Improve logging for session refresh token status

Signed-off-by: Yosri Barhoumi <med.yosri.brh@gmail.com>

pkg/apis/sessions/session_state.go

@@ -123,6 +123,8 @@ func (s *SessionState) String() string {
 	}
 	if s.RefreshToken != "" {
 		o += " refresh_token:true"
+	} else {
+		o += " refresh_token:false"
 	}
 	if len(s.Groups) > 0 {
 		o += fmt.Sprintf(" groups:%v", s.Groups)

pkg/apis/sessions/session_state_test.go

@@ -4,6 +4,7 @@ import (
 	"crypto/rand"
 	"fmt"
 	"io"
+	"strings"
 	"testing"
 	"time"
 
@@ -289,3 +290,31 @@ func compareSessionStates(t *testing.T, expected *SessionState, actual *SessionS
 	act.ExpiresOn = nil
 	assert.Equal(t, exp, act)
 }
+
+func TestSessionState_String_RefreshTokenFalse(t *testing.T) {
+	session := &SessionState{
+		Email: "test@example.com",
+		User:  "testuser",
+		// No RefreshToken set
+	}
+
+	result := session.String()
+
+	if !strings.Contains(result, "refresh_token:false") {
+		t.Errorf("Expected 'refresh_token:false' in output, got: %s", result)
+	}
+}
+
+func TestSessionState_String_RefreshTokenTrue(t *testing.T) {
+	session := &SessionState{
+		Email:        "test@example.com",
+		User:         "testuser",
+		RefreshToken: "some-token",
+	}
+
+	result := session.String()
+
+	if !strings.Contains(result, "refresh_token:true") {
+		t.Errorf("Expected 'refresh_token:true' in output, got: %s", result)
+	}
+}

pkg/middleware/stored_session.go

@@ -222,6 +222,7 @@ func (s *storedSessionLoader) refreshSession(rw http.ResponseWriter, req *http.R
 
 	// Session not refreshed, nothing to persist.
 	if !refreshed {
+		logger.Printf("Session not refreshed - User: %s; no refresh token available or provider returned false", session.User)
 		return nil
 	}