From 6b9852cbd18f743353977f63d424c9747d8ce1ab Mon Sep 17 00:00:00 2001 From: mybloom Date: Sat, 11 Jun 2022 17:01:25 +0900 Subject: [PATCH] =?UTF-8?q?refactor:=20jwt=20token=EC=83=9D=EC=84=B1?= =?UTF-8?q?=ED=95=98=EB=8A=94=20=EB=A9=94=EC=84=9C=EB=93=9C=20=EA=B5=AC?= =?UTF-8?q?=EC=A1=B0=20=EB=B3=80=EA=B2=BD=20(ios-h/airbnb#35)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 토큰 종류별로 payload 생성할 수 있도록 변경 - payload 객체에서 해당 값을 가져올 수 있도록 변경 --- .../team4/airbnb/auth/JwtTokenProvider.java | 98 +++++++++---------- 1 file changed, 45 insertions(+), 53 deletions(-) diff --git a/BE/src/main/java/org/team4/airbnb/auth/JwtTokenProvider.java b/BE/src/main/java/org/team4/airbnb/auth/JwtTokenProvider.java index 59460909d..648728549 100644 --- a/BE/src/main/java/org/team4/airbnb/auth/JwtTokenProvider.java +++ b/BE/src/main/java/org/team4/airbnb/auth/JwtTokenProvider.java @@ -2,19 +2,15 @@ import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Header; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; -import java.nio.charset.StandardCharsets; -import java.time.Duration; -import java.util.Base64; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; -import java.util.Random; +import io.jsonwebtoken.io.Encoders; +import io.jsonwebtoken.security.Keys; +import javax.crypto.SecretKey; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.PropertySource; import org.springframework.stereotype.Component; +import org.team4.airbnb.auth.domain.JwtPayload; import org.team4.airbnb.exception.TokenInValidateException; @PropertySource(value = "classpath:jwt.properties", ignoreResourceNotFound = true) @@ -24,61 +20,39 @@ public class JwtTokenProvider { @Value("${jwt.secretKey}") private String secretKey; - private final long tokenValidityInMilliseconds = Duration.ofMillis(30).toMillis(); - private final Random random = new Random(); + public String createToken(JwtPayload payload) { + SecretKey key = Keys.secretKeyFor(SignatureAlgorithm.HS256); + Encoders.BASE64.encode(key.getEncoded()); + Claims claims = Jwts.claims(payload.getPrivateClaim()); - public String createAccessToken(String userId){ - //private claims 생성 - Map claimsAttribute = new HashMap<>(); - claimsAttribute.put("userId",userId); - - Claims claims = Jwts.claims(claimsAttribute); - return createToken(claims); - } - - public String createRefreshToken(){ - byte[] bytes = new byte[7]; - random.nextBytes(bytes); - String claimSubjectForRefreshToken = new String(bytes, StandardCharsets.UTF_8); - - //registered claim : sub 생성 - Claims claims = Jwts.claims().setSubject(claimSubjectForRefreshToken); - return createToken(claims); - } - - private String createToken(Claims claims) { - String encodeSecretKey = Base64.getEncoder().encodeToString(secretKey.getBytes()); - long currentTime = System.currentTimeMillis(); - Date now = new Date(); - - - String jwtToken = Jwts.builder() - .setHeaderParam(Header.TYPE, Header.JWT_TYPE) //Header 셋팅 : 토큰 타입 정보 typ - //payload - registered claim 셋팅 - .setIssuer("team4") //iss - .setIssuedAt(new Date(currentTime)) //iat - .setExpiration(new Date(now.getTime() + tokenValidityInMilliseconds)) //exp - //payload - private claim + String token = Jwts.builder() + .setSubject(payload.getSubject()) + .setIssuedAt(payload.getIssuedAt()) + .setExpiration(payload.getExpiration()) .setClaims(claims) - .signWith(SignatureAlgorithm.HS256, encodeSecretKey) //해싱알고리즘, 시크릿키 + .signWith(key) .compact(); - return jwtToken; + return token; } - public Claims parseJwtToken(String header) { - String encodeSecretKey = Base64.getEncoder().encodeToString(secretKey.getBytes()); - +// public Claims parseJwtToken(String token) { +// String encodeSecretKey = Base64.getEncoder().encodeToString(secretKey.getBytes()); +// +// Claims claims = Jwts.parser() +// .setSigningKey(encodeSecretKey) +// .parseClaimsJws(token) +// .getBody(); +// +// return claims; +// } + + public String getAccessTokenFromHeader(String header) { validateHeader(header); String token = extractToken(header); - Claims claims = Jwts.parser() - .setSigningKey(encodeSecretKey) - .parseClaimsJws(token) - .getBody(); - - return claims; + return token; } private void validateHeader(String header) { @@ -90,4 +64,22 @@ private void validateHeader(String header) { private String extractToken(String authorizationHeader) { return authorizationHeader.substring("Bearer ".length()); } + +// public void validateJwtToken(String accessToken) { +// String encodeSecretKey = Base64.getEncoder().encodeToString(secretKey.getBytes()); +// Jws claimsJws = Jwts.parser() +// .setSigningKey(encodeSecretKey) +// .parseClaimsJws(accessToken); +// +// Claims body = claimsJws.getBody(); +// JwsHeader jwsHeader = claimsJws.getHeader(); +// String jwsSignature = claimsJws.getSignature(); +// +// JwsHeader header = claimsJws.getHeader(); +// String signature = claimsJws.getSignature(); +// +// System.out.println(body); +// body.getExpiration(); +// body.getIssuedAt(); +// } }