Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OAuth 2.0 Authorization Server, JWT 토큰 발급 구현
- Loading branch information
Showing
21 changed files
with
409 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
spring-boot-study/src/main/java/me/sun/springbootstudy/AppRunner.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package me.sun.springbootstudy; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import me.sun.springbootstudy.domain.member.MemberRole; | ||
import me.sun.springbootstudy.domain.member.MemberService; | ||
import me.sun.springbootstudy.web.dto.MemberJoinRequestDto; | ||
import org.springframework.boot.ApplicationArguments; | ||
import org.springframework.boot.ApplicationRunner; | ||
import org.springframework.stereotype.Component; | ||
|
||
@RequiredArgsConstructor | ||
@Component | ||
public class AppRunner implements ApplicationRunner { | ||
|
||
private final MemberService memberService; | ||
|
||
@Override | ||
public void run(ApplicationArguments args) throws Exception { | ||
MemberJoinRequestDto dto = MemberJoinRequestDto.builder() | ||
.email("test@gmail.com") | ||
.password("qwe123") | ||
.role(MemberRole.USER) | ||
.name("홍길동") | ||
.build(); | ||
memberService.save(dto); | ||
} | ||
} |
15 changes: 15 additions & 0 deletions
15
spring-boot-study/src/main/java/me/sun/springbootstudy/config/AppConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package me.sun.springbootstudy.config; | ||
|
||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.crypto.factory.PasswordEncoderFactories; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
|
||
@Configuration | ||
public class AppConfig { | ||
|
||
@Bean | ||
public PasswordEncoder passwordEncoder() { | ||
return PasswordEncoderFactories.createDelegatingPasswordEncoder(); | ||
} | ||
} |
69 changes: 69 additions & 0 deletions
69
spring-boot-study/src/main/java/me/sun/springbootstudy/config/AuthorizationServer.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
package me.sun.springbootstudy.config; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import me.sun.springbootstudy.domain.member.MemberService; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; | ||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; | ||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; | ||
import org.springframework.security.oauth2.provider.token.TokenStore; | ||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; | ||
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; | ||
|
||
@RequiredArgsConstructor | ||
@EnableAuthorizationServer | ||
@Configuration | ||
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter { | ||
|
||
private final PasswordEncoder passwordEncoder; | ||
private final AuthenticationManager authenticationManager; | ||
private final MemberService memberService; | ||
|
||
@Value("${custom.clientId}") | ||
private String clientId; | ||
@Value("${custom.clientSecret}") | ||
private String clientSecret; | ||
@Value("${custom.jwtKey}") | ||
private String jwtKey; | ||
|
||
@Override | ||
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { | ||
security.passwordEncoder(passwordEncoder); | ||
} | ||
|
||
@Override | ||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception { | ||
clients.inMemory() | ||
.withClient(clientId) | ||
.authorizedGrantTypes("password", "refresh_token") | ||
.scopes("read", "profile") | ||
.secret(passwordEncoder.encode(clientSecret)) | ||
.accessTokenValiditySeconds(10 * 60) | ||
.refreshTokenValiditySeconds(6 * 10 * 60); | ||
} | ||
|
||
@Override | ||
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { | ||
endpoints.authenticationManager(authenticationManager) | ||
.userDetailsService(memberService) | ||
.tokenStore(tokenStore()) | ||
.accessTokenConverter(jwtAccessTokenConverter()); | ||
} | ||
|
||
@Bean | ||
public TokenStore tokenStore() { | ||
return new JwtTokenStore(jwtAccessTokenConverter()); | ||
} | ||
|
||
private JwtAccessTokenConverter jwtAccessTokenConverter() { | ||
JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); | ||
converter.setSigningKey(jwtKey); | ||
return converter; | ||
} | ||
} |
44 changes: 44 additions & 0 deletions
44
spring-boot-study/src/main/java/me/sun/springbootstudy/config/SecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package me.sun.springbootstudy.config; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import me.sun.springbootstudy.domain.member.MemberService; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.http.HttpMethod; | ||
import org.springframework.security.authentication.AuthenticationManager; | ||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | ||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
|
||
@RequiredArgsConstructor | ||
@Configuration | ||
@EnableWebSecurity | ||
public class SecurityConfig extends WebSecurityConfigurerAdapter { | ||
|
||
private final MemberService memberService; | ||
private final PasswordEncoder passwordEncoder; | ||
|
||
@Bean | ||
@Override | ||
