From 0e1a406108c909432dd0137e84ac015e3139cb1b Mon Sep 17 00:00:00 2001
From: kyeong-hyeok <minkh4227@naver.com>
Date: Fri, 8 Dec 2023 00:34:08 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20JwtAccessDeniedHandler=20=EC=BB=A4?=
 =?UTF-8?q?=EC=8A=A4=ED=85=80=20=EC=97=90=EB=9F=AC=20=EB=B0=98=ED=99=98=20?=
 =?UTF-8?q?=EC=84=A4=EC=A0=95=20(#63)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/project/mapdagu/error/ErrorCode.java  |  4 ++++
 .../mapdagu/jwt/JwtAccessDeniedHandler.java   | 20 +++++++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/project/mapdagu/error/ErrorCode.java b/src/main/java/com/project/mapdagu/error/ErrorCode.java
index bd70e8e..27cd454 100644
--- a/src/main/java/com/project/mapdagu/error/ErrorCode.java
+++ b/src/main/java/com/project/mapdagu/error/ErrorCode.java
@@ -4,6 +4,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
 
+import static org.apache.http.HttpStatus.SC_UNAUTHORIZED;
 import static org.springframework.http.HttpStatus.*;
 
 
@@ -11,6 +12,9 @@
 @RequiredArgsConstructor
 public enum ErrorCode {
 
+    NOT_ALLOWED_MEMBER(FORBIDDEN, "해당 요청에 대한 권한이 없습니다."),
+    NOT_AUTHENTICATED_REQUEST(SC_UNAUTHORIZED, "유효한 JWT 토큰이 없습니다."),
+
     TOKEN_NOT_EXIST(NOT_FOUND, "토큰이 존재하지 않습니다."),
     INVALID_TOKEN(UNAUTHORIZED, "잘못된 토큰입니다."),
 
diff --git a/src/main/java/com/project/mapdagu/jwt/JwtAccessDeniedHandler.java b/src/main/java/com/project/mapdagu/jwt/JwtAccessDeniedHandler.java
index d45695f..bac8f6e 100644
--- a/src/main/java/com/project/mapdagu/jwt/JwtAccessDeniedHandler.java
+++ b/src/main/java/com/project/mapdagu/jwt/JwtAccessDeniedHandler.java
@@ -1,5 +1,7 @@
 package com.project.mapdagu.jwt;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.project.mapdagu.error.dto.ErrorResponse;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -9,6 +11,8 @@
 
 import java.io.IOException;
 
+import static com.project.mapdagu.error.ErrorCode.NOT_ALLOWED_MEMBER;
+
 /**
  * 필요한 권한이 존재하지 않는 경우에 403 Forbidden 에러를 리턴
  */
@@ -16,10 +20,22 @@
 @Component
 public class JwtAccessDeniedHandler implements AccessDeniedHandler {
 
+    private final ObjectMapper objectMapper;
+
+    public JwtAccessDeniedHandler(ObjectMapper objectMapper) {
+        this.objectMapper = objectMapper;
+    }
+
     @Override
     public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
-        //필요한 권한이 없이 접근하려 할때 403
+        // 필요한 권한이 없이 접근하려 할때 403
         log.info("허가 받지 않은 사용자의 접근입니다.");
-        response.sendError(HttpServletResponse.SC_FORBIDDEN);
+        ErrorResponse errorResponse = ErrorResponse.of(NOT_ALLOWED_MEMBER.getCode(), NOT_ALLOWED_MEMBER.getMessage());
+        String jsonResponse = objectMapper.writeValueAsString(errorResponse);
+
+        response.setContentType("application/json");
+        response.setCharacterEncoding("UTF-8");
+        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+        response.getWriter().write(jsonResponse);
     }
 }
\ No newline at end of file