Add controlleradvice. Important: ControllerAdvice doesn't work with filters
This commit is contained in:
@ -0,0 +1,18 @@
|
|||||||
|
package ch.dlmw.swisssignchallenge.controllers;
|
||||||
|
|
||||||
|
import org.openapitools.model.ErrorResponse;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||||
|
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||||
|
|
||||||
|
import java.util.NoSuchElementException;
|
||||||
|
|
||||||
|
@RestControllerAdvice
|
||||||
|
public class ControllerAdvice {
|
||||||
|
@ExceptionHandler(value = {NoSuchElementException.class})
|
||||||
|
public ResponseEntity<ErrorResponse> handleAuthenticationException(Exception e) {
|
||||||
|
var response = new ErrorResponse("TODO", HttpStatus.UNAUTHORIZED.value());
|
||||||
|
return new ResponseEntity<>(response, HttpStatus.UNAUTHORIZED);
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -0,0 +1,7 @@
|
|||||||
|
package ch.dlmw.swisssignchallenge.exceptions;
|
||||||
|
|
||||||
|
public class JwtAuthenticationException extends RuntimeException {
|
||||||
|
public JwtAuthenticationException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -1,10 +1,14 @@
|
|||||||
package ch.dlmw.swisssignchallenge.filters;
|
package ch.dlmw.swisssignchallenge.filters;
|
||||||
|
|
||||||
|
import ch.dlmw.swisssignchallenge.exceptions.JwtAuthenticationException;
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import jakarta.servlet.FilterChain;
|
import jakarta.servlet.FilterChain;
|
||||||
import jakarta.servlet.ServletException;
|
import jakarta.servlet.ServletException;
|
||||||
import jakarta.servlet.http.HttpServletRequest;
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import jakarta.servlet.http.HttpServletResponse;
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
import org.openapitools.model.ErrorResponse;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
@ -24,33 +28,44 @@ public class JwtRequestFilter extends OncePerRequestFilter {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private UserDetailsService userDetailsService;
|
private UserDetailsService userDetailsService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
ObjectMapper objectMapper;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private JwtUtil jwtUtil;
|
private JwtUtil jwtUtil;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||||
final String authorizationHeader = request.getHeader("Authorization");
|
try {
|
||||||
|
final String authorizationHeader = request.getHeader("Authorization");
|
||||||
|
|
||||||
String username = null;
|
String username = null;
|
||||||
String jwt = null;
|
String jwt = null;
|
||||||
|
|
||||||
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
|
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
|
||||||
jwt = authorizationHeader.substring(7);
|
jwt = authorizationHeader.substring(7);
|
||||||
username = jwtUtil.extractUsername(jwt);
|
username = jwtUtil.extractUsername(jwt);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||||
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
|
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
|
||||||
|
|
||||||
|
if (!jwtUtil.validateToken(jwt, userDetails)) {
|
||||||
|
throw new JwtAuthenticationException("Couldn't validate token");
|
||||||
|
}
|
||||||
|
|
||||||
if (jwtUtil.validateToken(jwt, userDetails)) {
|
|
||||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
|
||||||
userDetails, null, userDetails.getAuthorities());
|
userDetails, null, userDetails.getAuthorities());
|
||||||
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
filterChain.doFilter(request, response);
|
filterChain.doFilter(request, response);
|
||||||
|
} catch (Exception e) {
|
||||||
|
response.setContentType("application/json");
|
||||||
|
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||||
|
response.getWriter().write(objectMapper.writeValueAsString(new ErrorResponse("Couldn't authenticate", HttpStatus.UNAUTHORIZED.value())));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
Reference in New Issue
Block a user