From a862d2f81cd07edc1e06c935d93005dc589b3858 Mon Sep 17 00:00:00 2001 From: farrell-m Date: Thu, 30 May 2024 12:40:08 +0100 Subject: [PATCH] address review comments --- .../auth/ApiAccessDeniedHandler.java | 19 +++++++++++++++++++ .../auth/ApiAuthenticationFilter.java | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAccessDeniedHandler.java b/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAccessDeniedHandler.java index 2d16b39..bde9820 100644 --- a/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAccessDeniedHandler.java +++ b/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAccessDeniedHandler.java @@ -14,17 +14,36 @@ import java.io.IOException; +/** + * Exception Handler for requests that have been authenticated, but do not have sufficient privileges to access + * the requested endpoint. + */ @Slf4j @Component public class ApiAccessDeniedHandler implements AccessDeniedHandler { ObjectMapper objectMapper; + /** + * Creates an instance of the handler, with an object mapper to write the request body. + * + * @param objectMapper for writing the request body. + */ @Autowired ApiAccessDeniedHandler(ObjectMapper objectMapper) { this.objectMapper = objectMapper; } + /** + * Constructs the response object to return to the client, with a 403 Forbidden status and matching + * response body using the {@link ErrorResponse} model. + * + * @param request that resulted in an AccessDeniedException + * @param response so that the client can be advised of the failure + * @param accessDeniedException that caused the invocation + * @throws IOException - + * @throws ServletException - + */ @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { diff --git a/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAuthenticationFilter.java b/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAuthenticationFilter.java index 8230b7a..c26fbc3 100644 --- a/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAuthenticationFilter.java +++ b/laa-ccms-spring-boot-starters/laa-ccms-spring-boot-starter-auth/src/main/java/uk/gov/laa/ccms/springboot/auth/ApiAuthenticationFilter.java @@ -33,7 +33,7 @@ protected ApiAuthenticationFilter(ApiAuthenticationService authenticationService } /** - * Filter reponsible for authenticating the client the made the request. Successful authentication results in the + * Filter reponsible for authenticating the client which made the request. Successful authentication results in the * authentication details being stored in the security context for further processing, and continuation of the * filter chain. Unsuccessful authentication results in a 401 UNAUTHORIZED response. *