diff --git a/Dockerfile b/Dockerfile index 37e03bb..4fde18e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,4 +24,4 @@ COPY --from=builder /app-build/build/libs/authentication.jar /app-run/authentica EXPOSE 8080 ENTRYPOINT ["java"] -CMD ["-jar", "authentication.jar"] \ No newline at end of file +CMD ["-Dspring.config.additional-location=file:/app-run/", "-jar", "authentication.jar"] \ No newline at end of file diff --git a/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java b/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java index 965496e..b9229a7 100644 --- a/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java +++ b/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java @@ -21,7 +21,7 @@ import sopt.makers.authentication.support.exception.external.ClientRequestException; import sopt.makers.authentication.support.exception.external.ClientResponseException; import sopt.makers.authentication.support.util.*; -import sopt.makers.authentication.support.value.AppleProperty; +import sopt.makers.authentication.support.value.AppleOAuthProperty; import java.io.IOException; import java.security.PrivateKey; @@ -46,7 +46,7 @@ @RequiredArgsConstructor @Slf4j public class AppleAuthService implements OAuthService { - private final AppleProperty appleProperty; + private final AppleOAuthProperty appleOAuthProperty; private final Gson gson; private final OkHttpClient client; @@ -60,7 +60,7 @@ public IdTokenResponse getIdTokenByCode(final String code) { } private FormBody createTokenRequestFormBody(final String code) { - String clientId = appleProperty.apple().sub(); + String clientId = appleOAuthProperty.sub(); String clientSecret = createClientSecret(); return new FormBody.Builder() .add(CLIENT_ID, clientId) @@ -73,18 +73,17 @@ private FormBody createTokenRequestFormBody(final String code) { private String createClientSecret() { Date now = new Date(); PrivateKey privateKey = - KeyFileUtil.getPrivateKey(appleProperty.apple().key().path()) + KeyFileUtil.getPrivateKey(appleOAuthProperty.key().path()) .orElseThrow(() -> new ClientRequestException(FAIL_READ_APPLE_PRIVATE_KEY_FILE)); return Jwts.builder() // 토큰 생성 로직은 tokenProvider? 근데 얘는 parse는 없음 - .setHeaderParam(APPLE_KEY_ID_HEADER, appleProperty.apple().key().id()) + .setHeaderParam(APPLE_KEY_ID_HEADER, appleOAuthProperty.key().id()) .setHeaderParam(APPLE_ALGORITHM_HEADER, APPLE_ALGORITHM_VALUE) .setIssuedAt(now) - .setExpiration( - new Date(now.getTime() + appleProperty.apple().expiration().tokenExpiration())) - .setIssuer(appleProperty.apple().team().id()) - .setAudience(appleProperty.apple().aud()) - .setSubject(appleProperty.apple().sub()) + .setExpiration(new Date(now.getTime() + appleOAuthProperty.expiration().tokenExpiration())) + .setIssuer(appleOAuthProperty.team().id()) + .setAudience(appleOAuthProperty.aud()) + .setSubject(appleOAuthProperty.sub()) .signWith(privateKey, SignatureAlgorithm.ES256) .compact(); } diff --git a/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java b/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java index fd0bdf0..40f7146 100644 --- a/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java +++ b/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java @@ -17,7 +17,7 @@ import sopt.makers.authentication.external.oauth.dto.IdTokenResponse; import sopt.makers.authentication.support.exception.external.ClientRequestException; import sopt.makers.authentication.support.exception.external.ClientResponseException; -import sopt.makers.authentication.support.value.GoogleProperty; +import sopt.makers.authentication.support.value.GoogleOAuthProperty; import java.io.IOException; @@ -35,7 +35,7 @@ @Component @RequiredArgsConstructor public class GoogleAuthService implements OAuthService { - private final GoogleProperty googleProperty; + private final GoogleOAuthProperty googleOAuthProperty; private final Gson gson; private final OkHttpClient client; @@ -50,11 +50,11 @@ public IdTokenResponse getIdTokenByCode(String code) { private FormBody createTokenRequestFormBody(String code) { return new