Merge pull request #23 from nhnacademy-be5-T3Team/fix/authProvider

Fix/ #25 auth provider
nhnacademy-be5-T3Team · Apr 24, 2024 · 2d33e56 · 2d33e56
2 parents 50891ed + daaadb1
commit 2d33e56
Show file tree

Hide file tree

Showing 10 changed files with 89 additions and 20 deletions.
diff --git a/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java b/src/main/java/com/t3t/authenticationapi/AuthenticationApiApplication.java
@@ -9,9 +9,7 @@
 @SpringBootApplication
 @EnableDiscoveryClient
 public class AuthenticationApiApplication {
-
 	public static void main(String[] args) {
 		SpringApplication.run(AuthenticationApiApplication.class, args);
 	}
-
 }
diff --git a/src/main/java/com/t3t/authenticationapi/account/auth/CustomUserDetails.java b/src/main/java/com/t3t/authenticationapi/account/auth/CustomUserDetails.java
@@ -46,6 +46,9 @@ public String getUsername() {
     public String getUserId(){
         return userEntity.getUserId();
     }
+    public String getRole(){
+        return userEntity.getRole();
+    }
 
     @Override
     public boolean isAccountNonExpired() {

diff --git a/src/main/java/com/t3t/authenticationapi/account/common/GlobalExceptionHandler.java b/src/main/java/com/t3t/authenticationapi/account/common/GlobalExceptionHandler.java
@@ -17,25 +17,29 @@ public class GlobalExceptionHandler {
      * @author joohyun1996 (이주현)
      */
     @ExceptionHandler(TokenNotExistsException.class)
-    public ResponseEntity<BaseResponse<Void>> handleTokenNotExistsException(TokenNotExistsException tokenNotExistsException){
+    public ResponseEntity<BaseResponse<Void>> handleTokenNotExistsException(TokenNotExistsException tokenNotExistsException) {
         return ResponseEntity.status(HttpStatus.FORBIDDEN).body(new BaseResponse<Void>().message(tokenNotExistsException.getMessage()));
     }
+
     /**
      * access 토큰이 만료된 경우에 대한 예외 처리 핸들러
+     *
      * @return 403 Forbidden - 예외 메시지 반한
      * @author joohyun1996 (이주현)
      */
     @ExceptionHandler(TokenHasExpiredException.class)
-    public ResponseEntity<BaseResponse<Void>> handleTokenHasExpiredException(TokenHasExpiredException tokenHasExpiredException){
+    public ResponseEntity<BaseResponse<Void>> handleTokenHasExpiredException(TokenHasExpiredException tokenHasExpiredException) {
         return ResponseEntity.status(HttpStatus.FORBIDDEN).body(new BaseResponse<Void>().message(tokenHasExpiredException.getMessage()));
     }
+
     /**
      * refresh, blacklist 토큰이 이미 Redis에 저장되어 있을 경우에 대한 예외 처리 핸들러
+     *
      * @return 400 Forbidden - 예외 메시지 반한
      * @author joohyun1996 (이주현)
      */
     @ExceptionHandler(TokenAlreadyExistsException.class)
-    public ResponseEntity<BaseResponse<Void>> handleTokenAlreadyExistsException(TokenAlreadyExistsException tokenAlreadyExistsException){
+    public ResponseEntity<BaseResponse<Void>> handleTokenAlreadyExistsException(TokenAlreadyExistsException tokenAlreadyExistsException) {
         return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(new BaseResponse<Void>().message(tokenAlreadyExistsException.getMessage()));
     }
 }
diff --git a/src/main/java/com/t3t/authenticationapi/account/component/CustomAuthenticationProvider.java b/src/main/java/com/t3t/authenticationapi/account/component/CustomAuthenticationProvider.java
@@ -0,0 +1,48 @@
+package com.t3t.authenticationapi.account.component;
+
+import com.t3t.authenticationapi.account.auth.CustomUserDetails;
+import com.t3t.authenticationapi.account.dto.UserEntity;
+import com.t3t.authenticationapi.account.service.DefaultUserDetailsService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+
+@Configuration
+@RequiredArgsConstructor
+public class CustomAuthenticationProvider implements AuthenticationProvider {
+    private final DefaultUserDetailsService userDetailsService;
+
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder(){
+        return new BCryptPasswordEncoder();
+    }
+
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        String username = authentication.getName();
+        String password = authentication.getCredentials().toString();
+
+        CustomUserDetails userDetails = (CustomUserDetails) userDetailsService.loadUserByUsername(username);
+
+        String dbPassword = userDetails.getPassword();
+        if(!bCryptPasswordEncoder().matches(password,dbPassword)){
+            throw new BadCredentialsException("id, pw not match");
+        }
+
+        return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return authentication.equals(UsernamePasswordAuthenticationToken.class);
+    }
+
+}
diff --git a/src/main/java/com/t3t/authenticationapi/account/controller/LoginController.java b/src/main/java/com/t3t/authenticationapi/account/controller/LoginController.java
@@ -13,11 +13,6 @@
  */
 @RestController
 public class LoginController {
-    private final DefaultUserDetailsService service;
-
-    public LoginController(DefaultUserDetailsService service) {
-        this.service = service;
-    }
     /**
      * LoginFilter 수행시 successfulAuthentication 메소드가 수행되고 해당 메소드에서 응답이 커밋됨
      * @author joohyun1996(이주현)

diff --git a/src/main/java/com/t3t/authenticationapi/account/filter/LoginFilter.java b/src/main/java/com/t3t/authenticationapi/account/filter/LoginFilter.java
@@ -16,6 +16,7 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.util.StreamUtils;
 
