From 85c595edba655c585b624beb216df0873b74ab37 Mon Sep 17 00:00:00 2001 From: shinheekim Date: Wed, 31 Jul 2024 17:00:40 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20=ED=86=A0=ED=81=B0=20init=EB=A9=94?= =?UTF-8?q?=EC=84=9C=EB=93=9C=20=EC=88=98=EC=A0=95=20=EB=B0=8F=20config=20?= =?UTF-8?q?=EA=B6=8C=ED=95=9C=20=EC=88=98=EC=A0=95(#1)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/config/SecurityConfig.java | 2 +- .../global/jwt/TokenProvider.java | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/main/java/net/skhu/likelion12thteam03be/global/config/SecurityConfig.java b/src/main/java/net/skhu/likelion12thteam03be/global/config/SecurityConfig.java index aa2897e..a7b021f 100644 --- a/src/main/java/net/skhu/likelion12thteam03be/global/config/SecurityConfig.java +++ b/src/main/java/net/skhu/likelion12thteam03be/global/config/SecurityConfig.java @@ -31,7 +31,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .logout(AbstractHttpConfigurer::disable) .httpBasic(AbstractHttpConfigurer::disable) .authorizeHttpRequests(authorize -> authorize - .requestMatchers(HttpMethod.POST, "/users/**").permitAll() + .requestMatchers("/users/**").permitAll() .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll() .requestMatchers("/", "/profile").permitAll() .anyRequest().authenticated() diff --git a/src/main/java/net/skhu/likelion12thteam03be/global/jwt/TokenProvider.java b/src/main/java/net/skhu/likelion12thteam03be/global/jwt/TokenProvider.java index e28ff52..5056644 100644 --- a/src/main/java/net/skhu/likelion12thteam03be/global/jwt/TokenProvider.java +++ b/src/main/java/net/skhu/likelion12thteam03be/global/jwt/TokenProvider.java @@ -14,10 +14,13 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.stereotype.Component; import java.security.Key; import java.util.Date; +import java.util.List; @Slf4j @RequiredArgsConstructor @@ -32,14 +35,11 @@ public class TokenProvider { private String secret; private Key key; -/* @PostConstruct + @PostConstruct public void init() { + this.secret = secret.replace('+', '-').replace('/', '_'); byte[] key = Decoders.BASE64URL.decode(secret); this.key = Keys.hmacShaKeyFor(key); - }*/ - @PostConstruct - public void init() { - this.key = Keys.secretKeyFor(SignatureAlgorithm.HS512); } public String generateToken(String loginId) { // loginId @@ -90,7 +90,9 @@ public Authentication getAuthentication(String token) { User user = userRepository.findByLoginId(claims.getSubject()).orElseThrow(); - return new UsernamePasswordAuthenticationToken(user.getLoginId(), ""); + List authorities = List.of(new SimpleGrantedAuthority(user.getRole().toString())); + return new UsernamePasswordAuthenticationToken(user.getLoginId(), + "", authorities); } }