feat: 인증처리 & 사용자 조회

- 인증 처리 : token 적용
- 사용자 조회
- 로컬(H2) / 개발(Oracle) 분리 적용
dev
Lim Jonguk 3 years ago
parent 12893d3cc9
commit 5e8e150066

@ -0,0 +1,69 @@
package com.xit.biz.ctgy.auth;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import lombok.RequiredArgsConstructor;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.crypto.password.PasswordEncoder;
import java.util.Objects;
@Slf4j
@RequiredArgsConstructor
public class MinPasswordEncoder implements PasswordEncoder {
private final Log logger = LogFactory.getLog(getClass());
@Setter
private String userid;
private final IMinUserinfoRepository repository;
// public MinPasswordEncoder(IMinUserinfoRepository repository) {
// this.repository = repository;
// }
/**
*
* @param rawPassword
* @return
*/
@Override
public String encode(CharSequence rawPassword) {
if (rawPassword == null) {
throw new IllegalArgumentException("rawPassword cannot be null");
}
return repository.queryGetPasswdEncode(rawPassword.toString());
}
/**
*
* @param rawPassword
* @param encodedPassword
* @return
*/
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
//return false;
if (rawPassword == null) {
throw new IllegalArgumentException("rawPassword cannot be null");
}
if (encodedPassword == null || encodedPassword.length() == 0) {
this.logger.warn("Empty encoded password");
return false;
}
return Objects.equals(repository.queryGetPasswd(rawPassword.toString()), encodedPassword);
}
/**
* true return
* @param encodedPassword
* @return
*/
@Override
public boolean upgradeEncoding(String encodedPassword) {
return PasswordEncoder.super.upgradeEncoding(encodedPassword);
}
}

@ -0,0 +1,105 @@
package com.xit.biz.ctgy.auth;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.core.oauth2.oauth.entity.ProviderType;
import com.xit.core.oauth2.oauth.entity.RoleType;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.user.OAuth2User;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
@Getter
@Setter
@AllArgsConstructor
@RequiredArgsConstructor
public class UserMinPrincipal implements OAuth2User, UserDetails, OidcUser {
private final String userId;
private final String password;
private final ProviderType providerType;
private final RoleType roleType;
private final Collection<GrantedAuthority> authorities;
private Map<String, Object> attributes;
@Override
public Map<String, Object> getAttributes() {
return attributes;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorities;
}
@Override
public String getName() {
return userId;
}
@Override
public String getUsername() {
return userId;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
@Override
public Map<String, Object> getClaims() {
return null;
}
@Override
public OidcUserInfo getUserInfo() {
return null;
}
@Override
public OidcIdToken getIdToken() {
return null;
}
public static UserMinPrincipal create(MinUserinfo user) {
return new UserMinPrincipal(
user.getUserid(),
user.getPasswd(),
ProviderType.LOCAL,
RoleType.USER,
Collections.singletonList(new SimpleGrantedAuthority(RoleType.USER.getCode()))
);
}
public static UserMinPrincipal create(MinUserinfo user, Map<String, Object> attributes) {
UserMinPrincipal userPrincipal = create(user);
userPrincipal.setAttributes(attributes);
return userPrincipal;
}
}

@ -0,0 +1,32 @@
package com.xit.biz.ctgy.auth.service;
import com.xit.biz.cmm.entity.CmmUser;
import com.xit.biz.ctgy.dto.LoginMinRequestDto;
import com.xit.core.oauth2.api.dto.LoginRequestDto;
import com.xit.core.oauth2.api.dto.TokenDto;
import com.xit.core.oauth2.api.dto.TokenRequestDto;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.Map;
import java.util.Optional;
public interface IAuthMinService {
//TokenDto login(final CmmUserRequestDto cmmUserRequestDto);
TokenDto login(final LoginMinRequestDto loginRequestDto,
HttpServletRequest request,
HttpServletResponse response,
HttpSession session);
TokenDto reissue(final TokenRequestDto tokenRequestDto, HttpServletRequest request, HttpServletResponse response);
boolean validationToken(final String accessToken, final boolean isExceptionThrow);
Map<String, Object> findAccessTokenInfo(final String accessToken);
Optional<CmmUser> findMyUserWithoutAuthorities();
Optional<CmmUser> findUserWithAuthorities(final String userId);
}

