xit-java
/
mens-traffic-parent
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: 인증 처리

Browse Source
dev
gitea-관리자 12 months ago
parent 870c9bbd75
commit b3a428db9f
2 changed files with 36 additions and 72 deletions
Show Stats Download Patch File Download Diff File

43
mens-admin/src/main/java/egovframework/com/jwt/JwtAuthenticationFilter.java
Unescape Escape View File

@ -12,7 +12,10 @@ import javax.servlet.FilterChain;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import kr.xit.core.consts.Constants.JwtToken;
import kr.xit.core.spring.util.MessageUtil;
import kr.xit.core.support.utils.Checks; import kr.xit.core.support.utils.Checks;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
@ -30,24 +33,38 @@ import org.springframework.web.filter.OncePerRequestFilter;
* ----------------------------------------------------------- * -----------------------------------------------------------
* 2023/06/11 crlee * 2023/06/11 crlee
*/ */
@Slf4j
public class JwtAuthenticationFilter extends OncePerRequestFilter { public class JwtAuthenticationFilter extends OncePerRequestFilter {
@Autowired @Autowired
private EgovJwtTokenUtil jwtTokenUtil; private EgovJwtTokenUtil jwtTokenUtil;
public static final String HEADER_STRING = "Authorization"; @Autowired
private MessageUtil messageUtil;
@Autowired
private JwtVerification verification;
@Override @Override
protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain) protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException { throws IOException, ServletException {
boolean verificationFlag = true; boolean verificationFlag = true;
// step 1. request header에서 토큰을 가져온다. // step 1. request header에서 토큰을 가져온다.
String jwtToken = EgovStringUtil.isNullToString(req.getHeader(HEADER_STRING)); String jwtToken = EgovStringUtil.isNullToString(request.getHeader(JwtToken.HEADER_NAME.getCode()));
if(Checks.isEmpty(jwtToken)){ if(Checks.isEmpty(jwtToken)){
chain.doFilter(req, res); setError(response, jwtToken, messageUtil.getMessage("fail.auth.header.invalid", new String[]{jwtToken}));
chain.doFilter(request, response);
return; return;
} }
// token validation
if(!verification.isVerification(jwtToken)){
setError(response, jwtToken, messageUtil.getMessage("fail.auth.header.invalid", new String[]{jwtToken}));
chain.doFilter(request, response);
return;
};
// step 2. 토큰에 내용이 있는지 확인해서 id값을 가져옴 // step 2. 토큰에 내용이 있는지 확인해서 id값을 가져옴
// Exception 핸들링 추가처리 (토큰 유효성, 토큰 변조 여부, 토큰 만료여부) // Exception 핸들링 추가처리 (토큰 유효성, 토큰 변조 여부, 토큰 만료여부)
// 내부적으로 parse하는 과정에서 해당 여부들이 검증됨 // 내부적으로 parse하는 과정에서 해당 여부들이 검증됨
@ -62,7 +79,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
} }
logger.debug("===>>> id = " + id); logger.debug("===>>> id = " + id);
} catch (IllegalArgumentException | ExpiredJwtException | MalformedJwtException | UnsupportedJwtException | SignatureException e) { } catch (IllegalArgumentException | ExpiredJwtException | MalformedJwtException | UnsupportedJwtException | SignatureException e) {
logger.debug("Unable to verify JWT Token: " + e.getMessage()); setError(response, jwtToken, "Unable to verify JWT Token: " + e.getMessage());
verificationFlag = false; verificationFlag = false;
} }
@ -78,12 +95,22 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(loginVO, null, UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(loginVO, null,
Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")) Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"))
); );
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(req)); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
} }
chain.doFilter(request, response);
}
@SuppressWarnings({"MismatchedQueryAndUpdateOfCollection", "unchecked"})
private void setError(HttpServletResponse response, final String jwtToken, final String errMsg) throws IOException {
log.error(errMsg);
// response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
// response.setContentType(MediaType.APPLICATION_JSON_VALUE);
// response.setCharacterEncoding(StandardCharsets.UTF_8.displayName());
chain.doFilter(req, res); // JSONObject resJson = new JSONObject();
// resJson.put("code", 401);
// resJson.put("message", errMsg);
// response.getWriter().write(resJson.toJSONString());
} }
} }

65
mens-admin/src/main/resources/egovframework/messages/message-admin.properties
Unescape Escape View File

