[Feature/#38] Spring Security내 permitAll 동작할 수 있도록 JwtFilter를 수정한다

src/main/java/com/backend/auth/jwt/TokenProvider.java

@@ -24,6 +24,7 @@
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Date;
+import java.util.Objects;
 
 @Slf4j
 @Component
@@ -100,7 +101,7 @@ public void validateToken(String token) {
     }
 
     public String getToken(String bearerToken) {
-        if(bearerToken.isEmpty()){
+        if(Objects.isNull(bearerToken) || bearerToken.isEmpty()){
             throw new NullJwtException(ErrorCode.NO_TOKEN_PROVIDED);
         } else if (!bearerToken.startsWith(TOKEN_HEADER_PREFIX)){
             throw new InvalidJwtException(ErrorCode.INVALID_TOKEN);

src/main/java/com/backend/auth/jwt/filter/AuthenticationFilter.java

@@ -26,15 +26,23 @@ public class AuthenticationFilter extends OncePerRequestFilter {
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
-        String accessToken = tokenProvider.getToken(request.getHeader(AUTHORIZATION_HEADER));
 
-        // 토큰의 유효성을 검증
-        tokenProvider.validateToken(accessToken);
-        blackListService.checkBlackList(accessToken);
+        try {
+            String accessToken = tokenProvider.getToken(request.getHeader(AUTHORIZATION_HEADER));
+
+            // 토큰의 유효성을 검증
+            tokenProvider.validateToken(accessToken);
+            blackListService.checkBlackList(accessToken);
+
+            // 인증 정보를 Security Context에 설정 후 다음 단계를 진행
+            Authentication authentication = tokenProvider.getAuthentication(accessToken);
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+        }
+        catch (Exception e)
+        {
+            System.out.println("에러 처리");
+        }
 
-        // 인증 정보를 Security Context에 설정 후 다음 단계를 진행
-        Authentication authentication = tokenProvider.getAuthentication(accessToken);
-        SecurityContextHolder.getContext().setAuthentication(authentication);
         filterChain.doFilter(request, response);
     }
 }

src/main/java/com/backend/global/api/AuthTestController.java

@@ -0,0 +1,15 @@
+package com.backend.global.api;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+public class AuthTestController {
+
+    @GetMapping("/token")
+    public String tokenTest()
+    {
+        return "token valid!";
+    }
+}

src/main/java/com/backend/global/config/SecurityConfig.java

@@ -50,7 +50,9 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
                 .and()
 
                 .authorizeHttpRequests()
-                .requestMatchers("/auth/**").permitAll()
+
+                .requestMatchers( "/detail-goals/**","/goals/**","/auth/**").permitAll()
+
                 .and()
 
                 .sessionManagement()