Java HttpStatus.FORBIDDEN属性代码示例

@ExceptionHandler({ HttpClientErrorException.class })
public ResponseEntity<Object> handleHttpClientErrorException(final Exception ex, WebRequest request) {
    final String error = "Digits authorization failed" ;
    final ApiError apiError = new ApiError(HttpStatus.FORBIDDEN, ex.getLocalizedMessage(), error);

    return new ResponseEntity<Object>(apiError, new HttpHeaders(), HttpStatus.FORBIDDEN);
}
 

/**
 * Endpoint to transform an uploaded file into a valid or error json response
 *
 * @return Valid json or error json content
 */
@GetMapping(value = "/unprocessed-files",
		headers = {"Accept=" + Constants.V1_API_ACCEPT})
public ResponseEntity<List<UnprocessedCpcFileData>> getUnprocessedCpcPlusFiles() {
	API_LOG.info("CPC+ unprocessed files request received");

	if (blockCpcPlusApi()) {
		API_LOG.info(BLOCKED_BY_FEATURE_FLAG);
		return new ResponseEntity<>(null, null, HttpStatus.FORBIDDEN);
	}

	List<UnprocessedCpcFileData> unprocessedCpcFileDataList = cpcFileService.getUnprocessedCpcPlusFiles();

	API_LOG.info("CPC+ unprocessed files request succeeded");

	HttpHeaders httpHeaders = new HttpHeaders();
	httpHeaders.setContentType(MediaType.APPLICATION_JSON_UTF8);

	return new ResponseEntity<>(unprocessedCpcFileDataList, httpHeaders, HttpStatus.OK);
}
 

/**
 * Function to update a user - only admins can update users
 *
 * @param id
 * @param user
 * @return ResponseEntity<DtoUser>
 */
@RequestMapping(value = "/{id}", method = RequestMethod.PUT)
public ResponseEntity<DtoUser> update(@PathVariable("id") final long id, @RequestBody final DtoUser user) {

    //TODO: Ensure security handles this
    if (!this.getLoggedInUser().isAdmin()) {
        LOGGER.error(() -> "Users can only be updated by system administrators");
        return new ResponseEntity<>(HttpStatus.FORBIDDEN);
    }
    IUser found = serviceUser.findOne(id);
    if (found == null) {
        LOGGER.warn(() -> "User with id " + id + " not found");
        return new ResponseEntity<>(HttpStatus.NOT_FOUND);
    }
    LOGGER.debug(() -> "Updating User " + id);
    if (user.getPassword() != null && user.getPassword().length() > 0) {
        user.setPassword(ENCODER.encode(user.getPassword()));
    }
    found = serviceUser.updateUser(user);
    LOGGER.info(() -> "Updated user with id " + id);
    return new ResponseEntity<>(getDtoUser(found), HttpStatus.OK);
}
 

/**
 * Exemple :
 * curl -v -X GET -H "Content-Type: application/json" 'http://localhost:8080/wsrest/nfc/cnousCardId?authToken=123456&csn=123456789abcde'
 */
@RequestMapping(value = "/cnousCardId", method = RequestMethod.GET, produces = "application/json;charset=UTF-8")
@ResponseBody
public ResponseEntity<Long> getCnousCardId(@RequestParam String authToken, @RequestParam String csn) {
	log.debug("getCnousCardId with csn = " + csn);
	HttpHeaders responseHeaders = new HttpHeaders();
	String eppnInit = clientJWSController.getEppnInit(authToken);
	if(eppnInit == null) {
		log.info("Bad authotoken : " + authToken);
		return new ResponseEntity<Long>(new Long(-1), responseHeaders, HttpStatus.FORBIDDEN);
	}
	
	Card card = Card.findCardsByCsn(csn).getSingleResult();
	String cnousCardId = cardIdsService.generateCardId(card.getId(), "crous");
	log.debug("cnousCardId for csn " + csn + " = " + cnousCardId);
	
	return new ResponseEntity<Long>(Long.valueOf(cnousCardId), responseHeaders, HttpStatus.OK);	
}
 

@ExceptionHandler(ActionNotAllowedException.class)
@ResponseStatus(value = HttpStatus.FORBIDDEN)
public ModelAndView handleActionNotAllowedExceptions(HttpServletRequest request, ActionNotAllowedException ex) {
    logger.warn("ActionNotAllowedException: " + request.getRequestURL(), ex);
    ModelAndView mav = new ModelAndView();
    mav.setViewName("error");
    return mav;
}
 

