Skip to content

Commit

Permalink
added Exception Handler
Browse files Browse the repository at this point in the history
  • Loading branch information
Max Handke committed Jan 12, 2024
1 parent 6c34dad commit edee6d7
Show file tree
Hide file tree
Showing 4 changed files with 46 additions and 4 deletions.
33 changes: 33 additions & 0 deletions src/main/java/com/example/kickevent/security/ExceptionHandlerFilter.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
package com.example.kickevent.security;

import com.example.kickevent.exceptions.JwtTokenExpiredException;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;


@Component
public class ExceptionHandlerFilter extends OncePerRequestFilter {
@Override
public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
try {
filterChain.doFilter(request, response);

} catch (JwtTokenExpiredException e) {
response.sendError(HttpStatus.UNAUTHORIZED.value(),e.getMessage());
e.printStackTrace();
} catch (RuntimeException e) {
e.printStackTrace();
response.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value(),e.getMessage());
}
}



}
9 changes: 7 additions & 2 deletions src/main/java/com/example/kickevent/security/JwtRequestFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public class JwtRequestFilter extends OncePerRequestFilter {

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws ServletException, IOException {
throws ServletException, IOException, JwtTokenExpiredException {

response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
Expand All @@ -42,7 +42,10 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, x-requested-with, Cache-Control, Access-Control-Allow-Methods, Access-Control-Allow-Headers, access-control-allow-origin ");

final String requestTokenHeader = request.getHeader("Authorization");

if(request.getRequestURI().equals("/refreshtoken")) {
chain.doFilter(request, response);
return;
}
String username = null;
String jwtToken = null;
// JWT Token is in the form "Bearer token". Remove Bearer word and get
Expand All @@ -54,7 +57,9 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
} catch (IllegalArgumentException e) {
System.out.println("Unable to get JWT Token");
} catch (ExpiredJwtException e) {

throw new JwtTokenExpiredException("JWT Token expired");

}
} else {
logger.info(jwtToken);
Expand Down
6 changes: 5 additions & 1 deletion src/main/java/com/example/kickevent/security/WebSecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtRequestFilter jwtRequestFilter;

@Autowired
private ExceptionHandlerFilter exceptionHandlerFilter;


@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
Expand Down Expand Up @@ -63,7 +66,7 @@ protected void configure(HttpSecurity httpSecurity) throws Exception {
// dont authenticate this particular request
.authorizeRequests().requestMatchers(CorsUtils::isCorsRequest).permitAll()
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
.antMatchers("/login", "/register", "/refreshtoken", "/api/event","/user").permitAll().
.antMatchers("/login", "/register", "/refreshtoken", "/api/event","/user","/error").permitAll().
// all other requests need to be authenticated
anyRequest().authenticated().and().
// make sure we use stateless session; session won't be used to
Expand All @@ -73,6 +76,7 @@ protected void configure(HttpSecurity httpSecurity) throws Exception {

// Add a filter to validate the tokens with every request
httpSecurity.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
httpSecurity.addFilterBefore(exceptionHandlerFilter, JwtRequestFilter.class);
}


Expand Down
2 changes: 1 addition & 1 deletion src/main/resources/application.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ user.refreshtoken.expirationTimeInMs=86400000
server.error.include-message=always
server.error.include-binding-errors=always
server.error.include-stacktrace=never
server.error.include-exception=false
server.error.include-exception=true
logging.level.org.springframework.web= DEBUG
logging.level.org.springframework.security=DEBUG

Expand Down

0 comments on commit edee6d7

Please sign in to comment.