merge

build.gradle

@@ -32,14 +32,15 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-validation'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	compileOnly 'org.projectlombok:lombok'
-	runtimeOnly 'com.h2database:h2'
 	annotationProcessor 'org.projectlombok:lombok'
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testImplementation 'org.springframework.restdocs:spring-restdocs-mockmvc'
 	testImplementation 'org.springframework.security:spring-security-test'
 
-	// jwt
-	implementation group: 'com.auth0', name: 'java-jwt', version: '4.3.0'
+	// JWT Token
+	implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.11.5'
+	runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.11.5'
+	runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: '0.11.5'
 
 	implementation 'org.springframework.boot:spring-boot-devtools'
 

src/main/java/com/example/demo/config/auth/CustomUserDetailService.java

@@ -10,21 +10,21 @@
 
 import java.util.Optional;
 
-@RequiredArgsConstructor
 @Service
+@RequiredArgsConstructor
 public class CustomUserDetailService implements UserDetailsService {
     private final UserJPARepository accountJPARepository;
 
     @Override
-    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
-        Optional<User> optionalAccount = accountJPARepository.findByEmail(email);
+    public CustomUserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
+        Optional<User> optionalUser = accountJPARepository.findByEmail(email);
 
-        if (optionalAccount.isEmpty()) {
+        if (optionalUser.isEmpty()) {
             return null;
         }
         else {
-            User account = optionalAccount.get();
-            return new CustomUserDetails(account);
+            User user = optionalUser.get();
+            return new CustomUserDetails(user);
         }
     }
 }

src/main/java/com/example/demo/config/auth/CustomUserDetails.java

@@ -7,18 +7,22 @@
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
+import java.util.List;
 import java.util.stream.Collectors;
 
-@RequiredArgsConstructor
 @Getter
+@RequiredArgsConstructor
 public class CustomUserDetails implements UserDetails {
     private final User user;
 
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
-        return Arrays.stream(user.getEmail().split(",")).map(SimpleGrantedAuthority::new).collect(Collectors.toList());
+        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+        authorities.add(new SimpleGrantedAuthority(user.getRole().toString()));
+        return authorities;
     }
 
     @Override

src/main/java/com/example/demo/config/errors/GlobalExceptionHandler.java

@@ -1,11 +1,9 @@
 package com.example.demo.config.errors;
 
 import com.example.demo.config.errors.exception.*;
-import com.example.demo.config.utils.ApiUtils;
+import com.example.demo.config.utils.ApiResponseBuilder;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.validation.BindingResult;
-import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 
@@ -38,6 +36,6 @@ public ResponseEntity<?> serverError(Exception500 exception) {
 
     @ExceptionHandler(Exception.class)
     public ResponseEntity<?> unknownError(Exception exception) {
-        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ApiUtils.error(exception.getMessage()));
+        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ApiResponseBuilder.error(exception.getMessage()));
     }
 }

src/main/java/com/example/demo/config/errors/exception/Exception400.java

@@ -1,11 +1,8 @@
 package com.example.demo.config.errors.exception;
 
-import com.example.demo.config.utils.ApiUtils;
+import com.example.demo.config.utils.ApiResponseBuilder;
 import lombok.Getter;
-import org.springframework.http.HttpStatus;
-import org.springframework.validation.BindingResult;
 
-import java.util.HashMap;
 import java.util.Map;
 
 @Getter
@@ -22,8 +19,8 @@ public Exception400(String message) {
         errors = null;
     }
 
-    public ApiUtils.ApiResponse<?> body(){
-        return ApiUtils.fail(errors, getMessage());
+    public ApiResponseBuilder.ApiResponse<?> body(){
+        return ApiResponseBuilder.fail(errors, getMessage());
     }
 }
 

src/main/java/com/example/demo/config/errors/exception/Exception401.java

@@ -1,16 +1,15 @@
 package com.example.demo.config.errors.exception;
 
-import com.example.demo.config.utils.ApiUtils;
+import com.example.demo.config.utils.ApiResponseBuilder;
 import lombok.Getter;
-import org.springframework.http.HttpStatus;
 
 @Getter
 public class Exception401 extends RuntimeException {
     public Exception401(String message) {
         super(message);
     }
 
-    public ApiUtils.ApiResponse<?> body(){
-        return ApiUtils.error(getMessage());
+    public ApiResponseBuilder.ApiResponse<?> body(){
+        return ApiResponseBuilder.error(getMessage());
     }
 }

src/main/java/com/example/demo/config/errors/exception/Exception403.java

@@ -1,16 +1,15 @@
 package com.example.demo.config.errors.exception;
 
