package com.keao.edu.common.security; import com.keao.edu.common.constant.CommonConstants; import com.keao.edu.common.entity.HttpResponseResult; import org.apache.commons.lang3.exception.ExceptionUtils; import org.codehaus.jackson.map.ObjectMapper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.MediaType; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.authentication.InsufficientAuthenticationException; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; @Component public class BaseAccessDeniedHandler extends OAuth2AccessDeniedHandler { private final static Logger logger = LoggerFactory.getLogger(BaseAccessDeniedHandler.class); @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException { logger.info("授权失败,禁止访问 {}", request.getRequestURI()); response.setCharacterEncoding(CommonConstants.UTF8); response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); response.setStatus(HttpServletResponse.SC_OK); PrintWriter printWriter = response.getWriter(); Throwable e = ExceptionUtils.getRootCause(authException); if (e == null) { e = authException; } int errorCode = 500; if (e instanceof InvalidTokenException) { errorCode = HttpServletResponse.SC_UNAUTHORIZED; } if (e instanceof InsufficientAuthenticationException) { errorCode = HttpServletResponse.SC_FORBIDDEN; } HttpResponseResult result = new HttpResponseResult(false, errorCode, null, e.getMessage()); ObjectMapper objectMapper = new ObjectMapper(); printWriter.append(objectMapper.writeValueAsString(result)); printWriter.flush(); printWriter.close(); } }