opa-java/src/main/java/org/openpodcastapi/opa/auth/JwtAccessDeniedHandler.java at 278584cb5221389f598b94436f9a9dbf13a3c99f · OpenPodcastAPI/opa-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
package org.openpodcastapi.opa.auth;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import java.io.IOException;

@Component
public class JwtAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request,
                       HttpServletResponse response,
                       AccessDeniedException accessDeniedException) throws IOException {

        // If the user doesn't have access to the resource in question, return a 403
        response.setStatus(HttpStatus.FORBIDDEN.value());

        // Set content type to JSON
        response.setContentType("application/json");

        String body = """
                {
                    "error": "Forbidden",
                    "message": "You do not have permission to access this resource."
                }
                """;

        response.getWriter().write(body);
    }
}