-import com.example.demo.config.utils.ApiUtils;
+import com.example.demo.config.utils.ApiResponseBuilder;
 import lombok.Getter;
-import org.springframework.http.HttpStatus;
 
 @Getter
 public class Exception403 extends RuntimeException {
     public Exception403(String message) {
         super(message);
     }
 
-    public ApiUtils.ApiResponse<?> body(){
-        return ApiUtils.error(getMessage());
+    public ApiResponseBuilder.ApiResponse<?> body(){
+        return ApiResponseBuilder.error(getMessage());
     }
 }

src/main/java/com/example/demo/config/errors/exception/Exception404.java

@@ -1,14 +1,13 @@
 package com.example.demo.config.errors.exception;
 
-import com.example.demo.config.utils.ApiUtils;
-import org.springframework.http.HttpStatus;
+import com.example.demo.config.utils.ApiResponseBuilder;
 
 public class Exception404 extends RuntimeException {
     public Exception404(String message) {
         super(message);
     }
 
-    public ApiUtils.ApiResponse<?> body(){
-        return ApiUtils.error(getMessage());
+    public ApiResponseBuilder.ApiResponse<?> body(){
+        return ApiResponseBuilder.error(getMessage());
     }
 }

src/main/java/com/example/demo/config/errors/exception/Exception500.java

@@ -1,16 +1,15 @@
 package com.example.demo.config.errors.exception;
 
-import com.example.demo.config.utils.ApiUtils;
+import com.example.demo.config.utils.ApiResponseBuilder;
 import lombok.Getter;
-import org.springframework.http.HttpStatus;
 
 @Getter
 public class Exception500 extends RuntimeException {
     public Exception500(String message) {
         super(message);
     }
 
-    public ApiUtils.ApiResponse<?> body() {
-        return ApiUtils.error(getMessage());
+    public ApiResponseBuilder.ApiResponse<?> body() {
+        return ApiResponseBuilder.error(getMessage());
     }
 }

src/main/java/com/example/demo/config/jwt/JWTAuthenticationFilter.java

@@ -1,11 +1,10 @@
 package com.example.demo.config.jwt;
 
-import com.auth0.jwt.exceptions.SignatureVerificationException;
-import com.auth0.jwt.exceptions.TokenExpiredException;
-import com.auth0.jwt.interfaces.DecodedJWT;
 import com.example.demo.user.User;
 import com.example.demo.config.auth.CustomUserDetails;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -17,42 +16,35 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
 
-@Slf4j
 public class JWTAuthenticationFilter extends BasicAuthenticationFilter {
-    public JWTAuthenticationFilter(AuthenticationManager authenticationManager) {
+
+    private final String Authorization = "Authorization";
+
+    private final JWTTokenProvider jwtTokenProvider;
+
+    public JWTAuthenticationFilter(AuthenticationManager authenticationManager, JWTTokenProvider jwtTokenProvider) {
         super(authenticationManager);
+        this.jwtTokenProvider = jwtTokenProvider;
     }
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
-        String jwt = request.getHeader(JWTTokenProvider.HEADER);
+        String jwtAccessToken = request.getHeader(Authorization);
 
-        if (jwt == null) {
+        if (jwtAccessToken == null || !(jwtAccessToken.startsWith("Bearer "))) {
             chain.doFilter(request, response);
             return;
         }
 
-        try {
-            DecodedJWT decodedJWT = JWTTokenProvider.verify(jwt);
-            int id = decodedJWT.getClaim("user_id").asInt();
-            String email = decodedJWT.getClaim("user_email").asString();
-            User user = User.builder().email(email).build();
-            CustomUserDetails customUserDetails = new CustomUserDetails(user);
-            Authentication authentication =
-                    new UsernamePasswordAuthenticationToken(
-                            customUserDetails,
-                            customUserDetails.getPassword(),
-                            customUserDetails.getAuthorities()
-                    );
+        String extractedJwtAccessToken = jwtAccessToken.replace(JWTTokenProvider.Token_Prefix, "");
+        if (jwtTokenProvider.validateToken(extractedJwtAccessToken)) {
+            Authentication authentication = jwtTokenProvider.getAuthentication(extractedJwtAccessToken);
             SecurityContextHolder.getContext().setAuthentication(authentication);
-            System.out.println("디버그 : 인증 객체 만들어짐");
-        } catch (SignatureVerificationException sve) {
-            System.out.println("토큰 검증 실패");
-        } catch (TokenExpiredException tee) {
-            System.out.println("토큰 만료됨");
-        } finally {
-            chain.doFilter(request, response);
         }
+        chain.doFilter(request, response);
     }
 }