Compare commits
3 Commits
feature/lo
...
feature/te
| Author | SHA1 | Date | |
|---|---|---|---|
|
994db8afad | ||
|
|
dabee5c844 | ||
|
|
24c8039031 |
@@ -1,7 +1,7 @@
|
||||
plugins {
|
||||
java
|
||||
id("org.springframework.boot") version "2.6.7"
|
||||
id("io.spring.dependency-management") version "1.0.11.RELEASE"
|
||||
java
|
||||
id("org.springframework.boot") version "2.6.7"
|
||||
id("io.spring.dependency-management") version "1.0.11.RELEASE"
|
||||
}
|
||||
|
||||
group = "com.ticketing"
|
||||
@@ -9,60 +9,59 @@ version = "0.0.1-SNAPSHOT"
|
||||
|
||||
val javaVersion = JavaVersion.VERSION_11
|
||||
java {
|
||||
sourceCompatibility = javaVersion
|
||||
targetCompatibility = javaVersion
|
||||
sourceCompatibility = javaVersion
|
||||
targetCompatibility = javaVersion
|
||||
}
|
||||
|
||||
configurations {
|
||||
compileOnly {
|
||||
extendsFrom(configurations.annotationProcessor.get())
|
||||
}
|
||||
compileOnly {
|
||||
extendsFrom(configurations.annotationProcessor.get())
|
||||
}
|
||||
}
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
|
||||
|
||||
dependencies {
|
||||
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
|
||||
implementation("org.springframework.boot:spring-boot-starter-security")
|
||||
implementation("org.springframework.boot:spring-boot-starter-validation")
|
||||
implementation("org.springframework.boot:spring-boot-starter-web")
|
||||
implementation("org.springframework.boot:spring-boot-starter-actuator")
|
||||
implementation("org.springframework.boot:spring-boot-starter-log4j2")
|
||||
implementation("org.projectlombok:lombok:1.18.20")
|
||||
implementation("io.springfox:springfox-boot-starter:3.0.0")
|
||||
implementation("io.springfox:springfox-swagger-ui:3.0.0")
|
||||
implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.4")
|
||||
implementation("com.lmax:disruptor:3.4.2")
|
||||
implementation("io.jsonwebtoken:jjwt-api:0.11.2")
|
||||
implementation("com.googlecode.json-simple:json-simple:1.1.1")
|
||||
implementation("org.springframework.boot:spring-boot-starter-data-redis")
|
||||
implementation("org.springframework.boot:spring-boot-starter-data-jpa")
|
||||
implementation("org.springframework.boot:spring-boot-starter-security")
|
||||
implementation("org.springframework.boot:spring-boot-starter-validation")
|
||||
implementation("org.springframework.boot:spring-boot-starter-web")
|
||||
implementation("org.springframework.boot:spring-boot-starter-actuator")
|
||||
implementation("org.springframework.boot:spring-boot-starter-log4j2")
|
||||
implementation("org.projectlombok:lombok:1.18.20")
|
||||
implementation("io.springfox:springfox-swagger2:3.0.0")
|
||||
implementation("io.springfox:springfox-swagger-ui:3.0.0")
|
||||
implementation("com.github.ulisesbocchio:jasypt-spring-boot-starter:3.0.4")
|
||||
implementation("com.lmax:disruptor:3.4.2")
|
||||
implementation("io.jsonwebtoken:jjwt-api:0.11.2")
|
||||
implementation("com.googlecode.json-simple:json-simple:1.1.1")
|
||||
|
||||
modules {
|
||||
module("org.springframework.boot:spring-boot-starter-logging") {
|
||||
replacedBy("org.springframework.boot:spring-boot-starter-log4j2", "Use Log4j2 instead of Logback")
|
||||
}
|
||||
}
|
||||
modules {
|
||||
module("org.springframework.boot:spring-boot-starter-logging") {
|
||||
replacedBy("org.springframework.boot:spring-boot-starter-log4j2", "Use Log4j2 instead of Logback")
|
||||
}
|
||||
}
|
||||
|
||||
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||
testImplementation("org.springframework.security:spring-security-test")
|
||||
testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
|
||||
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||
testImplementation("org.springframework.security:spring-security-test")
|
||||
testImplementation("org.junit.jupiter:junit-jupiter-api:5.8.1")
|
||||
|
||||
compileOnly("org.projectlombok:lombok")
|
||||
runtimeOnly("mysql:mysql-connector-java")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.2")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.2")
|
||||
annotationProcessor("org.projectlombok:lombok")
|
||||
annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
|
||||
compileOnly("org.projectlombok:lombok")
|
||||
runtimeOnly("mysql:mysql-connector-java")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.2")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.2")
|
||||
annotationProcessor("org.projectlombok:lombok")
|
||||
annotationProcessor("org.springframework.boot:spring-boot-configuration-processor")
|
||||
|
||||
testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.8.1")
|
||||
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||
testImplementation("org.springframework.security:spring-security-test")
|
||||
testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.8.1")
|
||||
testImplementation("org.springframework.boot:spring-boot-starter-test")
|
||||
testImplementation("org.springframework.security:spring-security-test")
|
||||
}
|
||||
|
||||
tasks.withType<Test> {
|
||||
useJUnitPlatform()
|
||||
useJUnitPlatform()
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
package com.ticketing.server;
|
||||
|
||||
import com.ticketing.server.global.security.jwt.JwtProperties;
|
||||
import com.ticketing.server.global.jwt.JwtProperties;
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
|
||||
@@ -1,28 +1,14 @@
|
||||
package com.ticketing.server.global.config;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.CorsEndpointProperties;
|
||||
import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
|
||||
import org.springframework.boot.actuate.autoconfigure.web.server.ManagementPortType;
|
||||
import org.springframework.boot.actuate.endpoint.ExposableEndpoint;
|
||||
import org.springframework.boot.actuate.endpoint.web.EndpointLinksResolver;
|
||||
import org.springframework.boot.actuate.endpoint.web.EndpointMapping;
|
||||
import org.springframework.boot.actuate.endpoint.web.EndpointMediaTypes;
|
||||
import org.springframework.boot.actuate.endpoint.web.ExposableWebEndpoint;
|
||||
import org.springframework.boot.actuate.endpoint.web.WebEndpointsSupplier;
|
||||
import org.springframework.boot.actuate.endpoint.web.annotation.ControllerEndpointsSupplier;
|
||||
import org.springframework.boot.actuate.endpoint.web.annotation.ServletEndpointsSupplier;
|
||||
import org.springframework.boot.actuate.endpoint.web.servlet.WebMvcEndpointHandlerMapping;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.util.StringUtils;
|
||||
import springfox.documentation.builders.ApiInfoBuilder;
|
||||
import springfox.documentation.builders.PathSelectors;
|
||||
import springfox.documentation.builders.RequestHandlerSelectors;
|
||||
import springfox.documentation.service.ApiInfo;
|
||||
import springfox.documentation.service.ApiKey;
|
||||
import springfox.documentation.service.AuthorizationScope;
|
||||
import springfox.documentation.service.SecurityReference;
|
||||
@@ -36,29 +22,27 @@ import springfox.documentation.swagger.web.UiConfigurationBuilder;
|
||||
@RequiredArgsConstructor
|
||||
public class SwaggerConfig {
|
||||
|
||||
public static final String SECURITY_SCHEMA_NAME = "Authorization";
|
||||
public static final String AUTHORIZATION_SCOPE_GLOBAL = "global";
|
||||
public static final String AUTHORIZATION_SCOPE_GLOBAL_DESC = "accessEverything";
|
||||
|
||||
@Bean
|
||||
public Docket api() {
