Skip to content

Commit

Permalink
feat: Access Token 검증 구현 (#7)
Browse files Browse the repository at this point in the history
  • Loading branch information
@toychip
toychip committed Nov 29, 2023
1 parent 87821b5 commit 8e53e05
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 3 deletions.
12 changes: 9 additions & 3 deletions src/main/java/com/api/TaveShot/global/jwt/JwtAuthenticationFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,16 @@
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
@RequiredArgsConstructor
public class JwtAuthenticationFilter extends OncePerRequestFilter {

private final JwtProvider jwtProvider;

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
Expand All @@ -23,11 +29,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse

if (authorizationHeader != null) {
// ToDo Access Token 검증
// jwtProvider.isValidToken(authorizationHeader);

filterChain.doFilter(request, response);
jwtProvider.isValidToken(authorizationHeader);
}

filterChain.doFilter(request, response);

}

private boolean isPublicUri(String requestURI) {
Expand Down
18 changes: 18 additions & 0 deletions src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import static com.api.TaveShot.global.constant.OauthConstant.ACCESS_TOKEN_VALID_TIME;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
Expand Down Expand Up @@ -32,10 +33,12 @@ public String generateAccessToken(String id) {
.compact();
}

// JWT claims 생성
private Claims createClaims(String id) {
return Jwts.claims().setSubject(id);
}

// JWT 만료 시간 계산
private long calculateExpirationDate(Date now) {
return now.getTime() + ACCESS_TOKEN_VALID_TIME;
}
Expand All @@ -44,4 +47,19 @@ private SecretKey generateKey() {
return Keys.hmacShaKeyFor(SECRET_KEY.getBytes(StandardCharsets.UTF_8));
}

// 토큰의 유효성 검사
public void isValidToken(String token) {
try {
SecretKey key = generateKey();
Jwts.parserBuilder()
.setSigningKey(key)
.build()
.parseClaimsJws(token);

} catch (ExpiredJwtException e) { // 어세스 토큰 만료
throw new IllegalArgumentException("Access Token expired");
} catch (Exception e) {
throw new IllegalArgumentException("User Not Authorized");
}
}
}

0 comments on commit 8e53e05

Please sign in to comment.