Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat Security Oauth2.0 Pull Request #8

Merged
merged 19 commits into from
Nov 29, 2023
Merged

feat Security Oauth2.0 Pull Request #8

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
e8bf796
feat: CustomOauth2User (#7)
toychip Nov 28, 2023
045fc04
feat: CustomOAuth2UserService (#7)
toychip Nov 28, 2023
99233bb
refactor: Apply Single Responsibility Principle (#7)
toychip Nov 28, 2023
449ade7
feat: JwtAuthenticationFilter 초안 (#7)
toychip Nov 28, 2023
25b4ffa
feat: GithubOAuthController (#7)
toychip Nov 28, 2023
51ecc82
feat: GithubUserInfo (#7)
toychip Nov 29, 2023
92c57ec
feat: CustomOAuthSuccessHandler 초안 (#7)
toychip Nov 29, 2023
6556cd5
refactor: 원시값 상수화 및 변수명 변경 (#7)
toychip Nov 29, 2023
47eea6e
feat: JwtProvider - AccessToken 발급 method (#7)
toychip Nov 29, 2023
4fdb364
feat: CustomOAuthSuccessHandler redirect 구현 (#7)
toychip Nov 29, 2023
87821b5
refactor: domain Member 폴더 구조 변경 (#7)
toychip Nov 29, 2023
8e53e05
feat: Access Token 검증 구현 (#7)
toychip Nov 29, 2023
a7ddfb5
feat: JwtToken으로부터 유저의 정보 추출 후 검증 구현 (#7)
toychip Nov 29, 2023
76e7eb9
feat: 검증 메서드와 JwtFilter SecurityConfig에서 적용 (#7)
toychip Nov 29, 2023
985dac3
fix: login, oauth 경로를 열어 무한 리다이렉트 버그 수정 (#7)
toychip Nov 29, 2023
f2be95d
refactor: method 분리 및 final 키워드 추가 (#7)
toychip Nov 29, 2023
903c026
fix: 무한 리다이렉트 오류 해결 (#7)
toychip Nov 29, 2023
f2e548a
feat: BaseEntity auditorProvider (#7)
toychip Nov 29, 2023
9e7174c
setting: allRequest permitAll (#7)
toychip Nov 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat: Access Token 검증 구현 (#7)
  • Loading branch information
@toychip
toychip committed Nov 29, 2023
commit 8e53e0521b06fd2c8f2a1c14f9a84a8b9061577e
12 changes: 9 additions & 3 deletions src/main/java/com/api/TaveShot/global/jwt/JwtAuthenticationFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,16 @@
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
@RequiredArgsConstructor
public class JwtAuthenticationFilter extends OncePerRequestFilter {

private final JwtProvider jwtProvider;

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
Expand All @@ -23,11 +29,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse

if (authorizationHeader != null) {
// ToDo Access Token 검증
// jwtProvider.isValidToken(authorizationHeader);

filterChain.doFilter(request, response);
jwtProvider.isValidToken(authorizationHeader);
}

filterChain.doFilter(request, response);

}

private boolean isPublicUri(String requestURI) {
Expand Down
18 changes: 18 additions & 0 deletions src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import static com.api.TaveShot.global.constant.OauthConstant.ACCESS_TOKEN_VALID_TIME;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
Expand Down Expand Up @@ -32,10 +33,12 @@ public String generateAccessToken(String id) {
.compact();
}

// JWT claims 생성
private Claims createClaims(String id) {
return Jwts.claims().setSubject(id);
}

// JWT 만료 시간 계산
private long calculateExpirationDate(Date now) {
return now.getTime() + ACCESS_TOKEN_VALID_TIME;
}
Expand All @@ -44,4 +47,19 @@ private SecretKey generateKey() {
return Keys.hmacShaKeyFor(SECRET_KEY.getBytes(StandardCharsets.UTF_8));
}

// 토큰의 유효성 검사
public void isValidToken(String token) {
try {
SecretKey key = generateKey();
Jwts.parserBuilder()
.setSigningKey(key)
.build()
.parseClaimsJws(token);

} catch (ExpiredJwtException e) { // 어세스 토큰 만료
throw new IllegalArgumentException("Access Token expired");
} catch (Exception e) {
throw new IllegalArgumentException("User Not Authorized");
}
}
}