opa-java/src/main/java/org/openpodcastapi/opa/auth/ApiSecurityHandlers.java at 0df44374ea7feea3e1222c45b229870e2cd8fa13 · OpenPodcastAPI/opa-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
package org.openpodcastapi.opa.auth;

import jakarta.servlet.http.HttpServletResponse;
import org.springframework.context.annotation.Bean;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

@Component
public class ApiSecurityHandlers {
    /// Returns an unauthorized response for unauthenticate API queries
    @Bean
    public AuthenticationEntryPoint apiAuthenticationEntryPoint() {
        return (_, response, authException) -> {
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            response.setContentType("application/json");
            response.getWriter().write("""
                    {"error": "unauthorized", "message": "%s"}
                    """.formatted(authException.getMessage()));
        };
    }

    /// Returns a forbidden response for API queries
    @Bean
    public AccessDeniedHandler apiAccessDeniedHandler() {
        return (_, response, exception) -> {
            response.setStatus(HttpServletResponse.SC_FORBIDDEN);
            response.setContentType("application/json");
            response.getWriter().write("""
                    {"error": "forbidden", "message": "%s"}
                    """.formatted(exception.getMessage()));
        };
    }
}