Merge pull request #3671 from akto-api-security/bug/threat-client-log

added log in threat client

Author: ayushaga14

apps/threat-detection/src/main/java/com/akto/threat/detection/cache/AccountConfigurationCache.java

@@ -52,7 +52,7 @@ public static AccountConfigurationCache getInstance() {
      * Thread-safe with double-check locking.
      *
      * @param dataActor DataActor instance to fetch data if refresh is needed
-     * @return AccountConfig containing account settings and API collections
+     * @return AccountConfig containing account settings and API collections, or default config with redact=false if cache fails
      */
     public AccountConfig getConfig(DataActor dataActor) {
         long currentTime = System.currentTimeMillis();
@@ -67,9 +67,31 @@ public AccountConfig getConfig(DataActor dataActor) {
             }
         }
 
+        if (cachedConfig == null) {
+            logger.errorAndAddToDb("getConfig returning null - cache refresh failed, returning default config with redact=false");
+            return getDefaultConfig();
+        }
+
         return cachedConfig;
     }
 
+    /**
+     * Returns a default AccountConfig with redaction disabled.
+     * Used as fallback when cache refresh fails.
+     *
+     * @return Default AccountConfig with accountId=0, isRedacted=false, and empty collections
+     */
+    private AccountConfig getDefaultConfig() {
+        return new AccountConfig(
+            0,                          // accountId
+            false,                      // isRedacted = false (as requested)
+            new ArrayList<>(),          // empty apiCollections
+            new ArrayList<>(),          // empty apiInfos
+            new HashMap<>(),            // empty apiCollectionUrlTemplates
+            new HashMap<>()             // empty apiInfoUrlToMethods
+        );
+    }
+
     /**
      * Force refresh the cache with fresh data from database.
      * If refresh fails, keeps the old cache (graceful degradation).
@@ -78,7 +100,16 @@ private void refreshConfig(DataActor dataActor) {
         try {
             logger.infoAndAddToDb("Refreshing account configuration cache");
             AccountSettings accountSettings = dataActor.fetchAccountSettings();
-            logger.infoAndAddToDb("Fetched accountSettings in configuration cache");
+
+            logger.infoAndAddToDb("Fetched accountSettings in configuration cache. accountSettings is null: " + (accountSettings == null));
+
+            if (accountSettings == null) {
+                logger.errorAndAddToDb("fetchAccountSettings returned null. Cannot refresh cache");
+                return;
+            }
+
+            logger.infoAndAddToDb("AccountSettings ID: " + accountSettings.getId());
+
             List <ApiCollection> apiCollections = new ArrayList<>();
             if (accountSettings.getId() != 1758179941) {
                 apiCollections = dataActor.fetchAllApiCollections();

apps/threat-detection/src/main/java/com/akto/threat/detection/tasks/MaliciousTrafficDetectorTask.java

@@ -189,7 +189,6 @@ public void run() {
               }
 
               AccountConfig config = AccountConfigurationCache.getInstance().getConfig(dataActor);
-              Context.accountId.set(config.getAccountId());
               Context.isRedactPayload.set(config.isRedacted());
 
               for (ConsumerRecord<String, byte[]> record : records) {
@@ -433,8 +432,8 @@ public static List<SchemaConformanceError> handleSchemaConformFilter(HttpRespons
 
   private void processRecord(HttpResponseParam record) throws Exception {
     HttpResponseParams responseParam = buildHttpResponseParam(record);
+    Context.accountId.set(Integer.parseInt(responseParam.getAccountId()));
     String actor = this.threatConfigEvaluator.getActorId(responseParam);
-
     if (actor == null || actor.isEmpty()) {
       logger.warnAndAddToDb("Dropping processing of record with no actor IP, account: " + responseParam.getAccountId());
       return;