From ee56a88ba8a285a8599dff8bd4e4807fe17d27fe Mon Sep 17 00:00:00 2001 From: sung-silver Date: Sat, 18 Jan 2025 02:17:00 +0900 Subject: [PATCH 1/5] =?UTF-8?q?[FIX]=20JwksRequest=20=EC=9A=94=EC=B2=AD=20?= =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EC=8B=9C=20=EB=A9=94=EC=9D=B4=EC=BB=A4?= =?UTF-8?q?=EC=8A=A4=20=ED=94=84=EB=A1=9C=EB=8D=95=ED=8A=B8=20=EC=84=9C?= =?UTF-8?q?=EB=B2=84=EA=B0=80=20=EC=95=84=EB=8B=90=20=EA=B2=BD=EC=9A=B0(?= =?UTF-8?q?=EC=A6=89,=20=ED=81=B4=EB=9D=BC=EC=9D=B4=EC=96=B8=ED=8A=B8)?= =?UTF-8?q?=EC=9D=98=20=EC=9A=94=EC=B2=AD=EC=97=90=EC=84=9C=EB=8A=94=20SER?= =?UTF-8?q?VER=20=ED=97=A4=EB=8D=94=20=EA=B2=80=EC=A6=9D=EC=97=90=20?= =?UTF-8?q?=EB=8C=80=ED=95=B4=20=EC=9E=90=EB=8F=99=EC=9C=BC=EB=A1=9C=20fal?= =?UTF-8?q?se=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/filter/JwtAuthenticationFilter.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index b1cb909..cd82ec2 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -8,6 +8,7 @@ import java.io.IOException; import java.util.Arrays; +import java.util.Optional; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -33,6 +34,11 @@ protected void doFilterInternal( final HttpServletRequest request, final HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + if (shouldNotFilter(request)) { + filterChain.doFilter(request, response); + return; + } + String authorizationToken = getAuthorizationToken(request); CustomAuthentication authentication = authTokenProvider.parse(authorizationToken); @@ -65,8 +71,9 @@ private String getAuthorizationToken(final HttpServletRequest request) { private static boolean isJwksRequest(HttpServletRequest request) { boolean isCorrectUrl = request.getRequestURI().equals("/.well-known/jwks.json"); boolean isCorrectHeader = - Arrays.stream(JwtConstant.SERVICE_NAMES) - .anyMatch(request.getHeader(HttpHeaders.SERVER)::contains); + Optional.ofNullable(request.getHeader(HttpHeaders.SERVER)) + .map(header -> Arrays.stream(JwtConstant.SERVICE_NAMES).anyMatch(header::contains)) + .orElse(false); return isCorrectUrl && isCorrectHeader; } From 11a270c2165642fa3de1da61ff44ba7cdeeca15a Mon Sep 17 00:00:00 2001 From: sung-silver Date: Sat, 18 Jan 2025 02:36:47 +0900 Subject: [PATCH 2/5] =?UTF-8?q?[FIX]=20=EC=82=AC=EC=9A=A9=ED=95=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8A=94=20=EA=B5=AC=EB=AC=B8=20=EC=82=AD?= =?UTF-8?q?=EC=A0=9C=20=EB=B0=8F=20isWhiteRequest=20=EA=B2=80=EC=A6=9D=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../support/constant/SystemConstant.java | 10 ++++------ .../security/filter/JwtAuthenticationFilter.java | 16 ++++------------ 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java index d63f412..c627607 100644 --- a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java +++ b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java @@ -12,14 +12,9 @@ private SystemConstant() {} public static final String API_DEFAULT_PREFIX = API_PATH_PREFIX + API_VERSION; private static final String PATH_ACTUATOR = "/actuator"; - private static final String PATH_AUTH = API_DEFAULT_PREFIX + "/auth"; + public static final String PATH_AUTH = API_DEFAULT_PREFIX + "/auth"; private static final String PATH_ERROR = "/error"; private static final String PATH_TEST = "/test"; - private static final String PATH_GET_REGISTER_SOCIAL_PLATFORM = - API_PATH_PREFIX + "/social/accounts/social"; - - public static List WHITE_PATHS = - List.of(PATH_ACTUATOR, PATH_AUTH, PATH_GET_REGISTER_SOCIAL_PLATFORM, PATH_ERROR, PATH_TEST); public static final String PATTERN_ALL = "/**"; public static final String PATTERN_ERROR_PATH = PATH_ERROR + PATTERN_ALL; @@ -27,4 +22,7 @@ private SystemConstant() {} public static final String PATTERN_AUTH = PATH_AUTH + PATTERN_ALL; public static final String PATTERN_TEST = API_DEFAULT_PREFIX + PATH_TEST + PATTERN_ALL; public static final String