Print token data in certain cases (#1056)

Toastbrot236 · web-flow · commit c2f5e6c07dcc · 2026-03-21T14:14:57.000+01:00
Makes the exception messages of some of the recently added token
validations include token data, and also makes
`GameAuthenticationProvider` always print various information about the
request and the received token as long as a certain config option is
enabled. This is primarily meant to help understand future issues if
they ever happen.
diff --git a/Refresh.Core/Configuration/GameServerConfig.cs b/Refresh.Core/Configuration/GameServerConfig.cs
@@ -10,7 +10,7 @@ namespace Refresh.Core.Configuration;
 [SuppressMessage("ReSharper", "RedundantDefaultMemberInitializer")]
 public class GameServerConfig : Config
 {
-    public override int CurrentConfigVersion => 25;
+    public override int CurrentConfigVersion => 26;
     public override int Version { get; set; } = 0;
     
     protected override void Migrate(int oldVer, dynamic oldConfig)
@@ -117,6 +117,11 @@ protected override void Migrate(int oldVer, dynamic oldConfig)
     /// </summary>
     public bool PrintRoomStateWhenNoFoundRooms { get; set; } = true;
 
+    /// <summary>
+    /// Whether to unconditionally print data like token, token owner, remote IP, request URI etc during authentication outside of exceptions
+    /// </summary>
+    public bool PrintAuthenticationData { get; set; } = false;
+
     public string[] Sha1DigestKeys = ["CustomServerDigest"];
     public string[] HmacDigestKeys = ["CustomServerDigest"];
 
diff --git a/Refresh.Database/GameDatabaseContext.Tokens.cs b/Refresh.Database/GameDatabaseContext.Tokens.cs
@@ -90,7 +90,7 @@ public Token GenerateTokenForUser(GameUser user, TokenType type, TokenGame game,
 #if DEBUG
             if(Debugger.IsAttached) Debugger.Break();
 #endif
-            throw new InvalidDataException($"GetTokenFromTokenData - Token data or type does not match!");
+            throw new InvalidDataException($"GetTokenFromTokenData - Token data or type does not match (expected {tokenData} | {type}, got {token.TokenData} | {token.TokenType} by {token.User})!");
         }
 
         return token;
diff --git a/Refresh.GameServer/Authentication/GameAuthenticationProvider.cs b/Refresh.GameServer/Authentication/GameAuthenticationProvider.cs
@@ -76,13 +76,16 @@ public GameAuthenticationProvider(GameServerConfig? config, Logger logger)
         if ((this._config?.MaintenanceMode ?? false) && user.Role != GameUserRole.Admin)
             return null;
         
+        if (this._config?.PrintAuthenticationData ?? false)
+            this._logger.LogInfo(BunkumCategory.Authentication, $"Authenticating request from {request.RemoteEndpoint} to {request.Uri.AbsolutePath} by {user} using token {tokenData}");
+        
         // Additional validation of the token gotten from DB. Exceptions will be caught, logged and InternalServerError will be returned automatically.
         if (token.TokenData != tokenData)
         {
 #if DEBUG
             if(Debugger.IsAttached) Debugger.Break();
 #endif
-            throw new InvalidDataException($"{typeof(GameAuthenticationProvider)} - Token from DB does not match token received from client!");
+            throw new InvalidDataException($"{typeof(GameAuthenticationProvider)} - Token from DB ({token.TokenData}) does not match token received from client ({tokenData})!");
         }
 
         if (token.User.UserId != token.UserId)

Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,7 @@ public Token GenerateTokenForUser(GameUser user, TokenType type, TokenGame game,`
`90`	`90`	`#if DEBUG`
`91`	`91`	`if(Debugger.IsAttached) Debugger.Break();`
`92`	`92`	`#endif`
`93`		`- throw new InvalidDataException($"GetTokenFromTokenData - Token data or type does not match!");`
	`93`	`+ throw new InvalidDataException($"GetTokenFromTokenData - Token data or type does not match (expected {tokenData} \| {type}, got {token.TokenData} \| {token.TokenType} by {token.User})!");`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`return token;`