adding customized error pages with a specific api for error handling (#…

…107)

* adding customized error pages

gateway/src/main/java/org/georchestra/gateway/autoconfigure/app/CustomErrorAttributes.java

@@ -28,6 +28,7 @@
 import org.springframework.boot.web.reactive.error.ErrorAttributes;
 import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.web.reactive.function.server.ServerRequest;
 
 /**
@@ -55,6 +56,9 @@ public Map<String, Object> getErrorAttributes(ServerRequest request, ErrorAttrib
         if (error instanceof UnknownHostException || error instanceof ConnectException) {
             attributes.put("status", HttpStatus.SERVICE_UNAVAILABLE.value());
             attributes.put("error", HttpStatus.SERVICE_UNAVAILABLE.getReasonPhrase());
+        } else if (error instanceof AccessDeniedException) {
+            attributes.put("status", HttpStatus.FORBIDDEN.value());
+            attributes.put("error", HttpStatus.FORBIDDEN.getReasonPhrase());
         }
         return attributes;
     }

gateway/src/main/java/org/georchestra/gateway/security/CustomAccessDeniedHandler.java

@@ -0,0 +1,15 @@
+package org.georchestra.gateway.security;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+public class CustomAccessDeniedHandler implements ServerAccessDeniedHandler {
+
+    @Override
+    public Mono<Void> handle(ServerWebExchange serverWebExchange, AccessDeniedException accessDeniedException) {
+        throw new AccessDeniedException(HttpStatus.FORBIDDEN.name());
+    }
+}

gateway/src/main/java/org/georchestra/gateway/security/GatewaySecurityConfiguration.java

@@ -85,6 +85,9 @@ SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http,
         // by proxified webapps, not the gateway.
         http.csrf().disable();
 
+        // custom handling for forbidden error
+        http.exceptionHandling().accessDeniedHandler(new CustomAccessDeniedHandler());
+
         sortedCustomizers(customizers).forEach(customizer -> {
             log.debug("Applying security customizer {}", customizer.getName());
             customizer.customize(http);

gateway/src/main/resources/templates/error/403.html

@@ -0,0 +1,39 @@
+<html>
+  <head>
+    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="robots" content="none" />
+    <meta name="googlebot" content="noarchive" />
+    <title>Access forbidden</title>
+    <style type="text/css">
+      body {
+        background-color:#e6e6e6;
+        font-family:Calibri;
+        text-align:center;
+      }
+      #wrapper {
+        background:#fff;
+        width:492px;
+        position:relative;
+        margin-left:auto;
+        margin-right:auto;
+        text-align:left;
+        border:3px solid #999;
+        overflow:hidden;
+	padding: 30px;
+        border-bottom-right-radius: 16px;
+        border-bottom-left-radius: 16px;
+      }
+      #wrapper p {
+        padding:5px;
+      }
+    </style>
+  </head>
+  <body lang=EN>
+    <div id="wrapper">
+      <img src="https://www.georchestra.org/public/logos/georchestra_logo.png" alt="geOrchestra" />
+      <p>Sorry, access to this page is forbidden. Return to the <a href="/">homepage</a>.</p>
+    </div>
+  </body>
+</html>

gateway/src/main/resources/templates/error/404.html

@@ -0,0 +1,39 @@
+<html>
+  <head>
+    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="robots" content="none" />
+    <meta name="googlebot" content="noarchive" />
+    <title>Page not found</title>
+    <style type="text/css">
+      body {
+        background-color:#e6e6e6;
+        font-family:Calibri;
+        text-align:center;
+      }
+      #wrapper {
+        background:#fff;
+        width:492px;
+        position:relative;
+        margin-left:auto;
+        margin-right:auto;
+        text-align:left;
+        border:3px solid #999;
+        overflow:hidden;
+	padding: 30px;
+        border-bottom-right-radius: 16px;
+        border-bottom-left-radius: 16px;
+      }
+      #wrapper p {
+        padding:5px;
+      }
+    </style>
+  </head>
+  <body lang=EN>
+    <div id="wrapper">
+      <img src="https://www.georchestra.org/public/logos/georchestra_logo.png" alt="geOrchestra" />
+      <p>Page not found. Return to the <a href="/">homepage</a>.</p>
+    </div>
+  </body>
+</html>

