Adjust logger levels to use info for side-effects

django_auth_adfs/backend.py

@@ -147,17 +147,17 @@ def validate_access_token(self, access_token):
                     leeway=settings.JWT_LEEWAY
                 )
             except jwt.ExpiredSignatureError as error:
-                logger.info("Signature has expired: %s", error)
+                logger.error("Signature has expired: %s", error)
                 raise PermissionDenied
             except jwt.DecodeError as error:
                 # If it's not the last certificate in the list, skip to the next one
                 if idx < len(provider_config.signing_keys) - 1:
                     continue
                 else:
-                    logger.info('Error decoding signature: %s', error)
+                    logger.error('Error decoding signature: %s', error)
                     raise PermissionDenied
             except jwt.InvalidTokenError as error:
-                logger.info(str(error))
+                logger.error(str(error))
                 raise PermissionDenied
 
     def process_access_token(self, access_token, adfs_response=None):
@@ -223,7 +223,7 @@ def process_user_groups(self, claims, access_token):
             obo_access_token = self.get_obo_access_token(access_token)
             groups = self.get_group_memberships_from_ms_graph(obo_access_token)
         else:
-            logger.debug("The configured groups claim %s was not found in the access token",
+            logger.error("The configured groups claim %s was not found in the access token",
                          settings.GROUPS_CLAIM)
 
         return groups
@@ -265,7 +265,7 @@ def create_user(self, claims):
         except usermodel.DoesNotExist:
             if settings.CREATE_NEW_USERS:
                 user = usermodel.objects.create(**userdata)
-                logger.debug("User '%s' has been created.", claims[username_claim])
+                logger.info("User '%s' has been created.", claims[username_claim])
             else:
                 logger.debug("User '%s' doesn't exist and creating users is disabled.", claims[username_claim])
                 raise PermissionDenied
@@ -294,7 +294,7 @@ def update_user_attributes(self, user, claims, claim_mapping=None):
                 if not isinstance(claim, dict):
                     if claim in claims:
                         setattr(user, field, claims[claim])
-                        logger.debug("Attribute '%s' for instance '%s' was set to '%s'.", field, user, claims[claim])
+                        logger.info("Attribute '%s' for instance '%s' was set to '%s'.", field, user, claims[claim])
                     else:
                         if field in required_fields:
                             msg = "Claim not found in access token: '{}'. Check ADFS claims mapping."
@@ -365,7 +365,7 @@ def update_user_flags(self, user, claims, claim_groups):
                     else:
                         value = False
                     setattr(user, flag, value)
-                    logger.debug("Attribute '%s' for user '%s' was set to '%s'.", flag, user, value)
+                    logger.info("Attribute '%s' for user '%s' was set to '%s'.", flag, user, value)
                 else:
                     msg = "User model has no field named '{}'. Check ADFS boolean claims mapping."
                     raise ImproperlyConfigured(msg.format(flag))
@@ -376,7 +376,7 @@ def update_user_flags(self, user, claims, claim_groups):
                 if claim in claims and str(claims[claim]).lower() in ['y', 'yes', 't', 'true', 'on', '1']:
                     bool_val = True
                 setattr(user, field, bool_val)
-                logger.debug("Attribute '%s' for user '%s' was set to '%s'.", field, user, bool_val)
+                logger.info("Attribute '%s' for user '%s' was set to '%s'.", field, user, bool_val)
             else:
                 msg = "User model has no field named '{}'. Check ADFS boolean claims mapping."
                 raise ImproperlyConfigured(msg.format(field))