From 5bd9ff42ec38408bf9dfb0e2413d5f20d702aba1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beatrice=20Dellac=C3=A0?= <hello@beatrice.wtf>
Date: Wed, 7 Aug 2024 22:51:47 +0200
Subject: [PATCH] implement json exception handling

---
 .../exceptions/GlobalExceptionHandler.java    | 61 +++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 src/main/java/wtf/beatrice/releasehive/exceptions/GlobalExceptionHandler.java

diff --git a/src/main/java/wtf/beatrice/releasehive/exceptions/GlobalExceptionHandler.java b/src/main/java/wtf/beatrice/releasehive/exceptions/GlobalExceptionHandler.java
new file mode 100644
index 0000000..2b68c65
--- /dev/null
+++ b/src/main/java/wtf/beatrice/releasehive/exceptions/GlobalExceptionHandler.java
@@ -0,0 +1,61 @@
+package wtf.beatrice.releasehive.exceptions;
+
+import io.jsonwebtoken.ExpiredJwtException;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.http.HttpStatusCode;
+import org.springframework.http.ProblemDetail;
+import org.springframework.security.authentication.AccountStatusException;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+import java.nio.file.AccessDeniedException;
+import java.security.SignatureException;
+
+@RestControllerAdvice
+public class GlobalExceptionHandler
+{
+    private static final Logger LOGGER = LogManager.getLogger(GlobalExceptionHandler.class);
+
+    @ExceptionHandler(Exception.class)
+    public ProblemDetail handleSecurityException(Exception exception) {
+        ProblemDetail errorDetail = null;
+
+        LOGGER.error(exception);
+
+        if (exception instanceof BadCredentialsException) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(401), exception.getMessage());
+            errorDetail.setProperty("description", "Invalid email or password");
+
+            return errorDetail;
+        }
+
+        if (exception instanceof AccountStatusException) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
+            errorDetail.setProperty("description", "Account locked");
+        }
+
+        if (exception instanceof AccessDeniedException) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
+            errorDetail.setProperty("description", "You are not authorized to access this resource");
+        }
+
+        if (exception instanceof SignatureException) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
+            errorDetail.setProperty("description", "Invalid JWT signature");
+        }
+
+        if (exception instanceof ExpiredJwtException) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(403), exception.getMessage());
+            errorDetail.setProperty("description", "Expired JWT token");
+        }
+
+        if (errorDetail == null) {
+            errorDetail = ProblemDetail.forStatusAndDetail(HttpStatusCode.valueOf(500), exception.getMessage());
+            errorDetail.setProperty("description", "Internal server error");
+        }
+
+        return errorDetail;
+    }
+}