Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@Portals
Portals committed Jun 22, 2024
1 parent 48101c7 commit 44f900d
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 8 deletions.
20 changes: 13 additions & 7 deletions app/src/main/java/it/chalmers/gamma/adapter/primary/api/client/ClientApiV1Controller.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,13 +111,19 @@ List<ClientV1User> getUsersForClient() {

@GetMapping("/users/{id}")
ClientV1User getUser(@PathVariable("id") UUID id) {
return this.userFacade
.get(id)
.map(ClientV1User::new)
.orElseThrow(
() ->
new ResponseStatusException(
HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized"));
Optional<UserFacade.UserDTO> maybeUser;

try {
maybeUser = this.userFacade.get(id);
} catch (AccessGuard.AccessDeniedException e) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized");
}

if (maybeUser.isEmpty()) {
throw new ResponseStatusException(HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized");
}

return maybeUser.map(ClientV1User::new).get();
}

@GetMapping("/groups/for/{id}")
Expand Down
7 changes: 6 additions & 1 deletion app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
Expand All @@ -32,6 +33,7 @@
import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext;
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler;
Expand Down Expand Up @@ -114,7 +116,10 @@ SecurityFilterChain externalSecurityFilterChain(
sessionManagement ->
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
// Since only backends will call this
.csrf(csrf -> csrf.disable());
.csrf(csrf -> csrf.disable())
.exceptionHandling(
config ->
config.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)));
return http.build();
}

Expand Down

0 comments on commit 44f900d

Please sign in to comment.