KON-703 Keine Authentifizierung - Logout/Portal Page
diff --git a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationEntryPoint.java b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationEntryPoint.java
index 85a5eda..63f09a9 100644
--- a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationEntryPoint.java
+++ b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationEntryPoint.java
@@ -14,16 +14,20 @@
*/
package org.eclipse.openk.contactbasedata.config.auth;
+import feign.FeignException;
+import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.Serializable;
-@Component
+@ControllerAdvice
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint, Serializable {
@Override
@@ -31,4 +35,12 @@
AuthenticationException authException) throws IOException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
}
+
+ @ExceptionHandler(value = {AccessDeniedException.class})
+ public void commence(HttpServletRequest request, HttpServletResponse response,
+ AccessDeniedException accessDeniedException) throws IOException {
+ //map to 403
+ response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Failed : " + accessDeniedException.getMessage());
+ }
+
}
diff --git a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationTokenFilter.java b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationTokenFilter.java
index 88ecc25..5138830 100644
--- a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationTokenFilter.java
+++ b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtAuthenticationTokenFilter.java
@@ -15,6 +15,7 @@
package org.eclipse.openk.contactbasedata.config.auth;
+import org.eclipse.openk.contactbasedata.exceptions.UnauthorizedException;
import org.keycloak.RSATokenVerifier;
import org.keycloak.representations.AccessToken;
import org.springframework.beans.factory.annotation.Value;
@@ -50,11 +51,10 @@
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
String authenticationHeader = useStaticJwt ? staticJwt : request.getHeader(this.tokenHeader);
-
try {
SecurityContext context= SecurityContextHolder.getContext();
- if(authenticationHeader != null) {
+ if(authenticationHeader != null && !authenticationHeader.isEmpty()) {
final String bearerTkn= authenticationHeader.replace("Bearer ", "");
diff --git a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtTokenValidationFilter.java b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtTokenValidationFilter.java
index fe57506..719af4c 100644
--- a/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtTokenValidationFilter.java
+++ b/src/main/java/org/eclipse/openk/contactbasedata/config/auth/JwtTokenValidationFilter.java
@@ -47,7 +47,7 @@
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
String authenticationHeader = useStaticJwt ? null : request.getHeader(this.tokenHeader);
- if(authenticationHeader != null) {
+ if(authenticationHeader != null && !authenticationHeader.isEmpty()) {
final String bearerTkn= authenticationHeader.replace("Bearer ", "");
Response res = authNAuthApi.isTokenValid(bearerTkn);
if( res.status() != HttpStatus.OK.value() ) {
diff --git a/src/main/java/org/eclipse/openk/contactbasedata/exceptions/FeignExceptionHandler.java b/src/main/java/org/eclipse/openk/contactbasedata/exceptions/FeignExceptionHandler.java
new file mode 100644
index 0000000..576e8ce
--- /dev/null
+++ b/src/main/java/org/eclipse/openk/contactbasedata/exceptions/FeignExceptionHandler.java
@@ -0,0 +1,17 @@
+package org.eclipse.openk.contactbasedata.exceptions;
+
+import feign.FeignException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+import javax.servlet.http.HttpServletResponse;
+
+@RestControllerAdvice
+public class FeignExceptionHandler {
+
+ @ExceptionHandler(FeignException.class)
+ public String handleFeignStatusException(FeignException e, HttpServletResponse response) {
+ response.setStatus(e.status());
+ return "feignError";
+ }
+}
