From 60e4f59877474d4fd577c543fac1526a1e7b33e6 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:18:26 +0900 Subject: [PATCH 01/10] =?UTF-8?q?[FIX]=20Yaml=20Depth=20=EB=B0=98=EC=98=81?= =?UTF-8?q?=20Property=20Record=20=EC=9E=AC=EC=A0=95=EC=9D=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 의미 전달을 위해 이름에 `OAuth` 키워드를 추가함으로서 쓰이는 범위를 명시했습니다. - 부족하게 정의되어 있는 `playground` 에 대한 내용을 `external.yaml`에 반영했습니다. --- .../support/value/AppleOAuthProperty.java | 14 ++++++++++++++ ...oogleProperty.java => GoogleOAuthProperty.java} | 4 +--- src/main/resources/external.yaml | 5 +++-- 3 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java rename src/main/java/sopt/makers/authentication/support/value/{GoogleProperty.java => GoogleOAuthProperty.java} (72%) diff --git a/src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java b/src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java new file mode 100644 index 0000000..b96f17b --- /dev/null +++ b/src/main/java/sopt/makers/authentication/support/value/AppleOAuthProperty.java @@ -0,0 +1,14 @@ +package sopt.makers.authentication.support.value; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +@ConfigurationProperties(prefix = "external.oauth.apple") +public record AppleOAuthProperty( + String aud, String sub, Key key, Team team, Expiration expiration) { + + public record Key(String id, String path) {} + + public record Team(String id) {} + + public record Expiration(int tokenExpiration) {} +} diff --git a/src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java b/src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java similarity index 72% rename from src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java rename to src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java index 26f55dc..6eb9eea 100644 --- a/src/main/java/sopt/makers/authentication/support/value/GoogleProperty.java +++ b/src/main/java/sopt/makers/authentication/support/value/GoogleOAuthProperty.java @@ -3,9 +3,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties; @ConfigurationProperties(prefix = "external.oauth.google") -public record GoogleProperty(Google google) { - public record Google(Redirect redirect, Client client) {} - +public record GoogleOAuthProperty(Redirect redirect, Client client) { public record Redirect(String url) {} public record Client(String id, String secret) {} diff --git a/src/main/resources/external.yaml b/src/main/resources/external.yaml index 9834557..b2994ff 100644 --- a/src/main/resources/external.yaml +++ b/src/main/resources/external.yaml @@ -4,8 +4,9 @@ spring.config.activate.on-profile: - local external: makers: - url: ${PLAYGROUND_URL} - token: ${PLAYGROUND_TOKEN} + playground: + url: ${PLAYGROUND_URL} + token: ${PLAYGROUND_TOKEN} gabia: sms: id: ${GABIA_SMS_ID} From a565c258410c79c9eb6ca54446cac459365a30da Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:21:17 +0900 Subject: [PATCH 02/10] =?UTF-8?q?[FIX]=20Property=20=ED=81=B4=EB=9E=98?= =?UTF-8?q?=EC=8A=A4=20=EB=B3=80=EA=B2=BD=EC=97=90=20=EB=8C=80=ED=95=9C=20?= =?UTF-8?q?=EC=86=8C=EC=8A=A4=EC=BD=94=EB=93=9C=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../external/oauth/AppleAuthService.java | 19 +++++++++---------- .../external/oauth/GoogleAuthService.java | 10 +++++----- .../support/value/AppleProperty.java | 14 -------------- 3 files changed, 14 insertions(+), 29 deletions(-) delete mode 100644 src/main/java/sopt/makers/authentication/support/value/AppleProperty.java diff --git a/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java b/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java index 965496e..b9229a7 100644 --- a/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java +++ b/src/main/java/sopt/makers/authentication/external/oauth/AppleAuthService.java @@ -21,7 +21,7 @@ import sopt.makers.authentication.support.exception.external.ClientRequestException; import sopt.makers.authentication.support.exception.external.ClientResponseException; import sopt.makers.authentication.support.util.