package com.devicehive.resource.exceptions;
/*
* #%L
* DeviceHive Java Server Common business logic
* %%
* Copyright (C) 2016 DataArt
* %%
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* #L%
*/
import com.devicehive.configuration.Constants;
import com.devicehive.configuration.Messages;
import com.devicehive.model.ErrorResponse;
import org.springframework.security.access.AccessDeniedException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.ExceptionMapper;
import javax.ws.rs.ext.Provider;
import java.util.Optional;
@Provider
public class AccessDeniedExceptionMapper implements ExceptionMapper<AccessDeniedException> {
@Context
private HttpServletRequest request;
@Override
public Response toResponse(AccessDeniedException exception) {
String realm = Optional.ofNullable(request.getHeader(HttpHeaders.AUTHORIZATION))
.map(authHeader -> {
if (authHeader.startsWith(Constants.TOKEN_SCHEME)) {
return Messages.OAUTH_REALM;
} else {
return Messages.BASIC_REALM;
}
}).orElse(Messages.BASIC_REALM);
return Response.status(Response.Status.UNAUTHORIZED)
.type(MediaType.APPLICATION_JSON_TYPE)
.header(HttpHeaders.WWW_AUTHENTICATE, realm)
.entity(new ErrorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "Unauthorized"))
.build();
}
}