package org.zowe.apiml.security.common.auth;

import lombok.Generated;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.zowe.apiml.message.core.MessageService;

@ControllerAdvice
/* loaded from: input_file:BOOT-INF/lib/apiml-security-common-2.10.7.jar:org/zowe/apiml/security/common/auth/SecurityControllerExceptionHandler.class */
public class SecurityControllerExceptionHandler {
    private static final String FORBIDDEN_MESSAGE_KEY = "org.zowe.apiml.security.forbidden";
    private final MessageService messageService;

    @ExceptionHandler({AccessDeniedException.class})
    public ResponseEntity<Object> handleAccessDeniedException(AccessDeniedException accessDeniedException) {
        return ResponseEntity.status(HttpStatus.FORBIDDEN).contentType(MediaType.APPLICATION_JSON).body(this.messageService.createMessage(FORBIDDEN_MESSAGE_KEY, accessDeniedException.getMessage()).mapToView());
    }

    @Generated
    public SecurityControllerExceptionHandler(MessageService messageService) {
        this.messageService = messageService;
    }
}
