Class ProblemDetailBearerTokenAuthenticationEntryPoint

java.lang.Object
io.leandev.appfuse.security.resourceserver.ProblemDetailBearerTokenAuthenticationEntryPoint
All Implemented Interfaces:
org.springframework.security.web.AuthenticationEntryPoint

public class ProblemDetailBearerTokenAuthenticationEntryPoint extends Object implements org.springframework.security.web.AuthenticationEntryPoint

受保護資源認證失敗(401)入口點

同時滿足 ADR-009 點 3 的兩個要求:

  • RFC 6750 WWW-Authenticate: Bearer 挑戰標頭:請求帶了無效 Bearer token → 附 error="invalid_token";未帶任何憑證 → 僅 Bearer(依 RFC 6750 §3,缺憑證 時不附 error code)。
  • body 維持 RFC 7807 ProblemDetail(與框架其餘錯誤一致)。

標頭手動組裝(不依賴 Spring Security 各版本的 BearerTokenAuthenticationEntryPoint 套件位置),確保跨版本穩定。

  • Constructor Details

    • ProblemDetailBearerTokenAuthenticationEntryPoint

      public ProblemDetailBearerTokenAuthenticationEntryPoint(tools.jackson.databind.ObjectMapper objectMapper)
  • Method Details

    • commence

      public void commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException
      Specified by:
      commence in interface org.springframework.security.web.AuthenticationEntryPoint
      Throws:
      IOException