-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #150 from eod940/053-REFACTOR-TOKEN-SERVICE
refactor: [053-REFACTOR-TOKEN-SERVICE] 토큰서비스 보안관련 버그 수정 및 리팩토링
- Loading branch information
Showing
8 changed files
with
306 additions
and
151 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
src/main/java/com/valuewith/tweaver/commons/security/JwtAuthEntryPoint.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package com.valuewith.tweaver.commons.security; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.beans.factory.annotation.Qualifier; | ||
import org.springframework.security.core.AuthenticationException; | ||
import org.springframework.security.web.AuthenticationEntryPoint; | ||
import org.springframework.stereotype.Component; | ||
import org.springframework.web.servlet.HandlerExceptionResolver; | ||
|
||
@Component | ||
@Slf4j | ||
public class JwtAuthEntryPoint implements AuthenticationEntryPoint { | ||
|
||
private final HandlerExceptionResolver resolver; | ||
|
||
public JwtAuthEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) { | ||
this.resolver = resolver; | ||
} | ||
|
||
@Override | ||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) { | ||
log.error("resolver - 인증 에러 발생"); | ||
try { | ||
resolver.resolveException(request, response, null, | ||
(Exception) request.getAttribute("exception")); | ||
} catch (Exception e) { | ||
response.setStatus(888); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
21 changes: 21 additions & 0 deletions
21
src/main/java/com/valuewith/tweaver/commons/security/JwtDeniedHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
package com.valuewith.tweaver.commons.security; | ||
|
||
import java.io.IOException; | ||
import javax.servlet.ServletException; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import org.springframework.security.access.AccessDeniedException; | ||
import org.springframework.security.web.access.AccessDeniedHandler; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
public class JwtDeniedHandler implements AccessDeniedHandler { | ||
|
||
@Override | ||
public void handle(HttpServletRequest request, HttpServletResponse response, | ||
AccessDeniedException accessDeniedException) throws IOException, ServletException { | ||
|
||
// TODO: (24년 03월 25일) 현시점 인가 관련 세팅이 없으므로 999만 발생 | ||
response.sendError(999, "접근 불가능 에러"); | ||
} | ||
} |
Oops, something went wrong.