Что нужно сделать так, чтобы в исключении в классе SecurityConfig код httpservletresponse возвращается в зависимости от ⇐ JAVA

[Гость]

Так что, в зависимости от ошибки, возвращается различные httpservletresponse, не только sc_unauthorized, но и sc_service_unavailable, как мне это сделать? Например, для ошибки, связанной с токеном, возвращается код ошибки - SC_UNAuthorized и для других ошибок - SC_SERVICE_UNAVAILABLE. < /P>
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig{

private final JwtTokenFilter jwtTokenFilter;
private final CustomAuthenticationEntryPoint customAuthenticationEntryPoint;

@Bean
protected SecurityFilterChain configure(HttpSecurity http) throws Exception {
return http
.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(auth -> auth
.requestMatchers(antMatcher("/**/actuator/**")).permitAll()
.requestMatchers(antMatcher("/**/check/**")).permitAll()
.anyRequest().hasAuthority("PERMISSION")
)
.sessionManagement(
config -> config.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
)
.exceptionHandling(exception ->
exception.authenticationEntryPoint((request, response, ex) ->
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, ex.getMessage())//so that, depending on the error, different HttpServletResponse are returned, not only SC_UNAUTHORIZED, but also SC_SERVICE_UNAVAILABLE, how do I do this?
))
.addFilterBefore(jwtTokenFilter, UsernamePasswordAuthenticationFilter.class)
.build();
}
}
< /code>
Вот класс, который работает с токеном: < /p>
@Component
@Slf4j
@RequiredArgsConstructor
public class JwtTokenFilter extends OncePerRequestFilter {

private final JwtTokenParser jwtTokenParser;

@Value("${sppi.security.enabled}")
private boolean securityEnabled;

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
String token = getTokenFromHeader(request);

if (Objects.isNull(token) && securityEnabled) {
chain.doFilter(request, response);
return;
}

try {
UserDetails userDetails = getUsernameFromTokenAndAddHeaderIfExpired(token, response);
if (Objects.isNull(userDetails)) {
chain.doFilter(request, response);
return;
}

response.setHeader("username", userDetails.getUsername());
chain.doFilter(request, response);

} catch (RestClientException e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_BAD_GATEWAY);
}
}

private String getTokenFromHeader(HttpServletRequest request) {
String header = request.getHeader(HttpHeaders.AUTHORIZATION);
if (Objects.isNull(header) || !header.startsWith("Bearer "))
return null;
else {
return header.split(" ")[1].trim();
}
}

public UserDetails getUsernameFromTokenAndAddHeaderIfExpired(String token, HttpServletResponse response) {
UserDetails userDetails = null;
try {
userDetails = jwtTokenParser.getUserFromToken(token);
} catch (SignatureException ex) {
log.info("Invalid JWT signature - {}", ex.getMessage());
} catch (MalformedJwtException ex) {
log.info("Invalid JWT token - {}", ex.getMessage());
} catch (ExpiredJwtException ex) {
log.info("Expired JWT token - {}", ex.getMessage());
response.setHeader("is-token-expired", String.valueOf(true));
} catch (UnsupportedJwtException ex) {
log.info("Unsupported JWT token - {}", ex.getMessage());
} catch (IllegalArgumentException ex) {
log.info("JWT claims string is empty - {}", ex.getMessage());
} catch (CertificateException ex) {
log.info("Certificate factory not available - {}", ex.getMessage());
}

return userDetails;
}
}


Подробнее здесь: https://stackoverflow.com/questions/796 ... nfig-the-h