UserController.java

package net.petrikainulainen.springdata.jpa.web.security;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.userdetails.User;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

/**
 * This controller provides the public API that is used to return the information
 * of the authenticated user.
 *
 * @author Petri Kainulainen
 */
@RestController
final class UserController {

    private static final Logger LOGGER = LoggerFactory.getLogger(UserController.class);

    /**
     * Returns the information of the authenticated user as JSON. The returned information
     * contains the username and the user role of the authenticated user.
     *
     * @param authenticatedUser The information of the authenticated user.
     * @return
     */
    @RequestMapping(value = "/api/authenticated-user", method = RequestMethod.GET)
    public UserDTO getAuthenticatedUser(@AuthenticationPrincipal User authenticatedUser) {
        LOGGER.info("Getting authenticated user.");

        if (authenticatedUser == null) {
            //If anonymous users can access this controller method, someone has changed
            //the security configuration and it must be fixed.
            LOGGER.error("Authenticated user is not found.");
            throw new AccessDeniedException("Anonymous users cannot request the information of the authenticated user.");
        }
        else {
            LOGGER.info("User with username: {} is authenticated", authenticatedUser.getUsername());
            return new UserDTO(authenticatedUser.getUsername(), authenticatedUser.getAuthorities());
        }
    }
}