From 7f9c1e94c61529baed3ec39a620d1f8f6a79e163 Mon Sep 17 00:00:00 2001 From: hongwei Date: Fri, 21 Nov 2025 16:28:20 +0100 Subject: [PATCH] refactor/ Enhanced logging for consent validation, including warnings for empty consumer validation method. --- obp-api/src/main/scala/code/api/util/ConsentUtil.scala | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/obp-api/src/main/scala/code/api/util/ConsentUtil.scala b/obp-api/src/main/scala/code/api/util/ConsentUtil.scala index 5f8bebd8c5..45358d0289 100644 --- a/obp-api/src/main/scala/code/api/util/ConsentUtil.scala +++ b/obp-api/src/main/scala/code/api/util/ConsentUtil.scala @@ -251,7 +251,11 @@ object Consent extends MdcLoggable { if (!tppIsConsentHolder(c.mConsumerId.get, callContext)) { // Always check TPP first val consentConsumerId = c.mConsumerId.get val requestConsumerId = callContext.consumer.map(_.consumerId.get).getOrElse("NONE") - logger.info(s"ConsentNotFound: TPP/Consumer mismatch. Consent holder consumer_id=$consentConsumerId, Request consumer_id=$requestConsumerId, consent_id=${consent.jti}") + val consumerValidationMethodForConsent = APIUtil.getPropsValue("consumer_validation_method_for_consent").openOr("") + if(requestConsumerId == "NONE" || consumerValidationMethodForConsent.isEmpty) { + logger.warn(s"consumer_validation_method_for_consent is empty while request consumer_id=NONE - consent_id=${consent.jti}, aud=${consent.aud}") + } + logger.debug(s"ConsentNotFound: TPP/Consumer mismatch. Consent holder consumer_id=$consentConsumerId, Request consumer_id=$requestConsumerId, consent_id=${consent.jti}") ErrorUtil.apiFailureToBox(ErrorMessages.ConsentNotFound, 401)(Some(callContext)) } else if (!verifyHmacSignedJwt(consentIdAsJwt, c)) { // verify signature Failure(ErrorMessages.ConsentVerificationIssue)