Api-v0.2.1-1

Gosrock · Feb 26, 2023 · 8c29a3a · 8c29a3a
2 parents 0fa1eee + 1af48d0
commit 8c29a3a
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 14 deletions.
diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java
@@ -1,5 +1,6 @@
 package band.gosrock.api.config.security;
 
+import static band.gosrock.common.consts.DuDoongStatic.SwaggerPatterns;
 
 import band.gosrock.common.dto.ErrorReason;
 import band.gosrock.common.dto.ErrorResponse;
@@ -17,9 +18,8 @@
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.AuthenticationTrustResolver;
 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
+import org.springframework.util.PatternMatchUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 @RequiredArgsConstructor
@@ -31,6 +31,12 @@ public class AccessDeniedFilter extends OncePerRequestFilter {
     private AuthenticationTrustResolver authenticationTrustResolver =
             new AuthenticationTrustResolverImpl();
 
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        String servletPath = request.getServletPath();
+        return PatternMatchUtils.simpleMatch(SwaggerPatterns, servletPath);
+    }
+
     @Override
     protected void doFilterInternal(
             HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
@@ -46,13 +52,15 @@ protected void doFilterInternal(
             // basic authentication 같은경운
             //  ExceptionTranslateFilter 내부에서
             //  this.authenticationEntryPoint.commence(request, response, reason); 메소드를 실행시켜야함.
-
-            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-            boolean isAnonymous = this.authenticationTrustResolver.isAnonymous(authentication);
-            // ExceptionTranslateFilter 에게 처리 위임
-            if (isAnonymous) {
-                throw e;
-            }
+            //            Authentication authentication =
+            // SecurityContextHolder.getContext().getAuthentication();
+            //            boolean isAnonymous =
+            // this.authenticationTrustResolver.isAnonymous(authentication);
+            //            // ExceptionTranslateFilter 에게 처리 위임
+            //            // 해야하는건.. 스웨거 일때만 해당하는걸로 수정해야함!
+            //            if (isAnonymous) {
+            //                throw e;
+            //            }
             // 익명 유저가아닌 Access denied exception 같은경우 ( jwt 필터만 탄경우 )
             // 토큰 에러핸들링 제대로.
             ErrorResponse access_denied =

diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java
@@ -1,5 +1,6 @@
 package band.gosrock.api.config.security;
 
+import static band.gosrock.common.consts.DuDoongStatic.SwaggerPatterns;
 
 import band.gosrock.common.helper.SpringEnvironmentHelper;
 import lombok.RequiredArgsConstructor;
@@ -30,10 +31,6 @@ public class SecurityConfig {
     @Value("${swagger.password}")
     private String swaggerPassword;
 
-    private static final String[] SwaggerPatterns = {
-        "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**",
-    };
-
     private final SpringEnvironmentHelper springEnvironmentHelper;
 
     /** 스웨거용 인메모리 유저 설정 */

diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java
@@ -2,22 +2,30 @@
 
 
 import band.gosrock.common.exception.SecurityContextNotFoundException;
+import java.util.List;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.CollectionUtils;
 
 public class SecurityUtils {
     private static SimpleGrantedAuthority anonymous = new SimpleGrantedAuthority("ROLE_ANONYMOUS");
+    private static SimpleGrantedAuthority swagger = new SimpleGrantedAuthority("ROLE_SWAGGER");
+
+    private static List<SimpleGrantedAuthority> notUserAuthority = List.of(anonymous, swagger);
 
     public static Long getCurrentUserId() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         if (authentication == null) {
             throw SecurityContextNotFoundException.EXCEPTION;
         }
+
         if (authentication.isAuthenticated()
-                && !authentication.getAuthorities().contains(anonymous)) {
+                && !CollectionUtils.containsAny(
+                        authentication.getAuthorities(), notUserAuthority)) {
             return Long.valueOf(authentication.getName());
         }
+        // 스웨거 유저일시 익명 유저 취급
         // 익명유저시 userId 0 반환
         return 0L;
     }

diff --git a/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java b/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java
@@ -27,4 +27,8 @@ public class DuDoongStatic {
 
     public static final String KAKAO_OAUTH_QUERY_STRING =
             "/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code";
+
+    public static final String[] SwaggerPatterns = {
+        "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**",
+    };
 }