public AuthenticationManager authenticationManagerBean() throws Exception { | ||
return super.authenticationManagerBean(); | ||
} | ||
|
||
@Override | ||
protected void configure(AuthenticationManagerBuilder auth) throws Exception { | ||
auth.userDetailsService(memberService) | ||
.passwordEncoder(passwordEncoder); | ||
} | ||
|
||
|
||
@Override | ||
protected void configure(HttpSecurity http) throws Exception { | ||
http | ||
.authorizeRequests() | ||
.antMatchers(HttpMethod.POST, "/api/members/join").permitAll() | ||
.anyRequest().authenticated(); | ||
|
||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...ingbootstudy/member/MemberRepository.java → ...study/domain/member/MemberRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 changes: 5 additions & 0 deletions
5
spring-boot-study/src/main/java/me/sun/springbootstudy/domain/member/MemberRole.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
package me.sun.springbootstudy.domain.member; | ||
|
||
public enum MemberRole { | ||
ADMIN, USER | ||
} |
52 changes: 52 additions & 0 deletions
52
spring-boot-study/src/main/java/me/sun/springbootstudy/domain/member/MemberService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
package me.sun.springbootstudy.domain.member; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import me.sun.springbootstudy.web.dto.MemberJoinRequestDto; | ||
import me.sun.springbootstudy.web.dto.MemberResponseDto; | ||
import org.springframework.security.core.GrantedAuthority; | ||
import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
import org.springframework.security.core.userdetails.User; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.security.core.userdetails.UserDetailsService; | ||
import org.springframework.security.core.userdetails.UsernameNotFoundException; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.stereotype.Service; | ||
import org.springframework.transaction.annotation.Transactional; | ||
|
||
import java.util.Collection; | ||
import java.util.Collections; | ||
|
||
@RequiredArgsConstructor | ||
@Service | ||
@Transactional(readOnly = true) | ||
public class MemberService implements UserDetailsService { | ||
|
||
private final MemberRepository memberRepository; | ||
private final PasswordEncoder passwordEncoder; | ||
|
||
@Transactional | ||
public Long save(MemberJoinRequestDto dto) { | ||
Member member = dto.toEntity(); | ||
member.encodingPassword(passwordEncoder.encode(member.getPassword())); | ||
return memberRepository.save(member).getId(); | ||
} | ||
|
||
public MemberResponseDto findOne(Long id) { | ||
Member member = memberRepository.findById(id) | ||
.orElseThrow(() -> new IllegalArgumentException("해당 유저가 존재하지 않습니다.")); | ||
|
||
return new MemberResponseDto(member); | ||
} | ||
|
||
@Override | ||
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException { | ||
Member member = memberRepository.findByEmail(email) | ||
.orElseThrow(() -> new UsernameNotFoundException(email)); | ||
|
||
return new User(member.getEmail(), member.getPassword(), authorities(member.getRole())); | ||
} | ||
|
||
private Collection<? extends GrantedAuthority> authorities(MemberRole role) { | ||
return Collections.singleton(new SimpleGrantedAuthority("ROLE_" + role.toString())); | ||
} | ||
} |
5 changes: 0 additions & 5 deletions
5
spring-boot-study/src/main/java/me/sun/springbootstudy/member/MemberRole.java
This file was deleted.
Oops, something went wrong.
28 changes: 0 additions & 28 deletions
28
spring-boot-study/src/main/java/me/sun/springbootstudy/member/MemberService.java
This file was deleted.
Oops, something went wrong.
33 changes: 33 additions & 0 deletions
33
spring-boot-study/src/main/java/me/sun/springbootstudy/web/MemberApiController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package me.sun.springbootstudy.web; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
import me.sun.springbootstudy.domain.member.MemberService; | ||
import me.sun.springbootstudy.web.dto.MemberJoinRequestDto; | ||
import org.springframework.http.ResponseEntity; | ||
import org.springframework.validation.Errors; | ||
import org.springframework.web.bind.annotation.PostMapping; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
import org.springframework.web.bind.annotation.RequestMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
import javax.validation.Valid; | ||
|
||
@RequiredArgsConstructor | ||
@RestController | ||
@RequestMapping("/api/members") | ||
public class MemberApiController { | ||
|
||
private final MemberService memberService; | ||
|
||
@PostMapping("/join") | ||
public ResponseEntity joinMember(@RequestBody @Valid MemberJoinRequestDto dto, | ||
Errors errors) { | ||
if (errors.hasErrors()) { | ||
return ResponseEntity.badRequest().build(); | ||
} | ||
memberService.save(dto); | ||
|
||
return ResponseEntity.ok().build(); | ||
} | ||
|
||
} |
4 changes: 0 additions & 4 deletions
4
spring-boot-study/src/main/java/me/sun/springbootstudy/web/MemberController.java
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.