@@ -58,6 +59,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
         }
 
         String username = loginDto.getUsername();
+        // 암호화된 정보로 확인
         String password = loginDto.getPassword();
 
         UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(username, password, null);

diff --git a/src/main/java/com/t3t/authenticationapi/account/service/DefaultUserDetailsService.java b/src/main/java/com/t3t/authenticationapi/account/service/DefaultUserDetailsService.java
@@ -21,7 +21,6 @@
 public class DefaultUserDetailsService implements UserDetailsService {
     private final AccountRepository accountRepository;
 
-    private final BCryptPasswordEncoder bCryptPasswordEncoder;
     /**
      * 회원이 입력한 UserName, Password가 Database에 있는지 검증하는 메소드
      * @param username
@@ -40,7 +39,6 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
         userEntity.setUsername(userEntityDto.getUsername());
         userEntity.setUserId(userEntityDto.getUserId());
         userEntity.setPassword(userEntityDto.getPassword());
-//        userEntity.setPassword(bCryptPasswordEncoder.encode(userEntityDto.getPassword()));
         userEntity.setRole(userEntityDto.getRole());
 
         return new CustomUserDetails(userEntity);

diff --git a/src/main/java/com/t3t/authenticationapi/config/SecurityConfig.java b/src/main/java/com/t3t/authenticationapi/config/SecurityConfig.java
@@ -1,18 +1,26 @@
 package com.t3t.authenticationapi.config;
 
+import com.t3t.authenticationapi.account.auth.CustomUserDetails;
+import com.t3t.authenticationapi.account.component.CustomAuthenticationProvider;
 import com.t3t.authenticationapi.account.component.JWTUtils;
 import com.t3t.authenticationapi.account.filter.CommonExceptionFilter;
 import com.t3t.authenticationapi.account.filter.CustomLogoutFilter;
 import com.t3t.authenticationapi.account.filter.LoginFilter;
+import com.t3t.authenticationapi.account.service.DefaultUserDetailsService;
 import com.t3t.authenticationapi.account.service.TokenService;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -28,16 +36,19 @@ public class SecurityConfig {
     private final AuthenticationConfiguration authenticationConfiguration;
     private final JWTUtils jwtUtils;
     private final TokenService tokenService;
+    private final CustomAuthenticationProvider provider;
+
+    @Autowired
+    public void globalConfigure(AuthenticationManagerBuilder auth) throws Exception{
+        auth.authenticationProvider(provider);
+    }
 
     @Bean
     public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
         return authenticationConfiguration.getAuthenticationManager();
     }
 
-    @Bean
-    public BCryptPasswordEncoder bCryptPasswordEncoder(){
-        return new BCryptPasswordEncoder();
-    }
+
     /**
      * Security Filter Chain 설정.
      * Auth-Server에서는 인증만 담당하기 때문에 다른 URL에 대해서는 설정 X
@@ -55,9 +66,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .antMatchers("/refresh").permitAll()
                         .antMatchers("/logout").authenticated()
                         .anyRequest().authenticated())
-                .logout(logout -> logout
-                        .logoutUrl("/logout") // logout 담당 url
-                        .logoutSuccessUrl("/index")) // logout 성공시 redirect 할 url
                 .addFilterBefore(new CommonExceptionFilter(), LoginFilter.class)
                 .addFilterAt(new LoginFilter(authenticationManager(authenticationConfiguration), jwtUtils, tokenService), UsernamePasswordAuthenticationFilter.class)
                 .addFilterBefore(new CustomLogoutFilter(jwtUtils, tokenService), LogoutFilter.class)

diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -1,4 +1,6 @@
 spring:
+  application:
+    name: AUTH-SERVICE
   jpa:
     open-in-view: true
     hibernate:
@@ -41,3 +43,12 @@ t3t:
         keyId: "0582f8b117604b7d86e9f3ff26931cde"
       redisServerPassword:
         keyId: "ec1eb8e0706e402cbec8487cbcb86564"
+server:
+  port: 8084
+
+eureka:
+  client:
+    register-with-eureka: true
+    fetch-registry: true
+    service-url:
+      defaultZone: http://localhost:8761/eureka
diff --git a/src/main/resources/application_prod.yml b/src/main/resources/application_prod.yml
@@ -1,4 +1,6 @@
-eureka:
+ eureka:
   client:
+    register-with-eureka: true
+    fetch-registry: true
     service-url:
       defaultZone: ${eurekaServiceUrlDefaultZone}