|
||||
return new Docket(DocumentationType.OAS_30).useDefaultResponseMessages(false).select()
|
||||
.apis(RequestHandlerSelectors.any()).paths(PathSelectors.ant("/api/**")).build()
|
||||
return new Docket(DocumentationType.OAS_30)
|
||||
.useDefaultResponseMessages(false)
|
||||
.select()
|
||||
.apis(RequestHandlerSelectors.any())
|
||||
.paths(PathSelectors.ant("/api/**")).build()
|
||||
.apiInfo(apiInfo())
|
||||
.securityContexts(Arrays.asList(securityContext()))
|
||||
.securitySchemes(Arrays.asList(apiKey()));
|
||||
}
|
||||
|
||||
@Bean
|
||||
public WebMvcEndpointHandlerMapping webEndpointServletHandlerMapping(WebEndpointsSupplier webEndpointsSupplier, ServletEndpointsSupplier servletEndpointsSupplier, ControllerEndpointsSupplier controllerEndpointsSupplier, EndpointMediaTypes endpointMediaTypes, CorsEndpointProperties corsProperties, WebEndpointProperties webEndpointProperties, Environment environment) {
|
||||
List<ExposableEndpoint<?>> allEndpoints = new ArrayList<>();
|
||||
Collection<ExposableWebEndpoint> webEndpoints = webEndpointsSupplier.getEndpoints();
|
||||
allEndpoints.addAll(webEndpoints);
|
||||
allEndpoints.addAll(servletEndpointsSupplier.getEndpoints());
|
||||
allEndpoints.addAll(controllerEndpointsSupplier.getEndpoints());
|
||||
String basePath = webEndpointProperties.getBasePath();
|
||||
EndpointMapping endpointMapping = new EndpointMapping(basePath);
|
||||
boolean shouldRegisterLinksMapping = this.shouldRegisterLinksMapping(webEndpointProperties, environment, basePath);
|
||||
return new WebMvcEndpointHandlerMapping(endpointMapping, webEndpoints, endpointMediaTypes, corsProperties.toCorsConfiguration(), new EndpointLinksResolver(allEndpoints, basePath), shouldRegisterLinksMapping, null);
|
||||
}
|
||||
|
||||
private boolean shouldRegisterLinksMapping(WebEndpointProperties webEndpointProperties, Environment environment, String basePath) {
|
||||
return webEndpointProperties.getDiscovery().isEnabled() && (StringUtils.hasText(basePath) || ManagementPortType.get(environment).equals(ManagementPortType.DIFFERENT));
|
||||
private ApiInfo apiInfo() {
|
||||
return new ApiInfoBuilder()
|
||||
.title("Ticketing REST API Document")
|
||||
.version("v1")
|
||||
.description("Ticketing REST API 문서").build();
|
||||
}
|
||||
|
||||
private ApiKey apiKey() {
|
||||
@@ -69,10 +53,6 @@ public class SwaggerConfig {
|
||||
return SecurityContext.builder().securityReferences(defaultAuth()).build();
|
||||
}
|
||||
|
||||
public static final String SECURITY_SCHEMA_NAME = "Authorization";
|
||||
public static final String AUTHORIZATION_SCOPE_GLOBAL = "global";
|
||||
public static final String AUTHORIZATION_SCOPE_GLOBAL_DESC = "accessEverything";
|
||||
|
||||
private List<SecurityReference> defaultAuth() {
|
||||
AuthorizationScope authorizationScope = new AuthorizationScope(AUTHORIZATION_SCOPE_GLOBAL,
|
||||
AUTHORIZATION_SCOPE_GLOBAL_DESC);
|
||||
|
||||
@@ -28,6 +28,4 @@ public abstract class AbstractEntity {
|
||||
@LastModifiedDate
|
||||
private LocalDateTime updatedAt;
|
||||
|
||||
private LocalDateTime deletedAt;
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,9 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
public class AlreadyDeletedException extends RuntimeException {
|
||||
|
||||
public AlreadyDeletedException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,31 +0,0 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
import static org.springframework.http.HttpStatus.BAD_REQUEST;
|
||||
import static org.springframework.http.HttpStatus.CONFLICT;
|
||||
import static org.springframework.http.HttpStatus.NOT_FOUND;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor
|
||||
public enum ErrorCode {
|
||||
|
||||
/* 400 BAD_REQUEST : 잘못된 요청 */
|
||||
MISMATCH_PASSWORD(BAD_REQUEST, "비밀번호가 일치하지 않습니다."),
|
||||
TOKEN_TYPE(BAD_REQUEST, "토큰 타입이 올바르지 않습니다."),
|
||||
UNAVAILABLE_REFRESH_TOKEN(BAD_REQUEST, "사용할 수 없는 토큰 입니다."),
|
||||
|
||||
/* 404 NOT_FOUND : Resource 를 찾을 수 없음 */
|
||||
EMAIL_NOT_FOUND(NOT_FOUND, "해당 이메일을 찾을 수 없습니다."),
|
||||
REFRESH_TOKEN_NOT_FOUND(NOT_FOUND, "리프레쉬 토큰을 찾을 수 없습니다."),
|
||||
|
||||
/* 409 CONFLICT : Resource 의 현재 상태와 충돌. 보통 중복된 데이터 존재 */
|
||||
DUPLICATE_EMAIL(CONFLICT, "이메일이 이미 존재합니다."),
|
||||
DELETED_EMAIL(CONFLICT, "이미 삭제된 이메일 입니다.");
|
||||
|
||||
private final HttpStatus httpStatus;
|
||||
private final String detail;
|
||||
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
import java.util.List;
|
||||
import lombok.EqualsAndHashCode;
|
||||
import lombok.Getter;
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
@Getter
|
||||
@EqualsAndHashCode
|
||||
public class ErrorResponse {
|
||||
|
||||
private final HttpStatus status;
|
||||
private final String message;
|
||||
private final List<String> errors;
|
||||
|
||||
public ErrorResponse(HttpStatus status, String message, List<String> errors) {
|
||||
this.status = status;
|
||||
this.message = message;
|
||||
this.errors = errors;
|
||||
}
|
||||
|
||||
public ErrorResponse(HttpStatus status, String message, String error) {
|
||||
this.status = status;
|
||||
this.message = message;
|
||||
this.errors = List.of(error);
|
||||
}
|
||||
|
||||
public static ErrorResponse toErrorResponse(ErrorCode errorCode) {
|
||||
return new ErrorResponse(
|
||||
errorCode.getHttpStatus(),
|
||||
errorCode.name(),
|
||||
errorCode.getDetail());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,246 +0,0 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
import static org.springframework.http.HttpStatus.BAD_REQUEST;
|
||||
import static org.springframework.http.HttpStatus.FORBIDDEN;
|
||||
import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
|
||||
import static org.springframework.http.HttpStatus.METHOD_NOT_ALLOWED;
|
||||
import static org.springframework.http.HttpStatus.NOT_FOUND;
|
||||
import static org.springframework.http.HttpStatus.UNAUTHORIZED;
|
||||
import static org.springframework.http.HttpStatus.UNSUPPORTED_MEDIA_TYPE;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import javax.validation.ConstraintViolation;
|
||||
import javax.validation.ConstraintViolationException;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.TypeMismatchException;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.validation.BindException;
|
||||
import org.springframework.validation.FieldError;
|
||||
import org.springframework.validation.ObjectError;
|
||||
import org.springframework.web.HttpMediaTypeNotSupportedException;
|
||||
import org.springframework.web.HttpRequestMethodNotSupportedException;
|
||||
import org.springframework.web.bind.MethodArgumentNotValidException;
|
||||
import org.springframework.web.bind.MissingServletRequestParameterException;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.context.request.WebRequest;
|
||||
import org.springframework.web.method.annotation.MethodArgumentTypeMismatchException;
|
||||
import org.springframework.web.multipart.support.MissingServletRequestPartException;
|
||||
import org.springframework.web.servlet.NoHandlerFoundException;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
|
||||
|
||||
@Slf4j
|
||||
@RestControllerAdvice
|
||||
public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
|
||||
|
||||
/* 400 START */
|
||||
|
||||
/**
|
||||
* Valid 유효성 검사 실패
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleMethodArgumentNotValid(
|
||||