@ -0,0 +1,312 @@
package com.xit.biz.ctgy.auth.service.impl;
import com.xit.biz.cmm.entity.CmmUser;
import com.xit.biz.ctgy.auth.service.IAuthMinService;
import com.xit.biz.ctgy.dto.LoginMinRequestDto;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import com.xit.core.constant.ErrorCode;
import com.xit.core.constant.XitConstants;
import com.xit.core.exception.TokenAuthException;
import com.xit.core.oauth2.api.dto.TokenDto;
import com.xit.core.oauth2.api.dto.TokenRequestDto;
import com.xit.core.oauth2.api.entity.RefreshToken;
import com.xit.core.oauth2.api.repository.RefreshTokenRepository;
import com.xit.core.oauth2.config.properties.AppProperties;
import com.xit.core.oauth2.oauth.JwtTokenProvider;
import com.xit.core.oauth2.utils.CookieUtil;
import com.xit.core.oauth2.utils.HeaderUtil;
import com.xit.core.util.Checks;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.*;
@Service
@RequiredArgsConstructor
public class AuthMinService implements IAuthMinService {
@Value("${xit.auth.save.type:header}")
private String authSaveType;
@Value("${jwt.refresh.save.type:HEADER}")
private String tokenParamType;
private static final int EXPIRE_CONVERT_SECOND_FROM_DAY = 60 * 60 * 24;
private final static long THREE_DAYS_MILISECONDS = 3 * (1000 * 60 * 60 * 24);
private final AppProperties appProperties;
private final AuthenticationManager authenticationManager;
private final IMinUserinfoRepository userRepository;
private final JwtTokenProvider jwtTokenProvider;
private final RefreshTokenRepository refreshTokenRepository;
/**
* <pre>
* (Redis ) (Access + Refresh) return
*
* 1. Login ID, PW UsernamePasswordAuthenticationToken
* 2. AuthenticationManager authenticate , Authentication(ID ) return
* AuthenticationManager -->
* authenticate
* Builder UserDetails
* 3. JWT
* 4. Refresh : : Redis
* 5. (Access + Refresh) return
*
* @see AuthenticationManagerBuilder
* @see JwtTokenProvider
* </pre>
* @param loginRequestDto LoginMinRequestDto
* @return TokenDto
*/
@Override
@Transactional
public TokenDto login(final LoginMinRequestDto loginRequestDto,
HttpServletRequest request,
HttpServletResponse response,
HttpSession session) {
TokenDto tokenDto = null;
Authentication authentication = null;
// 1. Login ID/PW 를 기반으로 AuthenticationToken 생성
UsernamePasswordAuthenticationToken authenticationToken = loginRequestDto.toAuthentication();
// 2. 실제로 검증 (사용자 비밀번호 체크) 이 이루어지는 부분
authentication = authenticationManager.authenticate(authenticationToken);
// Authentication 저장
if(Objects.equals(authSaveType, XitConstants.AuthSaveType.SECURITY.getCode())){
// TODO :: SessionCreationPolicy.STATELESS 인 경우 사용 불가
SecurityContextHolder.getContext().setAuthentication(authentication);
}else if(Objects.equals(authSaveType, XitConstants.AuthSaveType.SESSION.getCode())){
session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
}
MinUserinfo user = userRepository.findByUserid(loginRequestDto.getUserid()).orElseThrow(() -> new UsernameNotFoundException(loginRequestDto.getUserid() + " -> 사용자를 찾을 수 없습니다."));
Map<String, Object> infoMap = new HashMap<>();
infoMap.put("userName", user.getName());
infoMap.put("userEmail", user.getEmail());
RefreshToken savedRefreshToken = refreshTokenRepository.findByKey(authentication.getName())
.orElse(null);
// 저장된 refresh token not exists
if (Checks.isNull(savedRefreshToken) || Checks.isNull(savedRefreshToken.getValue())) {
// 없는 경우 새로 등록
tokenDto = jwtTokenProvider.generateTokenDto(authentication, infoMap);
refreshTokenRepository.saveAndFlush(
RefreshToken.builder()
.key(loginRequestDto.getUserid())
.value(tokenDto.getRefreshToken())
.build()
);
// 저장된 토큰이 있다
} else {
// 만료되지 않은 refresh token
if(!jwtTokenProvider.isExpiredToken(savedRefreshToken.getValue())) {
// refresh token 잔여기간 기준 도달여부 check
Date now = new Date();
long validTime = jwtTokenProvider.parseClaims(savedRefreshToken.getValue()).getExpiration().getTime() - now.getTime();
if (validTime <= THREE_DAYS_MILISECONDS) {
// 새로운 토큰 생성 : access token and refresh token
tokenDto = jwtTokenProvider.generateTokenDto(authentication, infoMap);
// DB에 refresh 토큰 업데이트
savedRefreshToken.updateValue(Objects.requireNonNull(tokenDto.getRefreshToken()));
}else{
tokenDto = TokenDto.builder()
.grantType(XitConstants.JwtToken.GRANT_TYPE.getCode())
.accessToken(jwtTokenProvider.generateJwtAccessToken(authentication, infoMap))
.refreshToken(null)
.build();
refreshTokenRepository.saveAndFlush(
RefreshToken.builder()
.key(loginRequestDto.getUserid())
.value(tokenDto.getRefreshToken())
.build()
);
}
// refresh token 만료
}else{
tokenDto = jwtTokenProvider.generateTokenDto(authentication, infoMap);
refreshTokenRepository.saveAndFlush(
RefreshToken.builder()
.key(loginRequestDto.getUserid())
.value(tokenDto.getRefreshToken())
.build()
);
}
}
// COOKIE 타입의 요청인 경우 COOKIE set
if(Objects.equals(XitConstants.JwtTokenParamType.COOKIE.name(), tokenParamType)) {
CookieUtil.deleteCookie(request, response, XitConstants.JwtToken.REFRESH_TOKEN_NAME.getCode());
CookieUtil.addCookie(response, XitConstants.JwtToken.REFRESH_TOKEN_NAME.getCode(), tokenDto.getRefreshToken(), appProperties.getAuth().getRefreshTokenExpiry() * EXPIRE_CONVERT_SECOND_FROM_DAY);
}
// 5. 토큰 발급
return tokenDto;
}
/**
* <pre>
* : Redis
* 1. Access
* 2. Access Token --> (Member ID) GET
* 3. Refresh Token
* 4. Refresh Token GET
* 5. Refresh Token == Refresh Token
* 6.
* 7. Refresh Token update &
* 8. return
*
* @see JwtTokenProvider
* </pre>
* @param tokenRequestDto TokenRequestDto
* @return TokenDto
*/
@Override
@Transactional
public TokenDto reissue(final TokenRequestDto tokenRequestDto, HttpServletRequest request, HttpServletResponse response) {
TokenDto tokenDto = new TokenDto();
String sAccessToken = null;
String sRefreshToken = null;
Authentication authentication = null;
//-------------------------------------------------------
// access token 검증
//-------------------------------------------------------
// Get access token -------------------------------------
if(Objects.equals(XitConstants.JwtTokenParamType.DTO.name(), tokenParamType))
sAccessToken = tokenRequestDto.getAccessToken();
else if(
Objects.nonNull(request) &&
(Objects.equals(XitConstants.JwtTokenParamType.COOKIE.name(), tokenParamType)
|| Objects.equals(XitConstants.JwtTokenParamType.HEADER.name(), tokenParamType))
)
sAccessToken = HeaderUtil.getAccessToken(request);
else
throw new TokenAuthException("Token 전달 형태가 미 정의 되었습니다.");
// Access token check -------------------------------------
// 오염된 토큰 인지만 체크
jwtTokenProvider.validateTokenExcludeExpired(sAccessToken, false, true);
//if(!jwtTokenProvider.validateToken(sAccessToken, false, false)) throw new TokenAuthException(ErrorCode.INVALID_TOKEN);
// expired access token 여부 체크
// TODO :: 유효기간 만료된 경우에만 재발급 - 테스트를 위해 반대로 발급되도록 함
if(jwtTokenProvider.isExpiredToken(sAccessToken)) throw new TokenAuthException(ErrorCode.NOT_EXPIRED_TOKEN_YET);
// --------------------------------------------------------
authentication = jwtTokenProvider.getAuthentication(sAccessToken);
//---------------------------------------------------------
// refresh token 검증
//---------------------------------------------------------
// Get refresh token --------------------------------------
if(Objects.equals(XitConstants.JwtTokenParamType.COOKIE.name(), tokenParamType))
sRefreshToken = CookieUtil.getCookie(request, XitConstants.JwtToken.REFRESH_TOKEN_NAME.getCode())
.map(Cookie::getValue)
.orElse((null));
else if(Objects.equals(XitConstants.JwtTokenParamType.HEADER.name(), tokenParamType)
|| Objects.equals(XitConstants.JwtTokenParamType.DTO.name(), tokenParamType))
sRefreshToken = tokenRequestDto.getRefreshToken();
// Refresh token check ------------------------------------
jwtTokenProvider.validateTokenExcludeExpired(sRefreshToken, true, true);
// userId refresh token 으로 DB 확인
RefreshToken savedRefreshToken = refreshTokenRepository.findByKey(authentication.getName())
.orElse(null);
if (Checks.isEmpty(savedRefreshToken)) throw new TokenAuthException(ErrorCode.NOT_EXISTS_SAVED_REFRESH_TOKEN);
if (!Objects.equals(Objects.requireNonNull(savedRefreshToken).getValue(), sRefreshToken)) {
throw new TokenAuthException(ErrorCode.MISMATCH_REFRESH_ACCESS_TOKEN);
}
// 토큰 부가 정보 set
MinUserinfo user = userRepository.findByUserid(authentication.getName()).orElse(null);
if(Checks.isNull(user)) throw new TokenAuthException(ErrorCode.INVALID_ROLE_TOKEN);
Map<String, Object> infoMap = new HashMap<>();
infoMap.put("userName", user.getName());
infoMap.put("userEmail", user.getEmail());
// TODO : refresh토큰 발급 기준인 정의 필요
// refresh 토큰 기간이 3일 이하로 남은 경우, refresh 토큰 갱신
Date now = new Date();
long validTime = jwtTokenProvider.parseClaims(sRefreshToken).getExpiration().getTime() - now.getTime();
if (validTime <= THREE_DAYS_MILISECONDS) {
// 토큰 생성 : access token and refresh token
tokenDto = jwtTokenProvider.generateTokenDto(authentication, infoMap);
// TODO : DB 갱신 확인 필요
// DB refresh 토큰 업데이트
RefreshToken newRefreshToken = savedRefreshToken.updateValue(Objects.requireNonNull(tokenDto.getRefreshToken()));
//refreshTokenRepository.saveAndFlush(newRefreshToken);
if(Objects.equals(XitConstants.JwtTokenParamType.COOKIE.name(), tokenParamType)) {
CookieUtil.deleteCookie(request, response, XitConstants.JwtToken.REFRESH_TOKEN_NAME.getCode());
CookieUtil.addCookie(response, XitConstants.JwtToken.REFRESH_TOKEN_NAME.getCode(), newRefreshToken.getValue(), appProperties.getAuth().getRefreshTokenExpiry() * EXPIRE_CONVERT_SECOND_FROM_DAY);
}
}else{
tokenDto = TokenDto.builder()
.grantType(XitConstants.JwtToken.GRANT_TYPE.getCode())
.accessToken(jwtTokenProvider.generateJwtAccessToken(authentication, infoMap))
.refreshToken(null)
.build();
}
return tokenDto;
}
@Override
@Transactional(readOnly = true)
public boolean validationToken(final String accessToken, final boolean isExceptionThrow) {
return jwtTokenProvider.validateTokenExcludeExpired(accessToken, false, isExceptionThrow);
}
// TODO :: 적용 필요
@Override
@Transactional(readOnly = true)
public Map<String, Object> findAccessTokenInfo(String accessToken) {
return jwtTokenProvider.getAccessTokenInfo(accessToken); //authTokenProvider.getAccessTokenInfo(accessToken);
}
@Override
@Transactional(readOnly = true)
public Optional<CmmUser> findMyUserWithoutAuthorities() {
//cmmUserRepos
return Optional.empty(); //cmmUserRepository.findOneWithAuthorities(SecurityUtil.getCurrentMemberId());
}
@Override
@Transactional(readOnly = true)
public Optional<CmmUser> findUserWithAuthorities(final String userId) {
return Optional.empty(); //cmmUserRepository.findOneWithAuthorities(userId);
}
}

