diff --git a/src/main/java/kr/bb/apigateway/common/SecurityConfig.java b/src/main/java/kr/bb/apigateway/common/SecurityConfig.java deleted file mode 100644 index c03ebc1..0000000 --- a/src/main/java/kr/bb/apigateway/common/SecurityConfig.java +++ /dev/null @@ -1,21 +0,0 @@ -package kr.bb.apigateway.common; - - -import org.springframework.context.annotation.Bean; -import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity; -import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; -import org.springframework.security.config.web.server.ServerHttpSecurity; -import org.springframework.security.web.server.SecurityWebFilterChain; - -@EnableWebFluxSecurity -@EnableReactiveMethodSecurity -public class SecurityConfig { - - @Bean - public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { - http - .csrf(csrf -> csrf.disable()); - return http.build(); - - } -} diff --git a/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilter.java b/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilter.java deleted file mode 100644 index be5758c..0000000 --- a/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilter.java +++ /dev/null @@ -1,68 +0,0 @@ -package kr.bb.apigateway.common.filter; - -import io.jsonwebtoken.ExpiredJwtException; -import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; -import kr.bb.apigateway.common.util.JwtUtil; -import kr.bb.apigateway.common.util.RedisBlackListTokenUtil; -import org.springframework.cloud.gateway.filter.GatewayFilter; -import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; -import org.springframework.http.HttpStatus; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.http.server.reactive.ServerHttpResponse; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -//@Component -//public class JwtValidationGatewayFilterFactory extends -// AbstractGatewayFilterFactory { -// -// private final RedisBlackListTokenUtil redisBlackListTokenUtil; -// -// public JwtValidationGatewayFilterFactory(RedisBlackListTokenUtil redisBlackListTokenUtil) { -// this.redisBlackListTokenUtil = redisBlackListTokenUtil; -// } -// -// @Override -// public GatewayFilter apply(Config config) { -// return (exchange, chain) -> { -// ServerHttpRequest request = exchange.getRequest(); -// String token = ExtractAuthorizationTokenUtil.extractToken(request); -// if (redisBlackListTokenUtil.isTokenBlacklisted(token)) { -// return handleError(exchange, HttpStatus.UNAUTHORIZED); -// } -// else{ -// try { -// JwtUtil.isTokenValid(token); -// return chain.filter(addUserIdHeaderAtRequest(exchange, JwtUtil.extractSubject(token))); -// } catch (ExpiredJwtException e) { -// return handleError(exchange, HttpStatus.UNAUTHORIZED); -// } -// } -// }; -// } -// -// -// private Mono handleError(ServerWebExchange exchange, HttpStatus status) { -// ServerHttpResponse response = exchange.getResponse(); -// response.setStatusCode(status); -// return response.setComplete(); -// } -// -// private ServerWebExchange addUserIdHeaderAtRequest(ServerWebExchange exchange, String userId) { -// } -// -// -// public static class Config { -// -// private boolean shouldNotFilterURL; -// -// public String getShouldNotURL() { -// return shouldNotFilterURL; -// } -// -// public void setShouldNotURL(String shouldNotURL) { -// this.shouldNotFilterURL = shouldNotURL; -// } -// } -//} \ No newline at end of file diff --git a/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilterFactory.java new file mode 100644 index 0000000..ec4c260 --- /dev/null +++ b/src/main/java/kr/bb/apigateway/common/filter/JwtValidationGatewayFilterFactory.java @@ -0,0 +1,74 @@ +package kr.bb.apigateway.common.filter; + +import io.jsonwebtoken.ExpiredJwtException; +import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; +import kr.bb.apigateway.common.util.JwtUtil; +import kr.bb.apigateway.common.util.RedisBlackListTokenUtil; +import org.springframework.cloud.gateway.filter.GatewayFilter; +import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.server.reactive.ServerHttpRequest; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +@Component +public class JwtValidationGatewayFilterFactory extends + AbstractGatewayFilterFactory { + + private final RedisBlackListTokenUtil redisBlackListTokenUtil; + + public