Skip to content

Commit

Permalink
fix:#25 Authentication Provider 등록
Browse files Browse the repository at this point in the history
  • Loading branch information
joohyun1996 committed Apr 23, 2024
1 parent 17e8064 commit daaadb1
Show file tree
Hide file tree
Showing 10 changed files with 41 additions and 22 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,7 @@
@SpringBootApplication
@EnableDiscoveryClient
public class AuthenticationApiApplication {

public static void main(String[] args) {
SpringApplication.run(AuthenticationApiApplication.class, args);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,9 @@ public String getUsername() {
public String getUserId(){
return userEntity.getUserId();
}
public String getRole(){
return userEntity.getRole();
}

@Override
public boolean isAccountNonExpired() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,25 +17,29 @@ public class GlobalExceptionHandler {
* @author joohyun1996 (이주현)
*/
@ExceptionHandler(TokenNotExistsException.class)
public ResponseEntity<BaseResponse<Void>> handleTokenNotExistsException(TokenNotExistsException tokenNotExistsException){
public ResponseEntity<BaseResponse<Void>> handleTokenNotExistsException(TokenNotExistsException tokenNotExistsException) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(new BaseResponse<Void>().message(tokenNotExistsException.getMessage()));
}

/**
* access 토큰이 만료된 경우에 대한 예외 처리 핸들러
*
* @return 403 Forbidden - 예외 메시지 반한
* @author joohyun1996 (이주현)
*/
@ExceptionHandler(TokenHasExpiredException.class)
public ResponseEntity<BaseResponse<Void>> handleTokenHasExpiredException(TokenHasExpiredException tokenHasExpiredException){
public ResponseEntity<BaseResponse<Void>> handleTokenHasExpiredException(TokenHasExpiredException tokenHasExpiredException) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(new BaseResponse<Void>().message(tokenHasExpiredException.getMessage()));
}

/**
* refresh, blacklist 토큰이 이미 Redis에 저장되어 있을 경우에 대한 예외 처리 핸들러
*
* @return 400 Forbidden - 예외 메시지 반한
* @author joohyun1996 (이주현)
*/
@ExceptionHandler(TokenAlreadyExistsException.class)
public ResponseEntity<BaseResponse<Void>> handleTokenAlreadyExistsException(TokenAlreadyExistsException tokenAlreadyExistsException){
public ResponseEntity<BaseResponse<Void>> handleTokenAlreadyExistsException(TokenAlreadyExistsException tokenAlreadyExistsException) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new BaseResponse<Void>().message(tokenAlreadyExistsException.getMessage()));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Controller;


@Configuration
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,6 @@
*/
@RestController
public class LoginController {
private final DefaultUserDetailsService service;

public LoginController(DefaultUserDetailsService service) {
this.service = service;
}
/**
* LoginFilter 수행시 successfulAuthentication 메소드가 수행되고 해당 메소드에서 응답이 커밋됨
* @author joohyun1996(이주현)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.StreamUtils;

Expand Down Expand Up @@ -58,6 +59,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
}

String username = loginDto.getUsername();
// 암호화된 정보로 확인
String password = loginDto.getPassword();

UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@
public class DefaultUserDetailsService implements UserDetailsService {
private final AccountRepository accountRepository;

private final BCryptPasswordEncoder bCryptPasswordEncoder;
/**
* 회원이 입력한 UserName, Password가 Database에 있는지 검증하는 메소드
* @param username
Expand All @@ -40,7 +39,6 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
userEntity.setUsername(userEntityDto.getUsername());
userEntity.setUserId(userEntityDto.getUserId());
userEntity.setPassword(userEntityDto.getPassword());
// userEntity.setPassword(bCryptPasswordEncoder.encode(userEntityDto.getPassword()));
userEntity.setRole(userEntityDto.getRole());

return new CustomUserDetails(userEntity);
Expand Down
22 changes: 15 additions & 7 deletions src/main/java/com/t3t/authenticationapi/config/SecurityConfig.java
Original file line number Diff line number Diff line change
@@ -1,18 +1,26 @@
package com.t3t.authenticationapi.config;

import com.t3t.authenticationapi.account.auth.CustomUserDetails;
import com.t3t.authenticationapi.account.component.CustomAuthenticationProvider;
import com.t3t.authenticationapi.account.component.JWTUtils;
import com.t3t.authenticationapi.account.filter.CommonExceptionFilter;
import com.t3t.authenticationapi.account.filter.CustomLogoutFilter;
import com.t3t.authenticationapi.account.filter.LoginFilter;
import com.t3t.authenticationapi.account.service.DefaultUserDetailsService;
import com.t3t.authenticationapi.account.service.TokenService;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
Expand All @@ -28,16 +36,19 @@ public class SecurityConfig {
private final AuthenticationConfiguration authenticationConfiguration;
private final JWTUtils jwtUtils;
private final TokenService tokenService;
private final CustomAuthenticationProvider provider;

@Autowired
public void globalConfigure(AuthenticationManagerBuilder auth) throws Exception{
auth.authenticationProvider(provider);
}

@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}

@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}

/**
* Security Filter Chain 설정.
* Auth-Server에서는 인증만 담당하기 때문에 다른 URL에 대해서는 설정 X
Expand All @@ -55,9 +66,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.antMatchers("/refresh").permitAll()
.antMatchers("/logout").authenticated()
.anyRequest().authenticated())
.logout(logout -> logout
.logoutUrl("/logout") // logout 담당 url
.logoutSuccessUrl("/index")) // logout 성공시 redirect 할 url
.addFilterBefore(new CommonExceptionFilter(), LoginFilter.class)
.addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtils, tokenService), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new CustomLogoutFilter(jwtUtils, tokenService), LogoutFilter.class)
Expand Down
11 changes: 11 additions & 0 deletions src/main/resources/application.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
spring:
application:
name: AUTH-SERVICE
jpa:
open-in-view: true
hibernate:
Expand Down Expand Up @@ -41,3 +43,12 @@ t3t:
keyId: "0582f8b117604b7d86e9f3ff26931cde"
redisServerPassword:
keyId: "ec1eb8e0706e402cbec8487cbcb86564"
server:
port: 8084

eureka:
client:
register-with-eureka: true
fetch-registry: true
service-url:
defaultZone: http://localhost:8761/eureka
4 changes: 3 additions & 1 deletion src/main/resources/application_prod.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
eureka:
eureka:
client:
register-with-eureka: true
fetch-registry: true
service-url:
defaultZone: ${eurekaServiceUrlDefaultZone}

0 comments on commit daaadb1

Please sign in to comment.