MethodArgumentNotValidException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("MethodArgumentNotValidException :: ", ex);
|
||||
|
||||
List<String> errors = generateErrors(ex);
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
|
||||
return handleExceptionInternal(ex, response, headers, response.getStatus(), request);
|
||||
}
|
||||
|
||||
/***
|
||||
* ModelAttribute 으로 binding error 발생
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleBindException(
|
||||
BindException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("BindException :: ", ex);
|
||||
|
||||
List<String> errors = generateErrors(ex);
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
|
||||
return handleExceptionInternal(ex, response, headers, response.getStatus(), request);
|
||||
}
|
||||
|
||||
/**
|
||||
* 잘못된 유형으로 Bean 속성 설정
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleTypeMismatch(
|
||||
TypeMismatchException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("TypeMismatchException :: ", ex);
|
||||
|
||||
String error = ex.getValue() + " value for " + ex.getPropertyName() + " should be of type " + ex.getRequiredType();
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
|
||||
return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* multipart/form-data 요청 실패
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleMissingServletRequestPart(
|
||||
MissingServletRequestPartException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("MissingServletRequestPartException :: ", ex);
|
||||
|
||||
String error = ex.getRequestPartName() + " part is missing";
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
|
||||
return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 필수 인수 누락
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleMissingServletRequestParameter(
|
||||
MissingServletRequestParameterException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("MissingServletRequestParameterException :: ", ex);
|
||||
|
||||
String error = ex.getParameterName() + " parameter is missing";
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
|
||||
return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 인수가 예상한 형식이 아닐 시
|
||||
*/
|
||||
@ExceptionHandler(value = MethodArgumentTypeMismatchException.class)
|
||||
protected ResponseEntity<Object> handleMethodArgumentTypeMismatch(MethodArgumentTypeMismatchException ex) {
|
||||
log.error("MethodArgumentTypeMismatchException :: ", ex);
|
||||
|
||||
String error = ex.getName() + " should be of type " + Objects.requireNonNull(ex.getRequiredType()).getName();
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), error);
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 제약 조건 위반
|
||||
*/
|
||||
@ExceptionHandler(value = ConstraintViolationException.class)
|
||||
protected ResponseEntity<Object> handleConstraintViolation(ConstraintViolationException ex) {
|
||||
log.error("ConstraintViolationException :: ", ex);
|
||||
|
||||
List<String> errors = new ArrayList<>();
|
||||
for (ConstraintViolation<?> violation : ex.getConstraintViolations()) {
|
||||
errors.add(violation.getRootBeanClass().getName() + " " + violation.getPropertyPath() + ": " + violation.getMessage());
|
||||
}
|
||||
|
||||
ErrorResponse response = new ErrorResponse(BAD_REQUEST, ex.getLocalizedMessage(), errors);
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/* 400 END */
|
||||
|
||||
/**
|
||||
* 404 발생
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleNoHandlerFoundException(
|
||||
NoHandlerFoundException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("NoHandlerFoundException :: ", ex);
|
||||
|
||||
String error = "No handler found for " + ex.getHttpMethod() + " " + ex.getRequestURL();
|
||||
ErrorResponse response = new ErrorResponse(NOT_FOUND, ex.getLocalizedMessage(), error);
|
||||
return ResponseEntity.status(response.getStatus()).headers(headers).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 지원하지 않는 HTTP 메서드로 요청 405
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleHttpRequestMethodNotSupported(
|
||||
HttpRequestMethodNotSupportedException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("HttpRequestMethodNotSupportedException :: ", ex);
|
||||
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append(ex.getMethod());
|
||||
builder.append(" method is not supported for this request. Supported methods are ");
|
||||
|
||||
Set<HttpMethod> supportedHttpMethods = ex.getSupportedHttpMethods();
|
||||
if (supportedHttpMethods != null) {
|
||||
supportedHttpMethods.forEach(t -> builder.append(t).append(" "));
|
||||
}
|
||||
|
||||
ErrorResponse response = new ErrorResponse(METHOD_NOT_ALLOWED, ex.getLocalizedMessage(), builder.toString());
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 지원되지 않는 미디어 유형으로 요청 415
|
||||
*/
|
||||
@Override
|
||||
protected ResponseEntity<Object> handleHttpMediaTypeNotSupported(
|
||||
HttpMediaTypeNotSupportedException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
|
||||
log.error("HttpMediaTypeNotSupportedException :: ", ex);
|
||||
|
||||
StringBuilder builder = new StringBuilder();
|
||||
builder.append(ex.getContentType());
|
||||
builder.append(" media type is not supported. Supported media types are ");
|
||||
ex.getSupportedMediaTypes().forEach(t -> builder.append(t).append(" "));
|
||||
|
||||
ErrorResponse response = new ErrorResponse(UNSUPPORTED_MEDIA_TYPE, ex.getLocalizedMessage(), builder.substring(0, builder.length() - 2));
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 특정 핸들러 없는 모든 예외 500
|
||||
*/
|
||||
@ExceptionHandler(value = Exception.class)
|
||||
protected ResponseEntity<Object> handleAll(Exception ex) {
|
||||
log.error("Exception :: ", ex);
|
||||
|
||||
ErrorResponse response = new ErrorResponse(INTERNAL_SERVER_ERROR, ex.getLocalizedMessage(), "오류가 발생했습니다.");
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 접근 권한이 없을 때
|
||||
*/
|
||||
@ExceptionHandler(value = AccessDeniedException.class)
|
||||
protected ResponseEntity<ErrorResponse> handleAccessDeniedException(Exception ex) {
|
||||
log.error("AccessDeniedException :: ", ex);
|
||||
|
||||
ErrorResponse response = new ErrorResponse(FORBIDDEN, ex.getLocalizedMessage(), "접근 권한이 없습니다.");
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 인증 정보가 없을 때
|
||||
*/
|
||||
@ExceptionHandler(value = AuthenticationException.class)
|
||||
protected ResponseEntity<ErrorResponse> handleAuthenticationException(Exception ex) {
|
||||
log.error("AuthenticationException :: ", ex);
|
||||
|
||||
ErrorResponse response = new ErrorResponse(UNAUTHORIZED, ex.getLocalizedMessage(), "로그인 후 이용하실 수 있습니다.");
|
||||
return ResponseEntity.status(response.getStatus()).headers(new HttpHeaders()).body(response);
|
||||
}
|
||||
|
||||
/**
|
||||
* 커스텀 예외 발생 시
|
||||
*/
|
||||
@ExceptionHandler(value = TicketingException.class)
|
||||
protected ResponseEntity<ErrorResponse> ticketingException(TicketingException ex) {
|
||||
log.error("TicketingException :: ", ex);
|
||||
|
||||
ErrorCode errorCode = ex.getErrorCode();
|
||||
return ResponseEntity.status(errorCode.getHttpStatus()).body(ErrorResponse.toErrorResponse(errorCode));
|
||||
}
|
||||
|
||||
private List<String> generateErrors(BindException ex) {
|
||||
List<String> errors = new ArrayList<>();
|
||||
List<ObjectError> allErrors = ex.getBindingResult().getAllErrors();
|
||||
|
||||
for (ObjectError error : allErrors) {
