Polish logging in OAuth2ClientAuthenticationFilter

[gmazza]

Expected Behavior
This logging message in OAuth2ClientAuthenticationFilter.doFilterInternal():

if (this.logger.isTraceEnabled()) {
this.logger.trace(LogMessage.format("Client authentication failed: %s", ex.getError()), ex);
}

is critical for me, because I control both the auth server and clients, and I need to know if there is something wrong with the client's credentials. (It has turned out that passwords containing a percent symbol cannot be used as in client secrets, which may be another issue, but not the point of this ticket I'm creating.). For me, this would be an ERROR.

I lower the logging on just this class to trace so I can find out about any client credential problems, but the problem with that is that this class also logs at DEBUG
"Set SecurityContextHolder authentication to OAuth2ClientAuthenticationToken", 100,000's of times a day, something I don't need in the logs.

Recommend raising the Client authentication failed error message to at least INFO level, or something above the "Set SecurityContextHolder authentication..." message, so we can get the Client authentication failed messages without getting bombarded with the other message.

Client authentication failing is a frequently critical issue, and if the calls fail without that message users are frequently clueless where else the problem would be.

[jgrandja]

@gmazza I see your point. I'm not sure why we are logging "Set SecurityContextHolder authentication" as it doesn't seem that useful. I'm considering removing it. I'm assuming that will resolve your issue?

[gmazza]

@jgrandja That would!

[jgrandja]

@gmazza This would be an enhancement so it would only go into the next release 2.0, however, I can make an exception and also get it into 1.5.1. Does that work for you?

[gmazza]

@jgrandja Yes, that would, thanks!