From ea5ef2bdf8379192da89e771be8fe650764fc542 Mon Sep 17 00:00:00 2001
From: Luke Sikina <lucas.skina@gmail.com>
Date: Thu, 26 Oct 2023 11:52:58 -0400
Subject: [PATCH] [ALS-5143] Improve logging for introspection token expiry
 errors

---
 .../main/java/edu/harvard/dbmi/avillach/security/JWTFilter.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pic-sure-api-war/src/main/java/edu/harvard/dbmi/avillach/security/JWTFilter.java b/pic-sure-api-war/src/main/java/edu/harvard/dbmi/avillach/security/JWTFilter.java
index 82709920..df729582 100755
--- a/pic-sure-api-war/src/main/java/edu/harvard/dbmi/avillach/security/JWTFilter.java
+++ b/pic-sure-api-war/src/main/java/edu/harvard/dbmi/avillach/security/JWTFilter.java
@@ -245,6 +245,8 @@ private AuthUser callTokenIntroEndpoint(ContainerRequestContext requestContext,
 			if (response.getStatusLine().getStatusCode() != 200){
 				logger.error("callTokenIntroEndpoint() error back from token intro host server ["
 						+ token_introspection_url + "]: " + EntityUtils.toString(response.getEntity()));
+				logger.info("This callTokenIntroEndpoint error can happen when your introspection token has expired. " +
+					"You can fix this by running the Configure PIC-SURE Token Introspection Token job in Jenkins.");
 				throw new ApplicationException("Token Introspection host server return " + response.getStatusLine().getStatusCode() +
 						". Please see the log");
 			}