|
||||
errors.add(((FieldError) error).getField() + ": " + error.getDefaultMessage());
|
||||
}
|
||||
return errors;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,11 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
public class NotFoundEmailException extends IllegalArgumentException {
|
||||
|
||||
private static final String MESSAGE = "존재하지 않는 이메일 입니다.";
|
||||
|
||||
public NotFoundEmailException() {
|
||||
super(MESSAGE);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,11 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
public class PasswordMismatchException extends RuntimeException {
|
||||
|
||||
private static final String MESSAGE = "패스워드가 일치하지 않습니다";
|
||||
|
||||
public PasswordMismatchException() {
|
||||
super(MESSAGE);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
package com.ticketing.server.global.exception;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor
|
||||
public class TicketingException extends RuntimeException {
|
||||
|
||||
private final ErrorCode errorCode;
|
||||
|
||||
}
|
||||
@@ -5,23 +5,19 @@ import java.util.Properties;
|
||||
import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
|
||||
import org.springframework.core.env.PropertiesPropertySource;
|
||||
import org.springframework.core.env.PropertySource;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.core.io.support.EncodedResource;
|
||||
import org.springframework.core.io.support.PropertySourceFactory;
|
||||
import org.springframework.lang.Nullable;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
public class YamlPropertySourceFactory implements PropertySourceFactory {
|
||||
|
||||
@Override
|
||||
public PropertySource<?> createPropertySource(@Nullable String name, EncodedResource resource) {
|
||||
Properties yamlProperties = loadYamlProperties(resource);
|
||||
String sourceName = StringUtils.hasText(name) ? name : resource.getResource().getFilename();
|
||||
return new PropertiesPropertySource(Objects.requireNonNull(sourceName), Objects.requireNonNull(yamlProperties));
|
||||
}
|
||||
public PropertySource<?> createPropertySource(String name, EncodedResource encodedResource) {
|
||||
Resource resource = encodedResource.getResource();
|
||||
YamlPropertiesFactoryBean factoryBean = new YamlPropertiesFactoryBean();
|
||||
factoryBean.setResources(resource);
|
||||
|
||||
private Properties loadYamlProperties(EncodedResource resource) {
|
||||
YamlPropertiesFactoryBean factory = new YamlPropertiesFactoryBean();
|
||||
factory.setResources(resource.getResource());
|
||||
return factory.getObject();
|
||||
Properties properties = factoryBean.getObject();
|
||||
return new PropertiesPropertySource(Objects.requireNonNull(resource.getFilename()), Objects.requireNonNull(properties));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import java.io.IOException;
|
||||
import javax.servlet.FilterChain;
|
||||
@@ -17,10 +17,12 @@ import org.springframework.web.filter.OncePerRequestFilter;
|
||||
public class JwtFilter extends OncePerRequestFilter {
|
||||
|
||||
private final JwtProvider tokenProvider;
|
||||
private final JwtProperties jwtProperties;
|
||||
private final String accessHeader;
|
||||
private final String tokenPrefix;
|
||||
|
||||
public JwtFilter(JwtProperties jwtProperties, JwtProvider tokenProvider) {
|
||||
this.jwtProperties = jwtProperties;
|
||||
this.accessHeader = jwtProperties.getAccessHeader();
|
||||
this.tokenPrefix = jwtProperties.getPrefix();
|
||||
this.tokenProvider = tokenProvider;
|
||||
}
|
||||
|
||||
@@ -38,10 +40,11 @@ public class JwtFilter extends OncePerRequestFilter {
|
||||
}
|
||||
|
||||
private String resolveToken(HttpServletRequest request) {
|
||||
String bearerToken = request.getHeader(jwtProperties.getAccessHeader());
|
||||
if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
|
||||
String bearerToken = request.getHeader(accessHeader);
|
||||
if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(tokenPrefix)) {
|
||||
return bearerToken.substring(7);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import com.ticketing.server.global.factory.YamlPropertySourceFactory;
|
||||
import lombok.Getter;
|
||||
@@ -10,18 +10,13 @@ import org.springframework.context.annotation.PropertySource;
|
||||
@Getter
|
||||
@RequiredArgsConstructor
|
||||
@ConstructorBinding
|
||||
@ConfigurationProperties(value = "jwt")
|
||||
@ConfigurationProperties("jwt")
|
||||
@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
|
||||
public class JwtProperties {
|
||||
|
||||
private final String accessHeader;
|
||||
private final String refreshHeader;
|
||||
private final String prefix;
|
||||
private final String secretKey;
|
||||
private final Integer accessTokenValidityInSeconds;
|
||||
private final Integer refreshTokenValidityInSeconds;
|
||||
private final Integer tokenValidityInSeconds;
|
||||
|
||||
public boolean hasTokenStartsWith(String token) {
|
||||
return token.startsWith(prefix);
|
||||
}
|
||||
}
|
||||
@@ -1,11 +1,14 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.ExpiredJwtException;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.MalformedJwtException;
|
||||
import io.jsonwebtoken.SignatureAlgorithm;
|
||||
import io.jsonwebtoken.UnsupportedJwtException;
|
||||
import io.jsonwebtoken.io.Decoders;
|
||||
import io.jsonwebtoken.security.Keys;
|
||||
import io.jsonwebtoken.security.SecurityException;
|
||||
import java.security.Key;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
@@ -28,53 +31,29 @@ public class JwtProvider {
|
||||
private static final String AUTHORITIES_KEY = "auth";
|
||||
private static final String AUTHORITIES_DELIMITER = ",";
|
||||
|
||||
private final long tokenValidityInMilliseconds;
|
||||
private final Key key;
|
||||
private final String prefix;
|
||||
private final long accessTokenValidityInMilliseconds;
|
||||
private final long refreshTokenValidityInMilliseconds;
|
||||
|
||||
public JwtProvider(JwtProperties jwtProperties) {
|
||||
this.tokenValidityInMilliseconds = jwtProperties.getTokenValidityInSeconds();
|
||||
|
||||
byte[] keyBytes = Decoders.BASE64.decode(jwtProperties.getSecretKey());
|
||||
this.key = Keys.hmacShaKeyFor(keyBytes);
|
||||
|
||||
this.prefix = jwtProperties.getPrefix();
|
||||
this.accessTokenValidityInMilliseconds = jwtProperties.getAccessTokenValidityInSeconds() * 1000L;
|
||||
this.refreshTokenValidityInMilliseconds = jwtProperties.getRefreshTokenValidityInSeconds() * 1000L;
|
||||
}
|
||||
|
||||
public TokenDto generateTokenDto(Authentication authentication) {
|
||||
String accessToken = createAccessToken(authentication);
|
||||
String refreshToken = createRefreshToken(authentication);
|
||||
long expiresIn = accessTokenValidityInMilliseconds / 1000L;
|
||||
|
||||
return TokenDto.of(accessToken, refreshToken, prefix, expiresIn);
|
||||
}
|
||||
|
||||
private String createAccessToken(Authentication authentication) {
|
||||
// 만료시간 계산
|
||||
long now = (new Date()).getTime();
|
||||
Date accessTokenExpiresIn = new Date(now + this.accessTokenValidityInMilliseconds);
|
||||
|
||||
return createToken(authentication, accessTokenExpiresIn);
|
||||
}
|
||||
|
||||
private String createRefreshToken(Authentication authentication) {
|
||||
// 만료시간 계산
|
||||
long now = (new Date()).getTime();
|
||||
Date refreshTokenExpiresIn = new Date(now + this.refreshTokenValidityInMilliseconds);
|
||||
|
