Add logs to indicate that the token does not have sign permission. (Azure#42879)

moarychan · web-flow · commit a9bafa0ec112 · 2024-11-12T01:33:06.000Z
diff --git a/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java b/sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/KeyVaultClient.java
@@ -491,6 +491,10 @@ public byte[] getSignedWithPrivateKey(String digestName, String digestValue, Str
             } catch (IOException e) {
                 LOGGER.log(WARNING, "Failed to parse sign result response.", e);
             }
+        } else {
+            LOGGER.log(WARNING,
+                "Can not get signature. It can be caused by missing 'sign' permission. To know how to add 'sign' permission, "
+                    + "see https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/keyvault/azure-security-keyvault-jca#key-less-certificates.");
         }
 
         byte[] signature;

Original file line number	Diff line number	Diff line change
`@@ -491,6 +491,10 @@ public byte[] getSignedWithPrivateKey(String digestName, String digestValue, Str`
`491`	`491`	`} catch (IOException e) {`
`492`	`492`	`LOGGER.log(WARNING, "Failed to parse sign result response.", e);`
`493`	`493`	`}`
	`494`	`+ } else {`
	`495`	`+ LOGGER.log(WARNING,`
	`496`	`+ "Can not get signature. It can be caused by missing 'sign' permission. To know how to add 'sign' permission, "`
	`497`	`+ + "see https://github.com/Azure/azure-sdk-for-java/tree/main/sdk/keyvault/azure-security-keyvault-jca#key-less-certificates.");`
`494`	`498`	`}`
`495`	`499`
`496`	`500`	`byte[] signature;`