Guestbook
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 |
Tags
- 메서드
- 코드스테이츠 백엔드 교육과정
- 자바
- Gamsgo
- 코드스테이츠 부트캠프 합격 후기
- Spring
- HLB
- 백내장
- 코드스테이츠 합격 후기
- 백내장 금감원
- 금감원 백내장 민원
- 코드 스테이츠 백엔드 교육과정
- 코드스테이츠 부트캠프
- 금감원
- 코드스테이츠 백엔드 후기
- 코테 합격후기
- 백내장 다초점렌즈 삽입술
- CodeState 후기
- 보험금 지급거절
- Java
- 에이치엘비
- Code States 백엔드 합격 후기
- 해시
- 겜스고
- 금융감독원 민원신청
- codestates 국비지원 1기 합격 후기
- 코드스테이츠 합격
- 금융감독원
- 코드스테이츠 백엔드 부트캠프 합격
- 백준 알고리즘
Archives
- Today
- Total
개발하는 동그리
[Main Project] Spring Security + JWT 설정 본문
반응형
Dependencies
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'com.auth0:java-jwt:4.0.0'
Spring Security + JWT 설정에 필요한 클래스
- SecuritConfig
- CorsConfig
- PrincipalDetailsService
- PrincipalDetails
- JwtAuthenticationFilter
- JwtAuthorizationFilter
- JwtProperties
SecurityConfig Class
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {
private final CorsFilter corsFilter;
private final UsersRepository usersRepository;
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().disable();
http.headers().frameOptions().disable();
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.httpBasic()
.disable()
.apply(new CustomDsl())
.and()
.authorizeRequests()
.antMatchers("/v1/company/**")
.access("hasRole('ROLE_COMPANY') or hasRole('ROLE_ADMIN')")
.antMatchers("/v1/customer/**")
.access("hasRole('ROLE_CUSTOMER') or hasRole('ROLE_ADMIN')")
.anyRequest().permitAll();
return http.build();
}
public class CustomDsl extends AbstractHttpConfigurer<CustomDsl, HttpSecurity> {
@Override
public void configure(HttpSecurity builder) {
AuthenticationManager authenticationManager = builder
.getSharedObject(AuthenticationManager.class);
builder
.addFilter(corsFilter)
.addFilter(new JwtAuthenticationFilter(authenticationManager))
.addFilter(new JwtAuthorizationFilter(authenticationManager
,usersRepository));
}
}
}
CorsConfig Class
@Configuration
public class CorsConfig {
@Bean
public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("http://localhost:3000");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
config.addExposedHeader("Authorization");
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
}
}
PrincipalDetails Class
@Getter
@Setter
public class PrincipalDetails implements UserDetails {
private Users users;
public PrincipalDetails(Users users) {
this.users = users;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
Collection<GrantedAuthority> authorities = new ArrayList<>();
users.getRoleList().forEach(n -> {
authorities.add(() -> n);
});
return authorities;
}
@Override
public String getUsername() {
return users.getEmail();
}
@Override
public String getPassword() {
return users.getPassword();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
PrincipalDetailsService Class
@Service
@RequiredArgsConstructor
public class PrincipalDetailsService implements UserDetailsService {
private final UsersRepository usersRepository;
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
Users usersEntity = usersRepository.findByEmail(email);
return new PrincipalDetails(usersEntity);
}
}
JwtAuthenticationFilter Class
@Slf4j
@RequiredArgsConstructor
public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
private final AuthenticationManager authenticationManager;
@Override
public Authentication attemptAuthentication(HttpServletRequest request
, HttpServletResponse response) throws AuthenticationException {
try {
ObjectMapper om = new ObjectMapper();
Users users = om.readValue(request.getInputStream(), Users.class);
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(users.getEmail(), users.getPassword());
Authentication authentication =
authenticationManager.authenticate(authenticationToken);
return authentication;
} catch (IOException e) {
log.error("Error : ", e);
}
return null;
}
@Override
protected void successfulAuthentication(HttpServletRequest request,
HttpServletResponse response, FilterChain chain, Authentication authResult) {
System.out.println("successfulAuthentication");
PrincipalDetails principalDetails = (PrincipalDetails) authResult.getPrincipal();
String jwtToken = JWT.create()
.withSubject(principalDetails.getUsername())
.withExpiresAt(new Date(System.currentTimeMillis() +
(JwtProperties.EXPIRATION_TIME)))
.withClaim("id", principalDetails.getUsers().getId())
.withClaim("email", principalDetails.getUsers().getEmail())
.withClaim("username", principalDetails.getUsers().getUsername())
.sign(Algorithm.HMAC512(JwtProperties.SECRET));
response.addHeader(JwtProperties.HEADER_STRING,JwtProperties.TOKEN_PREFIX + jwtToken);
}
}JwtAuthorizationFilter Class
public class JwtAuthorizationFilter extends BasicAuthenticationFilter {
private final UsersRepository usersRepository;
public JwtAuthorizationFilter(AuthenticationManager authenticationManager,
UsersRepository usersRepository) {
super(authenticationManager);
this.usersRepository = usersRepository;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
FilterChain chain) throws IOException, ServletException {
String jwtHeader = request.getHeader(JwtProperties.HEADER_STRING);
if (jwtHeader == null || !jwtHeader.startsWith(JwtProperties.TOKEN_PREFIX)) {
chain.doFilter(request, response);
return;
}
String jwtToken = jwtHeader.replace(JwtProperties.TOKEN_PREFIX, "");
String email = JWT.require(Algorithm.HMAC512(JwtProperties.SECRET)).build().
verify(jwtToken).getClaim("email").asString();
if (email != null) {
Users usersEntity = usersRepository.findByEmail(email);
PrincipalDetails principalDetails = new PrincipalDetails(usersEntity);
Authentication authentication =
new UsernamePasswordAuthenticationToken(principalDetails, null,
principalDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authentication);
chain.doFilter(request, response);
} else {
super.doFilterInternal(request, response, chain);
}
}
}JwtProperties
public interface JwtProperties {
String SECRET = {secret_key}
int EXPIRATION_TIME = {token_expiration_time}
String TOKEN_PREFIX = "Bearer ";
String HEADER_STRING = "Authorization";
}
반응형
'스테이츠 코드(백엔드) > Main Project' 카테고리의 다른 글
| [Main Project] Nginx Load Balancer 설정 (4) | 2022.10.03 |
|---|---|
| [Main Project] 게시글 좋아요 구현 (0) | 2022.09.29 |
| [Main Project] AWS S3 사진 업로드 설정 (2) | 2022.09.29 |
| [Main Project] @Convert : booleanToString (2) | 2022.09.29 |
| [Main Project] 서비스 실시간 update (3) | 2022.09.27 |