From 88e34249d1da4831033af490a53636cc60dcd813 Mon Sep 17 00:00:00 2001
From: Sergey Beryozkin <sberyozkin@gmail.com>
Date: Fri, 15 Nov 2024 16:55:36 +0000
Subject: [PATCH] Add claimTypeMismatch log message

---
 .../jwt/auth/principal/DefaultJWTCallerPrincipal.java  | 10 +++++++---
 .../smallrye/jwt/auth/principal/PrincipalLogging.java  |  4 ++++
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTCallerPrincipal.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTCallerPrincipal.java
index cef77b40..d57980d2 100644
--- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTCallerPrincipal.java
+++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTCallerPrincipal.java
@@ -28,7 +28,8 @@
 import io.smallrye.jwt.JsonUtils;
 
 /**
- * A default implementation of JWTCallerPrincipal that wraps the jose4j JwtClaims.
+ * A default implementation of JWTCallerPrincipal that wraps the jose4j
+ * JwtClaims.
  *
  * @see JwtClaims
  */
@@ -36,7 +37,8 @@ public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal {
     private final JwtClaims claimsSet;
 
     /**
-     * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the extracted principal name
+     * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the
+     * extracted principal name
      *
      * @param rawToken - raw token value
      * @param tokenType - token type
@@ -115,7 +117,9 @@ protected Object getClaimValue(String claimName) {
                         claim = 0L;
                     }
                 } catch (MalformedClaimException e) {
-                    PrincipalLogging.log.getGroupsFailure(claimName, e);
+                    Object value = claimsSet.getClaimValue(claimType.name());
+                    PrincipalLogging.log.claimTypeMismatch(claimName, claimType.getType().getSimpleName(),
+                            value.getClass().getSimpleName());
                 }
                 break;
             case groups:
diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/PrincipalLogging.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/PrincipalLogging.java
index d0c90dd7..8db5d77c 100644
--- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/PrincipalLogging.java
+++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/PrincipalLogging.java
@@ -193,4 +193,8 @@ interface PrincipalLogging extends BasicLogger {
     @Message(id = 8044, value = "Encrypted token headers must contain a content type header")
     void encryptedTokenMissingContentType();
 
+    @LogMessage(level = Logger.Level.DEBUG)
+    @Message(id = 8045, value = "Claim %s's value type is expected to be %s but it is %s")
+    void claimTypeMismatch(String claimName, String expectedType, String actualType);
+
 }