[QUARKUS-5554] Log in smallrye-jwt and oauth2 extensions when no bearer access token is available - Red Hat Issue Tracker

Type: Bug
Resolution: Done-Errata
Priority: Major
Fix Version/s: 3.15.3.GA
Affects Version/s: None
Component/s: team/eng
Labels:
- manual-test-coverage

Blocked:
False
Blocked Reason:
None
Ready:
False
Git Pull Request:
https://github.com/quarkusio/quarkus/pull/44505
[QE] How to address?:
---
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

If the endpoint is secured by a bearer access token verification mechanism then, when no token is provided, a debug log message should inform users about it.
It is already done in `quarkus-oidc` [here](https://github.com/quarkusio/quarkus/blob/main/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/BearerAuthenticationMechanism.java#L30).
But `quarkus-smallrye-jwt` does not log the same message, so this PR adds it there as well.

links to

RHSA-2025:0900 Red Hat build of Quarkus 3.15.3 release and security update

Assignee:: Unassigned

Reporter:: Barry LaFond

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/01/09 2:59 PM

Updated:: 2025/02/05 12:21 PM

Resolved:: 2025/02/05 12:21 PM