implement json exception handling
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -0,0 +1,61 @@
|
||||
package wtf.beatrice.releasehive.exceptions;
|
||||
|
||||
import io.jsonwebtoken.ExpiredJwtException;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.http.HttpStatusCode;
|
||||
import org.springframework.http.ProblemDetail;
|
||||
import org.springframework.security.authentication.AccountStatusException;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
|
||||
import java.nio.file.AccessDeniedException;
|
||||
import java.security.SignatureException;
|
||||
|
||||
@RestControllerAdvice
|
||||
public class GlobalExceptionHandler
|
||||
{
|
||||
private static final Logger LOGGER = LogManager.getLogger(GlobalExceptionHandler.class);
|
||||
|
||||
@ExceptionHandler(Exception.class)
|
||||
public ProblemDetail handleSecurityException(Exception exception) {
|
||||
ProblemDetail errorDetail = null;
|
||||
|
||||
LOGGER.error(exception);
|
||||
|
||||
if (exception instanceof BadCredentialsException) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(401), exception.getMessage());
|
||||
errorDetail.setProperty("description", "Invalid email or password");
|
||||
|
||||
return errorDetail;
|
||||
}
|
||||
|
||||
if (exception instanceof AccountStatusException) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
|
||||
errorDetail.setProperty("description", "Account locked");
|
||||
}
|
||||
|
||||
if (exception instanceof AccessDeniedException) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
|
||||
errorDetail.setProperty("description", "You are not authorized to access this resource");
|
||||
}
|
||||
|
||||
if (exception instanceof SignatureException) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
|
||||
errorDetail.setProperty("description", "Invalid JWT signature");
|
||||
}
|
||||
|
||||
if (exception instanceof ExpiredJwtException) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
|
||||
errorDetail.setProperty("description", "Expired JWT token");
|
||||
}
|
||||
|
||||
if (errorDetail == null) {
|
||||
errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(500), exception.getMessage());
|
||||
errorDetail.setProperty("description", "Internal server error");
|
||||
}
|
||||
|
||||
return errorDetail;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user