Reduce log level in HttpJwtAuthenticator if request cannot be authenticated

[cwperks]

Description

Reduces a log message in HttpJwtAuthenticator to debug level if the request cannot be authenticated with any of the configured signing keys.

If authentication fails across all configured authentication domains, there is a catch all warning message in BackendRegistry here. This message in HttpJwtAuthenticator is redundant and can be reduced in severity since it is not an error in the application and expected behavior if a request is sent with a bad JWT.

• Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation)

Maintenance

Issues Resolved

Resolves: #4910

Check List

• New functionality includes testing
• New functionality has been documented
• New Roles/Permissions have a corresponding security dashboards plugin PR
• API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

Attention: Patch coverage is 50.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 71.42%. Comparing base (4aa7b1c) to head (fb3b40a).

Files with missing lines	Patch %	Lines
...mazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java	50.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #4913   +/-   ##
=======================================
  Coverage   71.41%   71.42%           
=======================================
  Files         334      334           
  Lines       22515    22516    +1     
  Branches     3585     3586    +1     
=======================================
+ Hits        16080    16081    +1     
+ Misses       4643     4642    -1     
- Partials     1792     1793    +1     

Files with missing lines	Coverage Δ
...mazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java	79.67% <50.00%> (-0.66%)	⬇️

... and 2 files with indirect coverage changes

[nibix]

I'd recommend to just change log.error() to log.debug() without the if statement. The same check will be done in the if just again inside the call:

https://github.com/apache/logging-log4j2/blob/20035c443e66b9623bde447facde15f54026fa29/log4j-api/src/main/java/org/apache/logging/log4j/spi/AbstractLogger.java#L2312-L2321

As we are just logging a constant without any further stuff, this should not incur any significant overhead.

Additionally, codecov will then see a 100% patch coverage.