@ -1,68 +1,5 @@
#------------------------------------------------ #------------------------------------------------
# Admin \uBA54\uC138\uC9C0 \uC815\uC758 # Admin \uBA54\uC138\uC9C0 \uC815\uC758
#------------------------------------------------ #------------------------------------------------
fail.api.nice.info=NICE \uC778\uC99D \uC815\uBCF4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. fail.auth.header.invalid=header\uAC00 \uC5C6\uAC70\uB098, \uD615\uC2DD\uC774 \uD2C0\uB9BD\uB2C8\uB2E4({0})
fail.api.nice.token.info=NICE Access token \uC815\uBCF4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
fail.api.nice.revoke.token=\uD1A0\uD070(NICE) \uD3D0\uAE30\uC5D0 \uC2E4\uD328\uD558\uC600\uC2B5\uB2C8\uB2E4
fail.api.nice.invalid.tranId=NICE \uC778\uC99D \uC694\uCCAD\uC5D0 \uC2E4\uD328\uD558\uC600\uC2B5\uB2C8\uB2E4(TRAN_ID \uBD88\uC77C\uCE58)
fail.api.nice.token.invalid.expired=Nice token \uC720\uD6A8\uAE30\uAC04\uC774 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4[null].
fail.api.nice.symkey.invalid.expired=Nice \uB300\uCE6D\uD0A4 \uC720\uD6A8\uAE30\uAC04\uC774 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4[null].
fail.api.rlaybsnm.info=\uBB38\uC11C\uC911\uACC4\uC790 \uC778\uC99D \uC815\uBCF4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
fail.api.token.invalid.expired={0} access token \uC720\uD6A8\uAE30\uAC04\uC774 \uC798\uBABB\uB418\uC5C8\uC2B5\uB2C8\uB2E4[null].
fail.api.kt.token.request=KT \uD1A0\uD070 \uC694\uCCAD\uC5D0 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4.
fail.api.excel.upload.data={0} \uBC88\uC9F8 {1} \uC140(\uD544\uB4DC) \uAC12\uC774 \uBD80\uC815\uD655 \uD569\uB2C8\uB2E4[{2} - {3}]
err.api.nice.pubKey.0000=\uACF5\uAC1C\uD0A4\uBC1C\uAE09
err.api.nice.pubKey.0001=\uD544\uC218 \uC785\uB825\uAC12 \uC624\uB958
err.api.nice.pubKey.0003=\uACF5\uAC1C\uD0A4 \uBC1C\uAE09 \uB300\uC0C1 \uD68C\uC6D0\uC0AC \uC544\uB2D8
err.api.nice.pubKey.0099=\uAE30\uD0C0 \uC624\uB958
err.api.nice.symKey.0000=\uB300\uCE6D\uD0A4 \uBC1C\uAE09
err.api.nice.symKey.0001=\uACF5\uAC1C\uD0A4 \uAE30\uAC04 \uB9CC\uB8CC
err.api.nice.symKey.0002=\uACF5\uAC1C\uD0A4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C
err.api.nice.symKey.0003=\uACF5\uAC1C\uD0A4\uB97C \uBC1C\uAE09\uD55C \uD68C\uC6D0\uC0AC \uC544\uB2D8
err.api.nice.symKey.0004=\uBCF5\uD638\uD654 \uC624\uB958
err.api.nice.symKey.0005=\uD544\uC218 \uC785\uB825\uAC12 \uC624\uB958(key_version, key_info \uB0B4 \uD544\uC218\uAC12 \uD655\uC778)
err.api.nice.symKey.0006=\uB300\uCE6D\uD0A4 \uB4F1\uB85D \uAC00\uB2A5 \uD68C\uC6D0\uC0AC \uC544\uB2D8
err.api.nice.symKey.0007=key \uC911\uBCF5 \uC624\uB958 (\uD604\uC7AC \uBC0F \uC9C1\uC804\uC5D0 \uC0AC\uC6A9\uD55C key \uC0AC\uC6A9 \uBD88\uAC00)
err.api.nice.symKey.0008=\uC694\uCCAD \uC0AC\uC774\uD2B8 \uCF54\uB4DC\uC640 \uACF5\uAC1C\uD0A4 \uBC1C\uAE09 \uC0AC\uC774\uD2B8 \uCF54\uB4DC \uB2E4\uB984
err.api.nice.symKey.0099=\uAE30\uD0C0 \uC624\uB958
err.api.nice.ci.0000=\uCC98\uB9AC\uC644\uB8CC
err.api.nice.ci.0001=\uB300\uCE6D\uD0A4 \uAE30\uAC04 \uB9CC\uB8CC
err.api.nice.ci.0002=\uB300\uCE6D\uD0A4\uB97C \uCC3E\uC744 \uC218 \uC5C6\uC74C