@ -0,0 +1,95 @@
package com.xit.biz.ctgy.auth.service.impl;
import com.xit.biz.ctgy.auth.UserMinPrincipal;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import com.xit.core.oauth2.oauth.entity.ProviderType;
import com.xit.core.oauth2.oauth.info.AbstractOAuth2UserInfo;
import com.xit.core.oauth2.oauth.info.OAuth2UserInfoFactory;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.stereotype.Service;
import java.util.Optional;
@Service
@RequiredArgsConstructor
public class CustomMinOAuth2UserService extends DefaultOAuth2UserService {
private final IMinUserinfoRepository userRepository;
@Override
public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
OAuth2User user = super.loadUser(userRequest);
try {
return this.process(userRequest, user);
} catch (AuthenticationException ex) {
throw ex;
} catch (Exception ex) {
ex.printStackTrace();
throw new InternalAuthenticationServiceException(ex.getLocalizedMessage(), ex.getCause());
}
}
private OAuth2User process(OAuth2UserRequest userRequest, OAuth2User user) {
// TODO :: 적용 여부 파악 필요
ProviderType providerType = ProviderType.valueOf(userRequest.getClientRegistration().getRegistrationId().toUpperCase());
AbstractOAuth2UserInfo userInfo = OAuth2UserInfoFactory.getOAuth2UserInfo(providerType, user.getAttributes());
MinUserinfo savedUser = null;
Optional<MinUserinfo> optionalCmmUser = userRepository.findByUserid(userInfo.getId());
if(optionalCmmUser.isPresent()) {
// savedUser = optionalCmmUser.get();
// if (Objects.equals(providerType, savedUser.getProviderType())) {
// throw new OAuthProviderMissMatchException(
// "Looks like you're signed up with " + providerType +
// " account. Please use your " + savedUser.getProviderType() + " account to login."
// );
// }
// updateUser(savedUser, userInfo);
}else{
savedUser = createUser(userInfo, providerType);
}
// if (optionalCmmUser.isEmpty()) {
// if (providerType != savedUser.getProviderType()) {
// throw new OAuthProviderMissMatchException(
// "Looks like you're signed up with " + providerType +
// " account. Please use your " + savedUser.getProviderType() + " account to login."
// );
// }
// updateUser(savedUser, userInfo);
// } else {
// savedUser = createUser(userInfo, providerType);
// }
return UserMinPrincipal.create(savedUser, user.getAttributes());
}
private MinUserinfo createUser(AbstractOAuth2UserInfo userInfo, ProviderType providerType) {
MinUserinfo user = MinUserinfo.builder()
.userid(userInfo.getId())
.name(userInfo.getName())
.email(userInfo.getEmail())
.build();
return userRepository.saveAndFlush(user);
}
// private void updateUser(MinUserinfo user, AbstractOAuth2UserInfo userInfo) {
// if (Objects.nonNull(userInfo.getName()) && !Objects.equals(userInfo.getName(), user.getUserName())) {
// user.setUserName(userInfo.getName());
// }
//
// if (Objects.nonNull(userInfo.getImageUrl()) && !Objects.equals(userInfo.getImageUrl(), user.getProfileImageUrl())) {
// user.setProfileImageUrl(userInfo.getImageUrl());
// }
// }
}