FormBody.Builder() - .add(CLIENT_ID, googleProperty.google().client().id()) - .add(CLIENT_SECRET, googleProperty.google().client().secret()) + .add(CLIENT_ID, googleOAuthProperty.client().id()) + .add(CLIENT_SECRET, googleOAuthProperty.client().secret()) .add(CODE, code) .add(GRANT_TYPE, GRANT_TYPE_VALUE) - .add(REDIRECT_URI, googleProperty.google().redirect().url()) + .add(REDIRECT_URI, googleOAuthProperty.redirect().url()) .build(); } diff --git a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java index 45c946a..0296779 100644 --- a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java @@ -9,11 +9,10 @@ @Configuration(value = "CustomApplicationConfig") @ConfigurationPropertiesScan(basePackages = {"sopt.makers.authentication.support.value"}) @EnableConfigurationProperties({ - AuthProperty.class, GabiaProperty.class, JwtProperty.class, MakersProperty.class, - AppleProperty.class, - GoogleProperty.class + AppleOAuthProperty.class, + GoogleOAuthProperty.class }) public class ApplicationConfig {} diff --git a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java index ce69a38..63b2a92 100644 --- a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java @@ -1,13 +1,12 @@ package sopt.makers.authentication.support.config; -import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ALL; +import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ACTUATOR; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_AUTH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ERROR_PATH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_TEST; import sopt.makers.authentication.support.security.filter.JwtAuthenticationFilter; import sopt.makers.authentication.support.security.filter.JwtExceptionFilter; -import sopt.makers.authentication.support.value.AuthProperty; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -21,9 +20,6 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import lombok.RequiredArgsConstructor; @@ -36,7 +32,6 @@ public class SecurityConfig { private final JwtAuthenticationFilter jwtAuthenticationFilter; private final JwtExceptionFilter jwtExceptionFilter; - private final AuthProperty authProperty; @Bean public static PasswordEncoder passwordEncoder() { @@ -75,7 +70,7 @@ private void setDefaultHttp(HttpSecurity http) throws Exception { http.httpBasic(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable) .formLogin(AbstractHttpConfigurer::disable) - .cors(configurer -> configurer.configurationSource(corsConfigurationSource())) + .cors(AbstractHttpConfigurer::disable) .sessionManagement( configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) @@ -92,23 +87,9 @@ private void setSecuredHttp(HttpSecurity http) throws Exception { .permitAll() .requestMatchers(new AntPathRequestMatcher(PATTERN_ERROR_PATH)) .permitAll() + .requestMatchers(new AntPathRequestMatcher(PATTERN_ACTUATOR)) + .permitAll() .anyRequest() .authenticated()); } - - @Bean - public CorsConfigurationSource corsConfigurationSource() { - CorsConfiguration configuration = new CorsConfiguration(); - - configuration.addAllowedOrigin(authProperty.client().url()); - configuration.addAllowedHeader(ALL); - configuration.addAllowedMethod(ALL); - configuration.setAllowCredentials(true); - - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - - source.registerCorsConfiguration(PATTERN_ALL, configuration); - - return source; - } } diff --git a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java index 7a568b1..1d345be 100644 --- a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java +++ b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java @@ -9,9 +9,15 @@ private SystemConstant() {} public static final String API_DEFAULT_PREFIX = API_PATH_PREFIX + API_VERSION; + public static final String PATH_ACTUATOR = "/actuator"; + public static final String PATH_AUTH = "/auth"; + public static final String PATH_ERROR = "/error"; + public static final String PATH_TEST = "/test"; + public static final String PATTERN_ALL = "/**"; - public static final String PATTERN_ERROR_PATH = "/error"; - public static final String PATTERN_AUTH = API_DEFAULT_PREFIX + "/auth" + PATTERN_ALL; - public static final String PATTERN_TEST = API_DEFAULT_PREFIX + "/test" + PATTERN_ALL; + public static final String PATTERN_ERROR_PATH = PATH_ERROR + PATTERN_ALL; + public static final String PATTERN_ACTUATOR = PATH_ACTUATOR + PATTERN_ALL; + public static final String PATTERN_AUTH = API_DEFAULT_PREFIX + PATH_AUTH + PATTERN_ALL; + public static final String PATTERN_TEST = API_DEFAULT_PREFIX + PATH_TEST + PATTERN_ALL; public static final String PATTERN_ROOT_PATH = "/"; } diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index 62039b3..b03d046 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -1,5 +1,10 @@ package sopt.makers.authentication.support.security.filter; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_ACTUATOR; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_AUTH; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_ERROR; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_TEST; + import sopt.makers.authentication.support.constant.JwtConstant; import sopt.makers.authentication.support.jwt.provider.JwtAuthAccessTokenProvider; import sopt.makers.authentication.support.security.authentication.CustomAuthentication; @@ -42,7 +47,15 @@ protected void doFilterInternal( @Override public boolean shouldNotFilter(HttpServletRequest request) { - return isJwksRequest(request); + return isWhiteRequest(request) || isJwksRequest(request); + } + + private boolean isWhiteRequest(final HttpServletRequest request) { + String url = request.getRequestURL().toString(); + return url.contains(PATH_ACTUATOR) + || url.contains(PATH_AUTH) + || url.contains(PATH_ERROR) + || url.contains(PATH_TEST); } /** diff --git a/src/main/java/sopt/makers/authentication/support/value/AppleProperty.java b/src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java similarity index 70% rename from src/main/java/sopt/makers/authentication/support/value/AppleProperty.java rename to src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java index c207400..b96f17b 100644 --- a/src/main/java/sopt/makers/authentication/support/value/AppleProperty.java +++ b/src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java @@ -3,8 +3,8 @@ import org.springframework.boot.context.properties.ConfigurationProperties; @ConfigurationProperties(prefix = "external.oauth.apple") -public record AppleProperty(Apple apple) { - public record Apple(String aud, String sub, Key key, Team team, Expiration expiration) {} +public record AppleOAuthProperty( + String aud, String sub, Key key, Team team, Expiration expiration) { public record Key(String id, String path) {} diff --git a/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java b/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java deleted file mode 100644 index a48083d..0000000 --- a/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java +++ /dev/null @@ -1,8 +0,0 @@ -package sopt.makers.authentication.support.value; - -import org.springframework.boot.context.properties.ConfigurationProperties; - -@ConfigurationProperties(prefix = "auth") -public record AuthProperty(Client client) { - public record Client(String url) {} -} diff --git a/src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java b/src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java similarity index 72% rename from src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java rename to src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java index 26f55dc..6eb9eea 100644 --- a/src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java +++ b/src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java @@ -3,9 +3,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties; @ConfigurationProperties(prefix = "external.oauth.google") -public record GoogleProperty(Google google) { - public record Google(Redirect redirect, Client client) {} - +public record GoogleOAuthProperty(Redirect redirect, Client client) { public record Redirect(String url) {} public record Client(String id, String secret) {} diff --git a/src/main/resources/external.yaml b/src/main/resources/external.yaml index 9834557..8f9f941 100644 --- a/src/main/resources/external.yaml +++ b/src/main/resources/external.yaml @@ -4,8 +4,9 @@ spring.config.activate.on-profile: - local external: makers: - url: ${PLAYGROUND_URL} - token: ${PLAYGROUND_TOKEN} + playground: + url: ${PLAYGROUND_URL} + token: ${PLAYGROUND_TOKEN} gabia: sms: id: ${GABIA_SMS_ID} @@ -34,8 +35,9 @@ spring.config.activate.on-profile: - test external: makers: - url: test - token: test + playground: + url: test + token: test gabia: sms: id: test