In my Micronaut project, we are auditing the request payload that we received upon calling the API endpoints. However, upon invalid credentials on a secured endpoint, using the ExceptionHandler or @Error annotation, the HttpRequest only able to read the http header/attribute but not the request body
I have already tried if possible to read the HttpRequest on filter using HttpServerFilter and also in security level using AuthenticationProvider, but both have Optional.empty when I logged the value for the request body e.g. (httpRequest.getBody(String.class)). I have also tried the @Error annotation, but it wasn't called when Authentication exception failed in AuthenticationProvider
@Error(exception = AuthenticationException.class, global = true) public HttpResponse<String> onAuthenticationFailed(HttpRequest request, AuthenticationException ex) { LOG.info("UNAUTHORIZED: Request Body: {}", request.getBody(String.class)); LOG.info("UNAUTHORIZED: Request Attributes: {}", request.getAttributes()); return HttpResponse.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Test"); }