@ -0,0 +1,25 @@
package com.xit.biz.ctgy.auth.service.impl;
import com.xit.biz.ctgy.auth.UserMinPrincipal;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import com.xit.core.constant.ErrorCode;
import com.xit.core.exception.CustomBaseException;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
@RequiredArgsConstructor
public class CustomMinUserDetailsService implements UserDetailsService {
private final IMinUserinfoRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
MinUserinfo user = userRepository.findByUserid(username).orElseThrow(() -> new CustomBaseException(ErrorCode.USER_NOT_FOUND));
return UserMinPrincipal.create(user);
}
}

@ -1,7 +1,5 @@
package com.xit.biz.ctgy.controller;
import com.xit.biz.cmm.dto.CmmUserDto;
import com.xit.biz.cmm.dto.struct.CmmUserMapstruct;
import com.xit.biz.ctgy.dto.MinCivBoard680Dto;
import com.xit.biz.ctgy.dto.struct.MinCivBoard680Mapstruct;
import com.xit.biz.ctgy.service.IMinCivBoard680Service;
@ -23,18 +21,19 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@Tag(name = "OAuth2LocalController", description = "인증 관리")
@Tag(name = "MinCivBoard680Controller", description = "게시글 관리")
@RestController
@RequestMapping("/api/v1/biz/board")
@RequestMapping("/api/v1/ctgy/board")
@Validated
@RequiredArgsConstructor
public class MinCivBoard680Controller {
private final IMinCivBoard680Service minCivBoard680Service;
private final IMinCivBoard680Service service;
private MinCivBoard680Mapstruct minCivBoard680Mapstruct = Mappers.getMapper(MinCivBoard680Mapstruct.class);
private final MinCivBoard680Mapstruct mapstruct = Mappers.getMapper(MinCivBoard680Mapstruct.class);
@Operation(summary = "게시판 목록 조회" , description = "게시판 목록 조회")
// TODO :: 파라메터 정의 필요
@Operation(summary = "게시글 목록 조회" , description = "게시글 목록 조회")
@Parameters({
@Parameter(in = ParameterIn.QUERY, name = "ciTitle", description = "제목", required = false, example = " "),
@Parameter(in = ParameterIn.QUERY, name = "ciName", description = "이름", required = false, example = " "),
@ -48,7 +47,7 @@ public class MinCivBoard680Controller {
final MinCivBoard680Dto minCivBoard680Dto,
@Parameter(hidden = true)
final Pageable pageable) {
return RestResponse.of(minCivBoard680Service.findMinCivBoard680s(minCivBoard680Mapstruct.toEntity(minCivBoard680Dto), pageable));
return RestResponse.of(service.findMinCivBoard680s(mapstruct.toEntity(minCivBoard680Dto), pageable));
}
}

@ -0,0 +1,56 @@
package com.xit.biz.ctgy.controller;
import com.xit.biz.ctgy.dto.MinCivBoard680Dto;
import com.xit.biz.ctgy.dto.MinUserinfoDto;
import com.xit.biz.ctgy.dto.struct.MinCivBoard680Mapstruct;
import com.xit.biz.ctgy.dto.struct.MinUserinfoMapstruct;
import com.xit.biz.ctgy.service.IMinCivBoard680Service;
import com.xit.biz.ctgy.service.IMinUserinfoService;
import com.xit.core.api.IRestResponse;
import com.xit.core.api.RestResponse;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.mapstruct.factory.Mappers;
import org.springframework.data.domain.Pageable;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@Tag(name = "MinUserinfoController", description = "사용자 관리")
@RestController
@RequestMapping("/api/v1/ctgy/user")
@Validated
@RequiredArgsConstructor
public class MinUserinfoController {
private final IMinUserinfoService service;
private final MinUserinfoMapstruct mapstruct = Mappers.getMapper(MinUserinfoMapstruct.class);
// TODO :: 파라메터 정의 필요
@Operation(summary = "사용자 목록 조회" , description = "사용자 목록 조회")
@Parameters({
@Parameter(in = ParameterIn.QUERY, name = "userid", description = "사용자ID", required = false, example = " "),
@Parameter(in = ParameterIn.QUERY, name = "name", description = "이름", required = false, example = " "),
@Parameter(in = ParameterIn.QUERY, name = "page", description = "페이지", required = true, example = "1"),
@Parameter(in = ParameterIn.QUERY, name = "size", description = "페이지당갯수", required = true, example = "10")
})
@GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<? extends IRestResponse> findMinUserinfos(
@Parameter(hidden = true)
@ModelAttribute("minUserinfoDto")
final MinUserinfoDto minUserinfoDto,
@Parameter(hidden = true)
final Pageable pageable) {
return RestResponse.of(service.findMinUserinfos(mapstruct.toEntity(minUserinfoDto), pageable));
}
}

