Skip to content

Commit

Permalink
[Fix] Deprecated 코드 제거 - #39
Browse files Browse the repository at this point in the history
[Fix] Deprecated 코드 제거 - #34 진행
  • Loading branch information
Juser0 authored Jun 3, 2023
2 parents ec72d7d + b31a897 commit dc09dea
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 33 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
package com.favor.favor.auth;

import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,58 +14,73 @@
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

public class SecurityConfiguration {
// extends WebSecurityConfigurerAdapter 삭제
private final JwtTokenProvider jwtTokenProvider;

@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
public SecurityConfiguration(JwtTokenProvider jwtTokenProvider) {
this.jwtTokenProvider = jwtTokenProvider;
}

// @Bean
// @Override
// public AuthenticationManager authenticationManagerBean() throws Exception {
// return super.authenticationManagerBean();
// }

@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}

@Override
protected void configure(HttpSecurity http) throws Exception {
http.httpBasic().disable()

.csrf().disable() //CSRF 방지
.cors()
// protected void configure(HttpSecurity http) throws Exception {
/*
이전 방식은 Deprecated된 WebSecurityConfigurerAdapter 클래스에서
protected void configure(HttpSecurity http) 메서드를 오버라이딩하여 보안 구성을 설정
*/
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {

/*
HttpSecurity 객체를 인자로 받아 보안 구성을 수행하고,
구성이 완료된 SecurityFilterChain 객체를 반환하는 방식으로 수정
*/

httpSecurity.
httpBasic().disable()
.csrf().disable() //CSRF 방지
.cors()

.and()
.sessionManagement().sessionCreationPolicy(
SessionCreationPolicy.STATELESS)
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)

.and()
.authorizeRequests()
.antMatchers("/api/v1/auth/**","/",
"/v2/api-docs", "/swagger-resources/**", "/swagger-ui/index.html", "/swagger-ui.html","/webjars/**", "/swagger/**", // swagger
"/h2-console/**",
"/favicon.ico",
"/users/sign-in",
"/users/sign-up",
"/users/profile/**").permitAll()
.anyRequest().authenticated()
.and()
.authorizeRequests()
.antMatchers("/api/v1/auth/**","/",
"/v2/api-docs", "/swagger-resources/**", "/swagger-ui/index.html", "/swagger-ui.html","/webjars/**", "/swagger/**", // swagger
"/h2-console/**",
"/favicon.ico",
"/users/sign-in",
"/users/sign-up",
"/users/profile/**").permitAll()
.anyRequest().authenticated()


.and()
.exceptionHandling().accessDeniedHandler(new CustomAccessDeniedHandler())
.and()
.exceptionHandling().authenticationEntryPoint(new CustomAuthenticationEntryPoint())
.and()
.exceptionHandling().accessDeniedHandler(new CustomAccessDeniedHandler())

.and()
.addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider),
UsernamePasswordAuthenticationFilter.class);
.and()
.exceptionHandling().authenticationEntryPoint(new CustomAuthenticationEntryPoint())

.and()
.addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class);

return httpSecurity.build();
}
}

0 comments on commit dc09dea

Please sign in to comment.