*; -import sopt.makers.authentication.support.value.AppleProperty; +import sopt.makers.authentication.support.value.AppleOAuthProperty; import java.io.IOException; import java.security.PrivateKey; @@ -46,7 +46,7 @@ @RequiredArgsConstructor @Slf4j public class AppleAuthService implements OAuthService { - private final AppleProperty appleProperty; + private final AppleOAuthProperty appleOAuthProperty; private final Gson gson; private final OkHttpClient client; @@ -60,7 +60,7 @@ public IdTokenResponse getIdTokenByCode(final String code) { } private FormBody createTokenRequestFormBody(final String code) { - String clientId = appleProperty.apple().sub(); + String clientId = appleOAuthProperty.sub(); String clientSecret = createClientSecret(); return new FormBody.Builder() .add(CLIENT_ID, clientId) @@ -73,18 +73,17 @@ private FormBody createTokenRequestFormBody(final String code) { private String createClientSecret() { Date now = new Date(); PrivateKey privateKey = - KeyFileUtil.getPrivateKey(appleProperty.apple().key().path()) + KeyFileUtil.getPrivateKey(appleOAuthProperty.key().path()) .orElseThrow(() -> new ClientRequestException(FAIL_READ_APPLE_PRIVATE_KEY_FILE)); return Jwts.builder() // 토큰 생성 로직은 tokenProvider? 근데 얘는 parse는 없음 - .setHeaderParam(APPLE_KEY_ID_HEADER, appleProperty.apple().key().id()) + .setHeaderParam(APPLE_KEY_ID_HEADER, appleOAuthProperty.key().id()) .setHeaderParam(APPLE_ALGORITHM_HEADER, APPLE_ALGORITHM_VALUE) .setIssuedAt(now) - .setExpiration( - new Date(now.getTime() + appleProperty.apple().expiration().tokenExpiration())) - .setIssuer(appleProperty.apple().team().id()) - .setAudience(appleProperty.apple().aud()) - .setSubject(appleProperty.apple().sub()) + .setExpiration(new Date(now.getTime() + appleOAuthProperty.expiration().tokenExpiration())) + .setIssuer(appleOAuthProperty.team().id()) + .setAudience(appleOAuthProperty.aud()) + .setSubject(appleOAuthProperty.sub()) .signWith(privateKey, SignatureAlgorithm.ES256) .compact(); } diff --git a/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java b/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java index fd0bdf0..40f7146 100644 --- a/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java +++ b/src/main/java/sopt/makers/authentication/external/oauth/GoogleAuthService.java @@ -17,7 +17,7 @@ import sopt.makers.authentication.external.oauth.dto.IdTokenResponse; import sopt.makers.authentication.support.exception.external.ClientRequestException; import sopt.makers.authentication.support.exception.external.ClientResponseException; -import sopt.makers.authentication.support.value.GoogleProperty; +import sopt.makers.authentication.support.value.GoogleOAuthProperty; import java.io.IOException; @@ -35,7 +35,7 @@ @Component @RequiredArgsConstructor public class GoogleAuthService implements OAuthService { - private final GoogleProperty googleProperty; + private final GoogleOAuthProperty googleOAuthProperty; private final Gson gson; private final OkHttpClient client; @@ -50,11 +50,11 @@ public IdTokenResponse getIdTokenByCode(String code) { private FormBody createTokenRequestFormBody(String code) { return new FormBody.Builder() - .add(CLIENT_ID, googleProperty.google().client().id()) - .add(CLIENT_SECRET, googleProperty.google().client().secret()) + .add(CLIENT_ID, googleOAuthProperty.client().id()) + .add(CLIENT_SECRET, googleOAuthProperty.client().secret()) .add(CODE, code) .add(GRANT_TYPE, GRANT_TYPE_VALUE) - .add(REDIRECT_URI, googleProperty.google().redirect().url()) + .add(REDIRECT_URI, googleOAuthProperty.redirect().url()) .build(); } diff --git a/src/main/java/sopt/makers/authentication/support/value/AppleProperty.java b/src/main/java/sopt/makers/authentication/support/value/AppleProperty.java deleted file mode 100644 index c207400..0000000 --- a/src/main/java/sopt/makers/authentication/support/value/AppleProperty.java +++ /dev/null @@ -1,14 +0,0 @@ -package sopt.makers.authentication.support.value; - -import org.springframework.boot.context.properties.ConfigurationProperties; - -@ConfigurationProperties(prefix = "external.oauth.apple") -public record AppleProperty(Apple apple) { - public record Apple(String aud, String sub, Key key, Team team, Expiration expiration) {} - - public record Key(String id, String path) {} - - public record Team(String id) {} - - public record Expiration(int tokenExpiration) {} -} From aaa38785af9cec3055e4cbedb3137cf5948b7aaa Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:22:28 +0900 Subject: [PATCH 03/10] =?UTF-8?q?[FIX]=20=EB=88=84=EB=9D=BD=20property=20k?= =?UTF-8?q?et=20`playground`=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/external.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/resources/external.yaml b/src/main/resources/external.yaml index b2994ff..8f9f941 100644 --- a/src/main/resources/external.yaml +++ b/src/main/resources/external.yaml @@ -35,8 +35,9 @@ spring.config.activate.on-profile: - test external: makers: - url: test - token: test + playground: + url: test + token: test gabia: sms: id: test From 9f309be3730e6460570c8ccb4f2d0ddc5c8248b1 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:23:43 +0900 Subject: [PATCH 04/10] =?UTF-8?q?