From 87641da38ff43e00cf946d3d98455bde53bb9ca0 Mon Sep 17 00:00:00 2001
From: Sven Mitt <svenzik@users.noreply.github.com>
Date: Wed, 21 May 2025 10:18:11 +0300
Subject: [PATCH] Add debug statement when returning early

WE2-1026

Signed-off-by: Sven Mitt <svenzik@users.noreply.github.com>
---
 .../certvalidators/SubjectCertificatePurposeValidator.java       | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java b/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
index 4306a9cc..8332f740 100644
--- a/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
+++ b/src/main/java/eu/webeid/security/validator/certvalidators/SubjectCertificatePurposeValidator.java
@@ -57,6 +57,7 @@ public static void validateCertificatePurpose(X509Certificate subjectCertificate
             if (usages == null || usages.isEmpty()) {
                 // Digital Signature extension present, but Extended Key Usage extension not present,
                 // assume it is an authentication certificate (e.g. Luxembourg eID).
+                LOG.debug("User certificate has Digital Signature key usage and no Extended Key Usage extension, this means that it can be used for client authentication.");
                 return;
             }
             if (!usages.contains(EXTENDED_KEY_USAGE_CLIENT_AUTHENTICATION)) {