igor/org.ccalm.jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed saving error markers, were confused with the error text, using another logger

Browse Source
This commit is contained in:
Igor I
2025-05-08 15:24:45 +05:00
parent de5263656e
commit 34019b4d0d
2 changed files with 56 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
src/main/java/org/ccalm/jwt/MainController.java
View File

@ -24,6 +24,9 @@ import net.logicsquad.nanocaptcha.image.renderer.DefaultWordRenderer;
import org.apache.commons.codec.digest.DigestUtils;
import org.json.JSONArray;
import org.json.JSONException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MarkerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DataAccessException;
@ -40,8 +43,6 @@ import org.springframework.web.context.ServletContextAware;
import org.json.JSONObject;
import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.commons.text.RandomStringGenerator;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import org.springframework.context.ApplicationContext;
@ -78,7 +79,7 @@ import org.springframework.transaction.annotation.Transactional;
@Controller
public class MainController implements ServletContextAware {
private static final Logger logger = LogManager.getLogger(MainController.class);
private static final Logger logger = LoggerFactory.getLogger(MainController.class);
@Value("${spring.application.name}")
String application_name = "";
@ -211,7 +212,7 @@ public class MainController implements ServletContextAware {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(spec);
} catch (Exception e) {
logger.error(e);
logger.error(e.getMessage());
}
return null;
}
@ -224,7 +225,7 @@ public class MainController implements ServletContextAware {
PublicKey key = keyFactory.generatePublic(spec);
return key;
} catch (Exception e) {
logger.error(e);
logger.error(e.getMessage());
}
return null;
}
@ -308,7 +309,7 @@ public class MainController implements ServletContextAware {
cache.set(token, userAgentHash, access_time);
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Internal_Server_Error"), null, true);
}
@ -320,12 +321,12 @@ public class MainController implements ServletContextAware {
} catch (CustomException e) {
if(e.isSaveToLog()) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -375,7 +376,7 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -415,12 +416,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(data, HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -478,12 +479,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(new ErrorResponseModel(200, 0), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -552,12 +553,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(ApiResponseData.success(data), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -613,12 +614,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -670,7 +671,7 @@ public class MainController implements ServletContextAware {
try {
jToken = new JSONObject(sToken);
} catch (JSONException e) {
logger.error(e);
logger.error(e.getMessage());
}
if(jToken==null) {
@ -766,12 +767,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(new ErrorResponseModel(200, 0,trt.trt(false, "The_verification_code_has_been_sent_to_your_email_address"),null), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -818,7 +819,7 @@ public class MainController implements ServletContextAware {
try {
jToken = new JSONObject(sToken);
} catch (JSONException e) {
logger.error(e);
logger.error(e.getMessage());
}
if(jToken==null) {
@ -924,12 +925,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -985,12 +986,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1087,7 +1088,7 @@ public class MainController implements ServletContextAware {
}
}catch (DataAccessException ex){
String uuid = UUID.randomUUID().toString();
logger.error(uuid,ex);
logger.error(MarkerFactory.getMarker(uuid),ex.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Internal_Server_Error"),uuid,true);
}
if(json==null) {
@ -1099,7 +1100,7 @@ public class MainController implements ServletContextAware {
msglist.add(trt.trt(false, "Authorization_attempts_s_out_of_s"));
parlist.add(attempt_count+";"+attempt_limit+";");
}
logger.warn("Failed password for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
//logger.warn("Failed password for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
throw new CustomException(200, 10000, msglist, parlist, null,false);
}
@ -1132,7 +1133,7 @@ public class MainController implements ServletContextAware {
String str = String.valueOf(attempt_count);
errorSettings.add(str + ";" + String.valueOf(attempt_limit) + ";");
}
logger.warn("Failed TOTP for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
//logger.warn("Failed TOTP for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
throw new CustomException(200, 10012, errorMessages, errorSettings, (String)null,false);
}
@ -1146,7 +1147,7 @@ public class MainController implements ServletContextAware {
String str = String.valueOf(attempt_count);
errorSettings.add(str + ";" + String.valueOf(attempt_limit) + ";");
}
logger.warn("Failed TOTP for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
