Skip to content

Commit

Permalink
Merge pull request #15 from nhnacademy-be5-T3Team/chore/removeDB
Browse files Browse the repository at this point in the history 
feature: #14 SecureKeyManager 동작 구현
  • Loading branch information
@joohyun1996
joohyun1996 authored Apr 17, 2024
2 parents 1e0876c + 00219c6 commit 50891ed
Show file tree
Hide file tree
Showing 15 changed files with 183 additions and 172 deletions.
6 changes: 4 additions & 2 deletions src/main/java/com/t3t/authenticationapi/account/component/JWTUtils.java
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
package com.t3t.authenticationapi.account.component;

import com.t3t.authenticationapi.keymanager.properties.SecretKeyProperties;
import com.t3t.authenticationapi.keymanager.service.SecretKeyManagerService;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import java.security.Key;
Expand All @@ -21,7 +22,8 @@
@Component
public class JWTUtils {
private Key key;
public JWTUtils(@Value("${spring.security.key}") String secret) {
public JWTUtils(SecretKeyManagerService secretKeyManagerService, SecretKeyProperties secretKeyProperties) {
String secret = secretKeyManagerService.getSecretValue(secretKeyProperties.getJwtSecretKeyId());
byte[] byteSecretKEy = Decoders.BASE64.decode(secret);
key = Keys.hmacShaKeyFor(byteSecretKEy);
}
Expand Down
55 changes: 0 additions & 55 deletions src/main/java/com/t3t/authenticationapi/account/config/RedisConfig.java
View file

This file was deleted.

1 change: 1 addition & 0 deletions src/main/java/com/t3t/authenticationapi/account/service/DefaultUserDetailsService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
userEntity.setUsername(userEntityDto.getUsername());
userEntity.setUserId(userEntityDto.getUserId());
userEntity.setPassword(userEntityDto.getPassword());
// userEntity.setPassword(bCryptPasswordEncoder.encode(userEntityDto.getPassword()));
userEntity.setRole(userEntityDto.getRole());

return new CustomUserDetails(userEntity);
Expand Down
21 changes: 21 additions & 0 deletions src/main/java/com/t3t/authenticationapi/config/DataSourceConfig.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package com.t3t.authenticationapi.config;

import com.t3t.authenticationapi.property.DatabaseProperties;
import org.springframework.boot.jdbc.DataSourceBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.sql.DataSource;

@Configuration
public class DataSourceConfig {
@Bean
public DataSource dataSource(DatabaseProperties databaseProperties){
return DataSourceBuilder.create()
.url(databaseProperties.getDatabaseUrl())
.driverClassName(databaseProperties.getDriverClassName())
.username(databaseProperties.getUsername())
.password(databaseProperties.getPassword())
.build();
}
}
33 changes: 33 additions & 0 deletions src/main/java/com/t3t/authenticationapi/config/DatabasePropertiesConfig.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
package com.t3t.authenticationapi.config;

import com.t3t.authenticationapi.keymanager.properties.SecretKeyProperties;
import com.t3t.authenticationapi.keymanager.service.SecretKeyManagerService;
import com.t3t.authenticationapi.property.DatabaseProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.env.Environment;

@Configuration
public class DatabasePropertiesConfig {
@Bean
@Profile({"prod", "dev", "test"})
public DatabaseProperties dataSourceProperties(SecretKeyManagerService secretKeyManagerService,
SecretKeyProperties secretKeyProperties,
Environment environment) {

String activeProfile = environment.getActiveProfiles()[0];
String activeProfileSuffix = activeProfile.equals("prod") ? "" : "_" + activeProfile;

return DatabaseProperties.builder()
.databaseUrl(String.format("jdbc:mysql://%s:%s/%s%s",
secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseIpAddressKeyId()),
secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePortKeyId()),
secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseNameKeyId()),
activeProfileSuffix))
.driverClassName("com.mysql.cj.jdbc.Driver")
.username(secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabaseUsernameKeyId()))
.password(secretKeyManagerService.getSecretValue(secretKeyProperties.getDatabasePasswordKeyId()))
.build();
}
}
62 changes: 62 additions & 0 deletions src/main/java/com/t3t/authenticationapi/config/RedisConfig.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
package com.t3t.authenticationapi.config;

import com.t3t.authenticationapi.keymanager.properties.SecretKeyProperties;
import com.t3t.authenticationapi.keymanager.service.SecretKeyManagerService;
import com.t3t.authenticationapi.property.RedisProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
import org.springframework.data.redis.serializer.StringRedisSerializer;

/**
* redis 연결을 위한 configuration 클래스
* @author joohyun1996 (이주현)
*/
@Configuration
@EnableRedisRepositories
public class RedisConfig {
@Bean
public RedisProperties redisProperties(SecretKeyManagerService secretKeyManagerService,
SecretKeyProperties secretKeyProperties,
Environment environment){

