From b0c10003df3650c1e3f392888971e8de4fdb6bb0 Mon Sep 17 00:00:00 2001 From: Kim-DongHyuk <80240164+Kdonghs@users.noreply.github.com> Date: Wed, 13 Nov 2024 01:10:25 +0900 Subject: [PATCH 1/3] =?UTF-8?q?feat:=ED=86=A0=ED=81=B0=20=EA=B2=80?= =?UTF-8?q?=EC=A6=9D=20=EC=98=88=EC=99=B8=EC=B2=98=EB=A6=AC=20=EA=B5=AC?= =?UTF-8?q?=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../be/seamless/util/auth/SecurityConfig.java | 16 ++-------- .../util/fiter/TokenAuthenticationFilter.java | 27 ++++++++++++----- .../util/fiter/TokenExceptionFilter.java | 30 ------------------- 3 files changed, 22 insertions(+), 51 deletions(-) delete mode 100644 src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java diff --git a/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java b/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java index b4efd710..a8daa6d9 100644 --- a/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java +++ b/src/main/java/team1/be/seamless/util/auth/SecurityConfig.java @@ -14,9 +14,7 @@ import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import team1.be.seamless.service.AuthService; -import team1.be.seamless.util.errorException.SecurityEntryPoint; import team1.be.seamless.util.fiter.TokenAuthenticationFilter; -import team1.be.seamless.util.fiter.TokenExceptionFilter; @Configuration @EnableWebSecurity @@ -25,23 +23,14 @@ public class SecurityConfig { private final AuthService authService; private final OAuth2SuccessHandler successHandler; private final TokenAuthenticationFilter tokenAuthenticationFilter; - private final TokenExceptionFilter tokenExceptionFilter; - private final SecurityEntryPoint SecurityException; - private final HttpCookieOAuth2AuthorizationRequestRepository authorizationRequestRepository; @Autowired public SecurityConfig(AuthService authService, OAuth2SuccessHandler successHandler, - TokenAuthenticationFilter tokenAuthenticationFilter, - TokenExceptionFilter tokenExceptionFilter, - SecurityEntryPoint securityException, - HttpCookieOAuth2AuthorizationRequestRepository authorizationRequestRepository) { + TokenAuthenticationFilter tokenAuthenticationFilter) { this.authService = authService; this.successHandler = successHandler; this.tokenAuthenticationFilter = tokenAuthenticationFilter; - this.tokenExceptionFilter = tokenExceptionFilter; - SecurityException = securityException; - this.authorizationRequestRepository = authorizationRequestRepository; } @Bean @@ -86,8 +75,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http, .authorizationRequestRepository(httpCookieOAuth2AuthorizationRequestRepository) ) - .addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) - .addFilterBefore(tokenExceptionFilter, tokenAuthenticationFilter.getClass()); + .addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); } diff --git a/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java b/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java index 4f2d4e1f..4beb84dd 100644 --- a/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java +++ b/src/main/java/team1/be/seamless/util/fiter/TokenAuthenticationFilter.java @@ -1,5 +1,6 @@ package team1.be.seamless.util.fiter; +import io.jsonwebtoken.ExpiredJwtException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -7,11 +8,16 @@ import java.io.IOException; import java.util.Date; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import team1.be.seamless.util.auth.JwtToken; +import team1.be.seamless.util.errorException.CustomExceptionHandler; +import team1.be.seamless.util.errorException.RuntimeHandler; +import team1.be.seamless.util.errorException.StatusResponse; +import team1.be.seamless.util.page.SingleResult; @Component public class TokenAuthenticationFilter extends OncePerRequestFilter { @@ -28,17 +34,24 @@ public TokenAuthenticationFilter(JwtToken jwtToken) { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { - - String path = request.getRequestURI(); - String method = request.getMethod(); - + response.setCharacterEncoding("utf-8"); +// String path = request.getRequestURI(); +// String method = request.getMethod(); +// String token = request.getHeader(AUTHORIZATION_HEADER); if (token != null && token.startsWith(BEARER_PREFIX)) { token = token.substring(7); - jwtToken.validateToken(token).getExpiration().after(new Date()); - setAuthentication(token); + try{ + jwtToken.validateToken(token); + setAuthentication(token); + } catch (RuntimeHandler e){ + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 상태 설정 + response.setContentType("application/json"); + response.getWriter().write("{\"errorCode\": 401, \"errorMessage\": \"" + e.getMessage() + "\"}"); + + return; + } } - filterChain.doFilter(request, response); } diff --git a/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java b/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java deleted file mode 100644 index 296e8959..00000000 --- a/src/main/java/team1/be/seamless/util/fiter/TokenExceptionFilter.java +++ /dev/null @@ -1,30 +0,0 @@ -package team1.be.seamless.util.fiter; - -import io.jsonwebtoken.ExpiredJwtException; -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import java.io.IOException; -import