xit-java
/
xit-opst-be
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: login Security 적용

Browse Source 
mpower vo 적용
dev
Jonguk. Lim 2 years ago
parent 5c71aca459
commit c6ae1eb828
11 changed files with 260 additions and 37 deletions
Show Stats Download Patch File Download Diff File

1
src/main/java/com/xit/Application.java
Unescape Escape View File

@ -46,7 +46,6 @@ import java.io.IOException;
)
)
public class Application { //WebApplicationInitializer {
static final String BEAN_GEN_BASE_PACKAGE = "com.xit.**.controller";
/**
* WebFlux main application

2
src/main/java/com/xit/biz/ctgy/v2/service/IBoardService.java
Unescape Escape View File

@ -10,7 +10,7 @@ import java.util.List;
public interface IBoardService {
List<Map<String, Object>> findAll(final BoardDto dto, Pageable pageable);
List<BoardDto> findAll(final BoardDto dto, Pageable pageable);
// Page<MinCivBoard680> findAll2(final MinCivBoard680 entity, Pageable pageable);
//

31
src/main/java/com/xit/biz/ctgy/v2/service/impl/BoardService.java
Unescape Escape View File

@ -46,36 +46,19 @@ import static org.springframework.data.domain.ExampleMatcher.GenericPropertyMatc
public class BoardService implements IBoardService {
private final PasswordEncoder passwordEncoder;
private final SqlSessionTemplate sqlSessionTemplate;
private static final String selectBoardListSql = "SELECT MCB.ci_code,\n" +
" MU.name,\n" +
" MCB.ci_contentno,\n" +
" MCB.ci_title,\n" +
" MCB.ci_contents,\n" +
" MCB.ci_nalja,\n" +
" MCB.ci_step,\n" +
" MCB.ci_revel,\n" +
" MCB.ci_ref,\n" +
" MCB.ci_hit,\n" +
" MCB.ci_pass,\n" +
" MCB.ci_id\n" +
" FROM min_civ_board680 MCB\n" +
" LEFT OUTER JOIN min_userinfo MU\n" +
" ON MCB.ci_id = MU.userid\n" +
" ORDER BY MCB.ci_ref DESC, MCB.ci_step ASC, MCB.ci_code ASC";
@Transactional(readOnly = true)
public List<Map<String, Object>> findAll(final BoardDto dto, Pageable pageable) {
System.out.println(DBUtils.getXmlSql("sql/board2-mapper", "selectBoardList"));
String sql = DBUtils.getMybatisSql(sqlSessionTemplate, "board.selectBoardList", dto);
public List<BoardDto> findAll(final BoardDto dto, Pageable pageable) {
String sql = DBUtils.getXmlSql("sql/board2-mapper", "selectBoardList");
//String sql = DBUtils.getMybatisSql(sqlSessionTemplate, "board.selectBoardList", dto);
MpowerUtils sendXml = new MpowerUtils();
sendXml.setFeilds("ciCode, ciName, ciContentno, ciTitle, ciContents, ciNalja, ciStep, ciRevel, ciRef, ciHit, ciPass, ciId");
//sendXml.setQuery(sql);
sendXml.setQuery(selectBoardListSql);
return null;
//return sendXml.selectCustomQuery();
sendXml.setQuery(sql);
return sendXml.selectCustomQuery(BoardDto.class);
//return DBUtils.convertToValueObjects(sendXml.selectCustomQuery(), BoardDto.class);
}
// @Transactional(readOnly = true)

7
src/main/java/com/xit/core/config/SecurityConfig.java
Unescape Escape View File

