diff --git a/pom.xml b/pom.xml
index ec2fc07..d0b507a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -59,18 +59,18 @@
21
1.5.15
- 3.4.1
+ 3.4.5
1.7.1
- 2.18.0
+ 2.19.0
- 12.0.0
- 0.8.12
- 3.13.0
- 3.0.1
- 3.4.1
+ 12.1.1
+ 0.8.13
+ 3.14.0
+ 3.2.7
+ 3.11.2
3.1.1
- 3.2.1
- 3.5.2
+ 3.3.1
+ 3.5.3
diff --git a/src/main/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaRequiredException.java b/src/main/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaRequiredException.java
index 5b198d1..657fe96 100644
--- a/src/main/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaRequiredException.java
+++ b/src/main/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaRequiredException.java
@@ -1,6 +1,8 @@
package nl._42.restsecure.autoconfigure.authentication.mfa;
-public class MfaRequiredException extends RuntimeException {
+import org.springframework.security.core.AuthenticationException;
+
+public class MfaRequiredException extends AuthenticationException {
public MfaRequiredException(String msg) {
super(msg);
diff --git a/src/main/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandler.java b/src/main/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandler.java
index f48405d..ab9c8b4 100644
--- a/src/main/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandler.java
+++ b/src/main/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandler.java
@@ -9,8 +9,8 @@
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
+import nl._42.restsecure.autoconfigure.authentication.mfa.MfaRequiredException;
-import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.AuthenticationException;
@RequiredArgsConstructor
@@ -22,7 +22,7 @@ public class DefaultLoginAuthenticationExceptionHandler implements LoginAuthenti
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException {
// If the MFA code is needed but not provided, indicate this so the client can trigger the MFA login procedure.
- if (exception instanceof InsufficientAuthenticationException
+ if (exception instanceof MfaRequiredException
&& exception.getMessage().equals(SERVER_MFA_CODE_REQUIRED_ERROR)) {
errorHandler.respond(response, UNAUTHORIZED, SERVER_MFA_CODE_REQUIRED_ERROR);
} else {
diff --git a/src/test/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaAuthenticationProviderTest.java b/src/test/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaAuthenticationProviderTest.java
index d66bfe3..fbec545 100644
--- a/src/test/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaAuthenticationProviderTest.java
+++ b/src/test/java/nl/_42/restsecure/autoconfigure/authentication/mfa/MfaAuthenticationProviderTest.java
@@ -197,18 +197,18 @@ void shouldThrowIfCodeInvalid() {
}
@Test
- @DisplayName("should throw InsufficientAuthenticationException if the code is missing")
+ @DisplayName("should throw MfaRequiredException if the code is missing")
void shouldThrowIfCodeMissing() {
User user = new UserWithMfa("username", "password", "secret-key", false, "Hoi");
inMemoryUserDetailService.register(user);
mockMfaValidationService.register("secret-key", "123456");
MfaAuthenticationToken nullToken = new MfaAuthenticationToken("username", "password", null);
- InsufficientAuthenticationException e = assertThrows(InsufficientAuthenticationException.class, () -> provider.authenticate(nullToken));
+ MfaRequiredException e = assertThrows(MfaRequiredException.class, () -> provider.authenticate(nullToken));
assertEquals("SERVER.MFA_CODE_REQUIRED_ERROR", e.getMessage());
MfaAuthenticationToken emptyStringToken = new MfaAuthenticationToken("username", "password", "");
- InsufficientAuthenticationException e2 = assertThrows(InsufficientAuthenticationException.class, () -> provider.authenticate(emptyStringToken));
+ MfaRequiredException e2 = assertThrows(MfaRequiredException.class, () -> provider.authenticate(emptyStringToken));
assertEquals("SERVER.MFA_CODE_REQUIRED_ERROR", e2.getMessage());
}
}
diff --git a/src/test/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandlerTest.java b/src/test/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandlerTest.java
index 6a759aa..d0353ad 100644
--- a/src/test/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandlerTest.java
+++ b/src/test/java/nl/_42/restsecure/autoconfigure/errorhandling/DefaultLoginAuthenticationExceptionHandlerTest.java
@@ -2,6 +2,8 @@
import com.fasterxml.jackson.databind.ObjectMapper;
import nl._42.restsecure.autoconfigure.authentication.mfa.MfaAuthenticationProvider;
+import nl._42.restsecure.autoconfigure.authentication.mfa.MfaRequiredException;
+
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
@@ -28,7 +30,7 @@ void shouldReturnMfaCodeRequiredError() throws IOException {
MockHttpServletResponse response = new MockHttpServletResponse();
handler.handle(new MockHttpServletRequest(), response,
- new InsufficientAuthenticationException(MfaAuthenticationProvider.SERVER_MFA_CODE_REQUIRED_ERROR));
+ new MfaRequiredException(MfaAuthenticationProvider.SERVER_MFA_CODE_REQUIRED_ERROR));
assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatus());
assertThat(response.getContentAsString()).contains("\"errorCode\":\"SERVER.MFA_CODE_REQUIRED_ERROR\"");