||||
return createToken(authentication, refreshTokenExpiresIn);
|
||||
}
|
||||
|
||||
private String createToken(Authentication authentication, Date expiration) {
|
||||
public String createToken(Authentication authentication) {
|
||||
// 권한 정보 가져오기
|
||||
String authorities = generateStringToAuthorities(authentication);
|
||||
|
||||
// 만료시간 계산
|
||||
long now = new Date().getTime();
|
||||
Date accessTokenExpiresIn = new Date(now + this.tokenValidityInMilliseconds);
|
||||
|
||||
// JWT 생성
|
||||
return Jwts.builder()
|
||||
.setSubject(authentication.getName()) // email
|
||||
.claim(AUTHORITIES_KEY, authorities) // payload
|
||||
.setExpiration(expiration) // 만료일
|
||||
.setExpiration(accessTokenExpiresIn) // 만료일
|
||||
.signWith(key, SignatureAlgorithm.HS512) // 서명 키 값
|
||||
.compact();
|
||||
}
|
||||
@@ -96,7 +75,6 @@ public class JwtProvider {
|
||||
// 토큰 복호화
|
||||
Claims claims = parseClaims(token);
|
||||
|
||||
// 권한조회
|
||||
List<SimpleGrantedAuthority> authorities =
|
||||
Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(AUTHORITIES_DELIMITER))
|
||||
.map(SimpleGrantedAuthority::new)
|
||||
@@ -107,12 +85,25 @@ public class JwtProvider {
|
||||
}
|
||||
|
||||
public boolean validateToken(String token) {
|
||||
parseClaims(token);
|
||||
return true;
|
||||
try {
|
||||
parseClaims(token);
|
||||
return true;
|
||||
} catch (SecurityException | MalformedJwtException exception) {
|
||||
log.info("잘못된 JWT 서명입니다.");
|
||||
} catch (ExpiredJwtException e) {
|
||||
log.info("잘못된 JWT 토큰입니다.");
|
||||
} catch (UnsupportedJwtException e) {
|
||||
log.info("지원되지 않는 JWT 토큰입니다.");
|
||||
} catch (IllegalArgumentException e) {
|
||||
log.info("JWT 토큰이 잘못되었습니다.");
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
private Claims parseClaims(String token) {
|
||||
return Jwts.parserBuilder()
|
||||
return Jwts
|
||||
.parserBuilder()
|
||||
.setSigningKey(key)
|
||||
.build()
|
||||
.parseClaimsJws(token)
|
||||
@@ -1,4 +1,4 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
@@ -1,26 +1,17 @@
|
||||
package com.ticketing.server.global.security.jwt.handle;
|
||||
package com.ticketing.server.global.jwt.handle;
|
||||
|
||||
import java.io.IOException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.web.access.AccessDeniedHandler;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.servlet.HandlerExceptionResolver;
|
||||
|
||||
@Component("JwtAccessDeniedHandler")
|
||||
@Component
|
||||
public class JwtAccessDeniedHandler implements AccessDeniedHandler {
|
||||
|
||||
private final HandlerExceptionResolver resolver;
|
||||
|
||||
public JwtAccessDeniedHandler(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
|
||||
this.resolver = resolver;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN);
|
||||
resolver.resolveException(request, response, null, accessDeniedException);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
package com.ticketing.server.global.jwt.handle;
|
||||
|
||||
import java.io.IOException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
|
||||
@Override
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
package com.ticketing.server.global.redis;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.data.redis.connection.RedisConnectionFactory;
|
||||
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
|
||||
import org.springframework.data.redis.serializer.StringRedisSerializer;
|
||||
import org.springframework.orm.jpa.JpaTransactionManager;
|
||||
import org.springframework.transaction.PlatformTransactionManager;
|
||||
|
||||
@Configuration
|
||||
@EnableRedisRepositories
|
||||
public class RedisConfig {
|
||||
|
||||
@Value("${spring.redis.host}")
|
||||
private String host;
|
||||
|
||||
@Value("${spring.redis.port}")
|
||||
private int port;
|
||||
|
||||
@Bean
|
||||
public RedisConnectionFactory redisConnectionFactory() {
|
||||
return new LettuceConnectionFactory(host, port);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public RedisTemplate<String, Object> redisTemplate() {
|
||||
RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
|
||||
redisTemplate.setConnectionFactory(redisConnectionFactory());
|
||||
redisTemplate.setKeySerializer(new StringRedisSerializer());
|
||||
redisTemplate.setValueSerializer(new StringRedisSerializer());
|
||||
|
||||
return redisTemplate;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PlatformTransactionManager transactionManager() {
|
||||
return new JpaTransactionManager();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,10 +0,0 @@
|
||||
package com.ticketing.server.global.redis;
|
||||
|
||||
import java.util.Optional;
|
||||
import org.springframework.data.repository.CrudRepository;
|
||||
|
||||
public interface RefreshRedisRepository extends CrudRepository<RefreshToken, Long> {
|
||||
|
||||
Optional<RefreshToken> findByEmail(String email);
|
||||
|
||||
}
|
||||
@@ -1,35 +0,0 @@
|
||||
package com.ticketing.server.global.redis;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.Id;
|
||||
import lombok.AccessLevel;
|
||||
import lombok.Getter;
|
||||
import lombok.NoArgsConstructor;
|
||||
import org.springframework.data.redis.core.RedisHash;
|
||||
import org.springframework.data.redis.core.index.Indexed;
|
||||
|
||||
@Getter
|
||||
@RedisHash("RefreshToken")
|
||||
@NoArgsConstructor(access = AccessLevel.PROTECTED)
|
||||
public class RefreshToken {
|
||||
|
||||
@Id
|
||||
@GeneratedValue
|
||||
@Column(name = "refresh_token_id")
|
||||
private Long id;
|
||||
|
||||
@Indexed
|
||||
private String email;
|
||||
private String token;
|
||||
|
||||
public RefreshToken(String email, String token) {
|
||||
this.email = email;
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
public void changeToken(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,56 +0,0 @@
|
||||
package com.ticketing.server.global.security;
|
||||
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDecisionManager;
|
||||
import org.springframework.security.access.AccessDecisionVoter;
|
||||
import org.springframework.security.access.annotation.Jsr250Voter;
|
||||
import org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice;
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
|
||||
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
|
||||
import org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter;
|
||||
import org.springframework.security.access.vote.AffirmativeBased;
|
||||
import org.springframework.security.access.vote.AuthenticatedVoter;
|
||||
import org.springframework.security.access.vote.RoleHierarchyVoter;
|
||||
import org.springframework.security.access.vote.RoleVoter;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
|
||||
@EnableGlobalMethodSecurity(
|
||||
securedEnabled = true,
|
||||
jsr250Enabled = true,
|
||||
prePostEnabled = true
|
||||
)
|
||||
@Configuration
|
||||
public class RoleConfig extends GlobalMethodSecurityConfiguration {
|
||||
|
||||
@Override
|
||||
protected AccessDecisionManager accessDecisionManager() {
|
||||
List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
|
||||
ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
|
||||
expressionAdvice.setExpressionHandler(getExpressionHandler());
|
||||
decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(expressionAdvice));
|
||||
decisionVoters.add(new Jsr250Voter());
|
||||
|
||||
decisionVoters.add(new RoleVoter());
|
