-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
37 changed files
with
273 additions
and
85 deletions.
There are no files selected for viewing
5 changes: 0 additions & 5 deletions
5
src/main/java/com/tikitaka/naechinso/constant/DeleteStatus.java
This file was deleted.
Oops, something went wrong.
4 changes: 0 additions & 4 deletions
4
src/main/java/com/tikitaka/naechinso/controller/AuthController.java
This file was deleted.
Oops, something went wrong.
9 changes: 4 additions & 5 deletions
9
...ontroller/SmsCertificationController.java → ...omain/sms/SmsCertificationController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
...inso/service/SmsCertificationService.java → ...o/domain/sms/SmsCertificationService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
17 changes: 9 additions & 8 deletions
17
.../service/SmsCertificationServiceImpl.java → ...main/sms/SmsCertificationServiceImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...hinso/dto/SmsCertificationRequestDTO.java → ...n/sms/dto/SmsCertificationRequestDTO.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
package com.tikitaka.naechinso.dto; | ||
package com.tikitaka.naechinso.domain.sms.dto; | ||
|
||
import lombok.*; | ||
|
||
|
2 changes: 1 addition & 1 deletion
2
...so/dto/SmsVerificationCodeRequestDTO.java → ...ms/dto/SmsVerificationCodeRequestDTO.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
package com.tikitaka.naechinso.dto; | ||
package com.tikitaka.naechinso.domain.sms.dto; | ||
|
||
import lombok.*; | ||
|
||
|
17 changes: 17 additions & 0 deletions
17
src/main/java/com/tikitaka/naechinso/global/common/request/TokenRequestDTO.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
package com.tikitaka.naechinso.global.common.request; | ||
|
||
|
||
import lombok.Getter; | ||
import lombok.NoArgsConstructor; | ||
import lombok.ToString; | ||
|
||
/** JWT Token 요청 Dto | ||
* @author gengminy (220917) | ||
*/ | ||
@Getter | ||
@ToString | ||
@NoArgsConstructor | ||
public class TokenRequestDTO { | ||
private String accessToken; | ||
private String refreshToken; | ||
} |
15 changes: 15 additions & 0 deletions
15
src/main/java/com/tikitaka/naechinso/global/common/response/TokenResponseDTO.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package com.tikitaka.naechinso.global.common.response; | ||
|
||
import lombok.*; | ||
|
||
/** JWT Token 응답 Dto | ||
* @author gengminy (220728) */ | ||
@Getter | ||
@ToString | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
@Builder | ||
public class TokenResponseDTO { | ||
private String accessToken; | ||
private String refreshToken; | ||
} |
2 changes: 1 addition & 1 deletion
2
...a/naechinso/config/CommonApiResponse.java → ...inso/global/config/CommonApiResponse.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...aka/naechinso/config/WebClientConfig.java → ...chinso/global/config/WebClientConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
...aka/naechinso/entity/base/BaseEntity.java → ...inso/global/config/entity/BaseEntity.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...naechinso/entity/base/BaseTimeEntity.java → .../global/config/entity/BaseTimeEntity.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...ikitaka/naechinso/config/RedisConfig.java → ...inso/global/config/redis/RedisConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...itaka/naechinso/service/RedisService.java → ...nso/global/config/redis/RedisService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...a/naechinso/service/RedisServiceImpl.java → ...global/config/redis/RedisServiceImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
66 changes: 66 additions & 0 deletions
66
src/main/java/com/tikitaka/naechinso/global/config/security/JwtAuthenticationFilter.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
