Remove exception to avoid logging JWT token

ChristophEichhorn · ChristophEichhorn · commit e228df20f6a1 · 2018-05-18T14:21:10.000+02:00
Change-Id: I9b298d17de9fdfc5ff405d346dda56dfb729e619
diff --git a/cf-java-logging-support-servlet/src/main/java/com/sap/hcp/cf/logging/servlet/dynlog/TokenDecoder.java b/cf-java-logging-support-servlet/src/main/java/com/sap/hcp/cf/logging/servlet/dynlog/TokenDecoder.java
@@ -36,7 +36,8 @@ public DecodedJWT validateAndDecodeToken(String token) throws DynamicLogLevelExc
                 throw new DynamicLogLevelException("Token provided to dynamically change the log-level on thread-level is outdated");
             }
         } catch (JWTVerificationException e) {
-            throw new DynamicLogLevelException("Token could not be verified", e);
+            // Exception is not attached to avoid logging of JWT token
+            throw new DynamicLogLevelException("Token could not be verified");
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,8 @@ public DecodedJWT validateAndDecodeToken(String token) throws DynamicLogLevelExc`
`36`	`36`	`throw new DynamicLogLevelException("Token provided to dynamically change the log-level on thread-level is outdated");`
`37`	`37`	`}`
`38`	`38`	`} catch (JWTVerificationException e) {`
`39`		`- throw new DynamicLogLevelException("Token could not be verified", e);`
	`39`	`+ // Exception is not attached to avoid logging of JWT token`
	`40`	`+ throw new DynamicLogLevelException("Token could not be verified");`
`40`	`41`	`}`
`41`	`42`	`}`
`42`	`43`	`}`