-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
JwtAuthorizationFilter, ApiAuthenticationEntryPoint
- Loading branch information
1 parent
6be0bfd
commit 6d88da2
Showing
2 changed files
with
92 additions
and
0 deletions.
There are no files selected for viewing
66 changes: 66 additions & 0 deletions
66
...n/src/main/java/com/mutbook/week4_mission/app/security/filter/JwtAuthorizationFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| package com.mutbook.week4_mission.app.security.filter; | ||
|
|
||
| import com.mutbook.week4_mission.app.base.rq.Rq; | ||
| import com.mutbook.week4_mission.app.domain.member.entity.Member; | ||
| import com.mutbook.week4_mission.app.domain.member.service.MemberService; | ||
| import com.mutbook.week4_mission.app.security.jwt.JwtProvider; | ||
| import com.mutbook.week4_mission.app.security.dto.MemberContext; | ||
| import groovy.util.logging.Slf4j; | ||
| import lombok.RequiredArgsConstructor; | ||
| import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
| import org.springframework.security.core.context.SecurityContext; | ||
| import org.springframework.security.core.context.SecurityContextHolder; | ||
| import org.springframework.stereotype.Component; | ||
| import org.springframework.web.filter.OncePerRequestFilter; | ||
|
|
||
| import javax.servlet.FilterChain; | ||
| import javax.servlet.ServletException; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
| import java.io.IOException; | ||
| import java.util.Map; | ||
|
|
||
| @Slf4j | ||
| @Component | ||
| @RequiredArgsConstructor | ||
| public class JwtAuthorizationFilter extends OncePerRequestFilter { | ||
| private final JwtProvider jwtProvider; | ||
| private final MemberService memberService; | ||
| private final Rq rq; | ||
|
|
||
| @Override | ||
| protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { | ||
| String bearerToken = request.getHeader("Authorization"); | ||
|
|
||
| if (bearerToken != null) { | ||
| String token = bearerToken.substring("Bearer ".length()); | ||
|
|
||
| // 1차 체크(정보가 변조되지 않았는지 체크) | ||
| if (jwtProvider.verify(token)) { | ||
| Map<String, Object> claims = jwtProvider.getClaims(token); | ||
| Member member = memberService.findByUsername((String) claims.get("username")).get(); | ||
|
|
||
| // 2차 체크(화이트리스트에 포함되는지) | ||
| if (memberService.verifyWithWhiteList(member, token)) { | ||
| forceAuthentication(member); | ||
| } | ||
| } | ||
| } | ||
| filterChain.doFilter(request, response); | ||
| } | ||
|
|
||
| private void forceAuthentication(Member member) { | ||
| MemberContext memberContext = new MemberContext(member, member.genAuthorities()); | ||
|
|
||
| UsernamePasswordAuthenticationToken authentication = | ||
| UsernamePasswordAuthenticationToken.authenticated( | ||
| memberContext, | ||
| null, | ||
| member.genAuthorities() | ||
| ); | ||
|
|
||
| SecurityContext context = SecurityContextHolder.createEmptyContext(); | ||
| context.setAuthentication(authentication); | ||
| SecurityContextHolder.setContext(context); | ||
| } | ||
| } |
26 changes: 26 additions & 0 deletions
26
...main/java/com/mutbook/week4_mission/app/security/handler/ApiAuthenticationEntryPoint.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| package com.mutbook.week4_mission.app.security.handler; | ||
|
|
||
| import com.mutbook.week4_mission.app.base.dto.RsData; | ||
| import com.mutbook.week4_mission.util.Util; | ||
| import org.springframework.security.core.AuthenticationException; | ||
| import org.springframework.security.web.AuthenticationEntryPoint; | ||
| import org.springframework.stereotype.Component; | ||
|
|
||
| import javax.servlet.ServletException; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
| import java.io.IOException; | ||
|
|
||
| import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE; | ||
|
|
||
| @Component | ||
| public class ApiAuthenticationEntryPoint implements AuthenticationEntryPoint { | ||
| @Override | ||
| public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException{ | ||
| RsData rs = RsData.of("F-AccessDenied","인증실패",null); | ||
| response.setCharacterEncoding("UTF-8"); | ||
| response.setContentType(APPLICATION_JSON_VALUE); | ||
| response.setStatus(403); | ||
| response.getWriter().append(Util.json.toStr(rs)); | ||
| } | ||
| } |