//package com.tikitaka.naechinso.global.config.security; | ||
// | ||
//import com.tikitaka.naechinso.global.config.security.JwtTokenProvider; | ||
//import lombok.RequiredArgsConstructor; | ||
//import lombok.extern.slf4j.Slf4j; | ||
//import org.springframework.security.core.context.SecurityContextHolder; | ||
//import org.springframework.stereotype.Component; | ||
//import org.springframework.web.filter.OncePerRequestFilter; | ||
// | ||
//import javax.servlet.FilterChain; | ||
//import javax.servlet.ServletException; | ||
//import javax.servlet.http.HttpServletRequest; | ||
//import javax.servlet.http.HttpServletResponse; | ||
//import java.io.IOException; | ||
// | ||
//@Slf4j | ||
//@Component | ||
//@RequiredArgsConstructor | ||
//public class JwtAuthenticationFilter extends OncePerRequestFilter { | ||
// private final JwtTokenProvider jwtTokenService; | ||
// | ||
// @Override | ||
// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) | ||
// throws ServletException, IOException { | ||
// try { | ||
// String jwt = resolveToken(request); //request에서 jwt 토큰을 꺼낸다. | ||
// | ||
// if (jwt == null) { | ||
// filterChain.doFilter(request, response); | ||
// return; | ||
// } | ||
// | ||
// System.out.println("jwt = " + jwt); //test | ||
// | ||
// if (StringUtils.isNotEmpty(jwt) && jwtTokenService.validateToken(jwt)) { | ||
// jwtTokenService authentication = jwtTokenService.getAuthentication(jwt); //authentication 획득 | ||
//// authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); //기본적으로 제공한 details 세팅 | ||
// | ||
// //Security 세션에서 계속 사용하기 위해 SecurityContext에 Authentication 등록 | ||
// SecurityContextHolder.getContext().setAuthentication(authentication); | ||
// } else { | ||
// if (StringUtils.isEmpty(jwt)) { | ||
// request.setAttribute("unauthorization", "401 인증키 없음."); | ||
// } | ||
// | ||
// if (jwtTokenService.validateToken(jwt)) { | ||
// request.setAttribute("unauthorization", "401-001 인증키 만료."); | ||
// } | ||
// } | ||
// } catch (Exception ex) { | ||
// logger.error("Security Context에 해당 토큰을 등록할 수 없습니다", ex); | ||
// } | ||
// | ||
// filterChain.doFilter(request, response); | ||
// } | ||
// | ||
// private String resolveToken(HttpServletRequest request) { | ||
// String bearerToken = request.getHeader("Authorization"); | ||
// //Prefix 로 Bearer 가 있으면 제거 | ||
// if (StringUtils.isNotEmpty(bearerToken) && bearerToken.startsWith("Bearer ")) { | ||
// return bearerToken.substring("Bearer ".length()); | ||
// } | ||
// //Prefix 가 없으면 그대로 | ||
// return bearerToken; | ||
// } | ||
//} |
116 changes: 116 additions & 0 deletions
116
src/main/java/com/tikitaka/naechinso/global/config/security/JwtTokenProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
package com.tikitaka.naechinso.global.config.security; | ||
|
||
import com.tikitaka.naechinso.global.error.ErrorCode; | ||
import com.tikitaka.naechinso.global.error.exception.BadRequestException; | ||
import com.tikitaka.naechinso.global.error.exception.UnauthorizedException; | ||
import com.tikitaka.naechinso.global.config.redis.RedisService; | ||
import io.jsonwebtoken.*; | ||
import lombok.RequiredArgsConstructor; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.GrantedAuthority; | ||
import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
import org.springframework.security.core.userdetails.User; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.stereotype.Component; | ||
|
||
import java.util.Arrays; | ||
import java.util.Base64; | ||
import java.util.Collection; | ||
import java.util.stream.Collectors; | ||
|
||
@Slf4j | ||
@Component | ||
@RequiredArgsConstructor | ||
public class JwtTokenProvider { | ||
private final RedisService redisService; | ||
/** 토큰 비밀 키 */ | ||
@Value("${JWT_SECRET_KEY}") | ||
