From f011449f89fbbd395f1952df665fe342a51797ef Mon Sep 17 00:00:00 2001 From: yooonwodyd Date: Wed, 6 Nov 2024 21:39:38 +0900 Subject: [PATCH] feat:[#84]- refact jwt MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 로그 일부 추가, properties 추가, 비로그인 유저 접속 가능 url 추가 --- .../global/config/ProPertyConfig.java | 12 +++++++++++ .../global/jwt/JwtProperties.java | 20 +++++++++++++++++++ .../helpmeCookies/global/jwt/JwtProvider.java | 14 ++++++------- .../security/JwtAuthenticationFilter.java | 4 +++- .../global/security/WebSecurityConfig.java | 4 +++- 5 files changed, 44 insertions(+), 10 deletions(-) create mode 100644 src/main/java/com/helpmeCookies/global/config/ProPertyConfig.java create mode 100644 src/main/java/com/helpmeCookies/global/jwt/JwtProperties.java diff --git a/src/main/java/com/helpmeCookies/global/config/ProPertyConfig.java b/src/main/java/com/helpmeCookies/global/config/ProPertyConfig.java new file mode 100644 index 0000000..338afd7 --- /dev/null +++ b/src/main/java/com/helpmeCookies/global/config/ProPertyConfig.java @@ -0,0 +1,12 @@ +package com.helpmeCookies.global.config; + +import org.springframework.boot.context.properties.ConfigurationPropertiesScan; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import com.helpmeCookies.global.jwt.JwtProperties; + +@Configuration +@EnableConfigurationProperties(JwtProperties.class) +public class ProPertyConfig { +} diff --git a/src/main/java/com/helpmeCookies/global/jwt/JwtProperties.java b/src/main/java/com/helpmeCookies/global/jwt/JwtProperties.java new file mode 100644 index 0000000..b99dd2f --- /dev/null +++ b/src/main/java/com/helpmeCookies/global/jwt/JwtProperties.java @@ -0,0 +1,20 @@ +package com.helpmeCookies.global.jwt; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; + +import lombok.Getter; +import lombok.Setter; + +@Component +@ConfigurationProperties(prefix = "jwt") +@Getter +@Setter +public class JwtProperties { + private String secret; + private long accessTokenExpireTime; + private long refreshTokenExpireTime; + + public JwtProperties() { + } +} diff --git a/src/main/java/com/helpmeCookies/global/jwt/JwtProvider.java b/src/main/java/com/helpmeCookies/global/jwt/JwtProvider.java index 3fa9c37..dcafdff 100644 --- a/src/main/java/com/helpmeCookies/global/jwt/JwtProvider.java +++ b/src/main/java/com/helpmeCookies/global/jwt/JwtProvider.java @@ -12,15 +12,13 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; +import lombok.RequiredArgsConstructor; @Component +@RequiredArgsConstructor public class JwtProvider implements InitializingBean { - @Value("${jwt.secret}") - private String secret; - @Value("${jwt.access-token-expire-time}") - private long accessTokenExpireTime; - @Value("${jwt.refresh-token-expire-time}") - private long refreshTokenExpireTime; + + private final JwtProperties jwtProperties; private Key secretKey; private static final String ROLE = "role"; private static final String IS_ACCESS_TOKEN = "isAccessToken"; @@ -95,7 +93,7 @@ private JwtUser claimsToJwtUser(Claims claims) { } private String generateToken(JwtUser jwtUser, boolean isAccessToken) { - long expireTime = isAccessToken ? accessTokenExpireTime : refreshTokenExpireTime; + long expireTime = isAccessToken ? jwtProperties.getAccessTokenExpireTime() : jwtProperties.getRefreshTokenExpireTime(); Date expireDate = new Date(System.currentTimeMillis() + expireTime); return Jwts.builder() .signWith(secretKey) @@ -115,6 +113,6 @@ private Claims extractClaims(String rawToken) { @Override public void afterPropertiesSet() { - secretKey = new SecretKeySpec(secret.getBytes(), SignatureAlgorithm.HS256.getJcaName()); + secretKey = new SecretKeySpec(jwtProperties.getSecret().getBytes(), SignatureAlgorithm.HS256.getJcaName()); } } diff --git a/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java b/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java index 4570b65..0b996a2 100644 --- a/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/helpmeCookies/global/security/JwtAuthenticationFilter.java @@ -24,7 +24,6 @@ @Component public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtProvider jwtProvider; - private static final String AUTHORIZATION_HEADER = "Authorization"; @Override @@ -46,6 +45,9 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); + } else { + log.info("유효하지 않은 토큰 발생"); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "토큰이 유효하지 않습니다."); } filterChain.doFilter(request, response); diff --git a/src/main/java/com/helpmeCookies/global/security/WebSecurityConfig.java b/src/main/java/com/helpmeCookies/global/security/WebSecurityConfig.java index a1e0697..e5a9811 100644 --- a/src/main/java/com/helpmeCookies/global/security/WebSecurityConfig.java +++ b/src/main/java/com/helpmeCookies/global/security/WebSecurityConfig.java @@ -72,7 +72,9 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { "/actuator/**", "/v1/**", "swagger-ui/**", - "/test/signup" + "/test/signup", + "/v1/artist", + "/v1/artists" ).permitAll() .anyRequest().authenticated() ).exceptionHandling((exception) -> exception