@ -0,0 +1,171 @@
package com.xit.biz.ctgy.controller;
import com.xit.biz.ctgy.dto.LoginMinRequestDto;
import com.xit.biz.ctgy.auth.service.IAuthMinService;
import com.xit.core.api.IRestResponse;
import com.xit.core.api.RestResponse;
import com.xit.core.oauth2.api.dto.TokenRequestDto;
import com.xit.core.oauth2.oauth.JwtTokenProvider;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseEntity;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
@Tag(name = "OAuth2MinController", description = "인증 관리")
@RestController
@RequestMapping("/api/v1/ctgy/auth")
@Validated
@RequiredArgsConstructor
public class OAuth2MinController {
private final IAuthMinService authMinService;
/**
* <pre>
* (Redis ) (Access + Refresh) return
*
* 1. Login ID, PW UsernamePasswordAuthenticationToken
* 2. AuthenticationManager authenticate , Authentication(ID ) return
* AuthenticationManager -->
* authenticate
* Builder UserDetails
* 3. JWT
* 4. Refresh : : Redis
* 5. (Access + Refresh) return
* </pre>
* @see AuthenticationManagerBuilder
* @see JwtTokenProvider
*
* @param loginRequestDto LoginMinRequestDto
* @param request HttpServletRequest
* @param response HttpServletResponse
* @param session Session
* @return ResponseEntity
*/
@Operation(summary = "login" , description = "login")
// @Parameters({
// @Parameter(in = ParameterIn.QUERY, name = "providerType", description = "ProviderType", required = true, example = "GOOGLE"),
// @Parameter(in = ParameterIn.QUERY, name = "userId", description = "사용자ID", required = true, example = "minuk926926"),
// @Parameter(in = ParameterIn.QUERY, name = "password", description = "비밀번호", required = true, example = "minuk926926")
// })
@PostMapping("/login")
public ResponseEntity<? extends IRestResponse> login(
//@Validated
@Valid
@RequestBody
final LoginMinRequestDto loginRequestDto,
HttpServletRequest request,
HttpServletResponse response,
HttpSession session
//Errors errors
) {
return RestResponse.of(
authMinService.login(
loginRequestDto,
request,
response,
session
)
);
}
/**
* <pre>
* JWT token
* access token - header, refresh - TokenRequestDto
*
* 1. access token ErrorCode.NOT_EXPIRED_TOKEN_YET
* 2. refresh token refresh token
* 3. 2 refresh token null
* </pre>
*
* @param tokenRequestDto TokenRequestDto
* @param request HttpServletRequest
* @return ResponseEntity IRestResponse
*/
@Operation(summary = "token 재발급 요청(header & DTO 사용)" , description = "token 재발급 :: accessToken - header, refreshToken - dto")
@Parameter(in = ParameterIn.QUERY, name = "refreshToken", description = "refresh token", required = true, example = " ")
@PostMapping("/jwt/reissue")
public ResponseEntity<? extends IRestResponse> reissueFromHeader(
@Parameter(hidden = true)
@NotNull
@RequestBody
final TokenRequestDto tokenRequestDto,
HttpServletRequest request) {
return RestResponse.of(authMinService.reissue(tokenRequestDto, request, null));
}
/**
* <pre>
* JWT token
* access token - header, refresh - cookie
*
* 1. access token ErrorCode.NOT_EXPIRED_TOKEN_YET
* 2. refresh token refresh token
* 3. 2 refresh token null
* </pre>
*
* @param request HttpServletRequest
* @param response HttpServletResponse
* @return ResponseEntity IRestResponse
*/
@Operation(summary = "token 재발급(header & cookie 사용)" , description = "토큰 재발급 :: accessToken - header, refreshToken - cookie")
//@Parameter(in = ParameterIn.HEADER, name = "Authorization", description = "access token", required = true, example = " ")
//@Parameter(in = ParameterIn.COOKIE, name = "refreshToken", description = "refresh token", required = true, example = " ")
@PostMapping("/jwt/reissue/cookie")
public ResponseEntity<? extends IRestResponse> reissueFromCookie(HttpServletRequest request, HttpServletResponse response) {
return RestResponse.of(authMinService.reissue(null, request, response));
}
/**
* <pre>
* JWT token
* access token - TokenRequestDto, refresh - TokenRequestDto
*
* 1. access token ErrorCode.NOT_EXPIRED_TOKEN_YET
* 2. refresh token refresh token
* 3. 2 refresh token null
* </pre>
*
* @param tokenRequestDto TokenRequestDto
* @return ResponseEntity IRestResponse
*/
@Operation(summary = "token 재발급(DTO 사용)" , description = "token 재발급 :: accessToken - dto, refreshToken - dto")
@PostMapping("/jwt/reissue/dto")
public ResponseEntity<? extends IRestResponse> reissueFromParam(
@NotNull
@RequestBody
final TokenRequestDto tokenRequestDto) {
return RestResponse.of(authMinService.reissue(tokenRequestDto, null, null));
}
@Operation(summary = "토큰 체크" , description = "access token 체크")
@PostMapping("/jwt/validate")
public ResponseEntity<? extends IRestResponse> validate(@RequestParam final String accessToken, @RequestParam boolean isExceptionThrow) {
return RestResponse.of(authMinService.validationToken(accessToken, isExceptionThrow));
}
@Operation(summary = "토큰 정보 확인" , description = "토큰 정보 확인")
@PostMapping("/jwt/info")
public ResponseEntity<? extends IRestResponse> findAccessTokenInfo(@RequestParam final String accessToken) {
return RestResponse.of(authMinService.findAccessTokenInfo(accessToken));
}
}

@ -0,0 +1,61 @@
package com.xit.biz.ctgy.dto;
import com.xit.biz.cmm.entity.CmmUser;
import com.xit.core.oauth2.oauth.entity.ProviderType;
import com.xit.core.oauth2.oauth.entity.RoleType;
import com.xit.core.support.valid.Enums;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.*;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.crypto.password.PasswordEncoder;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.Size;
/**
* Validation (@NotBlank) class -> hibernate class
*/
@Schema(name = "LoginRequestDto", description = "로그인 parameter DTO")
@Getter
@Setter
@AllArgsConstructor
@NoArgsConstructor
public class LoginMinRequestDto {
/**
* Enum type Validation -> controller
*/
@Schema(required = true, title = "Provider Type", example = "LOCAL", description = "Provider TYPE")
@Enumerated(EnumType.STRING)
@Enums(enumClass = ProviderType.class, ignoreCase = false, message = "{auth.user.pattern.ProviderType}")
private ProviderType providerType;
@Schema(required = true, title = "사용자ID", example = "xitdev", description = "사용자 ID")
@Pattern(regexp = "[0-9a-zA-z]{6,20}", message = "{auth.user.pattern.id}")
@Size(min = 6, max = 20)
private String userid;
@Schema(required = true, title = "비밀번호", example = "xitdev", description = "비밀 번호")
@NotNull//(message = "비밀번호는 필수 입니다(6 ~ 20자리)")
@Pattern(regexp = "[0-9a-zA-z!@#$%^&*]{6,20}", message = "{auth.user.pattern.password}")
@Size(min = 6, max = 20)
private String passwd;
@Builder
public CmmUser toUser(PasswordEncoder passwordEncoder) {
return CmmUser.builder()
.providerType(providerType)
//.providerType(ProviderType.from(providerType))
.userId(userid)
.password(passwordEncoder.encode(passwd))
.roleType(RoleType.USER)
.build();
}
public UsernamePasswordAuthenticationToken toAuthentication() {
return new UsernamePasswordAuthenticationToken(userid, passwd);
}
}

