Improve JSON formatting in error messages

Sporiff · Sporiff · commit 5fb4f71eff57 · 2025-11-23T02:47:08.000+01:00
diff --git a/src/main/java/org/openpodcastapi/opa/auth/ApiAuthController.java b/src/main/java/org/openpodcastapi/opa/auth/ApiAuthController.java
@@ -28,7 +28,7 @@ public class ApiAuthController {
     private final AuthenticationManager authenticationManager;
 
     @PostMapping("/api/auth/login")
-    public ResponseEntity<DTOs.LoginSuccessResponse> login(@RequestBody @NotNull DTOs.LoginRequest loginRequest) {
+    public ResponseEntity<AuthDTO.LoginSuccessResponse> login(@RequestBody @NotNull AuthDTO.LoginRequest loginRequest) {
         // Set the authentication using the provided details
         Authentication authentication = authenticationManager.authenticate(
                 new UsernamePasswordAuthenticationToken(loginRequest.username(), loginRequest.password())
@@ -45,13 +45,13 @@ public ResponseEntity<DTOs.LoginSuccessResponse> login(@RequestBody @NotNull DTO
         String refreshToken = tokenService.generateRefreshToken(user);
 
         // Format the tokens and expiration time into a DTO
-        DTOs.LoginSuccessResponse response = new DTOs.LoginSuccessResponse(accessToken, refreshToken, String.valueOf(jwtService.getExpirationTime()));
+        AuthDTO.LoginSuccessResponse response = new AuthDTO.LoginSuccessResponse(accessToken, refreshToken, String.valueOf(jwtService.getExpirationTime()));
 
         return ResponseEntity.ok(response);
     }
 
     @PostMapping("/api/auth/refresh")
-    public ResponseEntity<DTOs.RefreshTokenResponse> getRefreshToken(@RequestBody @NotNull DTOs.RefreshTokenRequest refreshTokenRequest) {
+    public ResponseEntity<AuthDTO.RefreshTokenResponse> getRefreshToken(@RequestBody @NotNull AuthDTO.RefreshTokenRequest refreshTokenRequest) {
         User targetUser = userRepository.findByUsername(refreshTokenRequest.username()).orElseThrow(() -> new EntityNotFoundException("No user with username " + refreshTokenRequest.username() + " found"));
 
         // Validate the existing refresh token
@@ -61,7 +61,7 @@ public ResponseEntity<DTOs.RefreshTokenResponse> getRefreshToken(@RequestBody @N
         String newAccessToken = tokenService.generateAccessToken(user);
 
         // Format the token and expiration time into a DTO
-        DTOs.RefreshTokenResponse response = new DTOs.RefreshTokenResponse(newAccessToken, String.valueOf(jwtService.getExpirationTime()));
+        AuthDTO.RefreshTokenResponse response = new AuthDTO.RefreshTokenResponse(newAccessToken, String.valueOf(jwtService.getExpirationTime()));
 
         return ResponseEntity.ok(response);
     }
diff --git a/src/main/java/org/openpodcastapi/opa/auth/AuthDTO.java b/src/main/java/org/openpodcastapi/opa/auth/AuthDTO.java
@@ -3,8 +3,8 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import jakarta.validation.constraints.NotNull;
 
-/// All DTOs for auth methods
-public class DTOs {
+/// All data transfer objects for auth methods
+public class AuthDTO {
     /// A DTO representing an API login request
     ///
     /// @param username the user's username
@@ -46,4 +46,14 @@ public record RefreshTokenResponse(
             @JsonProperty(value = "expiresIn", required = true) @NotNull String expiresIn
     ) {
     }
+
+    /// Displays an auth error
+    ///
+    /// @param error   the error message
+    /// @param message an additional description of the error
+    public record ErrorMessageDTO(
+            @JsonProperty(value = "error", required = true) @NotNull String error,
+            @JsonProperty(value = "message", required = true) @NotNull String message
+    ) {
+    }
 }
diff --git a/src/main/java/org/openpodcastapi/opa/auth/JwtAccessDeniedHandler.java b/src/main/java/org/openpodcastapi/opa/auth/JwtAccessDeniedHandler.java
@@ -2,6 +2,7 @@
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.openpodcastapi.opa.util.JSONFormatter;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
@@ -11,7 +12,6 @@
 
 @Component
 public class JwtAccessDeniedHandler implements AccessDeniedHandler {
-
     @Override
     public void handle(HttpServletRequest request,
                        HttpServletResponse response,
@@ -23,13 +23,8 @@ public void handle(HttpServletRequest request,
         // Set content type to JSON
         response.setContentType("application/json");
 
-        String body = """
-                {
-                    "error": "Forbidden",
-                    "message": "You do not have permission to access this resource."
-                }
-                """;
+        AuthDTO.ErrorMessageDTO message = new AuthDTO.ErrorMessageDTO("Forbidden", "You do not have permission to access this resource");
 
-        response.getWriter().write(body);
+        response.getWriter().write(JSONFormatter.parseDataToJSON(message));
     }
 }
diff --git a/src/main/java/org/openpodcastapi/opa/auth/JwtAuthenticationEntryPoint.java b/src/main/java/org/openpodcastapi/opa/auth/JwtAuthenticationEntryPoint.java
@@ -2,7 +2,7 @@
 
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import lombok.extern.log4j.Log4j2;
+import org.openpodcastapi.opa.util.JSONFormatter;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
@@ -11,7 +11,6 @@
 import java.io.IOException;
 
 @Component
-@Log4j2
 public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
     /// Returns a 401 when a request is made without a valid bearer token
     @Override
@@ -22,14 +21,8 @@ public void commence(HttpServletRequest request, HttpServletResponse response, A
         // Set content type to JSON
         response.setContentType("application/json");
 
-        // Return a simple JSON error message
-        String body = """
-                {
-                    "error": "Unauthorized",
-                    "message": "You need to log in to access this resource."
-                }
-                """;
+        AuthDTO.ErrorMessageDTO message = new AuthDTO.ErrorMessageDTO("Access denied", "You need to log in to access this resource");
 
-        response.getWriter().write(body);
+        response.getWriter().write(JSONFormatter.parseDataToJSON(message));
     }
 }
diff --git a/src/main/java/org/openpodcastapi/opa/util/JSONFormatter.java b/src/main/java/org/openpodcastapi/opa/util/JSONFormatter.java
@@ -0,0 +1,12 @@
+package org.openpodcastapi.opa.util;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+public class JSONFormatter {
+    public static String parseDataToJSON(Object item) throws JsonProcessingException {
+        ObjectMapper objectMapper = new ObjectMapper();
+
+        return objectMapper.writeValueAsString(item);
+    }
+}
