From 44f900dfc9e9902db5b6323be0f75fdbccfe8470 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Theodor=20Angerg=C3=A5rd?= Date: Sat, 22 Jun 2024 23:35:07 +0200 Subject: [PATCH] Update --- .../api/client/ClientApiV1Controller.java | 20 ++++++++++++------- .../gamma/security/SecurityFiltersConfig.java | 7 ++++++- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/app/src/main/java/it/chalmers/gamma/adapter/primary/api/client/ClientApiV1Controller.java b/app/src/main/java/it/chalmers/gamma/adapter/primary/api/client/ClientApiV1Controller.java index 4e8ace482..325b9f80e 100644 --- a/app/src/main/java/it/chalmers/gamma/adapter/primary/api/client/ClientApiV1Controller.java +++ b/app/src/main/java/it/chalmers/gamma/adapter/primary/api/client/ClientApiV1Controller.java @@ -111,13 +111,19 @@ List getUsersForClient() { @GetMapping("/users/{id}") ClientV1User getUser(@PathVariable("id") UUID id) { - return this.userFacade - .get(id) - .map(ClientV1User::new) - .orElseThrow( - () -> - new ResponseStatusException( - HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized")); + Optional maybeUser; + + try { + maybeUser = this.userFacade.get(id); + } catch (AccessGuard.AccessDeniedException e) { + throw new ResponseStatusException(HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized"); + } + + if (maybeUser.isEmpty()) { + throw new ResponseStatusException(HttpStatus.NOT_FOUND, "User Not Found Or Unauthorized"); + } + + return maybeUser.map(ClientV1User::new).get(); } @GetMapping("/groups/for/{id}") diff --git a/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java b/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java index 6aac19e07..2530f675a 100644 --- a/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java +++ b/app/src/main/java/it/chalmers/gamma/security/SecurityFiltersConfig.java @@ -18,6 +18,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; @@ -32,6 +33,7 @@ import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext; import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.HttpStatusEntryPoint; import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler; @@ -114,7 +116,10 @@ SecurityFilterChain externalSecurityFilterChain( sessionManagement -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // Since only backends will call this - .csrf(csrf -> csrf.disable()); + .csrf(csrf -> csrf.disable()) + .exceptionHandling( + config -> + config.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))); return http.build(); }