SAML: make loggin of attirbutes configurable

LEDfan · LEDfan · commit 97713629bb5f · 2021-01-15T11:55:41.000+01:00
diff --git a/src/main/java/eu/openanalytics/containerproxy/auth/impl/saml/SAMLConfiguration.java b/src/main/java/eu/openanalytics/containerproxy/auth/impl/saml/SAMLConfiguration.java
@@ -342,15 +342,19 @@ public SAMLAuthenticationProvider samlAuthenticationProvider() {
 	    	public Object loadUserBySAML(SAMLCredential credential) throws UsernameNotFoundException {
 				List<Attribute> attributes = credential.getAttributes();
 
-				String userID = credential.getNameID().getValue();
-				attributes.forEach((attribute) -> {
-					log.info(String.format("[SAML] User: %s => found Attribute with name : %s (%s) and value %s - %s",
-							userID,
-							attribute.getName(),
-							attribute.getFriendlyName(),
-							credential.getAttributeAsString(attribute.getName()),
-							String.join(", ", credential.getAttributeAsStringArray(attribute.getName()))));
-				});
+				if (Boolean.parseBoolean(environment.getProperty("proxy.saml.log-attributes", "false"))) {
+					// don't use nameValue from below so that in the case this attribute isn't correctly setup,
+					// we can still log the attribtues (and the correct attribute can be found)
+					String userID = credential.getNameID().getValue();
+					attributes.forEach((attribute) -> {
+						log.info(String.format("[SAML] User: \"%s\" => attribute => name=\"%s\"(\"%s\") => value \"%s\" - \"%s\"",
+								userID,
+								attribute.getName(),
+								attribute.getFriendlyName(),
+								credential.getAttributeAsString(attribute.getName()),
+								String.join(", ", credential.getAttributeAsStringArray(attribute.getName()))));
+					});
+				}
 
 				String nameAttribute = environment.getProperty("proxy.saml.name-attribute", DEFAULT_NAME_ATTRIBUTE);
 				String nameValue = credential.getAttributeAsString(nameAttribute);