String activeProfile = environment.getActiveProfiles()[0];
String activeProfileSuffix = activeProfile.equals("prod") ? "" : "_" + activeProfile;

return RedisProperties.builder()
.host(secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisIpAddressKeyId()))
.port(Integer.valueOf(secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPortKeyId())))
.password(secretKeyManagerService.getSecretValue(secretKeyProperties.getRedisPasswordKeyId()))
.database(20)
.build();
}

/**
* RedisServer에 연결을 생성하는데 사용되는 클래스
* getConnection() 호출될 때 마다 새로운 LettuceConnection 생성
* Thread-safe 하다
* 동기, 비동기, 리액티브 api 모두 가능
* @author joohyun1996 (이주현)
*/
@Bean
public RedisConnectionFactory redisConnectionFactory(RedisProperties redisProperties){
RedisStandaloneConfiguration configuration = new RedisStandaloneConfiguration(redisProperties.getHost(), redisProperties.getPort());
configuration.setPassword(redisProperties.getPassword());
configuration.setDatabase(redisProperties.getDatabase());
return new LettuceConnectionFactory(configuration);
}

@Bean
public RedisTemplate<String, String> redisTemplate(RedisProperties redisProperties){
RedisTemplate<String, String> redisTemplate = new RedisTemplate<>();
redisTemplate.setKeySerializer(new StringRedisSerializer());
redisTemplate.setValueSerializer(new StringRedisSerializer());
redisTemplate.setConnectionFactory(redisConnectionFactory(redisProperties));
return redisTemplate;
}
}
5 changes: 2 additions & 3 deletions ...ionapi/account/config/SecurityConfig.java → ...henticationapi/config/SecurityConfig.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.t3t.authenticationapi.account.config;
package com.t3t.authenticationapi.config;

import com.t3t.authenticationapi.account.component.JWTUtils;
import com.t3t.authenticationapi.account.filter.CommonExceptionFilter;
Expand Down Expand Up @@ -41,7 +41,7 @@ public BCryptPasswordEncoder bCryptPasswordEncoder(){
/**
* Security Filter Chain 설정.
* Auth-Server에서는 인증만 담당하기 때문에 다른 URL에 대해서는 설정 X
* @param HttpSecurity
* @param http
* @author joohyun1996 (이주현)
*/
@Bean
Expand All @@ -52,7 +52,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.httpBasic().disable()
.authorizeRequests((auth) -> auth
.antMatchers("/login").permitAll()
.antMatchers("/logins").permitAll()
.antMatchers("/refresh").permitAll()
.antMatchers("/logout").authenticated()
.anyRequest().authenticated())
Expand Down
17 changes: 17 additions & 0 deletions src/main/java/com/t3t/authenticationapi/property/DatabaseProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package com.t3t.authenticationapi.property;

import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;

@Getter
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class DatabaseProperties {
private String databaseUrl;
private String driverClassName;
private String username;
private String password;
}
17 changes: 17 additions & 0 deletions src/main/java/com/t3t/authenticationapi/property/RedisProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package com.t3t.authenticationapi.property;

import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;

@Getter
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class RedisProperties {
private String host;
private Integer port;
private Integer database;
private String password;
}
14 changes: 0 additions & 14 deletions src/main/resources/application.yml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,4 @@
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://133.186.223.228:3306/t3team?useSSL=false&serverTimezone=Asia/Seoul&characterEncoding=UTF-8
username: t3team
password: uPJQz6QaL6@6h]BG
security:
key: sakdjA24HSdflasbdglag2yhsdrg342TASGASd58aw4t3AWEIGzsoigbaWEIGHP3tug0ajw4s23a8th24tgaw2854yq3p48ghaa294
redis:
host: 133.186.223.228
password: "*N2vya7H@muDTwdNMR!"
port: 6379
database: 20

jpa:
open-in-view: true
hibernate:
Expand All @@ -24,7 +11,6 @@ spring:
hibernate.format_sql: true
dialect: org.hibernate.dialect.MySQL8InnoDBDialect


logging:
level:
org.hibernate.SQL: debug
Expand Down
4 changes: 4 additions & 0 deletions src/main/resources/application_prod.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
eureka:
client:
service-url:
defaultZone: ${eurekaServiceUrlDefaultZone}
16 changes: 14 additions & 2 deletions src/test/java/com/t3t/authenticationapi/account/service/DefaultUserDetailsServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,19 @@
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;*/

/*
import com.t3t.authenticationapi.account.auth.CustomUserDetails;
import com.t3t.authenticationapi.account.dto.UserEntityDto;
import com.t3t.authenticationapi.account.repository.AccountRepository;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@ExtendWith(MockitoExtension.class)
class DefaultUserDetailsServiceTest {
@Mock
Expand Down Expand Up @@ -58,4 +70,4 @@ public void TestLoadUserByUserNameFailed(){

Assertions.assertEquals("User Not Found", exception.getMessage());
}
}*/
}
4 changes: 0 additions & 4 deletions src/test/java/com/t3t/authenticationapi/filter/CustomLogoutFilterTest.java
View file

This file was deleted.

Loading

0 comments on commit 50891ed

Please sign in to comment.