Merge pull request #1385 from scm-manager/bugfix/logging_error_reading_api_token

Reduce logging of ApiTokenRealm

scm-webapp/src/test/java/sonia/scm/security/ApiKeyRealmTest.java

@@ -25,6 +25,7 @@
 package sonia.scm.security;
 
 import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.authz.AuthorizationException;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -105,6 +106,15 @@ class ApiKeyRealmTest {
     assertThat(supports).isFalse();
   }
 
+  @Test
+  void shouldIgnoreNonBase64Tokens() {
+    UsernamePasswordToken token = new UsernamePasswordToken("trillian", "My&SecretPassword");
+
+    boolean supports = realm.supports(token);
+
+    assertThat(supports).isFalse();
+  }
+
   void verifyScopeSet(String... permissions) {
     verify(authenticationInfoBuilder).withScope(argThat(scope -> {
       assertThat(scope).containsExactly(permissions);