
Subject: Debug log when signed requests fail to verify

---
 .../main/java/ai/vespa/hosted/api/RequestVerifier.java  | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'hosted-api/src/main')

diff --git a/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java b/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java
index 7cfbee44730..8f1ffe9d4bb 100644
--- a/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java
+++ b/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java
@@ -3,6 +3,7 @@ package ai.vespa.hosted.api;
 
 import com.yahoo.security.KeyUtils;
 import com.yahoo.security.SignatureUtils;
+import com.yahoo.yolean.Exceptions;
 
 import java.net.URI;
 import java.security.PublicKey;
@@ -12,8 +13,11 @@ import java.time.Clock;
 import java.time.Duration;
 import java.time.Instant;
 import java.util.Base64;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA;
+import static java.util.logging.Level.INFO;
 
 /**
  * Verifies that signed HTTP requests match the indicated public key.
@@ -22,6 +26,8 @@ import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA;
  */
 public class RequestVerifier {
 
+    private static final Logger log = Logger.getLogger(RequestVerifier.class.getName());
+
     private final Signature verifier;
     private final Clock clock;
 
@@ -45,14 +51,21 @@ public class RequestVerifier {
     public boolean verify(Method method, URI requestUri, String timestamp, String contentHash, String signature) {
         try {
             Instant now = clock.instant(), then = Instant.parse(timestamp);
-            if (Duration.between(now, then).abs().compareTo(Duration.ofMinutes(5)) > 0)
+            if (Duration.between(now, then).abs().compareTo(Duration.ofMinutes(5)) > 0) {
+                log.log(INFO, () -> "Rejecting request due to timestamp mismatch of " + Duration.between(now, then));
                 return false; // Timestamp mismatch between sender and receiver of more than 5 minutes is not acceptable.
+            }
 
             byte[] canonicalMessage = Signatures.canonicalMessageOf(method.name(), requestUri, timestamp, contentHash);
             verifier.update(canonicalMessage);
-            return verifier.verify(Base64.getDecoder().decode(signature));
+            if (verifier.verify(Base64.getDecoder().decode(signature)))
+                return true;
+
+            log.log(INFO, () -> "Rejecting request because of signature mismatch");
+            return false;
         }
         catch (RuntimeException | SignatureException e) {
+            log.log(INFO, () -> "Exception verifying request: " + Exceptions.toMessageString(e));
             return false;
         }
     }
-- 
cgit v1.2.3