||||
decisionVoters.add(roleHierarchyVoter());
|
||||
decisionVoters.add(new AuthenticatedVoter());
|
||||
return new AffirmativeBased(decisionVoters);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public RoleHierarchyVoter roleHierarchyVoter() {
|
||||
return new RoleHierarchyVoter(roleHierarchy());
|
||||
}
|
||||
|
||||
@Bean
|
||||
public RoleHierarchy roleHierarchy() {
|
||||
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();
|
||||
roleHierarchy.setHierarchy(UserGrade.getRoleHierarchy());
|
||||
return roleHierarchy;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,13 +1,14 @@
|
||||
package com.ticketing.server.global.security;
|
||||
|
||||
import com.ticketing.server.global.security.jwt.JwtFilter;
|
||||
import com.ticketing.server.global.security.jwt.JwtSecurityConfig;
|
||||
import com.ticketing.server.global.security.jwt.handle.JwtAccessDeniedHandler;
|
||||
import com.ticketing.server.global.security.jwt.handle.JwtAuthenticationEntryPoint;
|
||||
import com.ticketing.server.global.jwt.JwtFilter;
|
||||
import com.ticketing.server.global.jwt.JwtSecurityConfig;
|
||||
import com.ticketing.server.global.jwt.handle.JwtAccessDeniedHandler;
|
||||
import com.ticketing.server.global.jwt.handle.JwtAuthenticationEntryPoint;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
@@ -17,6 +18,7 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@EnableGlobalMethodSecurity(securedEnabled = true)
|
||||
@RequiredArgsConstructor
|
||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@@ -50,14 +52,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers(HttpMethod.POST, "/api/auth/token").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/api/auth/refresh").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/api/users").permitAll()
|
||||
.antMatchers("/api/movies/**").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/user").permitAll()
|
||||
.antMatchers(HttpMethod.POST, "/user/login").permitAll()
|
||||
.antMatchers("/l7check").permitAll()
|
||||
.antMatchers("/actuator/**").permitAll()
|
||||
.antMatchers("/api/v3/", "/swagger-ui/**", "/swagger/", "/swagger-resources/**", "/v3/api-docs").permitAll()
|
||||
.antMatchers("/actuator/health").permitAll()
|
||||
.anyRequest().authenticated()
|
||||
|
||||
.and()
|
||||
.apply(new JwtSecurityConfig(jwtFilter));
|
||||
}
|
||||
|
||||
@@ -1,26 +0,0 @@
|
||||
package com.ticketing.server.global.security.jwt.handle;
|
||||
|
||||
import java.io.IOException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.servlet.HandlerExceptionResolver;
|
||||
|
||||
@Component("JwtAuthenticationEntryPoint")
|
||||
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
|
||||
private final HandlerExceptionResolver resolver;
|
||||
|
||||
public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) {
|
||||
this.resolver = resolver;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
|
||||
resolver.resolveException(request, response, null, authException);
|
||||
}
|
||||
}
|
||||
@@ -1,8 +1,5 @@
|
||||
package com.ticketing.server.user.service;
|
||||
package com.ticketing.server.global.service;
|
||||
|
||||
import static com.ticketing.server.global.exception.ErrorCode.EMAIL_NOT_FOUND;
|
||||
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.user.domain.User;
|
||||
import com.ticketing.server.user.domain.repository.UserRepository;
|
||||
import java.util.Collections;
|
||||
@@ -23,7 +20,7 @@ public class CustomUserDetailsService implements UserDetailsService {
|
||||
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
|
||||
return userRepository.findByEmailAndIsDeletedFalse(email)
|
||||
.map(this::createUserDetails)
|
||||
.orElseThrow(() -> new TicketingException(EMAIL_NOT_FOUND));
|
||||
.orElseThrow(() -> new UsernameNotFoundException("존재하지 않는 email 입니다. :: " + email));
|
||||
}
|
||||
|
||||
private UserDetails createUserDetails(User user) {
|
||||
@@ -1,28 +0,0 @@
|
||||
package com.ticketing.server.global.validator.constraints;
|
||||
|
||||
import com.ticketing.server.global.validator.constraintvalidators.FieldsValueNotMatchValidator;
|
||||
import java.lang.annotation.Documented;
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
import javax.validation.Constraint;
|
||||
import javax.validation.Payload;
|
||||
|
||||
@Constraint(validatedBy = FieldsValueNotMatchValidator.class)
|
||||
@Target(ElementType.TYPE)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Documented
|
||||
public @interface FieldsValueNotMatch {
|
||||
|
||||
String message();
|
||||
|
||||
String field();
|
||||
|
||||
String fieldMatch();
|
||||
|
||||
Class<?>[] groups() default {};
|
||||
|
||||
Class<? extends Payload>[] payload() default {};
|
||||
|
||||
}
|
||||
@@ -1,29 +0,0 @@
|
||||
package com.ticketing.server.global.validator.constraintvalidators;
|
||||
|
||||
import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch;
|
||||
import javax.validation.ConstraintValidator;
|
||||
import javax.validation.ConstraintValidatorContext;
|
||||
import org.springframework.beans.BeanWrapperImpl;
|
||||
|
||||
public class FieldsValueNotMatchValidator implements ConstraintValidator<FieldsValueNotMatch, Object> {
|
||||
|
||||
private String field;
|
||||
private String fieldMatch;
|
||||
|
||||
public void initialize(FieldsValueNotMatch constraintAnnotation) {
|
||||
this.field = constraintAnnotation.field();
|
||||
this.fieldMatch = constraintAnnotation.fieldMatch();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isValid(Object value, ConstraintValidatorContext context) {
|
||||
Object fieldValue = new BeanWrapperImpl(value).getPropertyValue(field);
|
||||
Object fieldMatchValue = new BeanWrapperImpl(value).getPropertyValue(fieldMatch);
|
||||
|
||||
if (fieldValue != null) {
|
||||
return !fieldValue.equals(fieldMatchValue);
|
||||
} else {
|
||||
return fieldMatchValue != null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,30 +1,8 @@
|
||||
package com.ticketing.server.movie.application;
|
||||
|
||||
import com.ticketing.server.movie.application.response.MovieListResponse;
|
||||
import com.ticketing.server.movie.service.interfaces.MovieService;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/api/movies")
|
||||
@Api(value = "Movie API", tags = {"Movie"})
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
public class MovieController {
|
||||
|
||||
private final MovieService movieService;
|
||||
|
||||
@GetMapping()
|
||||
@ApiOperation(value = "영화 목록 조회")
|
||||
public ResponseEntity<MovieListResponse> getMovies() {
|
||||
return ResponseEntity.status(HttpStatus.OK).body(MovieListResponse.from(movieService.getMovies()));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
package com.ticketing.server.movie.application.response;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import com.ticketing.server.movie.service.dto.MovieDto;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
import java.util.List;
|
||||
import lombok.AccessLevel;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor(access = AccessLevel.PRIVATE)
|
||||
public class MovieListResponse {
|
||||
|
||||
@ApiModelProperty(value = "영화 제목")
|
||||
@JsonProperty
|
||||
private List<MovieDto> movieDtos;
|
||||
|
||||
public static MovieListResponse from(List<MovieDto> movieDtos) {
|
||||
return new MovieListResponse(movieDtos);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.ticketing.server.movie.domain;
