diff --git a/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java b/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java index 2f55559..ff6000c 100644 --- a/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java +++ b/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java @@ -28,21 +28,25 @@ public final class AuthController { this.authService = authService; } + private ResponseEntity getLoginViewResponseEntity(LoginDetails loginDetails) { + final AuthToken refreshToken = loginDetails.getRefreshToken(); + final ResponseCookie refreshCookie = getRefreshTokenCookie( + refreshToken.getToken(), + refreshToken.getLifetime() + ); + final var loginView = new LoginView( + loginDetails.getUsername(), loginDetails.getAccessToken().getToken() + ); + return ResponseEntity.ok() + .header(HttpHeaders.SET_COOKIE, refreshCookie.toString()) + .body(loginView); + } + @PostMapping("/login") public ResponseEntity login(@RequestBody LoginBody loginBody) { try { final LoginDetails loginDetails = this.authService.login(loginBody.getUsername(), loginBody.getPassword()); - final AuthToken refreshToken = loginDetails.getRefreshToken(); - final ResponseCookie refreshCookie = getRefreshTokenCookie( - refreshToken.getToken(), - refreshToken.getLifetime() - ); - final var loginView = new LoginView( - loginDetails.getUsername(), loginDetails.getAccessToken().getToken() - ); - return ResponseEntity.ok() - .header(HttpHeaders.SET_COOKIE, refreshCookie.toString()) - .body(loginView); + return this.getLoginViewResponseEntity(loginDetails); } catch (LoginException loginException) { return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); } @@ -54,15 +58,7 @@ public final class AuthController { ) { try { final LoginDetails loginDetails = this.authService.refresh(oldRefreshToken); - final AuthToken newRefreshToken = loginDetails.getRefreshToken(); - final ResponseCookie refreshCookie = getRefreshTokenCookie( - newRefreshToken.getToken(), - newRefreshToken.getLifetime() - ); - final var loginView = new LoginView(loginDetails.getUsername(), loginDetails.getAccessToken().getToken()); - return ResponseEntity.ok() - .header(HttpHeaders.SET_COOKIE, refreshCookie.toString()) - .body(loginView); + return this.getLoginViewResponseEntity(loginDetails); } catch (LoginException loginException) { return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); } diff --git a/src/main/java/app/mealsmadeeasy/api/jwt/JwtServiceImpl.java b/src/main/java/app/mealsmadeeasy/api/jwt/JwtServiceImpl.java index 79a1926..d083d2d 100644 --- a/src/main/java/app/mealsmadeeasy/api/jwt/JwtServiceImpl.java +++ b/src/main/java/app/mealsmadeeasy/api/jwt/JwtServiceImpl.java @@ -2,7 +2,6 @@ package app.mealsmadeeasy.api.jwt; import app.mealsmadeeasy.api.security.AuthToken; import app.mealsmadeeasy.api.security.SimpleAuthToken; -import com.fasterxml.jackson.databind.ObjectMapper; import io.jsonwebtoken.JwtException; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.io.Serializer; @@ -23,7 +22,6 @@ public final class JwtServiceImpl implements JwtService { private final SecretKey secretKey; public JwtServiceImpl( - ObjectMapper objectMapper, @Value("${app.mealsmadeeasy.api.security.access-token-lifetime}") Long accessTokenLifetime, SecretKey secretKey ) { diff --git a/src/main/java/app/mealsmadeeasy/api/security/JwtFilter.java b/src/main/java/app/mealsmadeeasy/api/security/JwtFilter.java index 53c8c19..0bc2ddd 100644 --- a/src/main/java/app/mealsmadeeasy/api/security/JwtFilter.java +++ b/src/main/java/app/mealsmadeeasy/api/security/JwtFilter.java @@ -2,7 +2,8 @@ package app.mealsmadeeasy.api.security; import app.mealsmadeeasy.api.jwt.JwtService; import com.fasterxml.jackson.databind.ObjectMapper; -import io.jsonwebtoken.security.SecurityException; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.JwtException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -37,6 +38,12 @@ public final class JwtFilter extends OncePerRequestFilter { this.objectMapper = objectMapper; } + private void handleSecurityException(HttpServletResponse response, int status, String message) throws IOException { + final SecurityExceptionView view = new SecurityExceptionView(status, message); + response.setStatus(status); + response.getWriter().write(this.objectMapper.writeValueAsString(view)); + } + @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { @@ -51,11 +58,16 @@ public final class JwtFilter extends OncePerRequestFilter { final String username; try { username = this.jwtService.getSubject(token); - } catch (SecurityException e) { - logger.error("Error while getting username from token.", e); - final SecurityExceptionView view = new SecurityExceptionView(401, e.getMessage()); - response.setStatus(401); - response.getWriter().write(this.objectMapper.writeValueAsString(view)); + } catch (ExpiredJwtException expiredJwtException) { + this.handleSecurityException( + response, + HttpServletResponse.SC_UNAUTHORIZED, + expiredJwtException.getMessage() + ); + return; + } catch (JwtException jwtException) { + logger.error("Error while getting username from token.", jwtException); + this.handleSecurityException(response, HttpServletResponse.SC_UNAUTHORIZED, jwtException.getMessage()); return; } final UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);