mrqc-sys/src/main/java/com/diagbot/config/AuthenticationExceptionHandler.java

package com.diagbot.config;


import com.diagbot.facade.SysUserFacade;
import com.diagbot.util.StringUtil;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.AccountStatusException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.validation.BindException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

/**
 * @Description:权限认证异常处理
 * @Author songxl
 * @Date 2021/12/13
 */
@Component
public class AuthenticationExceptionHandler {
    @Autowired
    private SysUserFacade userFacade;

    public void handleException(HttpServletRequest request, HttpServletResponse response,
                                AuthenticationException authException) throws ServletException {
        Map map = new HashMap();
        //登录前的获取登录页面的请求接口不知道什么原因会抛出未认证（Full authentication is required to access this resource）
        //如果抛出未认证在这个调用这个服务接口返回消息
        //响应状态码统一为200
        response.setStatus(HttpServletResponse.SC_OK);
        if (matchers("/sys/user/getHospitalMark", request)) {
            map.put("code", "0");
            map.put("msg", "");
            map.put("data", userFacade.getHospitalMark());
        } else if (authException instanceof BadCredentialsException) {
            map.put("code", "00000001");
            map.put("msg", "用户或密码不正确");
        } else if (authException instanceof AccountStatusException) {
            if (authException instanceof LockedException) {
                map.put("code", "00000001");
                map.put("msg", "账户锁定");
            } else if (authException instanceof AccountExpiredException) {//账户过期
                map.put("code", "10020011");
                map.put("msg", "登录超时。为确保您的账户安全，系统已自动退出，请重新登录。");
            } else if (authException instanceof CredentialsExpiredException) {//证书过期
                map.put("code", "10020011");
                map.put("msg", "登录超时。为确保您的账户安全，系统已自动退出，请重新登录。");
            } else if (authException instanceof DisabledException) {
                map.put("code", "00000001");
                map.put("msg", "账户不可用");
            } else {
                map.put("code", "00000001");
                map.put("msg", "用户状态异常");
            }
        } else if (authException instanceof InsufficientAuthenticationException) {
            map.put("code", "10020011");
            map.put("msg", "登录超时。为确保您的账户安全，系统已自动退出，请重新登录。");
        } else {
            map.put("code", "00000001");
            map.put("msg", authException.getMessage());
        }
        response.setContentType("application/json");
        try {
            ObjectMapper mapper = new ObjectMapper();
            mapper.writeValue(response.getOutputStream(), map);
        } catch (Exception e) {
            throw new ServletException();
        }
    }

    private boolean matchers(String url, HttpServletRequest request) {
        AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
        if (matcher.matches(request)) {
            return true;
        }
        return false;
    }
}