@RequestMapping(value = "/comment/delete/{commentID}", method = RequestMethod.DELETE)
public ResponseEntity deleteComment(@PathVariable("commentID") Long commentID){
    Comment comment = commentService.getCommentById(commentID);
    if(comment == null){
        return new ResponseEntity(HttpStatus.BAD_REQUEST);
    }
    if(!comment.getCommentOwnerSsoId().equals(userService.getPrincipal())){
        return new ResponseEntity(HttpStatus.FORBIDDEN);
    }
    commentService.deleteComment(commentID);
    return new ResponseEntity(HttpStatus.OK);
}
 

@RequestMapping(value = "/login/user", method = RequestMethod.POST)
public @ResponseBody ResponseEntity<UserClientProfile> login(UserForm userForm) {
	userForm.setLogin(((UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername());
	User user = userService.login(userForm);
	ResponseEntity<UserClientProfile> ret = null;
	if (user != null) {
		ret = new ResponseEntity<UserClientProfile>(UserClientProfile.builder().from(user).build(), HttpStatus.ACCEPTED);
	} else {
		ret = new ResponseEntity<UserClientProfile>(HttpStatus.FORBIDDEN); //Should log in again
	}
	return ret;
}
 

@Override
protected HandlerResult authenticateUsernamePasswordInternal(final UsernamePasswordCredential c, final String originalPassword)
        throws GeneralSecurityException, PreventedException {

    try {
        final UsernamePasswordCredential creds = new UsernamePasswordCredential(c.getUsername(), c.getPassword());
        
        final ResponseEntity<SimplePrincipal> authenticationResponse = api.authenticate(creds);
        if (authenticationResponse.getStatusCode() == HttpStatus.OK) {
            final SimplePrincipal principalFromRest = authenticationResponse.getBody();
            if (principalFromRest == null || StringUtils.isBlank(principalFromRest.getId())) {
                throw new FailedLoginException("Could not determine authentication response from rest endpoint for " + c.getUsername());
            }
            return createHandlerResult(c,
                    this.principalFactory.createPrincipal(principalFromRest.getId(), principalFromRest.getAttributes()),
                    new ArrayList<>());
        }
    } catch (final HttpClientErrorException e) {
        if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
            throw new AccountDisabledException("Could not authenticate forbidden account for " + c.getUsername());
        }
        if (e.getStatusCode() == HttpStatus.UNAUTHORIZED) {
            throw new FailedLoginException("Could not authenticate account for " + c.getUsername());
        }
        if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
            throw new AccountNotFoundException("Could not locate account for " + c.getUsername());
        }
        if (e.getStatusCode() == HttpStatus.LOCKED) {
            throw new AccountLockedException("Could not authenticate locked account for " + c.getUsername());
        }
        if (e.getStatusCode() == HttpStatus.PRECONDITION_REQUIRED) {
            throw new AccountExpiredException("Could not authenticate expired account for " + c.getUsername());
        }

        throw new FailedLoginException("Rest endpoint returned an unknown status code "
                + e.getStatusCode() + " for " + c.getUsername());
    }
    throw new FailedLoginException("Rest endpoint returned an unknown response for " + c.getUsername());
}
 

/**
 * DELETE  /tasks/:id : delete the "id" task.
 *
 * @param id the id of the task to delete
 * @return the ResponseEntity with status 200 (OK)
 */
@DeleteMapping("/tasks/{id}")
@Timed
public ResponseEntity<Void> deleteTask(@PathVariable Long id) {
    log.debug("REST request to delete Task : {}", id);
    Task taskSaved = taskRepository.findOne(id);
    if (taskSaved != null && !SecurityUtils.isCurrentUserInRole(AuthoritiesConstants.ADMIN)
     && !SecurityUtils.getCurrentUserLogin().equals(taskSaved.getUser())) {
     return new ResponseEntity<>(HttpStatus.FORBIDDEN);
    }
    taskRepository.delete(id);
    return ResponseEntity.ok().headers(HeaderUtil.createEntityDeletionAlert(ENTITY_NAME, id.toString())).build();
}
 

@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    log.debug("Access denied", e);
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, translate(ErrorConstants.ERR_ACCESS_DENIED));
}
 

private static void handleClientErrors(ClientHttpResponse response) throws IOException {
    HttpStatus statusCode = response.getStatusCode();
    Map<String, Object> errorMap = extractErrorDetailsFromResponse(response);