|
||||
|
||||
import com.ticketing.server.global.dto.repository.AbstractEntity;
|
||||
import com.ticketing.server.movie.service.dto.MovieDto;
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.validation.constraints.NotNull;
|
||||
@@ -22,8 +21,4 @@ public class Movie extends AbstractEntity {
|
||||
@NotNull
|
||||
private Integer runningTime;
|
||||
|
||||
public MovieDto toDto() {
|
||||
return new MovieDto(this.title);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,11 +1,8 @@
|
||||
package com.ticketing.server.movie.domain.repository;
|
||||
|
||||
import com.ticketing.server.movie.domain.Movie;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.data.jpa.repository.Query;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
@Repository
|
||||
@@ -13,9 +10,4 @@ public interface MovieRepository extends JpaRepository<Movie, Long> {
|
||||
|
||||
Optional<Movie> findByTitle(String title);
|
||||
|
||||
@Query(value = "SELECT * "
|
||||
+ "FROM movie "
|
||||
+ "WHERE deleted_at IS NULL", nativeQuery = true)
|
||||
List<Movie> findValidMovies();
|
||||
|
||||
}
|
||||
|
||||
@@ -1,29 +1,9 @@
|
||||
package com.ticketing.server.movie.service;
|
||||
|
||||
import com.ticketing.server.movie.domain.Movie;
|
||||
import com.ticketing.server.movie.domain.repository.MovieRepository;
|
||||
import com.ticketing.server.movie.service.dto.MovieDto;
|
||||
import com.ticketing.server.movie.service.interfaces.MovieService;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
public class MovieServiceImpl implements MovieService {
|
||||
|
||||
private final MovieRepository movieRepository;
|
||||
|
||||
public List<MovieDto> getMovies() {
|
||||
List<Movie> movies = movieRepository.findValidMovies();
|
||||
|
||||
return movies.stream()
|
||||
.map(movie -> movie.toDto())
|
||||
.collect(Collectors.toList());
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,12 +0,0 @@
|
||||
package com.ticketing.server.movie.service.dto;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import lombok.AllArgsConstructor;
|
||||
|
||||
@AllArgsConstructor
|
||||
public class MovieDto {
|
||||
|
||||
@JsonProperty
|
||||
private String title;
|
||||
|
||||
}
|
||||
@@ -1,10 +1,5 @@
|
||||
package com.ticketing.server.movie.service.interfaces;
|
||||
|
||||
import com.ticketing.server.movie.service.dto.MovieDto;
|
||||
import java.util.List;
|
||||
|
||||
public interface MovieService {
|
||||
|
||||
List<MovieDto> getMovies();
|
||||
|
||||
}
|
||||
|
||||
@@ -1,63 +0,0 @@
|
||||
package com.ticketing.server.user.application;
|
||||
|
||||
import com.ticketing.server.user.application.request.LoginRequest;
|
||||
import com.ticketing.server.user.application.response.LogoutResponse;
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import com.ticketing.server.user.service.interfaces.AuthenticationService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
@RequiredArgsConstructor
|
||||
@RequestMapping("/api/auth")
|
||||
@Slf4j
|
||||
public class AuthController {
|
||||
|
||||
private final AuthenticationService authenticationService;
|
||||
|
||||
@PostMapping("/token")
|
||||
public ResponseEntity<TokenDto> login(@RequestBody LoginRequest loginRequest) {
|
||||
TokenDto tokenDto = authenticationService.generateTokenDto(loginRequest.toAuthentication());
|
||||
|
||||
return ResponseEntity.status(HttpStatus.OK)
|
||||
.headers(getHttpHeaders())
|
||||
.body(tokenDto);
|
||||
}
|
||||
|
||||
@PostMapping("/refresh")
|
||||
public ResponseEntity<TokenDto> refreshToken(@RequestParam("refreshToken") String refreshToken) {
|
||||
TokenDto tokenDto = authenticationService.reissueTokenDto(refreshToken);
|
||||
|
||||
return ResponseEntity.status(HttpStatus.OK)
|
||||
.headers(getHttpHeaders())
|
||||
.body(tokenDto);
|
||||
}
|
||||
|
||||
@PostMapping("/logout")
|
||||
public ResponseEntity<LogoutResponse> logout(@AuthenticationPrincipal UserDetails userRequest) {
|
||||
LogoutResponse logoutResponse = authenticationService.deleteRefreshToken(userRequest.getUsername());
|
||||
|
||||
return ResponseEntity.status(HttpStatus.OK)
|
||||
.body(logoutResponse);
|
||||
}
|
||||
|
||||
private HttpHeaders getHttpHeaders() {
|
||||
HttpHeaders httpHeaders = new HttpHeaders();
|
||||
httpHeaders.set(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
|
||||
httpHeaders.set(HttpHeaders.PRAGMA, "no-store");
|
||||
httpHeaders.set(HttpHeaders.EXPIRES, "0");
|
||||
|
||||
return httpHeaders;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,68 +1,73 @@
|
||||
package com.ticketing.server.user.application;
|
||||
|
||||
import com.ticketing.server.global.jwt.JwtProperties;
|
||||
import com.ticketing.server.user.application.request.LoginRequest;
|
||||
import com.ticketing.server.user.application.request.SignUpRequest;
|
||||
import com.ticketing.server.user.application.request.UserChangePasswordRequest;
|
||||
import com.ticketing.server.user.application.request.UserDeleteRequest;
|
||||
import com.ticketing.server.user.application.request.UserModifyPasswordRequest;
|
||||
import com.ticketing.server.user.application.response.LoginResponse;
|
||||
import com.ticketing.server.user.application.response.SignUpResponse;
|
||||
import com.ticketing.server.user.application.response.UserChangePasswordResponse;
|
||||
import com.ticketing.server.user.application.response.UserDeleteResponse;
|
||||
import com.ticketing.server.user.application.response.UserDetailResponse;
|
||||
import com.ticketing.server.user.domain.User;
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import com.ticketing.server.user.service.UserServiceImpl;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.validation.Valid;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.security.core.annotation.AuthenticationPrincipal;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PatchMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.PutMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@RestController
|
||||
@RequiredArgsConstructor
|
||||
@RequestMapping("/api/users")
|
||||
@RequestMapping("/api/user")
|
||||
@Slf4j
|
||||
|
||||
public class UserController {
|
||||
|
||||
private final UserServiceImpl userService;
|
||||
private final PasswordEncoder passwordEncoder;
|
||||
private final JwtProperties jwtProperties;
|
||||
|
||||
@PostMapping
|
||||
public ResponseEntity<SignUpResponse> register(@RequestBody @Valid SignUpRequest request) {
|
||||
User user = userService.register(request.toSignUpDto(passwordEncoder));
|
||||
return ResponseEntity.status(HttpStatus.CREATED).body(SignUpResponse.from(user));
|
||||
}
|
||||
|
||||
@GetMapping("/details")
|
||||
@Secured("ROLE_GUEST")
|
||||
public ResponseEntity<UserDetailResponse> details(@AuthenticationPrincipal UserDetails userRequest) {
|
||||
User user = userService.findByEmail(userRequest.getUsername());
|
||||
return ResponseEntity.status(HttpStatus.OK).body(UserDetailResponse.from(user));
|
||||
return ResponseEntity.status(HttpStatus.CREATED).body(SignUpResponse.of(user));
|
||||
}
|
||||
|
||||
@DeleteMapping
|
||||
@Secured(UserGrade.ROLES.GUEST)
|
||||
@Secured("ROLE_GUEST")
|
||||
public ResponseEntity<UserDeleteResponse> deleteUser(@RequestBody @Valid UserDeleteRequest request) {
|
||||
User user = userService.delete(request.toDeleteUserDto(passwordEncoder));
|
||||
return ResponseEntity.status(HttpStatus.OK).body(UserDeleteResponse.from(user));
