From baa848d7f74fd4ed0686dd9e4bd2484cb11cab86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EA=B9=80=EA=B0=80=EC=98=81?= <yeong.kmj@gmail.com>
Date: Wed, 31 Jul 2024 22:12:49 +0900
Subject: [PATCH] chore: jwt handling

---
 .../config/security/SecurityConfig.java       |  5 ++++-
 .../global/infra/jwt/JwtHelper.java           | 13 ++-----------
 .../security/CustomAccessDeniedHandler.java   | 19 +++++++++++++++++++
 3 files changed, 25 insertions(+), 12 deletions(-)
 create mode 100644 src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/CustomAccessDeniedHandler.java

diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java
index f21f695..fe1e28f 100644
--- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java
+++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/config/security/SecurityConfig.java
@@ -13,6 +13,7 @@
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.security.web.authentication.HttpStatusEntryPoint;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfiguration;
@@ -25,6 +26,7 @@
 public class SecurityConfig {
     private final JwtFilter jwtFilter;
     private final JwtExceptionFilter jwtExceptionFilter;
+    private final AccessDeniedHandler accessDeniedHandler;
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
@@ -54,7 +56,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .formLogin().disable()
                 .exceptionHandling()
                 .accessDeniedHandler((req, res, e) -> jwtExceptionFilter.responseToClient(res, ErrorResponse.of(StatusEnum.INVALID_ROLE, "권한이 없습니다")))
-                .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN));
+                .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN))
+                .accessDeniedHandler(accessDeniedHandler);
 
         return http.build();
     }
diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/jwt/JwtHelper.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/jwt/JwtHelper.java
index bbc1b32..38ed0d8 100644
--- a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/jwt/JwtHelper.java
+++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/jwt/JwtHelper.java
@@ -26,7 +26,7 @@ public class JwtHelper {
     @Transactional
     public Authentication getAuthentication(String accessToken) {
         Claims claims = getClaims(accessToken);
-        MemberEntity member = memberRepository.findByMemberId(claims.getSubject());
+        MemberEntity member = memberRepository.findByMemberId(claiㅎms.getSubject());
 
         CustomMemberDetails details = new CustomMemberDetails(member);
 
@@ -34,16 +34,7 @@ public Authentication getAuthentication(String accessToken) {
     }
 
     public Claims getClaims(String token) {
-        try{
-        return Jwts.parserBuilder()
-                .setSigningKey(jwtProperties.getSecretKey()).build().parseClaimsJws(token).getBody();
-        } catch (ExpiredJwtException e) {
-            throw new IllegalArgumentException("만료된 토큰");
-        } catch (UnsupportedJwtException e) {
-            throw new IllegalArgumentException("지원되지 않는 토큰");
-        } catch (IllegalArgumentException e) {
-            throw new IllegalArgumentException("잘못된 토큰");
-        }
+        return Jwts.parserBuilder().setSigningKey(jwtProperties.getSecretKey()).build().parseClaimsJws(token).getBody();
     }
 
     public String extractToken(final String token) {
diff --git a/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/CustomAccessDeniedHandler.java b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/CustomAccessDeniedHandler.java
new file mode 100644
index 0000000..740111c
--- /dev/null
+++ b/src/main/java/kr/hs/dgsw/SOPO_server_v2/global/infra/security/CustomAccessDeniedHandler.java
@@ -0,0 +1,19 @@
+package kr.hs.dgsw.SOPO_server_v2.global.infra.security;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import kr.hs.dgsw.SOPO_server_v2.global.error.custom.auth.ExpiredTokenException;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CustomAccessDeniedHandler implements AccessDeniedHandler {
+
+    @Override
+    public void handle(HttpServletRequest request,
+                       HttpServletResponse response,
+                       AccessDeniedException accessDeniedException){
+        throw ExpiredTokenException.EXCEPTION;
+    }
+}
\ No newline at end of file