PATTERN_ROOT_PATH = "/"; + + public static final List WHITELIST_WILDCARD = + List.of(PATH_ERROR, PATH_ACTUATOR, PATH_AUTH, PATH_TEST); } diff --git a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java index cd82ec2..de8e9f1 100644 --- a/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java +++ b/src/main/java/sopt/makers/authentication/support/security/filter/JwtAuthenticationFilter.java @@ -1,14 +1,11 @@ package sopt.makers.authentication.support.security.filter; -import static sopt.makers.authentication.support.constant.SystemConstant.WHITE_PATHS; +import static sopt.makers.authentication.support.constant.SystemConstant.WHITELIST_WILDCARD; -import sopt.makers.authentication.support.constant.JwtConstant; import sopt.makers.authentication.support.jwt.provider.JwtAuthAccessTokenProvider; import sopt.makers.authentication.support.security.authentication.CustomAuthentication; import java.io.IOException; -import java.util.Arrays; -import java.util.Optional; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -54,8 +51,8 @@ public boolean shouldNotFilter(HttpServletRequest request) { } private boolean isWhiteRequest(final HttpServletRequest request) { - String url = request.getRequestURL().toString(); - return WHITE_PATHS.stream().anyMatch(url::contains); + String uri = request.getRequestURI(); + return WHITELIST_WILDCARD.stream().anyMatch(uri::startsWith); } /** @@ -70,11 +67,6 @@ private String getAuthorizationToken(final HttpServletRequest request) { private static boolean isJwksRequest(HttpServletRequest request) { boolean isCorrectUrl = request.getRequestURI().equals("/.well-known/jwks.json"); - boolean isCorrectHeader = - Optional.ofNullable(request.getHeader(HttpHeaders.SERVER)) - .map(header -> Arrays.stream(JwtConstant.SERVICE_NAMES).anyMatch(header::contains)) - .orElse(false); - - return isCorrectUrl && isCorrectHeader; + return isCorrectUrl; } } From 0d73206a58d0b78188cae39b6745712aa9467398 Mon Sep 17 00:00:00 2001 From: sung-silver Date: Sat, 18 Jan 2025 02:46:31 +0900 Subject: [PATCH 3/5] =?UTF-8?q?[FEAT]=20INTERNAL=20SERVER=20ERROR=20handle?= =?UTF-8?q?=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../code/support/failure/CommonFailure.java | 17 +++++++++++++++++ .../exception/ApplicationExceptionHandler.java | 12 ++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 src/main/java/sopt/makers/authentication/support/code/support/failure/CommonFailure.java diff --git a/src/main/java/sopt/makers/authentication/support/code/support/failure/CommonFailure.java b/src/main/java/sopt/makers/authentication/support/code/support/failure/CommonFailure.java new file mode 100644 index 0000000..a8cc7d6 --- /dev/null +++ b/src/main/java/sopt/makers/authentication/support/code/support/failure/CommonFailure.java @@ -0,0 +1,17 @@ +package sopt.makers.authentication.support.code.support.failure; + +import static lombok.AccessLevel.PRIVATE; + +import sopt.makers.authentication.support.code.base.*; + +import org.springframework.http.*; + +import lombok.*; + +@Getter +@RequiredArgsConstructor(access = PRIVATE) +public enum CommonFailure implements FailureCode { + INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 오류입니다"); + private final HttpStatus status; + private final String message; +} diff --git a/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java b/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java index 8925e91..1915408 100644 --- a/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java +++ b/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java @@ -1,9 +1,11 @@ package sopt.makers.authentication.support.exception; +import static sopt.makers.authentication.support.code.support.failure.CommonFailure.INTERNAL_SERVER_ERROR; + import sopt.makers.authentication.support.common.api.BaseResponse; import sopt.makers.authentication.support.exception.domain.AuthException; -import org.springframework.http.ResponseEntity; +import org.springframework.http.*; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; @@ -12,9 +14,15 @@ @Slf4j @RestControllerAdvice public class ApplicationExceptionHandler { + @ExceptionHandler(RuntimeException.class) + ResponseEntity> handleInternalException(final RuntimeException e) { + log.error(e.getMessage()); + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body(BaseResponse.ofFailure(INTERNAL_SERVER_ERROR)); + } @ExceptionHandler(AuthException.class) - ResponseEntity> authFailureException(final AuthException e) { + ResponseEntity> handleAuthException(final AuthException e) { log.error(e.getError().getMessage()); return ResponseEntity.status(e.getError().getStatus().value()) .body(BaseResponse.ofFailure(e.getError())); From 8367fab5bfc77e3f29f96858a0dd4684645df69d Mon Sep 17 00:00:00 2001 From: sung-silver Date: Sat, 18 Jan 2025 02:53:13 +0900 Subject: [PATCH 4/5] =?UTF-8?q?[FEAT]=20AuthException=20=EB=BF=90=EB=A7=8C?= =?UTF-8?q?=20=EC=95=84=EB=8B=88=EB=9D=BC=20=EC=84=9C=EB=B9=84=EC=8A=A4=20?= =?UTF-8?q?=EB=82=B4=EC=97=90=EC=84=9C=20=EC=A0=95=EC=9D=98=EB=90=9C=20?= =?UTF-8?q?=EB=AA=A8=EB=93=A0=20Exception=EC=9D=84=20=ED=95=B8=EB=93=A4?= =?UTF-8?q?=EB=A7=81=ED=95=98=EB=8F=84=EB=A1=9D=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../support/exception/ApplicationExceptionHandler.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java b/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java index 1915408..610b46d 100644 --- a/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java +++ b/src/main/java/sopt/makers/authentication/support/exception/ApplicationExceptionHandler.java @@ -3,7 +3,7 @@ import static sopt.makers.authentication.support.code.support.failure.CommonFailure.INTERNAL_SERVER_ERROR; import sopt.makers.authentication.support.common.api.BaseResponse; -import sopt.makers.authentication.support.exception.domain.AuthException; +import sopt.makers.authentication.support.exception.base.*; import org.springframework.http.*; import org.springframework.web.bind.annotation.ExceptionHandler; @@ -21,8 +21,8 @@ ResponseEntity> handleInternalException(final RuntimeException e .body(BaseResponse.ofFailure(INTERNAL_SERVER_ERROR)); } - @ExceptionHandler(AuthException.class) - ResponseEntity> handleAuthException(final AuthException e) { + @ExceptionHandler(BaseException.class) + ResponseEntity> handleBusinessException(final BaseException e) { log.error(e.getError().getMessage()); return ResponseEntity.status(e.getError().getStatus().value()) .body(BaseResponse.ofFailure(e.getError())); From 30dc62d8ff8a423bfc58f06f5393d369294f7167 Mon Sep 17 00:00:00 2001 From: sung-silver Date: Sat, 18 Jan 2025 02:59:31 +0900 Subject: [PATCH 5/5] =?UTF-8?q?[CHORE]=20=EB=94=94=EB=B2=84=EA=B9=85?= =?UTF-8?q?=EC=9D=84=20=EC=9C=84=ED=95=B4=20=EB=B3=80=EA=B2=BD=ED=96=88?= =?UTF-8?q?=EB=8D=98=20=EC=A0=91=EA=B7=BC=20=EC=A0=9C=EC=96=B4=EC=9E=90?= =?UTF-8?q?=EB=A5=BC=20=EB=8B=A4=EC=8B=9C=20private=EB=A1=9C=20=EB=B3=80?= =?UTF-8?q?=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../makers/authentication/support/constant/SystemConstant.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java index c627607..cade2e0 100644 --- a/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java +++ b/src/main/java/sopt/makers/authentication/support/constant/SystemConstant.java @@ -9,7 +9,7 @@ private SystemConstant() {} private static final String API_PATH_PREFIX = "/api"; private static final String API_VERSION = "/v1"; - public static final String API_DEFAULT_PREFIX = API_PATH_PREFIX + API_VERSION; + private static final String API_DEFAULT_PREFIX = API_PATH_PREFIX + API_VERSION; private static final String PATH_ACTUATOR = "/actuator"; public static final String PATH_AUTH = API_DEFAULT_PREFIX + "/auth";