Skip to content

Commit

Permalink
chore: jwt handling
Browse files Browse the repository at this point in the history
  • Loading branch information
GayeongKimm committed Jul 31, 2024
1 parent 86da23a commit baa848d
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 12 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
Expand All @@ -25,6 +26,7 @@
public class SecurityConfig {
private final JwtFilter jwtFilter;
private final JwtExceptionFilter jwtExceptionFilter;
private final AccessDeniedHandler accessDeniedHandler;

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
Expand Down Expand Up @@ -54,7 +56,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
.formLogin().disable()
.exceptionHandling()
.accessDeniedHandler((req, res, e) -> jwtExceptionFilter.responseToClient(res, ErrorResponse.of(StatusEnum.INVALID_ROLE, "권한이 없습니다")))
.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN));
.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.FORBIDDEN))
.accessDeniedHandler(accessDeniedHandler);

return http.build();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,15 @@ public class JwtHelper {
@Transactional
public Authentication getAuthentication(String accessToken) {
Claims claims = getClaims(accessToken);
MemberEntity member = memberRepository.findByMemberId(claims.getSubject());
MemberEntity member = memberRepository.findByMemberId(claiㅎms.getSubject());

CustomMemberDetails details = new CustomMemberDetails(member);

return new UsernamePasswordAuthenticationToken(details, null, details.getAuthorities());
}

public Claims getClaims(String token) {
try{
return Jwts.parserBuilder()
.setSigningKey(jwtProperties.getSecretKey()).build().parseClaimsJws(token).getBody();
} catch (ExpiredJwtException e) {
throw new IllegalArgumentException("만료된 토큰");
} catch (UnsupportedJwtException e) {
throw new IllegalArgumentException("지원되지 않는 토큰");
} catch (IllegalArgumentException e) {
throw new IllegalArgumentException("잘못된 토큰");
}
return Jwts.parserBuilder().setSigningKey(jwtProperties.getSecretKey()).build().parseClaimsJws(token).getBody();
}

public String extractToken(final String token) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package kr.hs.dgsw.SOPO_server_v2.global.infra.security;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import kr.hs.dgsw.SOPO_server_v2.global.error.custom.auth.ExpiredTokenException;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

@Component
public class CustomAccessDeniedHandler implements AccessDeniedHandler {

@Override
public void handle(HttpServletRequest request,
HttpServletResponse response,
AccessDeniedException accessDeniedException){
throw ExpiredTokenException.EXCEPTION;
}
}

0 comments on commit baa848d

Please sign in to comment.