err.api.nice.ci.0003=\uB300\uCE6D\uD0A4\uB97C \uBC1C\uAE09\uD55C \uD68C\uC6D0\uC0AC \uC544\uB2D8
err.api.nice.ci.0004=\uBCF5\uD638\uD654 \uC624\uB958
err.api.nice.ci.0005=\uD544\uC218 \uC785\uB825\uAC12 \uC624\uB958(integrity_value, enc_data \uB0B4 \uD544\uC218\uAC12 \uD655\uC778)
err.api.nice.ci.0006=\uB370\uC774\uD130 \uBB34\uACB0\uC131 \uC624\uB958 (hmac\uAC12 \uBD88\uC77C\uCE58)
err.api.nice.ci.0007=\uC815\uBCF4\uC694\uCCAD\uC720\uD615 \uC785\uB825\uAC12 \uC624\uB958 (info_req_type\uC774 1 \uC544\uB2D8)
err.api.nice.ci.0008=\uC8FC\uBBFC\uBC88\uD638 \uC720\uD6A8\uC131 \uC624\uB958 (\uC0DD\uB144\uC6D4\uC77C \uC720\uD6A8\uC131 \uBC0F \uC22B\uC790 \uC544\uB2D8)
err.api.nice.ci.0009=\uAC70\uB798\uC694\uCCAD\uC2DC\uAC04 \uD3EC\uBA67\uC624\uB958 (req_dtim \uC790\uB9BF\uC218 \uBC0F \uC22B\uC790 \uC544\uB2D8)
err.api.nice.ci.0099=\uAE30\uD0C0 \uC624\uB958
#KT \uC0AC\uC804/\uBCF8 \uBB38\uC790 \uBC1C\uC1A1 \uACB0\uACFC\uCF54\uB4DC : \uD544\uC218 - 2\uC790\uB9AC
info.api.kt.msg.rslt.40=MMS/RCS \uBC1C\uC1A1 \uC218\uC2E0\uC131\uACF5
info.api.kt.msg.rslt.41=MMS\uBC1C\uC1A1 \uBA54\uC2DC\uC9C0 \uB0B4\uC6A9 \uC2A4\uD338
info.api.kt.msg.rslt.42=MMS\uBC1C\uC1A1 \uCC29\uC2E0\uC790 \uC2A4\uD338
info.api.kt.msg.rslt.43=MMS\uBC1C\uC1A1 \uB808\uD3EC\uD2B8 \uC218\uC2E0 \uC2DC\uAC04 \uB9CC\uB8CC(\uBA54\uC2DC\uC9C0\uC804\uC1A1\uD6C4 24\uC2DC\uAC04 \uB808\uD3EC\uD2B8 \uBABB\uBC1B\uB294 \uACBD\uC6B0 )
info.api.kt.msg.rslt.47=MMS\uBC1C\uC1A1 \uBE44\uAC00\uC785\uC790, \uACB0\uBC88, \uC11C\uBE44\uC2A4\uC815\uC9C0
info.api.kt.msg.rslt.48=MMS\uBC1C\uC1A1 \uB2E8\uB9D0\uAE30 \uC804\uC6D0 \uAEBC\uC9D0
info.api.kt.msg.rslt.49=MMS\uBC1C\uC1A1 \uAE30\uD0C0
info.api.kt.msg.rslt.4A=MMS\uBC1C\uC1A1 UNKNOWN/\uB2E8\uB9D0\uAE30\uD615\uC2DD\uC624\uB958(\uC2A4\uD338\uC124\uC815)
info.api.kt.msg.rslt.4D=MMS\uBC1C\uC1A1 \uC804\uC1A1 \uC2E4\uD328(\uBB34\uC120\uB9DD), \uB2E8\uB9D0\uAE30 \uC77C\uC2DC\uC815\uC9C0
info.api.kt.msg.rslt.4J=MMS\uBC1C\uC1A1 \uBE44\uAC00\uC6A9\uD3F0 \uC624\uB958
info.api.kt.msg.rslt.4N=MMS\uBC1C\uC1A1 \uC218\uC2E0\uAC70\uBD80
info.api.kt.msg.rslt.4O=MMS\uBC1C\uC1A1 LMS\uBC1C\uC1A1\uC624\uB958(\uC2DC\uAC04\uCD08\uACFC)
info.api.kt.msg.rslt.4P=MMS\uBC1C\uC1A1 LMS\uBC1C\uC1A1\uC624\uB958(\uAE30\uD0C0)
info.api.kt.msg.rslt.4T=MMS\uBC1C\uC1A1 \uAC00\uC785\uC790\uBBF8\uC874\uC7AC(\uBBF8\uB3D9\uC758\uD3EC\uD568)
info.api.kt.msg.rslt.4Q=MMS\uBC1C\uC1A1 \uC218\uC2E0\uB300\uAE30
info.api.kt.msg.rslt.4R=MMS\uBC1C\uC1A1 \uB2E4\uD68C\uC120 \uC81C\uC678
info.api.kt.msg.rslt.4V=MMS\uBC1C\uC1A1 \uC218\uC2E0\uB4F1\uB85D \uD734\uB300\uD3F0\uBC88\uD638 \uBBF8\uC874\uC7AC
info.api.kt.msg.rslt.4W=MMS\uBC1C\uC1A1 \uAE30\uB3D9\uC758 \uC0AC\uC804\uBB38\uC790 \uC81C\uC678
info.api.kt.msg.rslt.50=\uC218\uC2E0\uD655\uC778 \uC218\uC2E0\uC131\uACF5
#(MMS\uBC1C\uC1A1\uACB0\uACFC\uC21C\uBC88=2, \uC5F4\uB78C\uD0C0\uC784\uC2A4\uD0EC\uD504\uAC00 \uC788\uB294 \uACBD\uC6B0)
info.api.kt.msg.rslt.60=\uC5F4\uB78C\uD655\uC778(MMS\uBC1C\uC1A1\uACB0\uACFC\uCF54\uB4DC=40, \uC5F4\uB78C\uD0C0\uC784\uC2A4\uD0EC\uD504\uAC00 \uC788\uB294 \uACBD\uC6B0)

Write Preview
Loading…
Cancel
Save