From 1c5516d009ee76c0d56adb6f9c92678c447e100e Mon Sep 17 00:00:00 2001
From: sooyoung <sooyoung.h8@gmail.com>
Date: Sun, 3 Mar 2024 19:00:11 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20Security=20AuthTokenFilter=EC=97=90?=
 =?UTF-8?q?=EC=84=9C=20=EC=97=90=EB=9F=AC=20=EC=9E=A1=EA=B3=A0=20=EB=8B=A4?=
 =?UTF-8?q?=EC=9D=8C=20=ED=95=84=ED=84=B0=EB=A1=9C=20=EB=84=98=EA=B8=B0?=
 =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EC=84=A4=EC=A0=95=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- AuthTokenFilter에서 바로 에러 throw하지 않도록 변경
- permitAll() 사용하기 위해 변경
---
 .../com/hyundai/app/config/SecurityConfig.java | 18 ++++++++++++------
 .../member/controller/MemberController.java    |  1 -
 .../app/security/filter/AuthTokenFilter.java   |  8 +++++---
 .../app/security/jwt/JwtTokenGenerator.java    |  6 ++++--
 4 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/src/main/java/com/hyundai/app/config/SecurityConfig.java b/src/main/java/com/hyundai/app/config/SecurityConfig.java
index 166241d..67ddbcc 100644
--- a/src/main/java/com/hyundai/app/config/SecurityConfig.java
+++ b/src/main/java/com/hyundai/app/config/SecurityConfig.java
@@ -36,9 +36,10 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     public void configure(WebSecurity web) {
         web.ignoring().antMatchers(
-                "/", "/resources/**",
-                "/v2/api-docs", "/swagger-resources/**", "/swagger-ui/index.html", "/swagger-ui.html","/webjars/**", "/swagger/**",   // swagger
-                "/api/v1/auth/**", "/api/v1/admin/**", "/api/v1/fcm-push/**", "/api/v1/heendy-guide/**", "/websocket/**");
+                "/", "/resources/**"
+                , "/v2/api-docs", "/swagger-resources/**", "/swagger-ui/index.html"
+                , "/swagger-ui.html","/webjars/**", "/swagger/**"   // swagger
+                );
     }
 
     @Override
@@ -60,9 +61,14 @@ public void configure(HttpSecurity httpSecurity) throws Exception {
                     .accessDeniedHandler(authTokenAccessDeniedHandler)
                 .and()
                     .authorizeRequests()
-                    .antMatchers("/api/v1/auth/**").permitAll()
-                    .antMatchers("/api/v1/admin/**").permitAll()
-                    .antMatchers("/api/v1/fcm/**").permitAll()
+                .antMatchers("/api/v1/auth/**"
+                            ,"/api/v1/admin/**"
+                            , "/api/v1/fcm-push/**"
+                            , "/api/v1/auth/**"
+                            , "/api/v1/admin/**"
+                            , "/api/v1/fcm-push/random-spot/**"
+                            , "/api/v1/heendy-guide/**"
+                            , "/websocket/**").permitAll()
                     .antMatchers("/api/v1/stores/**").authenticated()
                     .antMatchers("/api/v1/members/**").authenticated()
                     .anyRequest().permitAll()
diff --git a/src/main/java/com/hyundai/app/member/controller/MemberController.java b/src/main/java/com/hyundai/app/member/controller/MemberController.java
index e00c7e0..9971925 100644
--- a/src/main/java/com/hyundai/app/member/controller/MemberController.java
+++ b/src/main/java/com/hyundai/app/member/controller/MemberController.java
@@ -22,7 +22,6 @@
  */
 @Log4j
 @Api("회원 관련 API")
-@RequiredArgsConstructor
 @RestController
 @RequestMapping("/api/v1/members")
 public class MemberController {
diff --git a/src/main/java/com/hyundai/app/security/filter/AuthTokenFilter.java b/src/main/java/com/hyundai/app/security/filter/AuthTokenFilter.java
index 80c8242..cf35213 100644
--- a/src/main/java/com/hyundai/app/security/filter/AuthTokenFilter.java
+++ b/src/main/java/com/hyundai/app/security/filter/AuthTokenFilter.java
@@ -41,13 +41,15 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             log.debug("AuthTokenFilter : request " + request);
             String accessToken = resolveToken(request);
             log.debug("AuthTokenFilter : accessToken " + accessToken);
-            jwtTokenGenerator.isTokenValidate(accessToken);
+            if (!jwtTokenGenerator.isTokenValidate(accessToken)) {
+                log.error("AuthTokenFilter ERROR : accessToken 토큰이 유효하지 않습니다.");
+                throw new AdventureOfHeendyException(ErrorCode.ACCESS_TOKEN_INVALID);
+            }
 
             Authentication authentication = createAuthentication(accessToken);
             SecurityContextHolder.getContext().setAuthentication(authentication);
         } catch (Exception e) {
-            log.debug("AuthTokenFilter : accessToken 토큰이 유효하지 않습니다.");
-            throw new AdventureOfHeendyException(ErrorCode.ACCESS_TOKEN_INVALID);
+            log.error("AuthTokenFilter ERROR catch! accessToken 토큰이 유효하지 않습니다.");
         }
         filterChain.doFilter(request, response);
     }
diff --git a/src/main/java/com/hyundai/app/security/jwt/JwtTokenGenerator.java b/src/main/java/com/hyundai/app/security/jwt/JwtTokenGenerator.java
index a4da35c..ae1d73a 100644
--- a/src/main/java/com/hyundai/app/security/jwt/JwtTokenGenerator.java
+++ b/src/main/java/com/hyundai/app/security/jwt/JwtTokenGenerator.java
@@ -96,13 +96,15 @@ public Claims getClaims(String accessToken) {
      * @since 2024/02/14
      * 토큰 유효성 검증
      */
-    public void isTokenValidate(String token) {
+    public boolean isTokenValidate(String token) {
         try {
             Jwts.parser()
                 .setSigningKey(jwtSecret)
                 .parseClaimsJws(token);
+            return true;
         } catch (JwtException | IllegalArgumentException e) {
-            throw new AdventureOfHeendyException(ErrorCode.ACCESS_TOKEN_INVALID);
+            log.error("isTokenValidate() 토큰 파싱 시, 에러 발생 ");
         }
+        return false;
     }
 }
\ No newline at end of file