@ -0,0 +1,66 @@
package com.xit.biz.ctgy.dto;
import com.xit.biz.ctgy.entity.MinSimsaUser680;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.*;
import javax.persistence.*;
import java.io.Serializable;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
@Schema(name = "MinUserinfoDto", description = "사용자 DTO")
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
public class MinUserinfoDto implements Serializable {
private static final long SerialVersionUID = 1L;
@Schema(required = true, title = "민원심사사용자코드", example = " ", description = "Input Description...")
private String userid;
@Schema(required = true, title = "사용자암호", example = " ", description = "Input Description...")
private String passwd;
@Schema(required = true, title = "사용자성명", example = " ", description = "Input Description...")
private String name;
@Schema(required = false, title = "사용자주민번호", example = " ", description = "Input Description...")
private String regnum;
@Schema(required = false, title = "전화번호", example = " ", description = "Input Description...")
private String mphone;
@Schema(required = false, title = "이메일", example = " ", description = "Input Description...")
private String email;
@Schema(required = true, title = "사용구분", example = " ", description = "Input Description...")
private String accesstype;
@Schema(required = true, title = "단속조", example = " ", description = "Input Description...")
private String team;
@Schema(required = false, title = "등록일시", example = " ", description = "Input Description...")
private java.sql.Date regdate;
@Schema(required = false, title = "사용여부", example = " ", description = "Input Description...")
private String isenable;
@Schema(required = false, title = "구청코드", example = " ", description = "Input Description...")
private String gu;
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
MinUserinfoDto that = (MinUserinfoDto) o;
return Objects.equals(userid, that.userid);
}
@Override
public int hashCode() {
return Objects.hash(userid);
}
}

@ -0,0 +1,12 @@
package com.xit.biz.ctgy.dto.struct;
import com.xit.biz.ctgy.dto.MinUserinfoDto;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.core.support.jpa.mapstruct.IMapstruct;
import com.xit.core.support.jpa.mapstruct.MapStructMapperConfig;
import org.mapstruct.Mapper;
@Mapper(config = MapStructMapperConfig.class)
public interface MinUserinfoMapstruct extends IMapstruct<MinUserinfoDto, MinUserinfo> {
}

@ -38,7 +38,7 @@ public class MinSimsa680 implements Serializable {
@OneToMany(targetEntity = MinSimsaUser680.class, cascade = CascadeType.ALL, orphanRemoval = true)
@JoinColumn(name = "msu_maincode")
private final Set<MinSimsaUser680> minSimsaUser680ss = new HashSet<>();
private final Set<MinSimsaUser680> minSimsaUser680s = new HashSet<>();

@ -1,48 +1,36 @@
package com.xit.biz.ctgy.entity;
import com.fasterxml.jackson.annotation.JsonIgnore;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.*;
import javax.persistence.*;
import java.io.Serializable;
import java.util.HashSet;
import java.util.Set;
@Schema(name = "MinSimsaUser680", description = "민원심사사용자매핑")
@NoArgsConstructor
@Data
@Entity
@Table(name = "min_simsa_user680", schema = "", catalog = "")
@Entity
@Getter
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class MinSimsaUser680 implements Serializable {
private static final long SerialVersionUID = 1L;
@Id
private Long id;
@Schema(required = true, title = "민원심사사용자매핑코드", example = " ", description = "Input Description...")
@Column(name = "msu_code", nullable = false)
@Column(name = "msu_code", nullable = false, length = 10)
private Long msuCode;
// @Schema(required = true, title = "민원코드", example = " ", description = "Input Description...")
// //@Column(name = "MSU_MAINCODE", nullable = false)
// @ManyToOne(fetch = FetchType.LAZY)
// @JoinColumn(table = "MIN_SIMSA680", name = "MSU_MAINCODE", referencedColumnName = "")
//// private Long msuMaincode;
// private MinSimsa680 minSimsa680;
@Schema(required = true, title = "민원코드", example = " ", description = "Input Description...")
@Column(name = "msu_maincode", length = 10)
private Long msuMaincode;
@Schema(required = true, title = "민원심사사용자코드", example = " ", description = "Input Description...")
// @Column(name = "MSU_USERID", nullable = false)
@ManyToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "userid")
// private String msuUserid;
private MinUserinfo minUserinfo;
@Column(name = "msu_userid", nullable = false, length = 20)
private String msuUserid;
@Schema(required = false, title = "결과코드", example = " ", description = "Input Description...")
@Column(name = "msu_result", nullable = true)
@ -61,4 +49,14 @@ public class MinSimsaUser680 implements Serializable {
private java.sql.Date msuIndate;
@JsonIgnore
@Setter
@ManyToOne //(fetch = FetchType.LAZY)
//@JoinColumn(name = "msu_userid", nullable = false)
private MinUserinfo minUserinfo;
}

@ -1,51 +1,56 @@
package com.xit.biz.ctgy.entity;
import com.fasterxml.jackson.annotation.JsonIgnore;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.*;
import javax.persistence.*;
import java.io.Serializable;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
@Schema(name = "MinUserinfo", description = "null")
@NoArgsConstructor
@Data
@Entity
@Table(name = "min_userinfo", schema = "", catalog = "")
@Entity
@Getter
@NoArgsConstructor
@AllArgsConstructor
@Builder
public class MinUserinfo implements Serializable {
private static final long SerialVersionUID = 1L;
@Id
@Schema(required = true, title = "민원심사사용자코드", example = " ", description = "Input Description...")
@Column(name = "userid", nullable = false)
@Column(name = "userid", nullable = false, length = 20)
private String userid;
@Schema(required = true, title = "사용자암호", example = " ", description = "Input Description...")
@Column(name = "passwd", nullable = false)
@Column(name = "passwd", nullable = false, length = 48)
private String passwd;
@Schema(required = true, title = "사용자성명", example = " ", description = "Input Description...")
@Column(name = "name", nullable = false)
@Column(name = "name", nullable = false, length = 100)
private String name;
@Schema(required = false, title = "사용자주민번호", example = " ", description = "Input Description...")
@Column(name = "regnum", nullable = true)
@Column(name = "regnum", nullable = true, length = 20)
private String regnum;
@Schema(required = false, title = "전화번호", example = " ", description = "Input Description...")
@Column(name = "mphone", nullable = true)
@Column(name = "mphone", nullable = true, length = 20)
private String mphone;
@Schema(required = false, title = "이메일", example = " ", description = "Input Description...")
@Column(name = "email", nullable = true)
@Column(name = "email", nullable = true, length = 20)
private String email;
@Schema(required = true, title = "사용구분", example = " ", description = "Input Description...")
@Column(name = "accesstype", nullable = true)
@Column(name = "accesstype", nullable = true, length = 3)
private String accesstype;
@Schema(required = true, title = "단속조", example = " ", description = "Input Description...")
@Column(name = "team", nullable = true)
@Column(name = "team", nullable = true, length = 3)
private String team;
@Schema(required = false, title = "등록일시", example = " ", description = "Input Description...")
@ -53,12 +58,42 @@ public class MinUserinfo implements Serializable {
private java.sql.Date regdate;
@Schema(required = false, title = "사용여부", example = " ", description = "Input Description...")
@Column(name = "isenable", nullable = true)
@Column(name = "isenable", nullable = true, length = 1)
private String isenable;
@Schema(required = false, title = "구청코드", example = " ", description = "Input Description...")
@Column(name = "gu", nullable = true)
@Column(name = "gu", nullable = true, length = 3)
private String gu;
@Transient
@JsonIgnore
@OneToMany(targetEntity = MinSimsaUser680.class, mappedBy = "minUserinfo")//, cascade = CascadeType.ALL, orphanRemoval = true)
private final Set<MinSimsaUser680> minSimsaUser680s = new HashSet<>();
public void addMinSimsaUser680(final MinSimsaUser680 minSimsaUser680){
minSimsaUser680s.add(minSimsaUser680);
minSimsaUser680.setMinUserinfo(this);
}
public void removeSimsaUser680(final MinSimsaUser680 minSimsaUser680){
minSimsaUser680s.remove(minSimsaUser680);
minSimsaUser680.setMinUserinfo(null);
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
MinUserinfo that = (MinUserinfo) o;
return Objects.equals(userid, that.userid);
}
@Override
public int hashCode() {
return Objects.hash(userid);
}
}

