Commit 8e04c9f4 by linxu

fix(auth): delegate login failure handling to exception resolver

- Replace manual JSON response in RESTAuthenticationFailureHandler with HandlerExceptionResolver
- Change LoginException status from INTERNAL_SERVER_ERROR to UNPROCESSABLE_ENTITY
- Update config server URI from IP to hostname
parent eb7ceaa5
package com.keymobile.sso.conf; package com.keymobile.sso.conf;
import com.fasterxml.jackson.databind.ObjectMapper; import com.keymobile.sso.exception.LoginException;
import jakarta.servlet.ServletException; import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse; import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerExceptionResolver;
import java.io.IOException; import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
@Component @Component
public class RESTAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler { public class RESTAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
private final ObjectMapper objectMapper = new ObjectMapper(); @Autowired
@Qualifier("handlerExceptionResolver")
private HandlerExceptionResolver resolver;
@Override @Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException { AuthenticationException exception) throws IOException, ServletException {
response.setStatus(HttpStatus.UNAUTHORIZED.value()); resolver.resolveException(request, response, null, new LoginException("Login failed"));
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
Map<String, Object> errorResponse = new HashMap<>();
errorResponse.put("status", HttpStatus.UNAUTHORIZED.value());
errorResponse.put("timestamp", System.currentTimeMillis());
errorResponse.put("message", "Invalid credentials");
errorResponse.put("cnMessage", "用户名或密码错误");
objectMapper.writeValue(response.getWriter(), errorResponse);
} }
} }
\ No newline at end of file
...@@ -18,7 +18,7 @@ public class RestExceptionHandler extends ResponseEntityExceptionHandler { ...@@ -18,7 +18,7 @@ public class RestExceptionHandler extends ResponseEntityExceptionHandler {
@ExceptionHandler(LoginException.class) @ExceptionHandler(LoginException.class)
protected ResponseEntity<Object> handleLoginException(LoginException ex, WebRequest request) { protected ResponseEntity<Object> handleLoginException(LoginException ex, WebRequest request) {
ApiError apiError = new ApiError(HttpStatus.INTERNAL_SERVER_ERROR, ex.getMessage(), "用户名或密码错误", ex); ApiError apiError = new ApiError(HttpStatus.UNPROCESSABLE_ENTITY, ex.getMessage(), "用户名或密码错误", ex);
return buildResponseEntity(apiError); return buildResponseEntity(apiError);
} }
......
...@@ -5,4 +5,4 @@ spring: ...@@ -5,4 +5,4 @@ spring:
name: auth name: auth
cloud: cloud:
config: config:
uri: http://192.168.0.39:8082 uri: http://c0:8082
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment