From 15fbf80b50a0b646abbd617d736c61ec573f2ec7 Mon Sep 17 00:00:00 2001 From: baeksom <97323941+baeksom@users.noreply.github.com> Date: Thu, 30 May 2024 21:34:22 +0900 Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=90=9E=20[BUGFIX]:=20=EC=97=91?= =?UTF-8?q?=EC=84=B8=EC=8A=A4=ED=86=A0=ED=81=B0=20=EC=8B=9C=EA=B0=84=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../user/controller/PageController.java | 47 ------------------- .../user/controller/TestController.java | 28 ----------- 2 files changed, 75 deletions(-) delete mode 100644 src/main/java/KGUcapstone/OutDecision/domain/user/controller/PageController.java delete mode 100644 src/main/java/KGUcapstone/OutDecision/domain/user/controller/TestController.java diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/PageController.java b/src/main/java/KGUcapstone/OutDecision/domain/user/controller/PageController.java deleted file mode 100644 index 57249203..00000000 --- a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/PageController.java +++ /dev/null @@ -1,47 +0,0 @@ -package KGUcapstone.OutDecision.domain.user.controller; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; - -@Slf4j -@Controller -public class PageController { - - @Value("${IP}") - private String ip; - - @GetMapping("/login") - public String loginForm(Model model) { - model.addAttribute("ip", ip); - return "login"; // login.html 파일을 참조 - } - - @GetMapping("/register/success") - public String showSuccessRegister() { - return "register-success"; - } - - @GetMapping("/register/v2") - public String showNormalRegisterForm(){ - return "normal-register"; - } - - -// @GetMapping("/register/v1") -// public String showSocialRegisterForm(HttpServletRequest request, -// @CookieValue(name = "email", required = true) String email, -// @CookieValue(name = "provider", required = true) String provider) throws Exception { -// System.out.println("controller joinSecret = " + joinSecret); -// -// String join_token = request.getParameter("join_token"); -// System.out.println("controller receive join_token = " + join_token); -// if(!AESUtil.decrypt(join_token, joinSecret).equals(email+provider)){ -// return "login"; -// } -// -// return "social-register"; -// } -} \ No newline at end of file diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TestController.java b/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TestController.java deleted file mode 100644 index 8e72048f..00000000 --- a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TestController.java +++ /dev/null @@ -1,28 +0,0 @@ -package KGUcapstone.OutDecision.domain.user.controller; - -import KGUcapstone.OutDecision.domain.user.domain.Member; -import KGUcapstone.OutDecision.domain.user.repository.MemberRepository; -import KGUcapstone.OutDecision.domain.user.service.FindMemberService; -import KGUcapstone.OutDecision.global.error.exception.ApiResponse; -import KGUcapstone.OutDecision.global.security.dto.SecurityUserDto; -import lombok.RequiredArgsConstructor; -import org.apache.coyote.BadRequestException; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.RestController; - -@RestController -@RequiredArgsConstructor -public class TestController { - - private final FindMemberService findMemberService; - @GetMapping("/test") - public ApiResponse test() { - Long id = findMemberService.findLoginMemberId(); - if (id != 0L) { - return ApiResponse.onSuccess(id); - } - return ApiResponse.onFailure("400", "사용자가 없습니다.", id); - } -} \ No newline at end of file From 238dc3db616e4c28a41d055c41c3cc91e59f4872 Mon Sep 17 00:00:00 2001 From: baeksom <97323941+baeksom@users.noreply.github.com> Date: Thu, 30 May 2024 21:36:51 +0900 Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=90=9E=20[BUGFIX]:=20=EC=97=91?= =?UTF-8?q?=EC=84=B8=EC=8A=A4=ED=86=A0=ED=81=B0=20=EC=8B=9C=EA=B0=84=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../user/service/auth/TokenService.java | 4 +-- .../global/common/util/JwtUtil.java | 4 +-- .../security/config/SecurityConfig.java | 25 +++++++------------ .../global/security/filter/JwtAuthFilter.java | 2 -- .../CustomAuthenticationSuccessHandler.java | 18 ++++++++++--- .../handler/CustomLoginSuccessHandler.java | 2 +- 6 files changed, 28 insertions(+), 27 deletions(-) diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java b/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java index cf0552b4..97071fd4 100644 --- a/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java +++ b/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java @@ -58,13 +58,13 @@ public String republishAccessToken(String accessToken, HttpServletResponse respo // 액세스 토큰의 값을 수정해준다. resultToken.updateAccessToken(newAccessToken); tokenRepository.save(resultToken); -// addCookie(response, "Authorization", newAccessToken, 60*60); + addCookie(response, "Authorization", newAccessToken, 60*60); log.info("Attempting to republish accessToken: {}", newAccessToken); // 새로운 액세스 토큰을 반환해준다. return newAccessToken; } -// deleteCookie(response, "Authorization"); + deleteCookie(response, "Authorization"); return null; } } \ No newline at end of file diff --git a/src/main/java/KGUcapstone/OutDecision/global/common/util/JwtUtil.java b/src/main/java/KGUcapstone/OutDecision/global/common/util/JwtUtil.java index 6476026f..175a2aef 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/common/util/JwtUtil.java +++ b/src/main/java/KGUcapstone/OutDecision/global/common/util/JwtUtil.java @@ -66,8 +66,8 @@ public String generateRefreshToken(String email, String role) { public String generateAccessToken(String email, String role) { -// long tokenPeriod = 1000L * 60L * 30L; // 30분 - long tokenPeriod = 1000L * 10L; + long tokenPeriod = 1000L * 60L * 30L; // 30분 +// long tokenPeriod = 1000L * 10L; Claims claims = Jwts.claims().setSubject(email); claims.put("role", role); diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java b/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java index a4b80938..49fab4fd 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/config/SecurityConfig.java @@ -49,15 +49,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .logoutSuccessUrl("/") .permitAll(); -// http -// .authorizeRequests() // 요청에 대한 인증 설정 -// .requestMatchers("/swagger-ui/**","/v3/api-docs/**").permitAll() -// .requestMatchers("/token/**").permitAll() // 토큰 발급을 위한 경로는 모두 허용 -// .requestMatchers("/register/**").permitAll() -// .requestMatchers("/loginSuccess").permitAll() -// .requestMatchers("/", "/css/**", "/images/**", "/js/**", "/favicon.ico", "/h2-console/**").permitAll() -// .anyRequest().authenticated(); // 그 외의 모든 요청은 인증이 필요하다. - http .authorizeHttpRequests() .anyRequest().permitAll(); @@ -67,13 +58,15 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .accessDeniedPage("/error"); http - .oauth2Login() // OAuth2 로그인 설정시작 - .loginPage("/login") - .userInfoEndpoint().userService(customOAuth2UserService) // OAuth2 로그인시 사용자 정보를 가져오는 엔드포인트와 사용자 서비스를 설정 - .and() - .failureHandler(oAuth2LoginFailureHandler) // OAuth2 로그인 실패시 처리할 핸들러를 지정해준다. - .successHandler(oAuth2LoginSuccessHandler) - .permitAll(); // OAuth2 로그인 성공시 처리할 핸들러를 지정해준다. + .oauth2Login(oauth2 -> oauth2 + .loginPage("/login") + .userInfoEndpoint() + .userService(customOAuth2UserService) // OAuth2 로그인시 사용자 정보를 가져오는 엔드포인트와 사용자 서비스를 설정 + .and() + .failureHandler(oAuth2LoginFailureHandler) // OAuth2 로그인 실패시 처리할 핸들러를 지정해준다. + .successHandler(oAuth2LoginSuccessHandler) // OAuth2 로그인 성공시 처리할 핸들러를 지정해준다. + .permitAll() + ); // JWT 인증 필터를 UsernamePasswordAuthenticationFilter 앞에 추가한다. diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java b/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java index 1eb707e9..7b21da87 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java @@ -61,11 +61,9 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse if (newAccessToken != null) { log.info("토큰 발급 완료 필터 newAccessToken = {}", newAccessToken); - addCookie(response, "Authorization", newAccessToken, 60*60); } else { log.error("새로운 토큰 발급 실패"); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "토큰 재발급 실패"); - deleteCookie(response, "Authorization"); } // 원래 요청을 새로 만든 토큰으로 다시 수행 diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java index 6f140cf5..6ea019db 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java @@ -1,8 +1,10 @@ package KGUcapstone.OutDecision.global.security.handler; +import KGUcapstone.OutDecision.global.error.exception.ApiResponse; import KGUcapstone.OutDecision.global.security.dto.GeneratedToken; import KGUcapstone.OutDecision.global.common.util.AESUtil; import KGUcapstone.OutDecision.global.common.util.JwtUtil; +import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; @@ -25,6 +27,7 @@ public class CustomAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { private final JwtUtil jwtUtil; + private final ObjectMapper objectMapper = new ObjectMapper(); @Value("${JOIN_SECRET}") String joinSecret; @@ -51,6 +54,9 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo .orElseThrow(IllegalAccessError::new) // 존재하지 않을 시 예외를 던진다. .getAuthority(); // Role을 가져온다. + response.setContentType("application/json;charset=UTF-8"); + response.setStatus(HttpServletResponse.SC_OK); + // 회원이 존재할경우 if (isExist) { // 회원이 존재하면 jwt token 발행을 시작한다. @@ -60,9 +66,12 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo // 쿠키로 accessToken 전달 addCookie(response, "Authorization", token.getAccessToken(), 60*60); - // 로그인 확인 페이지로 리다이렉트 시킨다. - log.info("소셜 로그인 redirect 준비"); - getRedirectStrategy().sendRedirect(request, response, ip+"/"); +// // 로그인 확인 페이지로 리다이렉트 시킨다. +// log.info("소셜 로그인 redirect 준비"); +// getRedirectStrategy().sendRedirect(request, response, ip+"/"); + + // JSON 응답 생성 + objectMapper.writeValue(response.getWriter(), ApiResponse.onSuccess(null)); } else { log.info("소셜 회원가입 redirect 준비"); @@ -74,7 +83,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo addCookie(response, "email", email, 60*5); addCookie(response, "provider", provider, 60*5); // 5분 - getRedirectStrategy().sendRedirect(request, response, ip+"/signup/social?join_token="+join_token); +// getRedirectStrategy().sendRedirect(request, response, ip+"/signup/social?join_token="+join_token); + objectMapper.writeValue(response.getWriter(), ApiResponse.onFailure("401", "회원가입 필요", join_token)); } } } \ No newline at end of file diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomLoginSuccessHandler.java b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomLoginSuccessHandler.java index d6b6587f..dcaedc81 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomLoginSuccessHandler.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomLoginSuccessHandler.java @@ -39,6 +39,6 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo // 로그인 확인 페이지로 리다이렉트 시킨다. log.info("일반 로그인 redirect 준비"); - getRedirectStrategy().sendRedirect(request, response, "/loginSuccess"); + getRedirectStrategy().sendRedirect(request, response, "/"); } } \ No newline at end of file From 18063cf2ff9b04a8145557e4597d518ba2852b2d Mon Sep 17 00:00:00 2001 From: baeksom <97323941+baeksom@users.noreply.github.com> Date: Thu, 30 May 2024 21:44:45 +0900 Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=90=9E=20[BUGFIX]:=20=EC=97=91?= =?UTF-8?q?=EC=84=B8=EC=8A=A4=ED=86=A0=ED=81=B0=20=EC=8B=9C=EA=B0=84=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../CustomAuthenticationSuccessHandler.java | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java index 6ea019db..3c77ce20 100644 --- a/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java +++ b/src/main/java/KGUcapstone/OutDecision/global/security/handler/CustomAuthenticationSuccessHandler.java @@ -54,8 +54,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo .orElseThrow(IllegalAccessError::new) // 존재하지 않을 시 예외를 던진다. .getAuthority(); // Role을 가져온다. - response.setContentType("application/json;charset=UTF-8"); - response.setStatus(HttpServletResponse.SC_OK); +// response.setContentType("application/json;charset=UTF-8"); +// response.setStatus(HttpServletResponse.SC_OK); // 회원이 존재할경우 if (isExist) { @@ -66,12 +66,12 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo // 쿠키로 accessToken 전달 addCookie(response, "Authorization", token.getAccessToken(), 60*60); -// // 로그인 확인 페이지로 리다이렉트 시킨다. -// log.info("소셜 로그인 redirect 준비"); -// getRedirectStrategy().sendRedirect(request, response, ip+"/"); + // 로그인 확인 페이지로 리다이렉트 시킨다. + log.info("소셜 로그인 redirect 준비"); + getRedirectStrategy().sendRedirect(request, response, ip+"/"); // JSON 응답 생성 - objectMapper.writeValue(response.getWriter(), ApiResponse.onSuccess(null)); +// objectMapper.writeValue(response.getWriter(), ApiResponse.onSuccess(null)); } else { log.info("소셜 회원가입 redirect 준비"); @@ -83,8 +83,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo addCookie(response, "email", email, 60*5); addCookie(response, "provider", provider, 60*5); // 5분 -// getRedirectStrategy().sendRedirect(request, response, ip+"/signup/social?join_token="+join_token); - objectMapper.writeValue(response.getWriter(), ApiResponse.onFailure("401", "회원가입 필요", join_token)); + getRedirectStrategy().sendRedirect(request, response, ip+"/signup/social?join_token="+join_token); +// objectMapper.writeValue(response.getWriter(), ApiResponse.onFailure("401", "회원가입 필요", join_token)); } } } \ No newline at end of file