Add controlleradvice. Important: ControllerAdvice doesn't work with filters

src/main/java/ch/dlmw/swisssignchallenge/controllers/ControllerAdvice.java

@@ -0,0 +1,18 @@
+package ch.dlmw.swisssignchallenge.controllers;
+
+import org.openapitools.model.ErrorResponse;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+import java.util.NoSuchElementException;
+
+@RestControllerAdvice
+public class ControllerAdvice {
+    @ExceptionHandler(value = {NoSuchElementException.class})
+    public ResponseEntity<ErrorResponse> handleAuthenticationException(Exception e) {
+        var response = new ErrorResponse("TODO", HttpStatus.UNAUTHORIZED.value());
+        return new ResponseEntity<>(response, HttpStatus.UNAUTHORIZED);
+    }
+}

src/main/java/ch/dlmw/swisssignchallenge/exceptions/JwtAuthenticationException.java

@@ -0,0 +1,7 @@
+package ch.dlmw.swisssignchallenge.exceptions;
+
+public class JwtAuthenticationException extends RuntimeException {
+    public JwtAuthenticationException(String message) {
+        super(message);
+    }
+}

src/main/java/ch/dlmw/swisssignchallenge/filters/JwtRequestFilter.java

@@ -1,10 +1,14 @@
 package ch.dlmw.swisssignchallenge.filters;
 
+import ch.dlmw.swisssignchallenge.exceptions.JwtAuthenticationException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.openapitools.model.ErrorResponse;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -24,11 +28,15 @@ public class JwtRequestFilter extends OncePerRequestFilter {
     @Autowired
     private UserDetailsService userDetailsService;
 
+    @Autowired
+    ObjectMapper objectMapper;
+
     @Autowired
     private JwtUtil jwtUtil;
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        try {
             final String authorizationHeader = request.getHeader("Authorization");
 
             String username = null;
@@ -42,15 +50,22 @@ public class JwtRequestFilter extends OncePerRequestFilter {
             if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                 UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
 
-            if (jwtUtil.validateToken(jwt, userDetails)) {
+                if (!jwtUtil.validateToken(jwt, userDetails)) {
+                    throw new JwtAuthenticationException("Couldn't validate token");
+                }
+
                 UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
                         userDetails, null, userDetails.getAuthorities());
                 authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
                 SecurityContextHolder.getContext().setAuthentication(authenticationToken);
             }
-        }
 
             filterChain.doFilter(request, response);
+        } catch (Exception e) {
+            response.setContentType("application/json");
+            response.setStatus(HttpStatus.UNAUTHORIZED.value());
+            response.getWriter().write(objectMapper.writeValueAsString(new ErrorResponse("Couldn't authenticate", HttpStatus.UNAUTHORIZED.value())));
+        }
     }
 
     @Override