From 9de8af2cd97c0c8ab48791a296fb001947a4e936 Mon Sep 17 00:00:00 2001
From: Matthew Buckett <matthew.buckett@ctl.ox.ac.uk>
Date: Thu, 16 Oct 2025 10:42:04 +0100
Subject: [PATCH] AB#81518 No longer log about null values.

The initial reason for adding this logging has passed (Instructure have deployed the change) and while it's slightly interesting that we still have some `null` values it's not worth chasing them down.
---
 .../java/uk/ac/ox/ctl/ltiauth/JWTService.java | 16 ------
 .../uk/ac/ox/ctl/ltiauth/JWTServiceTest.java  | 50 -------------------
 2 files changed, 66 deletions(-)
 delete mode 100644 src/test/java/uk/ac/ox/ctl/ltiauth/JWTServiceTest.java

diff --git a/src/main/java/uk/ac/ox/ctl/ltiauth/JWTService.java b/src/main/java/uk/ac/ox/ctl/ltiauth/JWTService.java
index d6acd20..dcca6f0 100644
--- a/src/main/java/uk/ac/ox/ctl/ltiauth/JWTService.java
+++ b/src/main/java/uk/ac/ox/ctl/ltiauth/JWTService.java
@@ -33,7 +33,6 @@ public JWTService(JWTSigner signer, JWTStore store, LtiSettings ltiSettings) {
      */
     public String createJWT(OAuth2AuthenticationToken token, String toolSupportUrl) {
         JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
-        checkForNullCustomValues(token);
         token.getPrincipal().getAttributes().forEach(builder::claim);
         builder
                 // Save the original issuer, this is needed for deep linking where we need to know who the audience is.
@@ -49,21 +48,6 @@ public String createJWT(OAuth2AuthenticationToken token, String toolSupportUrl)
             throw new BadCredentialsException("Failed to create new JWT");
         }
     }
-    
-    void checkForNullCustomValues(OAuth2AuthenticationToken token) {
-        // Checks if any of the launches we handle currently get a null value
-        // This is only needed for a short time while we are checking if there's anything we should be looking
-        // at. Once Canvas has released the change to production we can remove this as we will be seeing the 
-        // errors.
-        Object claim = token.getPrincipal().getAttribute("https://purl.imsglobal.org/spec/lti/claim/custom");
-        if (claim instanceof Map custom) {
-            custom.forEach((key, value) -> {
-                if (value == null) {
-                    log.error("Custom attribute {} is null for client registration ID: {}", key, token.getAuthorizedClientRegistrationId());
-                }
-            });
-        }
-    }
 
     public String store(Object token) {
         return store.store(token);
diff --git a/src/test/java/uk/ac/ox/ctl/ltiauth/JWTServiceTest.java b/src/test/java/uk/ac/ox/ctl/ltiauth/JWTServiceTest.java
deleted file mode 100644
index 6d1952a..0000000
--- a/src/test/java/uk/ac/ox/ctl/ltiauth/JWTServiceTest.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package uk.ac.ox.ctl.ltiauth;
-
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Nested;
-import org.junit.jupiter.api.Test;
-import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
-import org.springframework.security.oauth2.core.user.OAuth2User;
-
-import static java.util.Collections.singletonMap;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-class JWTServiceTest {
-
-    @Nested
-    public class CheckingClaims {
-        // These tests are to make sure we aren't going to blow up with bad token values.
-        // Checking the logger does the right thing isn't worth the complexity
-        
-        private JWTService service;
-        private OAuth2User user;
-
-        @BeforeEach
-        public void setUp() {
-            service = new JWTService(mock(JWTSigner.class), mock(JWTStore.class), mock(LtiSettings.class));
-            user = mock(OAuth2User.class);
-        }
-        
-        @Test
-        public void noMap() {
-            OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(user, null, "test");
-            service.checkForNullCustomValues(token);
-        }
-
-        @Test
-        public void goodClaim() {
-            when(user.getAttribute("https://purl.imsglobal.org/spec/lti/claim/custom")).thenReturn(singletonMap("key", "value"));
-            OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(user, null, "test");
-            service.checkForNullCustomValues(token);
-        }
-
-        @Test
-        public void nullClaim() {
-            when(user.getAttribute("https://purl.imsglobal.org/spec/lti/claim/custom")).thenReturn(singletonMap("key", null));
-            OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(user, null, "test");
-            service.checkForNullCustomValues(token);
-        }
-    }
-
-}
\ No newline at end of file