From 80ce5af12a7b11eed614ea942a0a979185db5930 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Pfeuffer?= <rene.pfeuffer@cloudogu.com>
Date: Fri, 30 Nov 2018 17:25:53 +0100
Subject: [PATCH] Log token refresh

---
 .../sonia/scm/web/security/TokenRefreshFilter.java    | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/scm-webapp/src/main/java/sonia/scm/web/security/TokenRefreshFilter.java b/scm-webapp/src/main/java/sonia/scm/web/security/TokenRefreshFilter.java
index 827aaafa6d..6177b0251b 100644
--- a/scm-webapp/src/main/java/sonia/scm/web/security/TokenRefreshFilter.java
+++ b/scm-webapp/src/main/java/sonia/scm/web/security/TokenRefreshFilter.java
@@ -1,6 +1,8 @@
 package sonia.scm.web.security;
 
 import org.apache.shiro.authc.AuthenticationToken;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import sonia.scm.Priority;
 import sonia.scm.filter.Filters;
 import sonia.scm.filter.WebElement;
@@ -26,6 +28,8 @@ import java.util.Set;
   morePatterns = { Filters.PATTERN_DEBUG })
 public class TokenRefreshFilter extends HttpFilter {
 
+  private static final Logger LOG = LoggerFactory.getLogger(TokenRefreshFilter.class);
+
   private final Set<WebTokenGenerator> tokenGenerators;
   private final AccessTokenCookieIssuer cookieIssuer;
   private final JwtAccessTokenRefresher refresher;
@@ -48,12 +52,17 @@ public class TokenRefreshFilter extends HttpFilter {
       AccessToken accessToken = resolver.resolve((BearerToken) token);
       if (accessToken instanceof JwtAccessToken) {
         refresher.refresh((JwtAccessToken) accessToken)
-          .ifPresent(jwtAccessToken -> issuer.authenticate(request, response, jwtAccessToken));
+          .ifPresent(jwtAccessToken -> refreshToken(request, response, jwtAccessToken));
       }
     }
     chain.doFilter(request, response);
   }
 
+  private void refreshToken(HttpServletRequest request, HttpServletResponse response, JwtAccessToken jwtAccessToken) {
+    LOG.debug("refreshing authentication token");
+    issuer.authenticate(request, response, jwtAccessToken);
+  }
+
   private AuthenticationToken createToken(HttpServletRequest request) {
     for (WebTokenGenerator generator : tokenGenerators) {
       AuthenticationToken token = generator.createToken(request);