private String JWT_SECRET; | ||
|
||
/** 토큰 유효 시간 (ms) */ | ||
private static final long JWT_EXPIRATION_MS = 1000L * 60 * 30; //30분 | ||
private static final long REFRESH_TOKEN_EXPIRATION_MS = 1000L * 60 * 60 * 24 * 7; //7일 | ||
|
||
private static final String AUTHORITIES_KEY = "role"; //권한 정보 컬럼명 | ||
|
||
|
||
|
||
public Authentication getAuthentication(String accessToken) { | ||
Claims claims = parseClaims(accessToken); | ||
|
||
if (claims.get(AUTHORITIES_KEY) == null) { | ||
throw new UnauthorizedException(ErrorCode.INVALID_AUTH_TOKEN); | ||
} | ||
|
||
//권한 정보 가져오기 | ||
Collection<? extends GrantedAuthority> authorities = | ||
Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(",")) | ||
.map(SimpleGrantedAuthority::new) | ||
.collect(Collectors.toList()); | ||
|
||
//Authentication 리턴 | ||
UserDetails principal = new User(claims.getSubject(), "", authorities); | ||
return new UsernamePasswordAuthenticationToken(principal, "", authorities); | ||
} | ||
|
||
|
||
/** | ||
* JWT 유효성 검사 | ||
* @param token 검사하려는 JWT 토큰 | ||
* @returns boolean | ||
* @throws SignatureException 서명이 다를때 | ||
* @throws MalformedJwtException JWT 구조가 아닐때 | ||
* @throws ExpiredJwtException 만료기간이 지났을때 | ||
* @throws UnsupportedJwtException 지원 불가 | ||
* @throws IllegalArgumentException 매개변수 전달 오류 | ||
*/ | ||
public boolean validateToken(String token) { | ||
final String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes()); | ||
try { | ||
Jwts.parser().setSigningKey(encodedKey).parseClaimsJws(token); | ||
return true; | ||
} catch (SignatureException | MalformedJwtException ex) { | ||
log.error("잘못된 JWT 서명입니다"); | ||
} catch (ExpiredJwtException ex) { | ||
log.error("만료된 JWT 토큰입니다"); | ||
} catch (UnsupportedJwtException ex) { | ||
log.error("지원하지 않는 JWT 토큰입니다"); | ||
} catch (IllegalArgumentException ex) { | ||
log.error("JWT 토큰이 비어있습니다"); | ||
} | ||
return false; | ||
} | ||
|
||
/** Redis Memory 의 RefreshToken 과 | ||
* User 의 RefreshToken 이 일치하는지 확인 | ||
* @param userId 검증하려는 유저 아이디 | ||
* @param refreshToken 검증하려는 리프레시 토큰 | ||
*/ | ||
public void validateRefreshToken(String userId, String refreshToken) { | ||
String redisRt = redisService.getValues(userId); | ||
if (!refreshToken.equals(redisRt)) { | ||
throw new BadRequestException(ErrorCode.EXPIRED_TOKEN); | ||
} | ||
} | ||
|
||
/** | ||
* JWT 토큰에서 claims 추출 | ||
* @param accessToken 추출하고 싶은 AccessToken (JWT) | ||
* @return Claims | ||
*/ | ||
public Claims parseClaims(String accessToken) { | ||
final String encodedKey = Base64.getEncoder().encodeToString(JWT_SECRET.getBytes()); | ||
|
||
try { | ||
return Jwts.parser() | ||
.setSigningKey(encodedKey) | ||
.parseClaimsJws(accessToken) | ||
.getBody(); | ||
} catch (ExpiredJwtException e) { | ||
return e.getClaims(); | ||
} | ||
} | ||
} |
2 changes: 1 addition & 1 deletion
2
...taka/naechinso/config/SecurityConfig.java → ...lobal/config/security/SecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...itaka/naechinso/config/SwaggerConfig.java → .../global/config/swagger/SwaggerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...echinso/controller/SwaggerController.java → ...bal/config/swagger/SwaggerController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
src/main/java/com/tikitaka/naechinso/global/constant/DeleteStatus.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
package com.tikitaka.naechinso.global.constant; | ||
|
||
public enum DeleteStatus { | ||
Y,N | ||
} |
2 changes: 1 addition & 1 deletion
2
...ikitaka/naechinso/constant/ErrorCode.java → ...aka/naechinso/global/error/ErrorCode.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 1 addition & 3 deletions
4
...itaka/naechinso/config/ErrorResponse.java → ...naechinso/global/error/ErrorResponse.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.