JwtValidationGatewayFilterFactory(RedisBlackListTokenUtil redisBlackListTokenUtil) { + this.redisBlackListTokenUtil = redisBlackListTokenUtil; + } + + @Override + public GatewayFilter apply(Config config) { + return (exchange, chain) -> { + ServerHttpRequest request = exchange.getRequest(); + String token = ExtractAuthorizationTokenUtil.extractToken(request); + if (redisBlackListTokenUtil.isTokenBlacklisted(token)) { + return handleError(exchange, HttpStatus.UNAUTHORIZED); + } else { + try { + JwtUtil.isTokenValid(token); + return chain.filter(addUserIdHeaderAtRequest(exchange, JwtUtil.extractSubject(token))); + } catch (ExpiredJwtException e) { + return handleError(exchange, HttpStatus.UNAUTHORIZED); + } + } + }; + } + + + private Mono handleError(ServerWebExchange exchange, HttpStatus status) { + ServerHttpResponse response = exchange.getResponse(); + response.setStatusCode(status); + return response.setComplete(); + } + + private ServerWebExchange addUserIdHeaderAtRequest(ServerWebExchange exchange, String userId) { + ServerHttpRequest modifiedRequest = exchange.getRequest().mutate() + .headers(httpHeaders -> httpHeaders.add("userId", userId)) + .build(); + + return exchange.mutate() + .request(modifiedRequest) + .build(); + } + + + public static class Config { + + private boolean shouldNotFilter; + + public boolean getShouldNotFilter() { + return shouldNotFilter; + } + + public void setShouldNotURL(boolean shouldNotFilter) { + this.shouldNotFilter = shouldNotFilter; + } + } +} \ No newline at end of file diff --git a/src/main/java/kr/bb/apigateway/common/security/SecurityContextUtil.java b/src/main/java/kr/bb/apigateway/common/security/SecurityContextUtil.java deleted file mode 100644 index bd369ab..0000000 --- a/src/main/java/kr/bb/apigateway/common/security/SecurityContextUtil.java +++ /dev/null @@ -1,18 +0,0 @@ -package kr.bb.apigateway.common.security; - -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; - -public class SecurityContextUtil { - - - - public static void setSecurityContextWithUserId(String userId) { - Authentication authentication = new UsernamePasswordAuthenticationToken(userId, null); - SecurityContextHolder.getContext().setAuthentication(authentication); - } - - - -} diff --git a/src/main/java/kr/bb/apigateway/common/security/SystemAuthenticationSuccessHandler.java b/src/main/java/kr/bb/apigateway/common/security/SystemAuthenticationSuccessHandler.java deleted file mode 100644 index a0d3004..0000000 --- a/src/main/java/kr/bb/apigateway/common/security/SystemAuthenticationSuccessHandler.java +++ /dev/null @@ -1,57 +0,0 @@ -package kr.bb.apigateway.common.security; - - -import java.io.IOException; -import java.util.Map; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import kr.bb.apigateway.common.util.JwtUtil; -import kr.bb.apigateway.common.valueobject.AuthId; -import kr.bb.apigateway.common.valueobject.SecurityPolicyStaticValue; -import lombok.RequiredArgsConstructor; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; -import org.springframework.stereotype.Component; - -@RequiredArgsConstructor -@Component -public class SystemAuthenticationSuccessHandler implements AuthenticationSuccessHandler { - - private final TokenHandler tokenHandler; - - - private String getRoleFromSecurityContext() { - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication != null && !authentication.getAuthorities().isEmpty()) { - return authentication.getAuthorities().iterator().next().getAuthority(); - } - throw new IllegalArgumentException("토큰에 해당 유저의 역할이 담겨있지 않습니다."); - } - - private Map createClaimsRoleMap() { - return JwtUtil.addClaims( - SecurityPolicyStaticValue.CLAIMS_ROLE_KEY_NAME, getRoleFromSecurityContext()); - } - - @Override - public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, - FilterChain chain, Authentication authentication) throws IOException, ServletException { - onAuthenticationSuccess(request, response, authentication); - chain.doFilter(request,response); - } - - @Override - public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, - Authentication authentication) { - String token = tokenHandler.createToken(getIdFromPrincipal(authentication), - createClaimsRoleMap(), response); - response.setHeader(SecurityPolicyStaticValue.TOKEN_AUTHORIZAION_HEADER_NAME,SecurityPolicyStaticValue.TOKEN_AUTHORIZATION_PREFIX +token ); - } - - private String getIdFromPrincipal(Authentication authentication){ - return ((AuthId)authentication.getPrincipal()).getValue().toString(); - } -} diff --git a/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilter.java b/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilter.java deleted file mode 100644 index f9498d8..0000000 --- a/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilter.java +++ /dev/null @@ -1,48 +0,0 @@ -package kr.bb.apigateway.social.filter; - - -import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; -import kr.bb.apigateway.common.valueobject.Role; -import lombok.extern.slf4j.Slf4j; -import org.springframework.cloud.gateway.filter.GatewayFilterChain; -import org.springframework.cloud.gateway.filter.GlobalFilter; -import org.springframework.http.HttpStatus; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.http.server.reactive.ServerHttpResponse; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; -// -//@Slf4j -//public class SocialAuthorizationGatewayFilter implements GlobalFilter { -// -// @Override -// public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { -// ServerHttpRequest request = exchange.getRequest(); -// String requestURI = request.getURI().toString(); -// log.warn("-------------requestURI :" + requestURI); -// -// if (shouldNotFilter(requestURI)) { -// chain.filter(exchange); -// } else if (!isAuthorizedUser(exchange)) { -// return handleUnauthenticatedUser(exchange); -// } -// -// return chain.filter(exchange); -// } -// -// private boolean shouldNotFilter(String requestURI) { -// return !requestURI.contains("/social") || requestURI.contains("/social/login") -// || requestURI.contains("/oauth2"); -// } -// -// private boolean isAuthorizedUser(ServerWebExchange exchange) { -// String role = ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); -// return Role.ROLE_SOCIAL_USER.name().equals(role); -// } -// -// private Mono handleUnauthenticatedUser(ServerWebExchange exchange) { -// ServerHttpResponse response = exchange.getResponse(); -// response.setStatusCode(HttpStatus.UNAUTHORIZED); -// return response.setComplete(); -// } -//} diff --git a/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilterFactory.java new file mode 100644 index 0000000..b19c1f7 --- /dev/null +++ b/src/main/java/kr/bb/apigateway/social/filter/SocialAuthorizationGatewayFilterFactory.java @@ -0,0 +1,53 @@ +package kr.bb.apigateway.social.filter; + + +import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; +import kr.bb.apigateway.common.valueobject.Role; +import kr.bb.apigateway.social.exception.SocialAuthException; +import org.springframework.cloud.gateway.filter.GatewayFilter; +import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +@Component +public class SocialAuthorizationGatewayFilterFactory extends + AbstractGatewayFilterFactory { + + @Override + public GatewayFilter apply(Config config) { + return (exchange, chain) -> { + if (!isAuthorizedUser(exchange)) { + return handleUnauthenticatedUser(exchange); + } + return chain.filter(exchange); + }; + } + + private boolean isAuthorizedUser(ServerWebExchange exchange) { + String role = ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); + return Role.ROLE_SOCIAL_USER.name().equals(role); + } + + private Mono handleUnauthenticatedUser(ServerWebExchange exchange) { + ServerHttpResponse response = exchange.getResponse(); + response.setStatusCode(HttpStatus.UNAUTHORIZED); + throw new SocialAuthException("소셜 유저가 아닙니다."); + } + + public static class Config { + + private boolean shouldFilter; + + public boolean getShouldNotFilter() { + return shouldFilter; + } + + public void setShouldNotFilter(boolean shouldFilter) { + this.shouldFilter = shouldFilter; + } + } + +} diff --git a/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilter.java b/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilter.java deleted file mode 100644 index b05cb2f..0000000 --- a/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilter.java +++ /dev/null @@ -1,62 +0,0 @@ -package kr.bb.apigateway.store.filter; - -import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; -import