@ -4,6 +4,7 @@ import com.xit.biz.ctgy.auth.MinPasswordEncoder;
import com.xit.biz.ctgy.auth.service.impl.CustomMinOAuth2UserService;
import com.xit.biz.ctgy.auth.service.impl.CustomMinUserDetailsService;
import com.xit.biz.ctgy.repository.IMinUserRepository;
import com.xit.core.oauth2.api.dao.RefreshTokenDao;
import com.xit.core.oauth2.api.repository.RefreshTokenRepository;
import com.xit.core.oauth2.config.properties.AppProperties;
import com.xit.core.oauth2.config.properties.CorsProperties;
@ -104,7 +105,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final CustomMinUserDetailsService userDetailsService;
private final CustomMinOAuth2UserService customOAuth2UserService;
private final TokenAccessDeniedHandler tokenAccessDeniedHandler;
private final RefreshTokenRepository refreshTokenRepository;
//private final RefreshTokenRepository refreshTokenRepository;
private final RefreshTokenDao refreshTokenDao;
private final IMinUserRepository minUserRepository;
@ -270,7 +272,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
return new OAuth2AuthenticationSuccessHandler(
authTokenProvider,
appProperties,
refreshTokenRepository,
//refreshTokenRepository,
refreshTokenDao,
oAuth2AuthorizationRequestBasedOnCookieRepository()
);
}

43
src/main/java/com/xit/core/oauth2/api/dao/RefreshTokenDao.java
Unescape Escape View File

@ -0,0 +1,43 @@
package com.xit.core.oauth2.api.dao;
import com.xit.core.oauth2.api.entity.RefreshToken;
import com.xit.core.util.DBUtils;
import com.xit.core.util.mpower.MpowerUtils;
import java.util.Optional;
public class RefreshTokenDao {
private static final String sqlXmlFile = "sql/refreshToken-mapper";
public Optional<RefreshToken> findByKey(String key){
String sql = DBUtils.getXmlSql(sqlXmlFile, "selectRefreshToken");
sql = sql.replaceFirst(":userId", key);
MpowerUtils sendXml = new MpowerUtils();
sendXml.setFeilds("key, value");
sendXml.setQuery(sql);
return Optional.ofNullable(sendXml.selectCustomQuery(RefreshToken.class).get(0));
}
public void save(RefreshToken refreshToken){
String sql = DBUtils.getXmlSql(sqlXmlFile, "saveRefreshToken");
sql = sql.replaceFirst(":userId", refreshToken.getKey());
sql = sql.replaceFirst(":tokenValue", refreshToken.getValue());
MpowerUtils sendXml = new MpowerUtils();
//sendXml.setFeilds("key, value");
//sendXml.setQuery(sql);
//return Optional.ofNullable(sendXml.selectCustomQuery(RefreshToken.class).get(0));
}
public void update(RefreshToken refreshToken){
String sql = DBUtils.getXmlSql(sqlXmlFile, "updateRefreshToken");
sql = sql.replaceFirst(":userId", refreshToken.getKey());
sql = sql.replaceFirst(":tokenValue", refreshToken.getValue());
MpowerUtils sendXml = new MpowerUtils();
//sendXml.setFeilds("key, value");
//sendXml.setQuery(sql);
//return Optional.ofNullable(sendXml.selectCustomQuery(RefreshToken.class).get(0));
}
}

2
src/main/java/com/xit/core/oauth2/api/entity/RefreshToken.java
Unescape Escape View File

@ -4,6 +4,7 @@ import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import javax.persistence.Entity;
import javax.persistence.Id;
@ -17,6 +18,7 @@ import javax.persistence.Table;
@Table(name = "refresh_token")
@Entity
@Getter
@Setter
@NoArgsConstructor
public class RefreshToken {

14
src/main/java/com/xit/core/oauth2/oauth/handler/OAuth2AuthenticationSuccessHandler.java
Unescape Escape View File

