From 712fbaa3a72b5c29b9e6e892691eee574a02872e Mon Sep 17 00:00:00 2001 From: Paulo Gustavo Veiga Date: Tue, 12 Dec 2023 18:07:44 -0800 Subject: [PATCH] Handle authentication errors to avoid being reported as 500 --- .../java/com/wisemapping/config/Application.java | 2 -- .../java/com/wisemapping/rest/BaseController.java | 15 ++++++++++----- .../com/wisemapping/rest/MindmapController.java | 1 - 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/wise-webapp/src/main/java/com/wisemapping/config/Application.java b/wise-webapp/src/main/java/com/wisemapping/config/Application.java index 54b02bda..55c03aed 100644 --- a/wise-webapp/src/main/java/com/wisemapping/config/Application.java +++ b/wise-webapp/src/main/java/com/wisemapping/config/Application.java @@ -1,11 +1,9 @@ package com.wisemapping.config; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.ImportResource; -import org.springframework.transaction.TransactionManager; import org.springframework.transaction.annotation.EnableTransactionManagement; import org.springframework.web.servlet.HandlerExceptionResolver; import org.springframework.web.servlet.ViewResolver; diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java index 3e5b4180..2ab871d3 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java @@ -37,6 +37,7 @@ import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.context.support.ResourceBundleMessageSource; import org.springframework.http.HttpStatus; +import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; @@ -55,9 +56,6 @@ public class BaseController { @Autowired ServletContext context; - @Autowired - private NotificationService notificationService; - @ExceptionHandler(IllegalArgumentException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) @ResponseBody @@ -65,9 +63,16 @@ public class BaseController { return new RestErrors(ex.getMessage(), Severity.WARNING); } + @ExceptionHandler(AuthenticationCredentialsNotFoundException.class) + @ResponseStatus(HttpStatus.FORBIDDEN) + public RestErrors handleAuthException(@NotNull final AuthenticationCredentialsNotFoundException ex) { + logger.debug(ex.getMessage(), ex); + return new RestErrors("Authentication exception. Session must be expired. Try logging again.", Severity.INFO); + } + @ExceptionHandler(ValidationException.class) @ResponseStatus(HttpStatus.BAD_REQUEST) - public RestErrors handleValidationErrors(@NotNull ValidationException ex) { + public RestErrors handleValidationErrors(@NotNull final ValidationException ex) { logger.debug(ex.getMessage(), ex); return new RestErrors(ex.getErrors(), messageSource); } @@ -120,7 +125,7 @@ public class BaseController { public RestErrors handleServerErrors(@NotNull Exception ex, @NotNull HttpServletRequest request) { logger.error(ex.getMessage(), ex); final User user = Utils.getUser(false); - notificationService.reportJavaException(ex, user, request); +// notificationService.reportJavaException(ex, user, request); return new RestErrors(ex.getMessage(), Severity.SEVERE); } diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java index a3aea80e..53c471c3 100644 --- a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java +++ b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java @@ -109,7 +109,6 @@ public class MindmapController extends BaseController { @RequestMapping(method = RequestMethod.PUT, value = "/maps/{id}/document", consumes = {"application/json"}, produces = {"application/json"}) @ResponseStatus(value = HttpStatus.NO_CONTENT) @PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')") - public void updateDocument(@RequestBody RestMindmap restMindmap, @PathVariable int id, @RequestParam(required = false) boolean minor) throws WiseMappingException, IOException { final Mindmap mindmap = findMindmapById(id);