[FIX]=20Configuration=20Property=20?= =?UTF-8?q?=EB=93=B1=EB=A1=9D=20Config=20=ED=8C=8C=EC=9D=BC=20=EB=82=B4=20?= =?UTF-8?q?=EB=B3=80=EA=B2=BD=EB=90=9C=20Property=20Class=20=EC=9D=B4?= =?UTF-8?q?=EB=A6=84=20=EB=B0=98=EC=98=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../authentication/support/config/ApplicationConfig.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java index 45c946a..44ef19f 100644 --- a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java @@ -13,7 +13,7 @@ GabiaProperty.class, JwtProperty.class, MakersProperty.class, - AppleProperty.class, - GoogleProperty.class + AppleOAuthProperty.class, + GoogleOAuthProperty.class }) public class ApplicationConfig {} From 386da0aa507bb1eed95233d59bc5a7620e44ba54 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:26:17 +0900 Subject: [PATCH 05/10] =?UTF-8?q?[FIX]=20CORS=20=EC=B2=98=EB=A6=AC=20Nginx?= =?UTF-8?q?=20=EC=9C=84=EC=9E=84=EC=97=90=20=EB=94=B0=EB=A5=B8=20SecurityC?= =?UTF-8?q?onfig=20=EB=82=B4=20CORS=20Configuration=20Source=20Bean=20?= =?UTF-8?q?=EB=93=B1=EB=A1=9D=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 사용되지 않는 `AuthProperty` 클래스를 삭제하고 이에 대해 등록 Config 파일에서도 제거했습니다. --- .../support/config/ApplicationConfig.java | 1 - .../support/config/SecurityConfig.java | 24 +------------------ .../support/value/AuthProperty.java | 8 ------- 3 files changed, 1 insertion(+), 32 deletions(-) delete mode 100644 src/main/java/sopt/makers/authentication/support/value/AuthProperty.java diff --git a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java index 44ef19f..0296779 100644 --- a/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/ApplicationConfig.java @@ -9,7 +9,6 @@ @Configuration(value = "CustomApplicationConfig") @ConfigurationPropertiesScan(basePackages = {"sopt.makers.authentication.support.value"}) @EnableConfigurationProperties({ - AuthProperty.class, GabiaProperty.class, JwtProperty.class, MakersProperty.class, diff --git a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java index ce69a38..9243602 100644 --- a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java @@ -1,13 +1,11 @@ package sopt.makers.authentication.support.config; -import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ALL; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_AUTH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ERROR_PATH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_TEST; import sopt.makers.authentication.support.security.filter.JwtAuthenticationFilter; import sopt.makers.authentication.support.security.filter.JwtExceptionFilter; -import sopt.makers.authentication.support.value.AuthProperty; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -21,9 +19,6 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.web.cors.CorsConfiguration; -import org.springframework.web.cors.CorsConfigurationSource; -import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import lombok.RequiredArgsConstructor; @@ -36,7 +31,6 @@ public class SecurityConfig { private final JwtAuthenticationFilter jwtAuthenticationFilter; private final JwtExceptionFilter jwtExceptionFilter; - private final AuthProperty authProperty; @Bean public static PasswordEncoder passwordEncoder() { @@ -75,7 +69,7 @@ private void setDefaultHttp(HttpSecurity http) throws Exception { http.httpBasic(AbstractHttpConfigurer::disable) .csrf(AbstractHttpConfigurer::disable) .formLogin(AbstractHttpConfigurer::disable) - .cors(configurer -> configurer.configurationSource(corsConfigurationSource())) + .cors(AbstractHttpConfigurer::disable) .sessionManagement( configurer -> configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class) @@ -95,20 +89,4 @@ private void setSecuredHttp(HttpSecurity http) throws Exception { .anyRequest() .authenticated()); } - - @Bean - public CorsConfigurationSource corsConfigurationSource() { - CorsConfiguration configuration = new CorsConfiguration(); - - configuration.addAllowedOrigin(authProperty.client().url()); - configuration.addAllowedHeader(ALL); - configuration.addAllowedMethod(ALL); - configuration.setAllowCredentials(true); - - UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); - - source.registerCorsConfiguration(PATTERN_ALL, configuration); - - return source; - } } diff --git a/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java b/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java deleted file mode 100644 index a48083d..0000000 --- a/src/main/java/sopt/makers/authentication/support/value/AuthProperty.java +++ /dev/null @@ -1,8 +0,0 @@ -package sopt.makers.authentication.support.value; - -import org.springframework.boot.context.properties.ConfigurationProperties; - -@ConfigurationProperties(prefix = "auth") -public record AuthProperty(Client client) { - public record Client(String url) {} -} From 3f261dca35c1f5542104914c02b76a9d349909a9 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:34:00 +0900 Subject: [PATCH 06/10] =?UTF-8?q?