/* * Copyright @ 2013 CurisTEC, S.A.S. All Rights Reserved. */ package net.curisit.securis; import jakarta.persistence.EntityManager; import jakarta.servlet.http.HttpServletRequest; import jakarta.ws.rs.ForbiddenException; import jakarta.ws.rs.core.Context; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.Status; import jakarta.ws.rs.core.SecurityContext; import jakarta.ws.rs.ext.ExceptionMapper; import jakarta.ws.rs.ext.Provider; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import net.curisit.securis.services.exception.SeCurisServiceException; import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes; /** * DefaultExceptionHandler *

* JAX-RS {@link ExceptionMapper} that normalizes error responses across the API. * It also makes a best-effort to rollback and close a request-scoped {@link EntityManager} * if still open. * *

Response strategy: *

* * Headers: * * * @author JRA * Last reviewed by JRA on Oct 6, 2025. */ @Provider public class DefaultExceptionHandler implements ExceptionMapper { private static final Logger LOG = LogManager.getLogger(DefaultExceptionHandler.class); /** Default status code used for application-defined errors. */ public static final int DEFAULT_APP_ERROR_STATUS_CODE = 418; /** Header name carrying a human-readable error message. */ public static final String ERROR_MESSAGE_HEADER = "X-SECURIS-ERROR-MSG"; /** Header name carrying a symbolic application error code. */ public static final String ERROR_CODE_MESSAGE_HEADER = "X-SECURIS-ERROR-CODE"; /** Default constructor (logs instantiation). */ public DefaultExceptionHandler() { LOG.info("Creating DefaultExceptionHandler "); } // Context objects injected by the runtime @Context HttpServletRequest request; @Context SecurityContext bsc; @Context EntityManager em; /** * toResponse *

* Map a thrown exception to an HTTP {@link Response}, releasing the {@link EntityManager} * if present. */ @Override public Response toResponse(Exception e) { releaseEntityManager(); if (e instanceof ForbiddenException) { LOG.warn("ForbiddenException: {}", e.toString()); return Response.status(Status.UNAUTHORIZED).header(ERROR_CODE_MESSAGE_HEADER, ErrorCodes.INVALID_CREDENTIALS) .header(ERROR_MESSAGE_HEADER, "Unathorized access to the application").type(MediaType.APPLICATION_JSON).build(); } if (e instanceof SeCurisServiceException) { LOG.warn("SeCurisServiceException: {}", e.toString()); return Response.status(DEFAULT_APP_ERROR_STATUS_CODE).header(ERROR_CODE_MESSAGE_HEADER, ((SeCurisServiceException) e).getStatus()) .header(ERROR_MESSAGE_HEADER, e.getMessage()).type(MediaType.APPLICATION_JSON).build(); } LOG.error("Unexpected error accesing to '{}' by user: {}", request.getPathInfo(), bsc.getUserPrincipal()); LOG.error("Request sent from {}, with User-Agent: {}", request.getRemoteHost(), request.getHeader("User-Agent")); LOG.error("Request url: " + request.getRequestURL(), e); return Response.serverError().header(ERROR_MESSAGE_HEADER, "Unexpected error: " + e.toString()).type(MediaType.APPLICATION_JSON).build(); } /** * releaseEntityManager *

* Best-effort cleanup: rollback active transaction (if joined) and close the {@link EntityManager}. */ private void releaseEntityManager() { try { if (em != null && em.isOpen()) { LOG.debug("CLOSING EM: {}, trans: {}", em, em.isJoinedToTransaction()); if (em.isJoinedToTransaction()) { em.getTransaction().rollback(); LOG.info("ROLLBACK"); } em.close(); } } catch (Exception ex) { ex.printStackTrace(); LOG.error("Error closing EM: {}, {}", em, ex); } } }