Skip to content

Commit

Permalink
Merge branch 'develop_back_core' into fix/phone_duplicate_validation-…
Browse files Browse the repository at this point in the history
…B-core-#652
  • Loading branch information
seokho-1116 authored Aug 29, 2024
2 parents b6fc2ff + d11248a commit 019635c
Show file tree
Hide file tree
Showing 6 changed files with 53 additions and 9 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
package site.timecapsulearchive.core.global.config;

import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.models.Operation;
import io.swagger.v3.oas.models.media.StringSchema;
import io.swagger.v3.oas.models.parameters.Parameter;
import org.springdoc.core.customizers.GlobalOperationCustomizer;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;

@Component
public class GlobalHeaderOperationCustomizer implements GlobalOperationCustomizer {

@Override
public Operation customize(Operation operation, HandlerMethod handlerMethod) {
Parameter customHeaderVersion = new Parameter().in(ParameterIn.HEADER.toString())
.name("Default-Key")
.description("api key").schema(new StringSchema())
.required(false);

operation.addParametersItem(customHeaderVersion);
return operation;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import org.springframework.security.web.util.matcher.RequestMatchers;
import site.timecapsulearchive.core.domain.member.entity.Role;
import site.timecapsulearchive.core.global.security.filter.DefaultAuthenticationFilter;
import site.timecapsulearchive.core.global.security.property.DefaultKeyProperties;

@EnableWebSecurity
@Configuration
Expand All @@ -28,8 +29,8 @@ public class SecurityConfig {

private final AuthenticationProvider jwtAuthenticationProvider;
private final ObjectMapper objectMapper;
private final DefaultKeyProperties defaultKeyProperties;
private final AccessDeniedHandler accessDeniedHandler;
private final DefaultAuthenticationFilter defaultAuthenticationFilter;

@Bean
public PasswordEncoder getPasswordEncoder() {
Expand Down Expand Up @@ -57,7 +58,8 @@ public SecurityFilterChain filterChainWithJwt(final HttpSecurity http) throws Ex
.exceptionHandling(error -> error.accessDeniedHandler(accessDeniedHandler));

http.addFilterBefore(
defaultAuthenticationFilter,
new DefaultAuthenticationFilter(defaultKeyProperties,
notRequireDefaultAuthenticationMatcher()),
UsernamePasswordAuthenticationFilter.class
);

Expand Down Expand Up @@ -89,6 +91,15 @@ private RequestMatcher notRequireAuthenticationMatcher() {
antMatcher(HttpMethod.GET, "/actuator/**")
);
}

private RequestMatcher notRequireDefaultAuthenticationMatcher() {
return RequestMatchers.anyOf(
antMatcher("/v3/api-docs/**"),
antMatcher("/swagger-ui/**"),
antMatcher(HttpMethod.GET, "/health"),
antMatcher(HttpMethod.GET, "/actuator/**")
);
}
}


Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,10 @@ public Object logRepositoryLayer(ProceedingJoinPoint joinPoint) throws Throwable
return logMethod(joinPoint, "Repository");
}

@Around("execution(public * site.timecapsulearchive.core.infra.*.manager.*.*(..))")
@Around("""
execution(public * site.timecapsulearchive.core.infra.*.manager.*.*(..))
&& !execution(public * site.timecapsulearchive.core.infra.s3.manager.*.*(..))
""")
public Object logExternalApi(ProceedingJoinPoint joinPoint) throws Throwable {
return logMethod(joinPoint, "External API");
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,28 +8,31 @@
import java.io.IOException;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import site.timecapsulearchive.core.global.error.ErrorCode;
import site.timecapsulearchive.core.global.error.ErrorResponse;
import site.timecapsulearchive.core.global.security.property.DefaultKeyProperties;

@Slf4j
@Component
@RequiredArgsConstructor
public class DefaultAuthenticationFilter extends OncePerRequestFilter {

private final DefaultKeyProperties defaultKeyProperties;
private final RequestMatcher notRequireDefaultAuthenticationMatcher;

@Override
@Order(1)
protected void doFilterInternal(
HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain
) throws ServletException, IOException {
if (notRequiresAuthentication(request)) {
filterChain.doFilter(request, response);
return;
}

String requestKey = request.getHeader("Default-Key");

if (requestKey == null || !requestKey.equals(defaultKeyProperties.defaultKey())) {
Expand All @@ -53,4 +56,8 @@ protected void doFilterInternal(

filterChain.doFilter(request, response);
}

private boolean notRequiresAuthentication(final HttpServletRequest request) {
return notRequireDefaultAuthenticationMatcher.matches(request);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
private final RequestMatcher notRequireAuthenticationMatcher;

@Override
@Order(2)
protected void doFilterInternal(
final HttpServletRequest request,
final HttpServletResponse response,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ public DefaultKeyProperties testDefaultKeyProperties() {
@Order(1)
public DefaultAuthenticationFilter testDefaultAuthenticationFilter(
) {
return new DefaultAuthenticationFilter(testDefaultKeyProperties());
return new DefaultAuthenticationFilter(testDefaultKeyProperties(), notRequireAuthenticationMatcher());
}

@Bean
Expand Down

0 comments on commit 019635c

Please sign in to comment.