kr.bb.apigateway.store.valueobject.StoreManagerStatus; -import lombok.extern.slf4j.Slf4j; -import org.springframework.cloud.gateway.filter.GatewayFilterChain; -import org.springframework.cloud.gateway.filter.GlobalFilter; -import org.springframework.http.HttpStatus; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.http.server.reactive.ServerHttpResponse; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -//@Slf4j -//public class StoreAuthorizationGatewayFilter implements GlobalFilter { -// -// @Override -// public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { -// ServerHttpRequest request = exchange.getRequest(); -// String requestURI = request.getURI().toString(); -// log.warn("-------------requestURI :" +requestURI); -// -// if (shouldNotFilter(requestURI)) { -// chain.filter(exchange); -// } else { -// return roleHandler(exchange,chain); -// } -// return chain.filter(exchange); -// } -// -// private Mono roleHandler(ServerWebExchange exchange,GatewayFilterChain chain) { -// String role = getRoleFromHeader(exchange); -// if (StoreManagerStatus.ROLE_STORE_MANAGER_PENDING.name().equals(role)) { -// return handlePendingApproval(exchange); -// } else if (StoreManagerStatus.ROLE_STORE_MANAGER_DENIED.name().equals(role)) { -// return handleDeniedRole(exchange); -// } -// return chain.filter(exchange); -// } -// -// private boolean shouldNotFilter(String requestURI) { -// return !requestURI.contains("/stores") || requestURI.contains("/stores/login") || -// requestURI.contains("/stores/signup") || requestURI.contains("/stores/emails"); -// } -// -// private String getRoleFromHeader(ServerWebExchange exchange) { -// return ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); -// } -// -// private Mono handlePendingApproval(ServerWebExchange exchange) { -// ServerHttpResponse response = exchange.getResponse(); -// response.setStatusCode(HttpStatus.UNAUTHORIZED); -// return response.setComplete(); -// } -// -// private Mono handleDeniedRole(ServerWebExchange exchange) { -// ServerHttpResponse response = exchange.getResponse(); -// response.setStatusCode(HttpStatus.FORBIDDEN); -// return response.setComplete(); -// } -// -//} diff --git a/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilterFactory.java new file mode 100644 index 0000000..81fc2f2 --- /dev/null +++ b/src/main/java/kr/bb/apigateway/store/filter/StoreAuthorizationGatewayFilterFactory.java @@ -0,0 +1,66 @@ +package kr.bb.apigateway.store.filter; + + +import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; +import kr.bb.apigateway.store.exception.StoreManagerAuthException; +import kr.bb.apigateway.store.valueobject.StoreManagerStatus; +import lombok.extern.slf4j.Slf4j; +import org.springframework.cloud.gateway.filter.GatewayFilter; +import org.springframework.cloud.gateway.filter.GatewayFilterChain; +import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +@Slf4j +@Component +public class StoreAuthorizationGatewayFilterFactory extends + AbstractGatewayFilterFactory { + + @Override + public GatewayFilter apply(Config config) { + return this::roleHandler; + } + + + private Mono roleHandler(ServerWebExchange exchange, GatewayFilterChain chain) { + String role = getRoleFromHeader(exchange); + if (StoreManagerStatus.ROLE_STORE_MANAGER_PENDING.name().equals(role)) { + return handlePendingApproval(exchange); + } else if (StoreManagerStatus.ROLE_STORE_MANAGER_DENIED.name().equals(role)) { + return handleDeniedRole(exchange); + } + return chain.filter(exchange); + } + + private String getRoleFromHeader(ServerWebExchange exchange) { + return ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); + } + + private Mono handlePendingApproval(ServerWebExchange exchange) { + ServerHttpResponse response = exchange.getResponse(); + response.setStatusCode(HttpStatus.UNAUTHORIZED); + throw new StoreManagerAuthException("사용자의 권한이 대기 중입니다."); + } + + private Mono handleDeniedRole(ServerWebExchange exchange) { + ServerHttpResponse response = exchange.getResponse(); + response.setStatusCode(HttpStatus.FORBIDDEN); + throw new StoreManagerAuthException("사용자의 사업자 등록증이 거절되었습니다 재등록하세요."); + } + + public static class Config { + + private boolean shouldFilter; + + public boolean