Merge pull request #3736 from uselagoon/remove-attribute-from-unautho…

…rized refactor: remove attribute from unauthorized response
uselagoon · Sep 9, 2024 · 0797e9e · 0797e9e
2 parents 268e5f5 + 8f1f273
commit 0797e9e
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/services/api/src/util/auth.ts b/services/api/src/util/auth.ts
@@ -356,21 +356,21 @@ export const keycloakHasPermission = (grant, requestCache, modelClients, service
       userActivityLogger.user_info(
         `User does not have permission to '${scope}' on '${resource}'`,
         {
-          user: currentUser.id
+          user: currentUser.id,
+          attributes: attributes
         }
       );
     }
 
     userActivityLogger.user_info(
       `User does not have permission to '${scope}' on '${resource}'`,
       {
-        user: grant.access_token.content
+        user: grant.access_token.content,
+        attributes: attributes
       }
     );
     throw new KeycloakUnauthorizedError(
-      `Unauthorized: You don't have permission to "${scope}" on "${resource}": ${JSON.stringify(
-        attributes
-      )}`
+      `Unauthorized: You don't have permission to "${scope}" on "${resource}"`
     );
   };
 };