//logger.warn("Failed TOTP for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
throw new CustomException(200, 10000, errorMessages, errorSettings, (String)null,false);
}
@ -1174,7 +1175,7 @@ public class MainController implements ServletContextAware {
}
}catch (Exception ex){
String uuid = UUID.randomUUID().toString();
logger.error(uuid,ex);
logger.error(MarkerFactory.getMarker(uuid),ex.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Error_executing_SQL_query"),uuid,false);
}
@ -1272,12 +1273,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1310,11 +1311,11 @@ public class MainController implements ServletContextAware {
}
}catch (DataAccessException ex){
java.lang.String uuid = UUID.randomUUID().toString();
logger.error(uuid, ex);
logger.error(MarkerFactory.getMarker(uuid), ex.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Internal_Server_Error"),uuid,false);
}catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
logger.error(MarkerFactory.getMarker(uuid),e.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Internal_Server_Error"),uuid,false);
}
@ -1408,7 +1409,7 @@ public class MainController implements ServletContextAware {
}
}catch (DataAccessException ex){
String uuid = UUID.randomUUID().toString();
logger.error(uuid,ex);
logger.error(MarkerFactory.getMarker(uuid),ex.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Error_executing_SQL_query"),uuid,false);
}
if(json==null) {
@ -1420,7 +1421,7 @@ public class MainController implements ServletContextAware {
msglist.add(trt.trt(false, "Authorization_attempts_s_out_of_s"));
parlist.add(attempt_count+";"+attempt_limit+";");
}
logger.warn("Failed password for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
//logger.warn("Failed password for {} from {} port {}", loginModel.getLogin(), ipAddress, 443); //Сохраняю в лог ошибку авторизации для последующего анализа Wazuh
throw new CustomException(200, 10000, msglist, parlist, null,false);
}
@ -1461,7 +1462,7 @@ public class MainController implements ServletContextAware {
int cnt = jdbcTemplate.update(sql, parameters);
}catch (DataAccessException ex){
String uuid = UUID.randomUUID().toString();
logger.error(uuid,ex);
logger.error(MarkerFactory.getMarker(uuid),ex.getMessage());
throw new CustomException(500, 10000, trt.trt(false, "Error_executing_SQL_query"),uuid,false);
}
@ -1480,12 +1481,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1588,12 +1589,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1648,7 +1649,7 @@ public class MainController implements ServletContextAware {
int cnt = jdbcTemplate.update(sql, parameters);
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
logger.error(MarkerFactory.getMarker(uuid),e.getMessage());
return createHTMLError(10000,trt.trt(false, "Internal_Server_Error"));
}
return createHTMLError(0,trt.trt(false, "The_password_has_been_changed_and_you_have_been_redirected_to_the_main_page"));
@ -1744,12 +1745,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(createStrJSONError(0, trt.trt(false,"A_recovery_link_has_been_sent_to_your_email"),(String)null,(String)null), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1845,12 +1846,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}
@ -1909,12 +1910,12 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(new ErrorResponseModel(200, 0), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
logger.error(MarkerFactory.getMarker(e.getErrorMarker()), e.getMessage());
}
return new ResponseEntity<>(e.getErrorResponseModel(), getHttpStatus(e.getHttpCode()));
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
logger.error(MarkerFactory.getMarker(uuid), e.getMessage());
return new ResponseEntity<>(new ErrorResponseModel(500, 10000, trt.trt(false,"Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
}
}

15
src/main/resources/logback-spring.xml
View File

@ -1,17 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<!-- Please check if the user has access to the directory from which the application is being executed -->
<property name="LOGS" value="logs" />
<springProperty scope="context" name="appName" source="spring.application.name"/>
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${LOGS}/${appName}.log</file>
<encoder>
<pattern>{"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}","thread":"[%thread]","level":"%level","logger":"%logger{36}","marker":"%X{marker}","message":"%msg"}%n</pattern>
<pattern>
{"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'}","thread":"[%thread]","level":"%level","logger":"%logger{36}","marker":"%marker","message":"%msg","exception":"%ex"}%n
</pattern>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${LOGS}/${appName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
@ -24,15 +22,16 @@
<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'} | %level | %logger{36} | %X{marker} | %msg%n</pattern>
<pattern>
%d{yyyy-MM-dd'T'HH:mm:ss.SSS'Z'} | %level | %logger{36} | %marker | %msg%n
</pattern>
</encoder>
</appender>
<root level="info">
<!--root level="warn"-->
<root level="info">
<appender-ref ref="FILE" />
<appender-ref ref="CONSOLE" />
</root>
</configuration>