[FEAT]=20Security=20Authenticated=20Reque?= =?UTF-8?q?st=20=EB=82=B4=20Spring=20Actuator=20=EC=9A=94=EC=B2=AD=20path?= =?UTF-8?q?=20=EC=A0=9C=EC=99=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../makers/authentication/support/config/SecurityConfig.java | 3 +++ .../makers/authentication/support/constant/SystemConstant.java | 1 + 2 files changed, 4 insertions(+) diff --git a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java index 9243602..63b2a92 100644 --- a/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java +++ b/src/main/java/sopt/makers/authentication/support/config/SecurityConfig.java @@ -1,5 +1,6 @@ package sopt.makers.authentication.support.config; +import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ACTUATOR; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_AUTH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_ERROR_PATH; import static sopt.makers.authentication.support.constant.SystemConstant.PATTERN_TEST; @@ -86,6 +87,8 @@ private void setSecuredHttp(HttpSecurity http) throws Exception { .permitAll() .requestMatchers(new AntPathRequestMatcher(PATTERN_ERROR_PATH)) .permitAll() + .requestMatchers(new AntPathRequestMatcher(PATTERN_ACTUATOR)) + .permitAll() .anyRequest() .authenticated()); } diff --git a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java index 7a568b1..afd3751 100644 --- a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java +++ b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java @@ -11,6 +11,7 @@ private SystemConstant() {} public static final String PATTERN_ALL = "/**"; public static final String PATTERN_ERROR_PATH = "/error"; + public static final String PATTERN_ACTUATOR = "/actuator" + PATTERN_ALL; public static final String PATTERN_AUTH = API_DEFAULT_PREFIX + "/auth" + PATTERN_ALL; public static final String PATTERN_TEST = API_DEFAULT_PREFIX + "/test" + PATTERN_ALL; public static final String PATTERN_ROOT_PATH = "/"; From 44286d09c97ae3e4c209407ee8bf464801dbd2a6 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 21:35:16 +0900 Subject: [PATCH 07/10] =?UTF-8?q?[FEAT]=20Image=20Run=20=ED=99=98=EA=B2=BD?= =?UTF-8?q?=20=EB=82=B4=20=EC=99=B8=EB=B6=80=20=EC=A3=BC=EC=9E=85=20?= =?UTF-8?q?=ED=8C=8C=EC=9D=BC=20=EC=9D=B8=EC=8B=9D=EC=9D=84=20=EC=9C=84?= =?UTF-8?q?=ED=95=9C=20=EB=AA=85=EB=A0=B9=EC=96=B4=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit `-Dspring.config.additional-location` 명령 옵션 추가를 통해 볼륨 마운트로 주입되는 외부 파일을 인식할 수 있도록 했습니다. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 37e03bb..4fde18e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,4 +24,4 @@ COPY --from=builder /app-build/build/libs/authentication.jar /app-run/authentica EXPOSE 8080 ENTRYPOINT ["java"] -CMD ["-jar", "authentication.jar"] \ No newline at end of file +CMD ["-Dspring.config.additional-location=file:/app-run/", "-jar", "authentication.jar"] \ No newline at end of file From d03663271309e50a056f505197ad6d4cd6ea4d76 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 22:05:28 +0900 Subject: [PATCH 08/10] =?UTF-8?q?[FEAT]=20Filter=20=ED=86=B5=EA=B3=BC=20UR?= =?UTF-8?q?I=20=EA=B2=80=EC=82=AC=20=EB=A9=94=EC=84=9C=EB=93=9C=20`shouldN?= =?UTF-8?q?otFilter`=20=EB=A9=94=EC=84=9C=EB=93=9C=20Override?