-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
83 changed files
with
1,852 additions
and
181 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
delivery/src/main/java/delivery/common/config/entrypoint/CustomAuthenticationEntryPoint.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package delivery.common.config.entrypoint; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import global.api.Api; | ||
import global.errorcode.ErrorCode; | ||
import jakarta.servlet.ServletException; | ||
import jakarta.servlet.http.HttpServletRequest; | ||
import jakarta.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
import java.io.OutputStream; | ||
import org.springframework.http.MediaType; | ||
import org.springframework.security.core.AuthenticationException; | ||
import org.springframework.security.web.AuthenticationEntryPoint; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { | ||
|
||
@Override | ||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) | ||
throws IOException, ServletException { | ||
|
||
Api<Object> body = Api.ERROR(ErrorCode.MISSING_REQUIRED_HEADER); | ||
response.setContentType(MediaType.APPLICATION_JSON_VALUE); | ||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); | ||
OutputStream responseStream = response.getOutputStream(); | ||
ObjectMapper mapper = new ObjectMapper(); | ||
mapper.writeValue(responseStream, body); | ||
responseStream.flush(); | ||
|
||
} | ||
} |
12 changes: 12 additions & 0 deletions
12
delivery/src/main/java/delivery/common/config/jpa/JpaConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package delivery.common.config.jpa; | ||
|
||
import org.springframework.boot.autoconfigure.domain.EntityScan; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.data.jpa.repository.config.EnableJpaRepositories; | ||
|
||
@Configuration | ||
@EntityScan(basePackages = {"db"}) | ||
@EnableJpaRepositories(basePackages = {"db"}) | ||
public class JpaConfig { | ||
|
||
} |
35 changes: 35 additions & 0 deletions
35
delivery/src/main/java/delivery/common/exception/jwt/TokenException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package delivery.common.exception.jwt; | ||
|
||
import global.errorcode.ErrorCodeIfs; | ||
|
||
public class TokenException extends RuntimeException{ | ||
|
||
private final ErrorCodeIfs errorCodeIfs; | ||
private final String description; | ||
|
||
public TokenException(ErrorCodeIfs errorCodeIfs) { | ||
super(errorCodeIfs.getDescription()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenException(ErrorCodeIfs errorCodeIfs, String errorDescription) { | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
public TokenException(ErrorCodeIfs errorCodeIfs, Throwable throwable) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenException(ErrorCodeIfs errorCodeIfs, Throwable throwable, | ||
String errorDescription) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
|
||
} |
35 changes: 35 additions & 0 deletions
35
delivery/src/main/java/delivery/common/exception/jwt/TokenExpiredException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package delivery.common.exception.jwt; | ||
|
||
import global.errorcode.ErrorCodeIfs; | ||
|
||
public class TokenExpiredException extends RuntimeException{ | ||
|
||
private final ErrorCodeIfs errorCodeIfs; | ||
private final String description; | ||
|
||
public TokenExpiredException(ErrorCodeIfs errorCodeIfs) { | ||
super(errorCodeIfs.getDescription()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenExpiredException(ErrorCodeIfs errorCodeIfs, String errorDescription) { | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
public TokenExpiredException(ErrorCodeIfs errorCodeIfs, Throwable throwable) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenExpiredException(ErrorCodeIfs errorCodeIfs, Throwable throwable, | ||
String errorDescription) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
|
||
} |
35 changes: 35 additions & 0 deletions
35
delivery/src/main/java/delivery/common/exception/jwt/TokenSignatureException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package delivery.common.exception.jwt; | ||
|
||
import global.errorcode.ErrorCodeIfs; | ||
|
||
public class TokenSignatureException extends RuntimeException{ | ||
|
||
private final ErrorCodeIfs errorCodeIfs; | ||
private final String description; | ||
|
||
public TokenSignatureException(ErrorCodeIfs errorCodeIfs) { | ||
super(errorCodeIfs.getDescription()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenSignatureException(ErrorCodeIfs errorCodeIfs, String errorDescription) { | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