getShouldNotFilter() { + return shouldFilter; + } + + public void setShouldNotFilter(boolean shouldFilter) { + this.shouldFilter = shouldFilter; + } + } +} \ No newline at end of file diff --git a/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilter.java b/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilter.java deleted file mode 100644 index 7ebca3a..0000000 --- a/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilter.java +++ /dev/null @@ -1,46 +0,0 @@ -package kr.bb.apigateway.systsem.filter; - -import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; -import kr.bb.apigateway.common.valueobject.Role; -import lombok.extern.slf4j.Slf4j; -import org.springframework.cloud.gateway.filter.GatewayFilterChain; -import org.springframework.cloud.gateway.filter.GlobalFilter; -import org.springframework.http.HttpStatus; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.http.server.reactive.ServerHttpResponse; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -//@Slf4j -//public class SystemAdminAuthorizationGatewayFilter implements GlobalFilter { -// @Override -// public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { -// ServerHttpRequest request = exchange.getRequest(); -// String requestURI = request.getURI().toString(); -// log.warn("-------------requestURI :" +requestURI); -// -// if (shouldNotFilter(requestURI)) { -// return chain.filter(exchange); -// } -// else if (!isSystemAdmin(exchange)) { -// return handleUnauthorized(exchange); -// } -// return chain.filter(exchange); -// } -// -// private boolean shouldNotFilter(String requestURI) { -// return !requestURI.contains("/admin") || requestURI.contains("/admin/login"); -// } -// -// private boolean isSystemAdmin(ServerWebExchange exchange) { -// String role = ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); -// return Role.ROLE_SYSTEM_ADMIN.name().equals(role); -// } -// -// -// private Mono handleUnauthorized(ServerWebExchange exchange) { -// ServerHttpResponse response = exchange.getResponse(); -// response.setStatusCode(HttpStatus.UNAUTHORIZED); -// return response.setComplete(); -// } -//} diff --git a/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilterFactory.java b/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilterFactory.java new file mode 100644 index 0000000..60a3cbc --- /dev/null +++ b/src/main/java/kr/bb/apigateway/systsem/filter/SystemAdminAuthorizationGatewayFilterFactory.java @@ -0,0 +1,60 @@ +package kr.bb.apigateway.systsem.filter; + +import kr.bb.apigateway.common.util.ExtractAuthorizationTokenUtil; +import kr.bb.apigateway.common.valueobject.Role; +import kr.bb.apigateway.systsem.exception.SystemAdminAuthException; +import kr.bb.apigateway.systsem.filter.SystemAdminAuthorizationGatewayFilterFactory.Config; +import lombok.extern.slf4j.Slf4j; +import org.springframework.cloud.gateway.filter.GatewayFilter; +import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; +import org.springframework.http.HttpStatus; +import org.springframework.http.server.reactive.ServerHttpRequest; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +@Slf4j +@Component +public class SystemAdminAuthorizationGatewayFilterFactory extends + AbstractGatewayFilterFactory { + + public SystemAdminAuthorizationGatewayFilterFactory() { + super(Config.class); + } + + @Override + public GatewayFilter apply(Config config) { + return (exchange, chain) -> { + if (!isSystemAdmin(exchange)) { + return handleUnauthorized(exchange); + } + return chain.filter(exchange); + }; + } + + + private boolean isSystemAdmin(ServerWebExchange exchange) { + String role = ExtractAuthorizationTokenUtil.extractRole(exchange.getRequest()); + return Role.ROLE_SYSTEM_ADMIN.name().equals(role); + } + + private Mono handleUnauthorized(ServerWebExchange exchange) { + ServerHttpResponse response = exchange.getResponse(); + response.setStatusCode(HttpStatus.UNAUTHORIZED); + throw new SystemAdminAuthException("존재 하지 않는 시스템 어드민 유저입니다."); + } + + public static class Config { + + private boolean shouldFilter; + + public boolean getShouldNotFilter() { + return shouldFilter; + } + + public void setShouldNotFilter(boolean shouldFilter) { + this.shouldFilter = shouldFilter; + } + } +} \ No newline at end of file