gateway/src/main/resources/templates/error/500.html

@@ -0,0 +1,46 @@
+<html>
+  <head>
+    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="robots" content="none" />
+    <meta name="googlebot" content="noarchive" />
+    <title>Site in maintenance</title>
+    <style type="text/css">
+      body {
+        background-color:#e6e6e6;
+        font-family:Calibri;
+        text-align:center;
+      }
+      #wrapper {
+        background:#fff;
+        width:492px;
+        position:relative;
+        margin-left:auto;
+        margin-right:auto;
+        text-align:left;
+        border:3px solid #999;
+        overflow:hidden;
+	padding: 30px;
+        border-bottom-right-radius: 16px;
+        border-bottom-left-radius: 16px;
+      }
+      #wrapper p {
+        padding:5px;
+      }
+    </style>
+  </head>
+  <body lang=FR>
+    <div id="wrapper">
+      <img src="https://www.georchestra.org/public/logos/georchestra_logo.png" alt="geOrchestra" />
+      <p>
+        Due to maintenance, this service is temporarily unavailable.
+      </p>
+      <p>We're sorry for the inconvenience !</p>
+      <p>Hint: do not close the tab - the requested page will show up in a few seconds.</p>
+    </div>
+  </body>
+  <script>
+    window.setTimeout(function() {window.location.href = window.location.href}, 5000);
+  </script>
+</html>

gateway/src/main/resources/templates/error/501.html

@@ -0,0 +1,46 @@
+<html>
+  <head>
+    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="robots" content="none" />
+    <meta name="googlebot" content="noarchive" />
+    <title>Site in maintenance</title>
+    <style type="text/css">
+      body {
+        background-color:#e6e6e6;
+        font-family:Calibri;
+        text-align:center;
+      }
+      #wrapper {
+        background:#fff;
+        width:492px;
+        position:relative;
+        margin-left:auto;
+        margin-right:auto;
+        text-align:left;
+        border:3px solid #999;
+        overflow:hidden;
+	padding: 30px;
+        border-bottom-right-radius: 16px;
+        border-bottom-left-radius: 16px;
+      }
+      #wrapper p {
+        padding:5px;
+      }
+    </style>
+  </head>
+  <body lang=FR>
+    <div id="wrapper">
+      <img src="https://www.georchestra.org/public/logos/georchestra_logo.png" alt="geOrchestra" />
+      <p>
+        Due to maintenance, this service is temporarily unavailable.
+      </p>
+      <p>We're sorry for the inconvenience !</p>
+      <p>Hint: do not close the tab - the requested page will show up in a few seconds.</p>
+    </div>
+  </body>
+  <script>
+    window.setTimeout(function() {window.location.href = window.location.href}, 5000);
+  </script>
+</html>

gateway/src/main/resources/templates/error/503.html

@@ -0,0 +1,46 @@
+<html>
+  <head>
+    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+    <meta http-equiv="cache-control" content="no-cache" />
+    <meta http-equiv="pragma" content="no-cache" />
+    <meta name="robots" content="none" />
+    <meta name="googlebot" content="noarchive" />
+    <title>Site in maintenance</title>
+    <style type="text/css">
+      body {
+        background-color:#e6e6e6;
+        font-family:Calibri;
+        text-align:center;
+      }
+      #wrapper {
+        background:#fff;
+        width:492px;
+        position:relative;
+        margin-left:auto;
+        margin-right:auto;
+        text-align:left;
+        border:3px solid #999;
+        overflow:hidden;
+	padding: 30px;
+        border-bottom-right-radius: 16px;
+        border-bottom-left-radius: 16px;
+      }
+      #wrapper p {
+        padding:5px;
+      }
+    </style>
+  </head>
+  <body lang=FR>
+    <div id="wrapper">
+      <img src="https://www.georchestra.org/public/logos/georchestra_logo.png" alt="geOrchestra" />
+      <p>
+        Due to maintenance, this service is temporarily unavailable.
+      </p>
+      <p>We're sorry for the inconvenience !</p>
+      <p>Hint: do not close the tab - the requested page will show up in a few seconds.</p>
+    </div>
+  </body>
+  <script>
+    window.setTimeout(function() {window.location.href = window.location.href}, 5000);
+  </script>
+</html>