diff --git a/src/main/java/team1/be/seamless/controller/AuthController.java b/src/main/java/team1/be/seamless/controller/AuthController.java index 4deea2e0..c0585fbb 100644 --- a/src/main/java/team1/be/seamless/controller/AuthController.java +++ b/src/main/java/team1/be/seamless/controller/AuthController.java @@ -25,10 +25,10 @@ public AuthController(AuthService authService) { this.authService = authService; } - @GetMapping("/success") - public SingleResult AccessTokenToJson(@RequestParam("accessToken") String accessToken) { - return new SingleResult<>(new Token(accessToken)); - } +// @GetMapping("/success") +// public SingleResult temp(@RequestParam("accessToken") String accessToken) { +// return new SingleResult<>(new Token(accessToken)); +// } @Operation(summary = "인증 코드로 멤버 토큰 반환") @GetMapping("/memberCode") diff --git a/src/main/java/team1/be/seamless/controller/AuthSuccessController.java b/src/main/java/team1/be/seamless/controller/AuthSuccessController.java new file mode 100644 index 00000000..4cafe9e8 --- /dev/null +++ b/src/main/java/team1/be/seamless/controller/AuthSuccessController.java @@ -0,0 +1,34 @@ +package team1.be.seamless.controller; + +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.servlet.mvc.support.RedirectAttributes; + +@Controller +public class AuthSuccessController { + private String returnURL; + + @Autowired + public AuthSuccessController(@Value("${Url.Url}")String returnURL) { + this.returnURL = returnURL; + TestUrl(); + } + + @GetMapping("/api/auth/success") + public String redirectURL(HttpServletRequest request, RedirectAttributes redirectAttributes, @RequestParam("accessToken") String accessToken) { + String referer = request.getHeader("Referer"); + // accessToken 값을 URL 파라미터로 전달 + redirectAttributes.addAttribute("accessToken", accessToken); + return "redirect:"+returnURL+"/login"; + } + + @Profile("test") + public void TestUrl(){ + returnURL="localhost:3000"; + } +} diff --git a/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java b/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java index b4efd710..a8daa6d9 100644 --- a/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java +++ b/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java @@ -14,9 +14,7 @@ import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import team1.be.seamless.service.AuthService; -import team1.be.seamless.util.errorException.SecurityEntryPoint; import team1.be.seamless.util.fiter.TokenAuthenticationFilter; -import team1.be.seamless.util.fiter.TokenExceptionFilter; @Configuration @EnableWebSecurity @@ -25,23 +23,14 @@ public class SecurityConfig { private final AuthService authService; private final OAuth2SuccessHandler successHandler; private final TokenAuthenticationFilter tokenAuthenticationFilter; - private final TokenExceptionFilter tokenExceptionFilter; - private final SecurityEntryPoint SecurityException; - private final HttpCookieOAuth2AuthorizationRequestRepository authorizationRequestRepository; @Autowired public SecurityConfig(AuthService authService, OAuth2SuccessHandler successHandler, - TokenAuthenticationFilter tokenAuthenticationFilter, - TokenExceptionFilter tokenExceptionFilter, - SecurityEntryPoint securityException, - HttpCookieOAuth2AuthorizationRequestRepository authorizationRequestRepository) { + TokenAuthenticationFilter tokenAuthenticationFilter) { this.authService = authService; this.successHandler = successHandler; this.tokenAuthenticationFilter = tokenAuthenticationFilter; - this.tokenExceptionFilter = tokenExceptionFilter; - SecurityException = securityException; - this.authorizationRequestRepository = authorizationRequestRepository; } @Bean @@ -86,8 +75,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http, .authorizationRequestRepository(httpCookieOAuth2AuthorizationRequestRepository) ) - .addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) - .addFilterBefore(tokenExceptionFilter, tokenAuthenticationFilter.getClass()); + .addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); } diff --git a/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java b/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java index 4f2d4e1f..4beb84dd 100644 --- a/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java +++ b/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java @@ -1,5 +1,6 @@ package team1.be.seamless.util.fiter; +import io.jsonwebtoken.ExpiredJwtException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -7,11 +8,16 @@ import java.io.IOException; import java.util.Date; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import team1.be.seamless.util.auth.JwtToken; +import team1.be.seamless.util.errorException.CustomExceptionHandler; +import team1.be.seamless.util.errorException.RuntimeHandler; +import team1.be.seamless.util.errorException.StatusResponse; +import team1.be.seamless.util.page.SingleResult; @Component public class TokenAuthenticationFilter extends OncePerRequestFilter { @@ -28,17 +34,24 @@ public TokenAuthenticationFilter(JwtToken jwtToken) { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { - - String path = request.getRequestURI(); - String method = request.getMethod(); - + response.setCharacterEncoding("utf-8"); +// String path = request.getRequestURI(); +// String method = request.getMethod(); +// String token = request.getHeader(AUTHORIZATION_HEADER); if (token != null && token.startsWith(BEARER_PREFIX)) { token = token.substring(7); - jwtToken.validateToken(token).getExpiration().after(new Date()); - setAuthentication(token); + try{ + jwtToken.validateToken(token); + setAuthentication(token); + } catch (RuntimeHandler e){ + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 상태 설정 + response.setContentType("application/json"); + response.getWriter().write("{\"errorCode\": 401, \"errorMessage\": \"" + e.getMessage() + "\"}"); + + return; + } } - filterChain.doFilter(request, response); } diff --git a/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java b/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java deleted file mode 100644 index 296e8959..00000000 --- a/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java +++ /dev/null @@ -1,30 +0,0 @@ -package team1.be.seamless.util.fiter; - -import io.jsonwebtoken.ExpiredJwtException; -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import java.io.IOException; -import org.springframework.http.HttpStatus; -import org.springframework.security.oauth2.jwt.JwtException; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; -import team1.be.seamless.util.errorException.BaseHandler; - -@Component -public class TokenExceptionFilter extends OncePerRequestFilter { - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, - FilterChain filterChain) throws ServletException, IOException { - - try { - filterChain.doFilter(request, response); - } catch (ExpiredJwtException e) { - throw new BaseHandler(HttpStatus.UNAUTHORIZED, "만료된 토큰 입니다."); - } catch (JwtException e) { - throw new BaseHandler(HttpStatus.UNAUTHORIZED, "유효하지 않은 JWT 토큰입니다."); - } - } -} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 67164d50..b9608e39 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,4 +1,3 @@ -# project name spring.application.name=Team1_BE # init @@ -19,4 +18,5 @@ spring.jpa.show-sql=true server.forward-headers-strategy=framework # URL matching -spring.mvc.pathmatch.matching-strategy=ant_path_matcher \ No newline at end of file +spring.mvc.pathmatch.matching-strategy=ant_path_matcher +Url.Url=https://team1-fe.pages.dev \ No newline at end of file