Class ProblemDetailBearerTokenAuthenticationEntryPoint
java.lang.Object
io.leandev.appfuse.security.resourceserver.ProblemDetailBearerTokenAuthenticationEntryPoint
- All Implemented Interfaces:
org.springframework.security.web.AuthenticationEntryPoint
public class ProblemDetailBearerTokenAuthenticationEntryPoint
extends Object
implements org.springframework.security.web.AuthenticationEntryPoint
受保護資源認證失敗(401)入口點
同時滿足 ADR-009 點 3 的兩個要求:
- RFC 6750
WWW-Authenticate: Bearer挑戰標頭:請求帶了無效 Bearer token → 附error="invalid_token";未帶任何憑證 → 僅Bearer(依 RFC 6750 §3,缺憑證 時不附 error code)。 - body 維持 RFC 7807
ProblemDetail(與框架其餘錯誤一致)。
標頭手動組裝(不依賴 Spring Security 各版本的 BearerTokenAuthenticationEntryPoint
套件位置),確保跨版本穩定。
-
Constructor Summary
ConstructorsConstructorDescriptionProblemDetailBearerTokenAuthenticationEntryPoint(tools.jackson.databind.ObjectMapper objectMapper) -
Method Summary
Modifier and TypeMethodDescriptionvoidcommence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException)
-
Constructor Details
-
ProblemDetailBearerTokenAuthenticationEntryPoint
public ProblemDetailBearerTokenAuthenticationEntryPoint(tools.jackson.databind.ObjectMapper objectMapper)
-
-
Method Details
-
commence
public void commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException - Specified by:
commencein interfaceorg.springframework.security.web.AuthenticationEntryPoint- Throws:
IOException
-