Merge pull request #6 from lotteon2/develop-gateway-refactoring

refactor: refactor the gateway
lotteon2 · Dec 15, 2023 · 325f73f · 325f73f
2 parents 9d03037 + edd996d
commit 325f73f
Show file tree

Hide file tree

Showing 11 changed files with 253 additions and 320 deletions.
diff --git a/src/main/java/kr/bb/apigateway/common/SecurityConfig.java b/src/main/java/kr/bb/apigateway/common/SecurityConfig.java
diff --git a/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilter.java b/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilter.java
diff --git a/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilterFactory.java
@@ -0,0 +1,74 @@
+package kr.bb.apigateway.common.filter;
+
+import io.jsonwebtoken.ExpiredJwtException;
+import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil;
+import kr.bb.apigateway.common.util.JwtUtil;
+import kr.bb.apigateway.common.util.RedisBlackListTokenUtil;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+@Component
+public class JwtValidationGatewayFilterFactory extends
+    AbstractGatewayFilterFactory<JwtValidationGatewayFilterFactory.Config> {
+
+  private final RedisBlackListTokenUtil redisBlackListTokenUtil;
+
+  public JwtValidationGatewayFilterFactory(RedisBlackListTokenUtil redisBlackListTokenUtil) {
+    this.redisBlackListTokenUtil = redisBlackListTokenUtil;
+  }
+
+  @Override
+  public GatewayFilter apply(Config config) {
+    return (exchange, chain) -> {
+      ServerHttpRequest request = exchange.getRequest();
+      String token = ExtractAuthorizationTokenUtil.extractToken(request);
+      if (redisBlackListTokenUtil.isTokenBlacklisted(token)) {
+        return handleError(exchange, HttpStatus.UNAUTHORIZED);
+      } else {
+        try {
+          JwtUtil.isTokenValid(token);
+          return chain.filter(addUserIdHeaderAtRequest(exchange, JwtUtil.extractSubject(token)));
+        } catch (ExpiredJwtException e) {
+          return handleError(exchange, HttpStatus.UNAUTHORIZED);
+        }
+      }
+    };
+  }
+
+
+  private Mono<Void> handleError(ServerWebExchange exchange, HttpStatus status) {
+    ServerHttpResponse response = exchange.getResponse();
+    response.setStatusCode(status);
+    return response.setComplete();
+  }
+
+  private ServerWebExchange addUserIdHeaderAtRequest(ServerWebExchange exchange, String userId) {
+    ServerHttpRequest modifiedRequest = exchange.getRequest().mutate()
+        .headers(httpHeaders -> httpHeaders.add("userId", userId))
+        .build();
+
+    return exchange.mutate()
+        .request(modifiedRequest)
+        .build();
+  }
+
+
+  public static class Config {
+
+    private boolean shouldNotFilter;
+
+    public boolean getShouldNotFilter() {
+      return shouldNotFilter;
+    }
+
+    public void setShouldNotURL(boolean shouldNotFilter) {
+      this.shouldNotFilter = shouldNotFilter;
+    }
+  }
+}
diff --git a/src/main/java/kr/bb/apigateway/common/security/SecurityContextUtil.java b/src/main/java/kr/bb/apigateway/common/security/SecurityContextUtil.java
diff --git a/src/main/java/kr/bb/apigateway/common/security/SystemAuthenticationSuccessHandler.java b/src/main/java/kr/bb/apigateway/common/security/SystemAuthenticationSuccessHandler.java
diff --git a/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilter.java b/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilter.java
diff --git a/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilterFactory.java
@@ -0,0 +1,53 @@
+package kr.bb.apigateway.social.filter;
+
+
+import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil;
+import kr.bb.apigateway.common.valueobject.Role;
+import kr.bb.apigateway.social.exception.SocialAuthException;
+import org.springframework.cloud.gateway.filter.GatewayFilter;
+import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+@Component
+public class SocialAuthorizationGatewayFilterFactory extends
+    AbstractGatewayFilterFactory<SocialAuthorizationGatewayFilterFactory.Config> {
+
+    @Override
+    public GatewayFilter apply(Config config) {
+        return (exchange, chain) -> {
+            if (!isAuthorizedUser(exchange)) {
+                return handleUnauthenticatedUser(exchange);
+            }
+            return chain.filter(exchange);
+        };
+    }
+
+    private boolean isAuthorizedUser(ServerWebExchange exchange) {
+        String role = ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest());
+        return Role.ROLE_SOCIAL_USER.name().equals(role);
+    }
+
+    private Mono<Void> handleUnauthenticatedUser(ServerWebExchange exchange) {
+        ServerHttpResponse response = exchange.getResponse();
+        response.setStatusCode(HttpStatus.UNAUTHORIZED);
+        throw new SocialAuthException("소셜 유저가 아닙니다.");
+    }
+
+    public static class Config {
+
+        private boolean shouldFilter;
+
+        public boolean getShouldNotFilter() {
+            return shouldFilter;
+        }
+
+        public void setShouldNotFilter(boolean shouldFilter) {
+            this.shouldFilter = shouldFilter;
+        }
+    }
+
+}