    String errorText = "";
    if (errorMap.containsKey("error")) {
        errorText = (String) errorMap.get("error");
    } else if (errorMap.containsKey("errors")) {
        Object errors = errorMap.get("errors");
        if (errors instanceof List) {
            @SuppressWarnings("unchecked")
            List<Map<String, String>> errorsList = (List<Map<String, String>>) errors;
            errorText = errorsList.get(0).get("message");
        } else if (errors instanceof String) {
            errorText = (String) errors;
        }
    }

    if (statusCode == HttpStatus.BAD_REQUEST) {
        if (errorText.contains("Rate limit exceeded.")) {
            throw new RateLimitExceededException(TWITTER);
        }
    } else if (statusCode == HttpStatus.UNAUTHORIZED) {
        if (errorText == null) {
            throw new NotAuthorizedException(TWITTER, response.getStatusText());
        } else if ("Could not authenticate you.".equals(errorText)) {
            throw new MissingAuthorizationException(TWITTER);
        } else if ("Could not authenticate with OAuth.".equals(errorText)) { // revoked token
            throw new RevokedAuthorizationException(TWITTER);
        } else if ("Invalid / expired Token".equals(errorText)) {
            // Note that Twitter doesn't actually expire tokens
            throw new InvalidAuthorizationException(TWITTER, errorText);
        } else {
            throw new NotAuthorizedException(TWITTER, errorText);
        }
    } else if (statusCode == HttpStatus.FORBIDDEN) {
        if (errorText.equals(DUPLICATE_STATUS_TEXT) || errorText.contains("You already said that")) {
            throw new DuplicateStatusException(TWITTER, errorText);
        } else if (errorText.equals(STATUS_TOO_LONG_TEXT) || errorText.contains(MESSAGE_TOO_LONG_TEXT)) {
            throw new MessageTooLongException(errorText);
        } else if (errorText.equals(INVALID_MESSAGE_RECIPIENT_TEXT)) {
            throw new InvalidMessageRecipientException(errorText);
        } else if (errorText.equals(DAILY_RATE_LIMIT_TEXT)) {
            throw new RateLimitExceededException(TWITTER);
        } else {
            throw new OperationNotPermittedException(TWITTER, errorText);
        }
    } else if (statusCode == HttpStatus.NOT_FOUND) {
        throw new ResourceNotFoundException(TWITTER, errorText);
    } else if (statusCode == HttpStatus.valueOf(ENHANCE_YOUR_CALM) || statusCode == HttpStatus
        .valueOf(TOO_MANY_REQUESTS)) {
        throw new RateLimitExceededException(TWITTER);
    }

}
 

@ExceptionHandler(AccessDeniedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
@ResponseBody
public ErrorVM processAccessDeniedException(AccessDeniedException e) {
    return new ErrorVM(ErrorConstants.ERR_ACCESS_DENIED, e.getMessage());
}
 

@ExceptionHandler(ActionRefusedException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
public ModelAndView actionRefusedError(HttpServletRequest req, Exception ex) {
	return setModelAndView(req.getRequestURL().toString(), ex, HttpStatus.FORBIDDEN.value());
}
 

@ExceptionHandler(value = ResponseBankException.class)
@ResponseStatus(HttpStatus.FORBIDDEN)
public void handleResponseBankException() {

}
 

@Override
public boolean hasError(ClientHttpResponse clienthttpresponse) throws IOException {

	if (clienthttpresponse.getStatusCode() != HttpStatus.OK) {
		String content = IOUtils.toString(clienthttpresponse.getBody(), "UTF-8");

		// The server has successfully fulfilled the request and that there is no additional content to send in the response payload body.
		if(clienthttpresponse.getStatusCode() == HttpStatus.NO_CONTENT) {
			return false;
		}

		// JSON String to RestError
		try {
			// REST Error
			ObjectMapper mapper = new ObjectMapper();
			RestError restError = mapper.readValue(content, RestError.class);

			// Add HTTP Status Code to Error
			if (restError.getStatus() == null) {
				restError.setStatus(clienthttpresponse.getStatusCode().ordinal());
			}

			throw new RestException(restError);
			
		} catch (RestException restException) {
			// Rethrow
			throw restException;
		} catch (Exception ex) {

			// No REST Error
			Logger.trace(this, "Status code: " + clienthttpresponse.getStatusCode());
			Logger.trace(this, "Response" + clienthttpresponse.getStatusText());
			Logger.trace(this, "Content: " + content);

			if (clienthttpresponse.getStatusCode() == HttpStatus.FORBIDDEN) {
				if (content.contains("used Cloudflare to restrict access")) {
					Logger.warn(this, "Your current ip is banned by cloudflare, so you can't reach the target.");
				} else {
					Logger.debug(this, "Call returned a error 403 forbidden resposne ");
				}

				return true;
			}

		}
	}
	return false;
}