32. Access denied handler (#2)

support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAccessDeniedHandler.java

@@ -0,0 +1,37 @@
+package net.shyshkin.study.fullstack.supportportal.backend.filter;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.RequiredArgsConstructor;
+import net.shyshkin.study.fullstack.supportportal.backend.constant.SecurityConstants;
+import net.shyshkin.study.fullstack.supportportal.backend.domain.HttpResponse;
+import org.springframework.http.MediaType;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+import static org.springframework.http.HttpStatus.UNAUTHORIZED;
+
+@Component
+@RequiredArgsConstructor
+public class JwtAccessDeniedHandler implements AccessDeniedHandler {
+
+    private final ObjectMapper objectMapper;
+
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
+        var httpResponse = HttpResponse.builder()
+                .httpStatus(UNAUTHORIZED)
+                .httpStatusCode(UNAUTHORIZED.value())
+                .message(SecurityConstants.ACCESS_DENIED_MESSAGE)
+                .reason(UNAUTHORIZED.getReasonPhrase().toUpperCase())
+                .build();
+        String jsonString = objectMapper.writeValueAsString(httpResponse);
+        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+        response.sendError(UNAUTHORIZED.value(), jsonString);
+    }
+}