1

I am using nimbus-jose-jwt with RemoteJWKSet and would like to find(see in logs) when requests are made to remote url for cache update etc.
For the spring boot app, I set logging.level.com.nimbusds=TRACE but could not find any logging related to calls to remote url for retrieving the jwks from remote server.
Is there a way to find when a call is made to remote server to retrieve the jwks.

Edit:
Should anyone want to look at the code, the required jwks code is uploaded on github: NimbusJose-JWKSCaching.

samshers
  • 1
  • 6
  • 37
  • 84

1 Answers1

2

Looking at the source code of the RemoteJWKSet.java it does not do any logging on its own. It uses DefaultResourceRetriever class to download JWKS resource from remote URL. The DefaultResourceRetriever does not log anything explicitly either. What it does though, it uses standard Java java.net.HttpURLConnection class to request the JWKS resource.

This means that you can use standard Java logging facilities to log information you need. Here are few answers that might be helpful to achieve this:

Sergei
  • 536
  • 1
  • 4
  • 17
  • welcome and thanks for your suggestion. ++1 i tried `logging.level.root=TRACE` and `logging.level.java.net.HttpURLConnection=TRACE` and `logging.level.sun.net.www.protocol.http.HttpURLConnection.level=TRACE` . But found no additional logging. Could there be anything wrong with my setup. – samshers Nov 21 '21 at 06:41
  • I think you need to change logging level of the handler as well. If you are using console logging handler then change its logging level to ALL like this `java.util.logging.ConsoleHandler.level = ALL` – Sergei Nov 23 '21 at 10:06
  • if you don't mind - can you guide me in terms of spring boot. This log tracing is quite crucial for me. – samshers Nov 23 '21 at 10:46
  • Actually, this is not specific to SpringBoot. This logging facility is provided by Java. You can enable Java logging by specifying logging properties file via JVM startup parameters using `-Djava.util.logging.config.file=/path/to/app.properties`. See [this question](https://stackoverflow.com/questions/960099/how-to-set-up-java-logging-using-a-properties-file-java-util-logging) about how to provide logging.properties. For more details you can look at [Java Logging Overview](https://docs.oracle.com/javase/10/core/java-logging-overview.htm#JSCOR-GUID-B83B652C-17EA-48D9-93D2-563AE1FF8EDA) – Sergei Nov 23 '21 at 18:01
  • [Here's a gist](https://gist.github.com/sponomarev72/7c35380e7ea610b8a150f4cdd1e87039) with minimal logging configuration that should be enough in your case. – Sergei Nov 23 '21 at 18:02
  • Sergei, I have tried the things suggested but nothing worked in tracing/logging the requests made to jwks url. I have extracted the jwks code from my application and uploaded it to github: [NimbusJose-JWKSCaching](https://github.com/ramshers/NimbusJose-JWKSCaching). It will be of great help if you could guide on how to enable logging of jwks request over this project. I think it bit of much to ask, but this logging is crucial for me. I have added your github user as commiter to the project just in case if you wish to commit directly to the project. – samshers Nov 28 '21 at 16:13
  • @samshers I will take a look at it a bit later. Meanwhile, you can use [the test program to print the logger tree](https://stackoverflow.com/a/44888306/12092416). This will prove if your static configuration file is actually being used at runtime. – Sergei Nov 29 '21 at 15:03
  • I took a look at your code. You added the `logging.properties` file as a resource but did not register. [This page](https://www.logicbig.com/tutorials/core-java-tutorial/logging/loading-properties.html) shows different ways to set logging properties. Look in the *Loading logging.properties from classpath* section. – Sergei Nov 29 '21 at 15:15
  • Sergei, sorry i am not much aware about logging using logging.properties. but following your suggestion - i tried running the spring boot app with jvm option `-Djava.util.logging.config.file=logging.properties` but it did not work. Basically Spring boot logging takes care of everthing if i provide - `logging.level.sun.net.www.protocol.http.HttpURLConnection=TRACE`. So if any logging is done by `HttpURLConnection` class it will be logged/captured. – samshers Nov 29 '21 at 15:41
  • to not confuse any further, i am removing the logging.properties file, so we can focus on spring boot logging solely. If we can solve it.. that's great. Else i will try to raise this issue on nimbus jose project directly. – samshers Nov 29 '21 at 15:42
  • @samshers `HttpURLConnection` class does logging using JUL not SLF4J which is configured by default in SpringBoot. I have not tried it myself but I think you have to enable JUL logging by providing `java.util.logging.config.file` and then, if you really want it to be part of SpringBoot logging, you might want to try using [JUL2SLF4J bridge](http://www.slf4j.org/legacy.html) – Sergei Nov 29 '21 at 17:25
  • Putting bridging JUL to SLF4J aside - I suggest you to do this: save the logging.properties file somewhere in your file system. Start the SpringBoot application using `-Djava.util.logging.config.file=`. At least, this should show you the logs by `HttpUrlConnection` and you can confirm it is working. Also, add code [to print logger tree](https://stackoverflow.com/questions/44882648/logging-not-showing/44888306#44888306) on application start and share the output of it. – Sergei Nov 29 '21 at 17:26
  • many thanks for your continuous involvement. I will try and if i have any progress I will update here. – samshers Nov 30 '21 at 05:55