public TokenSignatureException(ErrorCodeIfs errorCodeIfs, Throwable throwable) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public TokenSignatureException(ErrorCodeIfs errorCodeIfs, Throwable throwable, | ||
String errorDescription) { | ||
super(throwable); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
|
||
} |
36 changes: 36 additions & 0 deletions
36
delivery/src/main/java/delivery/common/exception/user/UserNameNotFoundException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
package delivery.common.exception.user; | ||
|
||
import global.errorcode.ErrorCodeIfs; | ||
import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
|
||
public class UserNameNotFoundException extends UsernameNotFoundException { | ||
|
||
private final ErrorCodeIfs errorCodeIfs; | ||
private final String description; | ||
|
||
public UserNameNotFoundException(ErrorCodeIfs errorCodeIfs) { | ||
super(errorCodeIfs.getDescription()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public UserNameNotFoundException(ErrorCodeIfs errorCodeIfs, String errorDescription) { | ||
super(errorCodeIfs.getDescription()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
public UserNameNotFoundException(ErrorCodeIfs errorCodeIfs, Throwable throwable) { | ||
super(throwable.toString()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorCodeIfs.getDescription(); | ||
} | ||
|
||
public UserNameNotFoundException(ErrorCodeIfs errorCodeIfs, Throwable throwable, | ||
String errorDescription) { | ||
super(throwable.toString()); | ||
this.errorCodeIfs = errorCodeIfs; | ||
this.description = errorDescription; | ||
} | ||
|
||
} |
69 changes: 69 additions & 0 deletions
69
delivery/src/main/java/delivery/common/security/SecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package delivery.common.security; | ||
|
||
import delivery.domain.users.security.jwt.filter.JwtAuthFilter; | ||
import delivery.domain.users.security.jwt.service.TokenService; | ||
import delivery.domain.users.security.service.AuthorizationService; | ||
import java.util.List; | ||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.boot.autoconfigure.security.servlet.PathRequest; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.config.Customizer; | ||
import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; | ||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; | ||
import org.springframework.security.config.http.SessionCreationPolicy; | ||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
import org.springframework.security.web.AuthenticationEntryPoint; | ||
import org.springframework.security.web.SecurityFilterChain; | ||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; | ||
|
||
|
||
@Configuration | ||
@EnableWebSecurity // security 활성화 | ||
@EnableGlobalAuthentication | ||
@RequiredArgsConstructor | ||
public class SecurityConfig { | ||
|
||
private final AuthenticationEntryPoint authEntryPoint; | ||
|
||
private final AuthorizationService authorizationService; | ||
private final TokenService tokenService; | ||
|
||
private final List<String> WHITE_LIST = List.of("/swagger-ui.html", "/swagger-ui/**", | ||
"/v3/api-docs/**", "/open-api/**"); | ||
|
||
@Bean | ||
public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { | ||
|
||
httpSecurity.cors(cors -> cors.disable()) | ||
.addFilterBefore(new JwtAuthFilter(authorizationService, tokenService), | ||
UsernamePasswordAuthenticationFilter.class) | ||
.csrf((csrfConfig) -> csrfConfig.disable()) // 1번 | ||
.sessionManagement(sessionManagement -> sessionManagement.sessionCreationPolicy( | ||
SessionCreationPolicy.STATELESS)).authorizeHttpRequests(it -> { | ||
it.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() | ||
.requestMatchers(WHITE_LIST.toArray(new String[0])).permitAll().anyRequest() | ||
.authenticated() | ||
; | ||
}).formLogin(AbstractHttpConfigurer::disable).httpBasic(AbstractHttpConfigurer::disable) | ||
.httpBasic(basic -> basic.authenticationEntryPoint(authEntryPoint)) | ||
.exceptionHandling(Customizer.withDefaults()) | ||
; | ||
|
||
return httpSecurity.build(); | ||
} | ||
|
||
@Bean | ||
public BCryptPasswordEncoder encoder() { | ||
return new BCryptPasswordEncoder(); | ||
} | ||
|
||
@Bean | ||
public WebSecurityCustomizer webSecurityCustomizer() { | ||
return (web) -> web.ignoring().requestMatchers(WHITE_LIST.toArray(new String[0])); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.