[fix] token exceptions

Solux-KimGreen · Feb 4, 2024 · e17978b · e17978b
1 parent 039bd82
commit e17978b
Show file tree

Hide file tree

Showing 7 changed files with 46 additions and 5 deletions.
diff --git a/src/main/java/com/kimgreen/backend/config/Authentication/JwtAuthenticationEntryPoint.java b/src/main/java/com/kimgreen/backend/config/Authentication/JwtAuthenticationEntryPoint.java
@@ -18,6 +18,9 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
     private static final String SUCCESS = "success";
     private static final String EXPIRED = "expired";
     private static final String DENIED = "denied";
+    private static final String MALFORMED = "malformed";
+    private static final String BLANK = "blank";
+    private static final String MALFORMED_JWT = "malformed_jwt";
 
     @Override
     public void commence(HttpServletRequest request,
@@ -32,7 +35,15 @@ public void commence(HttpServletRequest request,
                 setResponse(response,HttpStatus.UNAUTHORIZED.value(),"토큰이 유효하지 않습니다.");
             }
             if (exception.equals(DENIED)) {
-                setResponse(response,HttpStatus.NOT_FOUND.value(), "토큰이 없습니다.");
+                setResponse(response,HttpStatus.NOT_FOUND.value(), "잘못된 형식의 요청입니다.");
+            }
+            if (exception.equals(MALFORMED)) {
+                setResponse(response,HttpStatus.BAD_REQUEST.value(), "Bearer 형식이 존재하지 않습니다.");
+            }
+            if(exception.equals(BLANK)) {
+                setResponse(response,HttpStatus.BAD_REQUEST.value(), "토큰이 존재하지 않습니다.");
+            }if(exception.equals(MALFORMED_JWT)) {
+                setResponse(response,HttpStatus.BAD_REQUEST.value(), "잘못된 형식의 토큰입니다.");
             }
         }
 

diff --git a/src/main/java/com/kimgreen/backend/config/Authentication/JwtFilter.java b/src/main/java/com/kimgreen/backend/config/Authentication/JwtFilter.java
@@ -1,8 +1,9 @@
 package com.kimgreen.backend.config.Authentication;
 
-import com.kimgreen.backend.exception.TokenNotFound;
-import com.kimgreen.backend.exception.TokenNotValid;
+import com.kimgreen.backend.exception.BlankToken;
+import com.kimgreen.backend.exception.MalformedToken;
 import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.MalformedJwtException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -22,6 +23,9 @@ public class JwtFilter extends OncePerRequestFilter {
     private static final String SUCCESS = "success";
     private static final String EXPIRED = "expired";
     private static final String DENIED = "denied";
+    private static final String MALFORMED = "malformed";
+    private static final String MALFORMED_JWT = "malformed_jwt";
+    private static final String BLANK = "blank";
     private final JwtProvider jwtProvider;
     private final static String[] AUTH_WHITE_LIST_IGNORE = {
             "/swagger-ui/index.html"
@@ -45,6 +49,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         System.out.println("doing jwtFilter");
         try {
             String accessToken = jwtProvider.resolveToken(request, HttpHeaders.AUTHORIZATION);
+            if(accessToken.equals(MALFORMED)) {
+                throw new MalformedToken();
+            } else if(accessToken.equals(BLANK)) {
+                throw new BlankToken();
+            }
             Authentication authentication = jwtProvider.getAuthentication(accessToken);
 
             // access token 검증
@@ -57,6 +66,13 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         } catch (IllegalArgumentException  e) {
             //throw JwtException
             request.setAttribute("exception",DENIED);
+        } catch (MalformedToken e) {
+            request.setAttribute("exception",MALFORMED);
+        } catch (BlankToken e) {
+            System.out.println("catch blank token");
+            request.setAttribute("exception",BLANK);
+        } catch (MalformedJwtException e) {
+            request.setAttribute("exception",MALFORMED_JWT);
         }
         filterChain.doFilter(request, response);
         }

diff --git a/src/main/java/com/kimgreen/backend/config/Authentication/JwtProvider.java b/src/main/java/com/kimgreen/backend/config/Authentication/JwtProvider.java
@@ -34,6 +34,8 @@ public class JwtProvider {
     private static final String SUCCESS = "success";
     private static final String EXPIRED = "expired";
     private static final String DENIED = "denied";
+    private static final String MALFORMED = "malformed";
+    private static final String BLANK = "blank";
     private long now;
     private final String AUTHORITIES_KEY = "auth";
     private final CustomUserDetailsService customUserDetailsService;
@@ -97,6 +99,10 @@ public String resolveToken(HttpServletRequest request, String header) {
         String bearerToken = request.getHeader(header);
         if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
             return bearerToken.substring(7);
+        } else if(StringUtils.hasText(bearerToken)) {
+            return MALFORMED;
+        } else if(bearerToken==null) {
+            return BLANK;
         }
         return null;
     }

diff --git a/src/main/java/com/kimgreen/backend/config/Security/SecurityConfig.java b/src/main/java/com/kimgreen/backend/config/Security/SecurityConfig.java
@@ -38,8 +38,6 @@ public class SecurityConfig {
             ,"/auth/reissue"
     };
     private final static String[] AUTH_WHITE_LIST = {
-            "/",
-            "/**",
             "/swagger-ui/index.html"
             ,"/swagger-ui.html"
             ,"/swagger-ui/**"

diff --git a/src/main/java/com/kimgreen/backend/exception/BlankToken.java b/src/main/java/com/kimgreen/backend/exception/BlankToken.java
@@ -0,0 +1,4 @@
+package com.kimgreen.backend.exception;
+
+public class BlankToken extends RuntimeException{
+}
diff --git a/src/main/java/com/kimgreen/backend/exception/MalformedToken.java b/src/main/java/com/kimgreen/backend/exception/MalformedToken.java
@@ -0,0 +1,4 @@
+package com.kimgreen.backend.exception;
+
+public class MalformedToken extends RuntimeException{
+}
diff --git a/src/main/java/com/kimgreen/backend/response/Advice.java b/src/main/java/com/kimgreen/backend/response/Advice.java
@@ -63,4 +63,6 @@ public Response LogInRequiredResponse() {
         return Response.failure(HttpStatus.NOT_FOUND, "토큰이 존재하지 않습니다. 로그인 후 이용해주세요.");
     }
 
+
+
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -63,4 +63,6 @@ public Response LogInRequiredResponse() {
		return Response.failure(HttpStatus.NOT_FOUND, "토큰이 존재하지 않습니다. 로그인 후 이용해주세요.");
		}



		}