@ -0,0 +1,18 @@
package com.xit.biz.ctgy.repository;
import com.xit.biz.ctgy.entity.MinUserinfo;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import java.util.Optional;
public interface IMinUserinfoRepository extends JpaRepository<MinUserinfo, String> {
Optional<MinUserinfo> findByUserid(String userid);
@Query(value = "SELECT TRAFFIC.ECL_ENCRYPT(?1) AS passwd FROM DUAL C", nativeQuery = true)
String queryGetPasswdEncode(@Param("passwd") String passwd);
@Query(value = "SELECT TRAFFIC.ECL_DECRYPT(MU.passwd) AS passwd FROM min_userinfo MU WHERE MU.userid = ?1", nativeQuery = true)
String queryGetPasswd(@Param("userid") String userid);
}

@ -0,0 +1,10 @@
package com.xit.biz.ctgy.service;
import com.xit.biz.ctgy.entity.MinUserinfo;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
public interface IMinUserinfoService {
Page<MinUserinfo> findMinUserinfos(MinUserinfo minUserinfo, Pageable pageable);
}

@ -5,6 +5,7 @@ import com.xit.biz.ctgy.entity.MinCivBoard680;
import com.xit.biz.ctgy.repository.IMinCivBoard680Repository;
import com.xit.biz.ctgy.service.IMinCivBoard680Service;
import com.xit.core.support.jpa.JpaUtil;
import lombok.AllArgsConstructor;
import org.springframework.data.domain.Example;
import org.springframework.data.domain.ExampleMatcher;
import org.springframework.data.domain.Page;
@ -15,13 +16,10 @@ import org.springframework.transaction.annotation.Transactional;
import static org.springframework.data.domain.ExampleMatcher.GenericPropertyMatchers.contains;
@Service
@AllArgsConstructor
public class MinCivBoard680Service implements IMinCivBoard680Service {
private final IMinCivBoard680Repository minCivBoard680Repository;
public MinCivBoard680Service(IMinCivBoard680Repository minCivBoard680Repository) {
this.minCivBoard680Repository = minCivBoard680Repository;
}
private final IMinCivBoard680Repository repository;
@Transactional(readOnly = true)
public Page<MinCivBoard680> findMinCivBoard680s(MinCivBoard680 minCivBoard680, Pageable pageable) {
@ -31,7 +29,7 @@ public class MinCivBoard680Service implements IMinCivBoard680Service {
.withMatcher("ciTitle", contains())
.withMatcher("ciName", contains());
Example<MinCivBoard680> example = Example.of(minCivBoard680, exampleMatcher);
Page<MinCivBoard680> page = minCivBoard680Repository.findAll(example, pageable);
Page<MinCivBoard680> page = repository.findAll(example, pageable);
// List<CmmUser> userList = page.getContent();
return page;
}

@ -0,0 +1,37 @@
package com.xit.biz.ctgy.service.impl;
import com.xit.biz.ctgy.entity.MinUserinfo;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import com.xit.biz.ctgy.service.IMinUserinfoService;
import com.xit.core.support.jpa.JpaUtil;
import org.springframework.data.domain.Example;
import org.springframework.data.domain.ExampleMatcher;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import static org.springframework.data.domain.ExampleMatcher.GenericPropertyMatchers.contains;
@Service
public class MinUserinfoService implements IMinUserinfoService {
private final IMinUserinfoRepository repository;
public MinUserinfoService(IMinUserinfoRepository repository) {
this.repository = repository;
}
@Transactional//(readOnly = true)
public Page<MinUserinfo> findMinUserinfos(MinUserinfo minUserinfo, Pageable pageable) {
//Sort sort = Sort.by(Sort.Direction.ASC, "codeOrdr");
pageable = JpaUtil.getPagingInfo(pageable);
ExampleMatcher exampleMatcher = ExampleMatcher.matchingAll()
.withMatcher("userid", contains())
.withMatcher("name", contains());
Example<MinUserinfo> example = Example.of(minUserinfo, exampleMatcher);
Page<MinUserinfo> page = repository.findAll(example, pageable);
// List<CmmUser> userList = page.getContent();
return page;
}
}