org.springframework.http.HttpStatus; -import org.springframework.security.oauth2.jwt.JwtException; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; -import team1.be.seamless.util.errorException.BaseHandler; - -@Component -public class TokenExceptionFilter extends OncePerRequestFilter { - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, - FilterChain filterChain) throws ServletException, IOException { - - try { - filterChain.doFilter(request, response); - } catch (ExpiredJwtException e) { - throw new BaseHandler(HttpStatus.UNAUTHORIZED, "만료된 토큰 입니다."); - } catch (JwtException e) { - throw new BaseHandler(HttpStatus.UNAUTHORIZED, "유효하지 않은 JWT 토큰입니다."); - } - } -} From b2654b479cfd902f985cdc7029b39fda4b33ab04 Mon Sep 17 00:00:00 2001 From: Kim-DongHyuk <80240164+Kdonghs@users.noreply.github.com> Date: Wed, 13 Nov 2024 21:12:19 +0900 Subject: [PATCH 2/3] =?UTF-8?q?feat:=20=ED=86=A0=ED=81=B0=EC=9D=84=20?= =?UTF-8?q?=EB=B0=9B=EC=95=84=EC=84=9C=20=EB=A6=AC=EB=8B=A4=EC=9D=B4?= =?UTF-8?q?=EB=A0=89=ED=8A=B8=20=ED=95=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../seamless/controller/AuthController.java | 8 ++--- .../controller/AuthSuccessContoller.java | 34 +++++++++++++++++++ src/main/resources/application.properties | 4 +-- 3 files changed, 40 insertions(+), 6 deletions(-) create mode 100644 src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java diff --git a/src/main/java/team1/be/seamless/controller/AuthController.java b/src/main/java/team1/be/seamless/controller/AuthController.java index 665b6270..c0585fbb 100644 --- a/src/main/java/team1/be/seamless/controller/AuthController.java +++ b/src/main/java/team1/be/seamless/controller/AuthController.java @@ -25,10 +25,10 @@ public AuthController(AuthService authService) { this.authService = authService; } - @GetMapping("/success") - public SingleResult temp(@RequestParam("accessToken") String accessToken) { - return new SingleResult<>(new Token(accessToken)); - } +// @GetMapping("/success") +// public SingleResult temp(@RequestParam("accessToken") String accessToken) { +// return new SingleResult<>(new Token(accessToken)); +// } @Operation(summary = "인증 코드로 멤버 토큰 반환") @GetMapping("/memberCode") diff --git a/src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java b/src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java new file mode 100644 index 00000000..32645597 --- /dev/null +++ b/src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java @@ -0,0 +1,34 @@ +package team1.be.seamless.controller; + +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.servlet.mvc.support.RedirectAttributes; + +@Controller +public class AuthSuccessContoller { + private String returnURL; + + @Autowired + public AuthSuccessContoller(@Value("${Url.Url}")String returnURL) { + this.returnURL = returnURL; + TestUrl(); + } + + @GetMapping("/api/auth/success") + public String redirectURL(HttpServletRequest request, RedirectAttributes redirectAttributes, @RequestParam("accessToken") String accessToken) { + String referer = request.getHeader("Referer"); + // accessToken 값을 URL 파라미터로 전달 + redirectAttributes.addAttribute("accessToken", accessToken); + return "redirect:"+returnURL+"/login"; + } + + @Profile("test") + public void TestUrl(){ + returnURL="localhost:3000"; + } +} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 67164d50..b9608e39 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,4 +1,3 @@ -# project name spring.application.name=Team1_BE # init @@ -19,4 +18,5 @@ spring.jpa.show-sql=true server.forward-headers-strategy=framework # URL matching -spring.mvc.pathmatch.matching-strategy=ant_path_matcher \ No newline at end of file +spring.mvc.pathmatch.matching-strategy=ant_path_matcher +Url.Url=https://team1-fe.pages.dev \ No newline at end of file From 864432ad8470a072b2a3d946a580d71cfcd8b644 Mon Sep 17 00:00:00 2001 From: Kim-DongHyuk <80240164+Kdonghs@users.noreply.github.com> Date: Wed, 13 Nov 2024 21:14:28 +0900 Subject: [PATCH 3/3] =?UTF-8?q?fix:=20=EC=98=A4=ED=83=80=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../{AuthSuccessContoller.java => AuthSuccessController.java} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename src/main/java/team1/be/seamless/controller/{AuthSuccessContoller.java => AuthSuccessController.java} (91%) diff --git a/src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java b/src/main/java/team1/be/seamless/controller/AuthSuccessController.java similarity index 91% rename from src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java rename to src/main/java/team1/be/seamless/controller/AuthSuccessController.java index 32645597..4cafe9e8 100644 --- a/src/main/java/team1/be/seamless/controller/AuthSuccessContoller.java +++ b/src/main/java/team1/be/seamless/controller/AuthSuccessController.java @@ -10,11 +10,11 @@ import org.springframework.web.servlet.mvc.support.RedirectAttributes; @Controller -public class AuthSuccessContoller { +public class AuthSuccessController { private String returnURL; @Autowired - public AuthSuccessContoller(@Value("${Url.Url}")String returnURL) { + public AuthSuccessController(@Value("${Url.Url}")String returnURL) { this.returnURL = returnURL; TestUrl(); }