From 7935f8d2b6a167addb17b8b424d9201761b0c42c Mon Sep 17 00:00:00 2001
From: Chan Jin <water0641@naver.com>
Date: Sun, 26 Feb 2023 14:35:54 +0900
Subject: [PATCH 1/2] =?UTF-8?q?fix=20:=20swagger=20user=20=EC=9D=B5?=
 =?UTF-8?q?=EB=AA=85=EC=9C=A0=EC=A0=80=20=EC=B7=A8=EA=B8=89=20(#445)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../gosrock/api/config/security/SecurityUtils.java     | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java
index 209650fa..7251daf2 100644
--- a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java
+++ b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityUtils.java
@@ -2,22 +2,30 @@
 
 
 import band.gosrock.common.exception.SecurityContextNotFoundException;
+import java.util.List;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.CollectionUtils;
 
 public class SecurityUtils {
     private static SimpleGrantedAuthority anonymous = new SimpleGrantedAuthority("ROLE_ANONYMOUS");
+    private static SimpleGrantedAuthority swagger = new SimpleGrantedAuthority("ROLE_SWAGGER");
+
+    private static List<SimpleGrantedAuthority> notUserAuthority = List.of(anonymous, swagger);
 
     public static Long getCurrentUserId() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         if (authentication == null) {
             throw SecurityContextNotFoundException.EXCEPTION;
         }
+
         if (authentication.isAuthenticated()
-                && !authentication.getAuthorities().contains(anonymous)) {
+                && !CollectionUtils.containsAny(
+                        authentication.getAuthorities(), notUserAuthority)) {
             return Long.valueOf(authentication.getName());
         }
+        // 스웨거 유저일시 익명 유저 취급
         // 익명유저시 userId 0 반환
         return 0L;
     }

From 1af48d0b202d90cf5f7c62e4b5beea7aa3717764 Mon Sep 17 00:00:00 2001
From: Chan Jin <water0641@naver.com>
Date: Sun, 26 Feb 2023 14:36:21 +0900
Subject: [PATCH 2/2] fix : accessDeniedFilter shouldNotFilter url (#446)

---
 .../config/security/AccessDeniedFilter.java   | 26 ++++++++++++-------
 .../api/config/security/SecurityConfig.java   |  5 +---
 .../gosrock/common/consts/DuDoongStatic.java  |  4 +++
 3 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java
index 9443328f..9d8c8d7d 100644
--- a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java
+++ b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/AccessDeniedFilter.java
@@ -1,5 +1,6 @@
 package band.gosrock.api.config.security;
 
+import static band.gosrock.common.consts.DuDoongStatic.SwaggerPatterns;
 
 import band.gosrock.common.dto.ErrorReason;
 import band.gosrock.common.dto.ErrorResponse;
@@ -17,9 +18,8 @@
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.AuthenticationTrustResolver;
 import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
+import org.springframework.util.PatternMatchUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 @RequiredArgsConstructor
@@ -31,6 +31,12 @@ public class AccessDeniedFilter extends OncePerRequestFilter {
     private AuthenticationTrustResolver authenticationTrustResolver =
             new AuthenticationTrustResolverImpl();
 
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        String servletPath = request.getServletPath();
+        return PatternMatchUtils.simpleMatch(SwaggerPatterns, servletPath);
+    }
+
     @Override
     protected void doFilterInternal(
             HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
@@ -46,13 +52,15 @@ protected void doFilterInternal(
             // basic authentication 같은경운
             //  ExceptionTranslateFilter 내부에서
             //  this.authenticationEntryPoint.commence(request, response, reason); 메소드를 실행시켜야함.
-
-            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-            boolean isAnonymous = this.authenticationTrustResolver.isAnonymous(authentication);
-            // ExceptionTranslateFilter 에게 처리 위임
-            if (isAnonymous) {
-                throw e;
-            }
+            //            Authentication authentication =
+            // SecurityContextHolder.getContext().getAuthentication();
+            //            boolean isAnonymous =
+            // this.authenticationTrustResolver.isAnonymous(authentication);
+            //            // ExceptionTranslateFilter 에게 처리 위임
+            //            // 해야하는건.. 스웨거 일때만 해당하는걸로 수정해야함!
+            //            if (isAnonymous) {
+            //                throw e;
+            //            }
             // 익명 유저가아닌 Access denied exception 같은경우 ( jwt 필터만 탄경우 )
             // 토큰 에러핸들링 제대로.
             ErrorResponse access_denied =
diff --git a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java
index 9c083161..90a8c59c 100644
--- a/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java
+++ b/DuDoong-Api/src/main/java/band/gosrock/api/config/security/SecurityConfig.java
@@ -1,5 +1,6 @@
 package band.gosrock.api.config.security;
 
+import static band.gosrock.common.consts.DuDoongStatic.SwaggerPatterns;
 
 import band.gosrock.common.helper.SpringEnvironmentHelper;
 import lombok.RequiredArgsConstructor;
@@ -30,10 +31,6 @@ public class SecurityConfig {
     @Value("${swagger.password}")
     private String swaggerPassword;
 
-    private static final String[] SwaggerPatterns = {
-        "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**",
-    };
-
     private final SpringEnvironmentHelper springEnvironmentHelper;
 
     /** 스웨거용 인메모리 유저 설정 */
diff --git a/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java b/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java
index 0f020bcb..273ea35e 100644
--- a/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java
+++ b/DuDoong-Common/src/main/java/band/gosrock/common/consts/DuDoongStatic.java
@@ -27,4 +27,8 @@ public class DuDoongStatic {
 
     public static final String KAKAO_OAUTH_QUERY_STRING =
             "/oauth/authorize?client_id=%s&redirect_uri=%s&response_type=code";
+
+    public static final String[] SwaggerPatterns = {
+        "/swagger-resources/**", "/swagger-ui/**", "/v3/api-docs/**",
+    };
 }