Class ProblemDetailBearerTokenAccessDeniedHandler

java.lang.Object
io.leandev.appfuse.security.resourceserver.ProblemDetailBearerTokenAccessDeniedHandler
All Implemented Interfaces:
org.springframework.security.web.access.AccessDeniedHandler

public class ProblemDetailBearerTokenAccessDeniedHandler extends Object implements org.springframework.security.web.access.AccessDeniedHandler

受保護資源授權不足(403)處理器

已通過認證但權限不足時,附 RFC 6750 WWW-Authenticate: Bearer error="insufficient_scope" 挑戰標頭(ADR-009 點 3),body 維持 RFC 7807 ProblemDetail。與 ProblemDetailBearerTokenAuthenticationEntryPoint 成對,標頭手動組裝以跨 Spring Security 版本穩定。

  • Constructor Details

    • ProblemDetailBearerTokenAccessDeniedHandler

      public ProblemDetailBearerTokenAccessDeniedHandler(tools.jackson.databind.ObjectMapper objectMapper)
  • Method Details

    • handle

      public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException accessDeniedException) throws IOException
      Specified by:
      handle in interface org.springframework.security.web.access.AccessDeniedHandler
      Throws:
      IOException