package com.saas.shared.exception; import com.saas.shared.dto.common.ApiResponse; import com.saas.shared.dto.common.ErrorField; import com.saas.shared.dto.common.ErrorResponse; import jakarta.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.validation.FieldError; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; import java.time.LocalDateTime; import java.util.List; import java.util.stream.Collectors; @RestControllerAdvice @Slf4j public class GlobalExceptionHandler { @ExceptionHandler(BusinessException.class) public ResponseEntity> handleBusinessException( BusinessException ex, HttpServletRequest request) { log.warn("Business exception: {} - {}", ex.getErrorCode().getCode(), ex.getMessage()); ErrorResponse error = ErrorResponse.builder() .errorCode(ex.getErrorCode().getCode()) .message(ex.getMessage()) .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.BAD_REQUEST) .body(ApiResponse.error(error, ex.getMessage())); } @ExceptionHandler(ResourceNotFoundException.class) public ResponseEntity> handleResourceNotFound( ResourceNotFoundException ex, HttpServletRequest request) { log.warn("Resource not found: {}", ex.getMessage()); ErrorResponse error = ErrorResponse.builder() .errorCode(ex.getErrorCode().getCode()) .message(ex.getMessage()) .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.NOT_FOUND) .body(ApiResponse.error(error, ex.getMessage())); } @ExceptionHandler(MethodArgumentNotValidException.class) public ResponseEntity> handleValidation( MethodArgumentNotValidException ex, HttpServletRequest request) { List fields = ex.getBindingResult() .getFieldErrors() .stream() .map(error -> new ErrorField( error.getField(), error.getDefaultMessage(), error.getRejectedValue())) .collect(Collectors.toList()); ErrorResponse error = ErrorResponse.builder() .errorCode(ErrorCode.VALIDATION_ERROR.getCode()) .message("Validation failed") .fields(fields) .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.BAD_REQUEST) .body(ApiResponse.error(error, "Validation failed")); } @ExceptionHandler(BadCredentialsException.class) public ResponseEntity> handleBadCredentials( BadCredentialsException ex, HttpServletRequest request) { log.warn("Bad credentials: {}", ex.getMessage()); ErrorResponse error = ErrorResponse.builder() .errorCode(ErrorCode.INVALID_CREDENTIALS.getCode()) .message("Invalid email or password") .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.UNAUTHORIZED) .body(ApiResponse.error(error, "Invalid email or password")); } @ExceptionHandler(AccessDeniedException.class) public ResponseEntity> handleAccessDenied( AccessDeniedException ex, HttpServletRequest request) { log.warn("Access denied: {}", ex.getMessage()); ErrorResponse error = ErrorResponse.builder() .errorCode(ErrorCode.FORBIDDEN.getCode()) .message("Access forbidden") .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.FORBIDDEN) .body(ApiResponse.error(error, "Access forbidden")); } @ExceptionHandler(org.springframework.web.servlet.resource.NoResourceFoundException.class) public ResponseEntity handleNoResourceFoundException( org.springframework.web.servlet.resource.NoResourceFoundException ex, HttpServletRequest request) { // Return 404 with empty body for static resources to prevent content-type // mismatch (JSON vs CSS/JS) return ResponseEntity.notFound().build(); } @ExceptionHandler(Exception.class) public ResponseEntity> handleGeneric( Exception ex, HttpServletRequest request) { // Prevent logging stack traces for ClientAbortException (broken pipe) which are // noise if (ex.getClass().getSimpleName().equals("ClientAbortException")) { return null; // Connection already closed by client } log.error("Unhandled exception", ex); ErrorResponse error = ErrorResponse.builder() .errorCode(ErrorCode.INTERNAL_ERROR.getCode()) .message("An unexpected error occurred") .timestamp(LocalDateTime.now()) .path(request.getRequestURI()) .build(); return ResponseEntity .status(HttpStatus.INTERNAL_SERVER_ERROR) .contentType(org.springframework.http.MediaType.APPLICATION_JSON) .body(ApiResponse.error(error, "An unexpected error occurred")); } }