@ -1,5 +1,9 @@
package com.xit.core.config;
import com.xit.biz.ctgy.auth.MinPasswordEncoder;
import com.xit.biz.ctgy.auth.service.impl.CustomMinOAuth2UserService;
import com.xit.biz.ctgy.auth.service.impl.CustomMinUserDetailsService;
import com.xit.biz.ctgy.repository.IMinUserinfoRepository;
import com.xit.core.oauth2.api.repository.RefreshTokenRepository;
import com.xit.core.oauth2.config.properties.AppProperties;
import com.xit.core.oauth2.config.properties.CorsProperties;
@ -9,13 +13,10 @@ import com.xit.core.oauth2.oauth.handler.OAuth2AuthenticationFailureHandler;
import com.xit.core.oauth2.oauth.handler.OAuth2AuthenticationSuccessHandler;
import com.xit.core.oauth2.oauth.handler.TokenAccessDeniedHandler;
import com.xit.core.oauth2.oauth.repository.OAuth2AuthorizationRequestBasedOnCookieRepository;
import com.xit.core.oauth2.oauth.service.CustomOAuth2UserService;
import com.xit.core.oauth2.oauth.service.CustomUserDetailsService;
import com.xit.core.oauth2.oauth.JwtTokenProvider;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@ -101,11 +102,13 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final CorsProperties corsProperties;
private final AppProperties appProperties;
private final JwtTokenProvider authTokenProvider;
private final CustomUserDetailsService userDetailsService;
private final CustomOAuth2UserService customOAuth2UserService;
private final CustomMinUserDetailsService userDetailsService;
private final CustomMinOAuth2UserService customOAuth2UserService;
private final TokenAccessDeniedHandler tokenAccessDeniedHandler;
private final RefreshTokenRepository refreshTokenRepository;
private final IMinUserinfoRepository minUserinfoRepository;
/**
* 1. configure( WebSecurity) :
* - web.ignoring security skip(resource file), debug
@ -192,8 +195,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
"/**/*.html",
"/**/*.css",
"/**/*.js").permitAll()
.antMatchers("/**/auth/**", "/**/oauth2/**", "/**/users/**", "/**/biz/**").permitAll()
.anyRequest().authenticated()
.antMatchers("/**/h2-console/**", "/**/auth/**", "/**/oauth2/**", "/**/users/**", "/**/biz/**").permitAll()
.anyRequest().permitAll() //authenticated()
.and()
//.anyRequest().permitAll() //.hasRole(RoleType.USER.getCode())
@ -239,8 +242,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
* security ,
* */
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
public MinPasswordEncoder passwordEncoder() {
return new MinPasswordEncoder(minUserinfoRepository);
}
/*

@ -68,7 +68,7 @@ public class SpringDocApiConfig {
return GroupedOpenApi.builder()
.group("Ctgy-biz-API")
.pathsToMatch(
"/api/v1/biz/**"
"/api/v1/ctgy/**"
)
.build();
}

@ -2,16 +2,28 @@ package com.xit.core.init;
import lombok.extern.slf4j.Slf4j;
import org.springframework.boot.CommandLineRunner;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
import org.springframework.stereotype.Component;
//@Order(1)
//@Component
@Component
@Slf4j
public class XitFrameworkApplicationCommandLineRunner implements CommandLineRunner {
@Override
public void run(String... args) throws Exception {
// log.info("=====================================================================================");
// log.info("XitFrameworkApplicationCommandLineRunner Args: " + Arrays.toString(args));
// log.info("=====================================================================================");
System.out.println(new BCryptPasswordEncoder().encode("gnadmin"));
//System.out.println(new SCryptPasswordEncoder().encode("gnadmin"));
//System.out.println(new DelegatingPasswordEncoder().encode("gnadmin", ""));
System.out.println(new Pbkdf2PasswordEncoder().encode("gnadmin"));
}
}

@ -9,7 +9,7 @@ spring:
sql:
init:
mode: always
platform: postgres
platform: oracle
#schema-locations: classpath:/data/h2/schema.sql
#data-locations: classpath:/data/h2/data.sql
@ -17,37 +17,29 @@ spring:
# database setting
# ==================================================================================================================
datasource:
driver-class-name: org.postgresql.Driver
url: jdbc:postgresql://localhost:5432/xit_admin
username: admin
password: admin!@
driver-class-name: oracle.jdbc.OracleDriver
url: jdbc:oracle:thin:@211.119.124.118:1521:bustms
username: traffic
password: xhdgkq0
hikari:
driver-class-name: ${spring.datasource.driver-class-name}
jdbc-url: ${spring.datasource.url}
password: ${spring.datasource.password}
username: ${spring.datasource.username}
read-only: false
# ==================================================================================================================
# JPA setting
# ==================================================================================================================
jpa:
database-platform: org.hibernate.dialect.PostgreSQLDialect
database-platform: org.hibernate.dialect.Oracle10gDialect
#show-sql: false
properties:
hibernate:
hbm2ddl:
# create / create-drop / update / validate / none
auto: update
auto: none
# h2:
# console:
# enabled: true
# path: /h2-console
# 미사용
# thymeleaf:
# cache: false
# ==================================================================================================================
# JPA logging lib setting
# ==================================================================================================================

@ -8,8 +8,7 @@ spring:
sql:
init:
mode: always
# platform: h2
platform: oracle
platform: h2
#schema-locations: classpath:/data/h2/schema.sql
#data-locations: classpath:/data/h2/data.sql
@ -17,14 +16,10 @@ spring:
# database setting
# ==================================================================================================================
datasource:
# driver-class-name: org.h2.Driver
# url: jdbc:h2:mem:xitdb;MODE=Oracle;DATABASE_TO_LOWER=TRUE;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
# username: sa
# password: ''
driver-class-name: oracle.jdbc.OracleDriver
url: jdbc:oracle:thin:@211.119.124.118:1521:bustms
username: traffic
password: xhdgkq0
driver-class-name: org.h2.Driver
url: jdbc:h2:mem:xitdb;MODE=Oracle;DATABASE_TO_LOWER=TRUE;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
username: sa
password: ''
hikari:
driver-class-name: ${spring.datasource.driver-class-name}
jdbc-url: ${spring.datasource.url}
@ -36,25 +31,20 @@ spring:
# JPA setting
# ==================================================================================================================
jpa:
# database-platform: org.hibernate.dialect.H2Dialect
database-platform: org.hibernate.dialect.Oracle10gDialect
database-platform: org.hibernate.dialect.H2Dialect
#show-sql: false
properties:
hibernate:
hbm2ddl:
# create / create-drop / update / validate / none
# auto: create-drop
auto: none
auto: create-drop
h2:
console:
enabled: true
path: /h2-console
# # 미사용
# thymeleaf:
# cache: false
# ==================================================================================================================
# JPA logging lib setting
# ==================================================================================================================

@ -8,7 +8,7 @@
</springProfile>
<springProfile name="dev,prod">
<!-- <property name="LOG_PATH" value="/data/xit/logs"/>-->
<proßperty name="LOG_PATH" value="/Users/minuk/data/xit/logs"/>
<property name="LOG_PATH" value="/Users/minuk/data/xit/logs"/>
</springProfile>
<include resource="org/springframework/boot/logging/logback/defaults.xml"/>

Loading…
Cancel
Save