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../support/constant/SystemConstant.java | 13 +++++++++---- .../filter/JwtAuthenticationFilter.java | 17 +++++++++++++++++ 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java index afd3751..1d345be 100644 --- a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java +++ b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java @@ -9,10 +9,15 @@ private SystemConstant() {} public static final String API_DEFAULT_PREFIX = API_PATH_PREFIX + API_VERSION; + public static final String PATH_ACTUATOR = "/actuator"; + public static final String PATH_AUTH = "/auth"; + public static final String PATH_ERROR = "/error"; + public static final String PATH_TEST = "/test"; + public static final String PATTERN_ALL = "/**"; - public static final String PATTERN_ERROR_PATH = "/error"; - public static final String PATTERN_ACTUATOR = "/actuator" + PATTERN_ALL; - public static final String PATTERN_AUTH = API_DEFAULT_PREFIX + "/auth" + PATTERN_ALL; - public static final String PATTERN_TEST = API_DEFAULT_PREFIX + "/test" + PATTERN_ALL; + public static final String PATTERN_ERROR_PATH = PATH_ERROR + PATTERN_ALL; + public static final String PATTERN_ACTUATOR = PATH_ACTUATOR + PATTERN_ALL; + public static final String PATTERN_AUTH = API_DEFAULT_PREFIX + PATH_AUTH + PATTERN_ALL; + public static final String PATTERN_TEST = API_DEFAULT_PREFIX + PATH_TEST + PATTERN_ALL; public static final String PATTERN_ROOT_PATH = "/"; } diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index 7868c76..db87678 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -1,5 +1,10 @@ package sopt.makers.authentication.support.security.filter; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_ACTUATOR; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_AUTH; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_ERROR; +import static sopt.makers.authentication.support.constant.SystemConstant.PATH_TEST; + import sopt.makers.authentication.support.jwt.provider.JwtAuthAccessTokenProvider; import sopt.makers.authentication.support.security.authentication.CustomAuthentication; @@ -24,6 +29,18 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtAuthAccessTokenProvider authTokenProvider; + @Override + protected boolean shouldNotFilter(HttpServletRequest request) { + return checkIsWhiteURI(request.getRequestURI()); + } + + private boolean checkIsWhiteURI(String uri) { + return uri.contains(PATH_ACTUATOR) + && uri.contains(PATH_AUTH) + && uri.contains(PATH_ERROR) + && uri.contains(PATH_TEST); + } + @Override protected void doFilterInternal( final HttpServletRequest request, final HttpServletResponse response, FilterChain filterChain) From 1c70ab611abda0fe64d129a0d43df59ac94e6916 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Fri, 6 Dec 2024 22:15:56 +0900 Subject: [PATCH 09/10] =?UTF-8?q?[CHORE]=20Filter=20`shouldNotFilter`=20?= =?UTF-8?q?=EC=A1=B0=EA=B1=B4=20=EA=B2=80=EC=82=AC=EB=AC=B8=20=EC=98=A4?= =?UTF-8?q?=ED=83=88=EC=9E=90=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../support/security/filter/JwtAuthenticationFilter.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index db87678..dd5c5da 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -31,14 +31,14 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { @Override protected boolean shouldNotFilter(HttpServletRequest request) { - return checkIsWhiteURI(request.getRequestURI()); + return checkIsWhiteURI(request.getRequestURL().toString()); } private boolean checkIsWhiteURI(String uri) { return uri.contains(PATH_ACTUATOR) - && uri.contains(PATH_AUTH) - && uri.contains(PATH_ERROR) - && uri.contains(PATH_TEST); + || uri.contains(PATH_AUTH) + || uri.contains(PATH_ERROR) + || uri.contains(PATH_TEST); } @Override From 8f8452b5ed9193d08e769ea5f4c51d94f1078df0 Mon Sep 17 00:00:00 2001 From: yummygyudon Date: Sun, 8 Dec 2024 00:17:39 +0900 Subject: [PATCH 10/10] [CHORE] spotless apply --- .../support/security/filter/JwtAuthenticationFilter.java | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index 0bc9737..b03d046 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -5,7 +5,6 @@ import static sopt.makers.authentication.support.constant.SystemConstant.PATH_ERROR; import static sopt.makers.authentication.support.constant.SystemConstant.PATH_TEST; - import sopt.makers.authentication.support.constant.JwtConstant; import sopt.makers.authentication.support.jwt.provider.JwtAuthAccessTokenProvider; import sopt.makers.authentication.support.security.authentication.CustomAuthentication; @@ -32,7 +31,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtAuthAccessTokenProvider authTokenProvider; - @Override protected void doFilterInternal( final HttpServletRequest request, final HttpServletResponse response, FilterChain filterChain) @@ -51,7 +49,7 @@ protected void doFilterInternal( public boolean shouldNotFilter(HttpServletRequest request) { return isWhiteRequest(request) || isJwksRequest(request); } - + private boolean isWhiteRequest(final HttpServletRequest request) { String url = request.getRequestURL().toString(); return url.contains(PATH_ACTUATOR)