Change log to logger

src/auth/keycloak.strategy.ts

@@ -1,4 +1,4 @@
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { Injectable, UnauthorizedException, Logger } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import { ExtractJwt, Strategy } from 'passport-jwt';
 
@@ -49,33 +49,37 @@ export class KeycloakJwtStrategy extends PassportStrategy(Strategy, 'jwt') {
     });
   }
 
+  private readonly logger = new Logger(KeycloakJwtStrategy.name);
+
   validate(payload: JwtPayload): JwtPayload {
-    console.log('JWT Payload received:', JSON.stringify(payload, null, 2));
+    this.logger.debug(
+      `JWT Payload received: ${JSON.stringify(payload, null, 2)}`,
+    );
 
     // Log important JWT claims
-    console.log('JWT Subject (sub):', payload.sub);
+    this.logger.debug(`JWT Subject (sub): ${payload.sub}`);
-    console.log('JWT Issuer (iss):', payload.iss);
+    this.logger.debug(`JWT Issuer (iss): ${payload.iss}`);
-    console.log('JWT Audience (aud):', payload.aud);
+    this.logger.debug(`JWT Audience (aud): ${JSON.stringify(payload.aud)}`);
-    console.log(
+    this.logger.debug(
-      'JWT Expiration (exp):',
+      `JWT Expiration (exp): ${new Date(payload.exp * 1000).toISOString()}`,
-      new Date(payload.exp * 1000).toISOString(),
     );
-    console.log(
+    this.logger.debug(
-      'JWT Issued At (iat):',
+      `JWT Issued At (iat): ${new Date(payload.iat * 1000).toISOString()}`,
-      new Date(payload.iat * 1000).toISOString(),
     );
 
     // Log user info
-    console.log('User email:', payload.email);
+    this.logger.debug(`User email: ${payload.email}`);
-    console.log('Username:', payload.preferred_username);
+    this.logger.debug(`Username: ${payload.preferred_username}`);
 
     // Log roles
-    console.log('Realm access roles:', payload.realm_access?.roles || []);
+    this.logger.debug(
+      `Realm access roles: ${JSON.stringify(payload.realm_access?.roles || [])}`,
+    );
 
     if (payload.resource_access) {
-      console.log('Resource access:');
+      this.logger.debug('Resource access:');
       Object.entries(payload.resource_access).forEach(([resource, data]) => {
-        console.log(`  ${resource}:`, data.roles || []);
+        this.logger.debug(`  ${resource}: ${JSON.stringify(data.roles || [])}`);
       });
     }
 

src/auth/roles.guard.ts

@@ -3,6 +3,7 @@ import {
   CanActivate,
   ExecutionContext,
   ForbiddenException,
+  Logger,
 } from '@nestjs/common';
 import { Reflector } from '@nestjs/core';
 import { ROLES_KEY } from './decorator/roles.decorator';
@@ -13,23 +14,31 @@ import type { JwtPayload } from './keycloak.strategy';
 export class RolesGuard implements CanActivate {
   constructor(private reflector: Reflector) {}
 
+  private readonly logger = new Logger(RolesGuard.name);
+
   private extractRoles(user: JwtPayload): string[] {
     const roles: string[] = [];
 
-    console.log('Extracting roles from user object');
+    this.logger.debug('Extracting roles from user object');
-    console.log('realm_access:', user.realm_access);
+    this.logger.debug(`realm_access: ${JSON.stringify(user.realm_access)}`);
-    console.log('resource_access:', user.resource_access);
+    this.logger.debug(
+      `resource_access: ${JSON.stringify(user.resource_access)}`,
+    );
 
     if (user.realm_access?.roles) {
-      console.log('Found realm roles:', user.realm_access.roles);
+      this.logger.debug(
+        `Found realm roles: ${JSON.stringify(user.realm_access.roles)}`,
+      );
       roles.push(...user.realm_access.roles);
     }
 
     if (user.resource_access) {
-      console.log('Processing resource_access');
+      this.logger.debug('Processing resource_access');
       Object.entries(user.resource_access).forEach(
         ([resourceName, resource]) => {
-          console.log(`Resource ${resourceName} roles:`, resource?.roles);
+          this.logger.debug(
+            `Resource ${resourceName} roles: ${JSON.stringify(resource?.roles)}`,
+          );
           if (resource?.roles) {
             roles.push(...resource.roles);
           }
@@ -38,7 +47,7 @@ export class RolesGuard implements CanActivate {
     }
 
     const uniqueRoles = [...new Set(roles)];
-    console.log('Final extracted roles:', uniqueRoles);
+    this.logger.debug(`Final extracted roles: ${JSON.stringify(uniqueRoles)}`);
     return uniqueRoles;
   }
 
@@ -48,20 +57,22 @@ export class RolesGuard implements CanActivate {
       [context.getHandler(), context.getClass()],
     );
 
-    console.log('Required roles:', requiredRoles);
+    this.logger.debug(`Required roles: ${JSON.stringify(requiredRoles)}`);
 
     if (!requiredRoles || !requiredRoles.length) {
-      console.log('No roles required for this route');
+      this.logger.debug('No roles required for this route');
       return true;
     }
 
     const request = context.switchToHttp().getRequest<{ user: JwtPayload }>();
     const user = request.user;
 
-    console.log('User object from request:', JSON.stringify(user, null, 2));
+    this.logger.debug(
+      `User object from request: ${JSON.stringify(user, null, 2)}`,
+    );
 
     if (!user) {
-      console.error('No user found in request');
+      this.logger.error('No user found in request');
       throw new ForbiddenException('Usuário não autenticado');
     }