[Task 70131] cleanup and futher implement login as feature

dspace-server-webapp/src/main/java/org/dspace/app/rest/security/ErrorResponse.java

@@ -1,39 +0,0 @@
-package org.dspace.app.rest.security;
-
-public class ErrorResponse {
-
-    private int code;
-    private String message;
-
-    /**
-     * Generic getter for the code
-     * @return the code value of this ErrorResponse
-     */
-    public int getCode() {
-        return code;
-    }
-
-    /**
-     * Generic setter for the code
-     * @param code   The code to be set on this ErrorResponse
-     */
-    public void setCode(int code) {
-        this.code = code;
-    }
-
-    /**
-     * Generic getter for the message
-     * @return the message value of this ErrorResponse
-     */
-    public String getMessage() {
-        return message;
-    }
-
-    /**
-     * Generic setter for the message
-     * @param message   The message to be set on this ErrorResponse
-     */
-    public void setMessage(String message) {
-        this.message = message;
-    }
-}

dspace-server-webapp/src/main/java/org/dspace/app/rest/security/StatelessAuthenticationFilter.java

@@ -122,33 +122,31 @@ public class StatelessAuthenticationFilter extends BasicAuthenticationFilter {
             }
         } else {
             if (request.getHeader(ON_BEHALF_OF_REQUEST_PARAM) != null) {
-                res.setStatus(401);
                 inErrorOnBehalfOf = true;
+                res.sendError(HttpServletResponse.SC_UNAUTHORIZED, "There is no logged in user");
+
             }
         }
 
         return null;
     }
 
-    private byte[] restResponseBytes(ErrorResponse eErrorResponse) throws IOException {
-        String serialized = new ObjectMapper().writeValueAsString(eErrorResponse);
-        return serialized.getBytes();
-    }
-
     private Authentication getOnBehalfOfAuthentication(Context context, String onBehalfOfParameterValue,
                                                        HttpServletRequest request,
                                                        HttpServletResponse res) throws IOException {
         UUID epersonUuid = UUIDUtils.fromString(onBehalfOfParameterValue);
         if (epersonUuid == null) {
             inErrorOnBehalfOf = true;
-            res.sendError(HttpServletResponse.SC_BAD_REQUEST, "THIS IS A TEST");
+            res.sendError(HttpServletResponse.SC_BAD_REQUEST, "The given UUID in the X-On-Behalf-Of header " +
+                "was not a proper UUID");
+            return null;
         }
         try {
             EPerson onBehalfOfEPerson = ePersonService.find(context, epersonUuid);
             if (onBehalfOfEPerson == null) {
-                res.setStatus(400);
                 inErrorOnBehalfOf = true;
-
+                res.sendError(HttpServletResponse.SC_BAD_REQUEST, "The given UUID in the X-On-Behalf-Of header " +
+                    "was not a proper EPerson UUID");
                 return null;
             }
             if (authorizeService.isAdmin(context)) {
@@ -158,8 +156,8 @@ public class StatelessAuthenticationFilter extends BasicAuthenticationFilter {
                                                 authenticationProvider.getGrantedAuthorities(context,
                                                                                              onBehalfOfEPerson));
             } else {
-                res.setStatus(403);
                 inErrorOnBehalfOf = true;
+                res.sendError(HttpServletResponse.SC_FORBIDDEN, "The current user is not an admin");
                 return null;
             }