@ -1,5 +1,6 @@
package com.xit.core.oauth2.oauth.handler;
import com.xit.core.oauth2.api.dao.RefreshTokenDao;
import com.xit.core.oauth2.api.entity.RefreshToken;
import com.xit.core.oauth2.api.repository.RefreshTokenRepository;
import com.xit.core.constant.XitConstants;
@ -37,7 +38,8 @@ import static com.xit.core.oauth2.oauth.repository.OAuth2AuthorizationRequestBas
public class OAuth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
private final JwtTokenProvider tokenProvider;
private final AppProperties appProperties;
private final RefreshTokenRepository refreshTokenRepository;
//private final RefreshTokenRepository refreshTokenRepository;
private final RefreshTokenDao refreshTokenDao;
private final OAuth2AuthorizationRequestBasedOnCookieRepository authorizationRequestRepository;
@Override
@ -80,12 +82,16 @@ public class OAuth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS
String refreshToken = tokenProvider.generateJwtRefreshToken(userInfo.getId());
// DB 저장
RefreshToken savedRefreshToken = refreshTokenRepository.findByKey(userInfo.getId()).orElse(null);
//RefreshToken savedRefreshToken = refreshTokenRepository.findByKey(userInfo.getId()).orElse(null);
RefreshToken savedRefreshToken = refreshTokenDao.findByKey(userInfo.getId()).orElse(null);
if (savedRefreshToken != null) {
//userRefreshToken(refreshToken);
savedRefreshToken.updateValue(Objects.requireNonNull(refreshToken));
savedRefreshToken.setValue(refreshToken);
refreshTokenDao.update(Objects.requireNonNull(savedRefreshToken));
//savedRefreshToken.updateValue(Objects.requireNonNull(refreshToken));
} else {
refreshTokenRepository.save(
refreshTokenDao.save(
RefreshToken.builder()
.key(userInfo.getId())
.value(refreshToken)

82
src/main/java/com/xit/core/util/DBUtils.java
Unescape Escape View File

@ -11,12 +11,10 @@ import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import javax.xml.stream.events.XMLEvent;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.*;
public class DBUtils {
/**
@ -97,4 +95,80 @@ public class DBUtils {
throw new RuntimeException(e);
}
}
public static Map<String, Object> convertToMap(Object obj) {
try {
if (Objects.isNull(obj)) {
return Collections.emptyMap();
}
Map<String, Object> convertMap = new HashMap<>();
Field[] fields = obj.getClass().getDeclaredFields();
for (Field field : fields) {
field.setAccessible(true);
convertMap.put(field.getName(), field.get(obj));
}
return convertMap;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static <T> T convertToValueObject(Map<String, Object> map, Class<T> type) {
try {
Objects.requireNonNull(type, "Class cannot be null");
T instance = type.getConstructor().newInstance();
if (map == null || map.isEmpty()) {
return instance;
}
for (Map.Entry<String, Object> entry : map.entrySet()) {
Field[] fields = type.getDeclaredFields();
for (Field field : fields) {
field.setAccessible(true);
String name = field.getName();
boolean isSameType = entry.getValue().getClass().equals(field.getType());
boolean isSameName = entry.getKey().equals(name);
if (isSameType && isSameName) {
field.set(instance, map.get(name));
break;
}
}
}
return instance;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static List<Map<String, Object>> convertToMaps(List<?> list) {
if (list == null || list.isEmpty()) {
return Collections.emptyList();
}
List<Map<String, Object>> convertList = new ArrayList<>(list.size());
for (Object obj : list) {
convertList.add(convertToMap(obj));
}
return convertList;
}
public static <T> List<T> convertToValueObjects(List<Map<String, Object>> list, Class<T> type) {
Objects.requireNonNull(type, "Class cannot be null");
if (list == null || list.isEmpty()) {
return Collections.emptyList();
}
List<T> convertList = new ArrayList<>(list.size());
for (Map<String, Object> map : list) {
convertList.add(convertToValueObject(map, type));
}
return convertList;
}
}

83
src/main/java/com/xit/core/util/mpower/MpowerUtils.java
Unescape Escape View File

