diff --git a/commons-definitions/src/main/java/eu/europeana/api/commons/definitions/config/i18n/I18nConstants.java b/commons-definitions/src/main/java/eu/europeana/api/commons/definitions/config/i18n/I18nConstants.java index a727ed37..3f90f6d0 100644 --- a/commons-definitions/src/main/java/eu/europeana/api/commons/definitions/config/i18n/I18nConstants.java +++ b/commons-definitions/src/main/java/eu/europeana/api/commons/definitions/config/i18n/I18nConstants.java @@ -8,6 +8,7 @@ public interface I18nConstants { //401 static final String INVALID_APIKEY = "error.invalid_apikey"; + static final String INVALID_JWTTOKEN = "error.invalid_jwttoken"; static final String EMPTY_APIKEY = "error.empty_apikey"; static final String MISSING_APIKEY = "error.missing_apikey"; static final String INVALID_API_NAME = "error.invalid_api_name"; @@ -23,7 +24,6 @@ public interface I18nConstants { static final String INVALID_HEADER_FORMAT = "error.entity_invalid_header_format"; static final String BASE64_DECODING_FAIL = "error.entity_base64_encoding_fail"; static final String EXPIRATION_TIMESTAMP_NOT_VALID = "error.expiration_timestamp_not_valid"; - static final String INVALID_JWT_TOKEN = "error.invalid_jwt_token"; static final String JWT_TOKEN_ERROR = "error.jwt_token_error"; } diff --git a/commons-web/src/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java b/commons-web/src/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java index f34098cd..ed4549ca 100644 --- a/commons-web/src/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java +++ b/commons-web/src/main/java/eu/europeana/api/commons/service/authorization/BaseAuthorizationService.java @@ -12,6 +12,7 @@ import org.apache.logging.log4j.Logger; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; +import org.springframework.lang.NonNull; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.jwt.crypto.sign.RsaVerifier; @@ -37,11 +38,12 @@ public Logger getLog() { return log; } - protected RsaVerifier getSignatureVerifier() { - if (signatureVerifier == null) - signatureVerifier = new RsaVerifier(getSignatureKey()); - return signatureVerifier; - } + protected RsaVerifier getSignatureVerifier() { + if (signatureVerifier == null) { + signatureVerifier = new RsaVerifier(getSignatureKey()); + } + return signatureVerifier; + } @Override /** @@ -81,7 +83,7 @@ private Authentication authorizeReadByApiKey(HttpServletRequest request) throws } catch (ClientRegistrationException e) { // invalid api key throw new ApplicationAuthenticationException(I18nConstants.INVALID_APIKEY, I18nConstants.INVALID_APIKEY, - new String[] { wsKey }, HttpStatus.FORBIDDEN, e); + new String[] { wsKey }, HttpStatus.UNAUTHORIZED, e); } catch (OAuth2Exception e) { // validation failed through API Key service issues // silently approve request @@ -103,7 +105,7 @@ private Authentication authorizeReadByJwtToken(HttpServletRequest request) // check if null if (wsKey == null) throw new ApplicationAuthenticationException(I18nConstants.MISSING_APIKEY, I18nConstants.MISSING_APIKEY, - null, HttpStatus.FORBIDDEN, null); + null, HttpStatus.UNAUTHORIZED, null); if (data.containsKey(OAuthUtils.USER_ID)) { List authList = new ArrayList(); @@ -123,8 +125,8 @@ private Authentication authorizeReadByJwtToken(HttpServletRequest request) } } } catch (ApiKeyExtractionException | AuthorizationExtractionException e) { - throw new ApplicationAuthenticationException(I18nConstants.INVALID_APIKEY, I18nConstants.INVALID_APIKEY, - new String[] { e.getMessage() }, HttpStatus.UNAUTHORIZED, e); + throw new ApplicationAuthenticationException(I18nConstants.INVALID_JWTTOKEN, I18nConstants.INVALID_JWTTOKEN, + new String[] { e.getMessage() }, HttpStatus.UNAUTHORIZED, e); } return authentication;