Dependency upgrade and more logging (#18)

* Adding more logging
* Updating dependencies
* Increasing version to 2.2.0

gradle.properties

@@ -13,7 +13,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-
-version=2.1.0
+version=2.2.0
 groupId=com.nike
 artifactId=cerberus-client

gradle/dependencies.gradle

@@ -18,8 +18,9 @@ repositories {
     jcenter()
 }
 
-def AWS_SDK_VERSION = '1.11.75'
+def AWS_SDK_VERSION = '1.11.123'
 def VAULT_CLIENT_COORDINATES = "com.nike:vault-client:1.3.0"
+
 //noinspection GroovyAssignabilityCheck
 dependencies {
 
@@ -38,12 +39,13 @@ dependencies {
     compile VAULT_CLIENT_COORDINATES
     shadow "joda-time:joda-time:2.8.1"
     shadow "org.apache.commons:commons-lang3:3.4"
-    shadow "org.slf4j:slf4j-api:1.7.14"
+    shadow "org.slf4j:slf4j-api:1.7.25"
 
     compile "com.amazonaws:aws-java-sdk-core:${AWS_SDK_VERSION}"
     compile "com.amazonaws:aws-java-sdk-kms:${AWS_SDK_VERSION}"
     compile "com.amazonaws:aws-java-sdk-lambda:${AWS_SDK_VERSION}"
 
+    testRuntime 'org.slf4j:slf4j-simple:1.7.25'
     testCompile "junit:junit:4.12"
     testCompile ("org.mockito:mockito-core:1.10.19") {
         exclude group: 'org.hamcrest'

src/main/java/com/nike/cerberus/client/auth/aws/BaseAwsCredentialsProvider.java

@@ -103,8 +103,8 @@ public abstract class BaseAwsCredentialsProvider implements VaultCredentialsProv
     public BaseAwsCredentialsProvider(UrlResolver urlResolver) {
         super();
         this.urlResolver = urlResolver;
-
         cerberusJavaClientHeaderValue = ClientVersion.getClientHeaderValue();
+        LOGGER.info("Cerberus URL={}", urlResolver.resolve());
     }
 
     /**
@@ -117,7 +117,17 @@ public BaseAwsCredentialsProvider(UrlResolver urlResolver) {
     public VaultCredentials getCredentials() {
         readLock.lock();
         try {
-            if (credentials == null || expireDateTime.isBeforeNow()) {
+            boolean needsToAuthenticate = false;
+            if (credentials == null) {
+                // initial state: no credentials
+                needsToAuthenticate = true;
+            }
+            else if (expireDateTime.isBeforeNow()) {
+                // credentials have expired
+                needsToAuthenticate = true;
+                LOGGER.info("Cerberus credentials have expired {}, re-authenticating...", expireDateTime);
+            }
+            if (needsToAuthenticate) {
                 // Release the read lock and acquire a write lock
                 readLock.unlock();
                 writeLock.lock();
@@ -217,10 +227,11 @@ protected String getEncryptedAuthData(final String iamPrincipalArn, Region regio
             final String key = "auth_data";
 
             if (authData.containsKey(key)) {
+                LOGGER.info(String.format("Authentication successful with AWS IAM principal ARN [%s] against [%s]",
+                        iamPrincipalArn, url));
                 return authData.get(key);
             } else {
-                throw new VaultClientException(
-                        "Success response from IAM role authenticate endpoint missing auth data!");
+                throw new VaultClientException("Success response from IAM role authenticate endpoint missing auth data!");
             }
         } catch (IOException e) {
             throw new VaultClientException("I/O error while communicating with Cerberus", e);