@ -13,6 +13,8 @@ import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.sql.*;
import java.util.ArrayList;
import java.util.HashMap;
@ -403,7 +405,88 @@ public class MpowerUtils {
return mList;
}
public <T> List<T> selectCustomQuery(Class<T> type) {
List<T> list = new ArrayList<>();
String fileList = "";
for(int cnt = 0;cnt<feilds.size();cnt++){
if(cnt==0){
fileList += feilds.get(cnt);
}else{
fileList += "," + feilds.get(cnt);
}
}
query = beforeXml+query+afterXml;
//logger.debug("=====================================================Select Query==================================================");
//logger.debug(query);
log.debug("query\n"+query);
//List<EgovMap> mList = new ArrayList<EgovMap>();
int mListCount = 0;
try {
mpower = new Client(hostip,port);
mpower.setCryptEnable(false);
mpower.getConnection("MPowerXmlToQuery.xmlQuery1");
mpower.setInput("SQLXML", query);
mpower.Request();
String result = mpower.getString("result", 0, 0);
int row;
if (result.equals("true")){
row = mpower.getMaxRow("list1");
if(row>0){
for(int i=0;i<row;i++){
//Map<String,Object> m = new HashMap<>();
T instance = null;
try {
instance = type.getConstructor().newInstance();
} catch (InstantiationException e) {
throw new RuntimeException(e);
} catch (IllegalAccessException e) {
throw new RuntimeException(e);
} catch (InvocationTargetException e) {
throw new RuntimeException(e);
} catch (NoSuchMethodException e) {
throw new RuntimeException(e);
}
if(!"".equals(feild) && feild != null){
//m.put("cbContent", mpower.getString("list1", i, 4));
continue;
}else{
Field[] clsFields = type.getDeclaredFields();
for(int j=0;j<feilds.size();j++){
for (Field fd : clsFields) {
fd.setAccessible(true);
boolean isSameType = feilds.get(j).getClass().equals(fd.getType());
boolean isSameName = feilds.get(j).equals(fd.getName());
if (isSameType && isSameName) {
fd.set(instance, mpower.getString("list1", i, j));
break;
}
}
//m.put(feilds.get(j), mpower.getString("list1", i, j));
}
}
list.add(instance);
}
}
}
mpower.disconnect();
//logger.debug("===============================================================================================================");
} catch (Exception e) {
e.printStackTrace();
} finally{
clearValidation();
}
return list;
}
public void setFeilds(String string) {
String[] m = string.split(",");
for(int i=0;i<m.length;i++){

2
src/main/resources/config/application-oauth.yml
Unescape Escape View File

@ -68,7 +68,7 @@ spring:
# Spring Security cors 설정 :: CorsConfiguration 설정 값
cors:
allowed-origins: http://localhost:3000,http://localhost:8080,http://localhost,http://211.119.124.9,http://211.119.124.9:8090
allowed-origins: http://localhost:3000, http://localhost:8088, http://211.119.124.9
allowed-methods: GET,POST,PUT,DELETE,OPTIONS
allowed-headers: '*'
max-age: 3600

30
src/main/resources/sql/refreshToken-mapper.xml
Unescape Escape View File

@ -0,0 +1,30 @@
<?xml version="1.0" encoding="UTF-8"?>
<sqlMapper>
<selectRefreshToken>
/* refreshToken-mapper|selectRefreshToken|julim */
SELECT key,
value
FROM refresh_token
WHERE key = :userId
</selectRefreshToken>
<updateRefreshToken>
/* refreshToken-mapper|insertRefreshToken|julim */
INSERT
INTO refresh_token (
key,
value
) VALUE (
:userId,
:tokenValue
)
</updateRefreshToken>
<updateRefreshToken>
/* refreshToken-mapper|updateRefreshToken|julim */
UPDATE refresh_token
SET value = :tokenValue
WHERE key = :userId
</updateRefreshToken>
</sqlMapper>
Write Preview
Loading…
Cancel
Save