|
||||
return ResponseEntity.status(HttpStatus.OK).body(UserDeleteResponse.of(user));
|
||||
}
|
||||
|
||||
@PutMapping("/password")
|
||||
@Secured(UserGrade.ROLES.GUEST)
|
||||
public ResponseEntity<UserChangePasswordResponse> changePassword(
|
||||
@AuthenticationPrincipal UserDetails userRequest,
|
||||
@RequestBody @Valid UserChangePasswordRequest request) {
|
||||
User user = userService.changePassword(request.toChangePasswordDto(userRequest.getUsername(), passwordEncoder));
|
||||
return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.from(user));
|
||||
@PatchMapping("/password")
|
||||
@Secured("ROLE_GUEST")
|
||||
public ResponseEntity<UserChangePasswordResponse> changePassword(@RequestBody @Valid UserModifyPasswordRequest request) {
|
||||
if (request.oldEqualNew()) {
|
||||
log.error("기존 패스워드와 동일한 패스워드로 변경할 수 없습니다.");
|
||||
return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
|
||||
}
|
||||
|
||||
User user = userService.changePassword(request.toChangePasswordDto(passwordEncoder));
|
||||
return ResponseEntity.status(HttpStatus.OK).body(UserChangePasswordResponse.of(user));
|
||||
}
|
||||
|
||||
@PostMapping("/login")
|
||||
public ResponseEntity<LoginResponse> login(@RequestBody LoginRequest loginRequest, HttpServletResponse response) {
|
||||
String accessToken = userService.login(loginRequest.toAuthentication());
|
||||
|
||||
response.setHeader(jwtProperties.getAccessHeader(), accessToken);
|
||||
return ResponseEntity.status(HttpStatus.OK).body(LoginResponse.of(accessToken));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.ticketing.server.user.application.request;
|
||||
|
||||
import com.ticketing.server.global.validator.constraints.FieldsValueNotMatch;
|
||||
import com.ticketing.server.user.service.dto.ChangePasswordDTO;
|
||||
import javax.validation.constraints.Email;
|
||||
import javax.validation.constraints.NotEmpty;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
@@ -11,12 +11,11 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
@Getter
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
@FieldsValueNotMatch(
|
||||
field = "oldPassword",
|
||||
fieldMatch = "newPassword",
|
||||
message = "{validation.password.not.change}"
|
||||
)
|
||||
public class UserChangePasswordRequest {
|
||||
public class UserModifyPasswordRequest {
|
||||
|
||||
@NotEmpty(message = "{validation.not.empty.email}")
|
||||
@Email(message = "{validation.email}")
|
||||
private String email;
|
||||
|
||||
@NotEmpty(message = "{validation.not.empty.oldpassword}")
|
||||
private String oldPassword;
|
||||
@@ -24,8 +23,12 @@ public class UserChangePasswordRequest {
|
||||
@NotEmpty(message = "{validation.not.empty.newpassword}")
|
||||
private String newPassword;
|
||||
|
||||
public ChangePasswordDTO toChangePasswordDto(String email, PasswordEncoder passwordEncoder) {
|
||||
public ChangePasswordDTO toChangePasswordDto(PasswordEncoder passwordEncoder) {
|
||||
return new ChangePasswordDTO(email, oldPassword, newPassword, passwordEncoder);
|
||||
}
|
||||
|
||||
public boolean oldEqualNew() {
|
||||
return oldPassword.equals(newPassword);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
package com.ticketing.server.user.application.response;
|
||||
|
||||
import lombok.AccessLevel;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor(access = AccessLevel.PRIVATE)
|
||||
public class LoginResponse {
|
||||
|
||||
private String accessToken;
|
||||
|
||||
public static LoginResponse of(String accessToken) {
|
||||
return new LoginResponse(accessToken);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
package com.ticketing.server.user.application.response;
|
||||
|
||||
import com.ticketing.server.global.redis.RefreshToken;
|
||||
import lombok.AccessLevel;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor(access = AccessLevel.PRIVATE)
|
||||
public class LogoutResponse {
|
||||
|
||||
private Long refreshTokenId;
|
||||
private String email;
|
||||
private String refreshToken;
|
||||
|
||||
private LogoutResponse(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public static LogoutResponse from(String email) {
|
||||
return new LogoutResponse(email);
|
||||
}
|
||||
|
||||
public static LogoutResponse from(RefreshToken refreshToken) {
|
||||
return new LogoutResponse(refreshToken.getId(), refreshToken.getEmail(), refreshToken.getToken());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -13,7 +13,7 @@ public class SignUpResponse {
|
||||
|
||||
private String email;
|
||||
|
||||
public static SignUpResponse from(User user) {
|
||||
public static SignUpResponse of(User user) {
|
||||
return new SignUpResponse(user.getName(), user.getEmail());
|
||||
}
|
||||
|
||||
|
||||
@@ -1,20 +0,0 @@
|
||||
package com.ticketing.server.user.application.response;
|
||||
|
||||
import lombok.AccessLevel;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor(access = AccessLevel.PRIVATE)
|
||||
public class TokenDto {
|
||||
|
||||
private final String accessToken;
|
||||
private final String refreshToken;
|
||||
private final String tokenType;
|
||||
private final long expiresIn;
|
||||
|
||||
public static TokenDto of(String accessToken, String refreshToken, String tokenType, long expiresIn) {
|
||||
return new TokenDto(accessToken, refreshToken, tokenType, expiresIn);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -13,7 +13,7 @@ public class UserChangePasswordResponse {
|
||||
|
||||
private String email;
|
||||
|
||||
public static UserChangePasswordResponse from(User user) {
|
||||
public static UserChangePasswordResponse of(User user) {
|
||||
return new UserChangePasswordResponse(user.getName(), user.getEmail());
|
||||
}
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ public class UserDeleteResponse {
|
||||
|
||||
private String email;
|
||||
|
||||
public static UserDeleteResponse from(User user) {
|
||||
public static UserDeleteResponse of(User user) {
|
||||
return new UserDeleteResponse(user.getName(), user.getEmail());
|
||||
}
|
||||
|
||||
|
||||
@@ -1,21 +0,0 @@
|
||||
package com.ticketing.server.user.application.response;
|
||||
|
||||
import com.ticketing.server.user.domain.User;
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
@AllArgsConstructor
|
||||
public class UserDetailResponse {
|
||||
|
||||
private String name;
|
||||
private String email;
|
||||
private UserGrade grade;
|
||||
private String phone;
|
||||
|
||||
public static UserDetailResponse from(User user) {
|
||||
return new UserDetailResponse(user.getName(), user.getEmail(), user.getGrade(), user.getPhone());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,10 +1,8 @@
|
||||
package com.ticketing.server.user.domain;
|
||||
|
||||
import static com.ticketing.server.global.exception.ErrorCode.DELETED_EMAIL;
|
||||
import static com.ticketing.server.global.exception.ErrorCode.MISMATCH_PASSWORD;
|
||||
|
||||
import com.ticketing.server.global.dto.repository.AbstractEntity;
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.global.exception.AlreadyDeletedException;
|
||||
import com.ticketing.server.global.exception.PasswordMismatchException;
|
||||
import com.ticketing.server.global.validator.constraints.Phone;
|
||||
import com.ticketing.server.user.service.dto.ChangePasswordDTO;
|
||||
import com.ticketing.server.user.service.dto.DeleteUserDTO;
|
||||
@@ -25,6 +23,14 @@ import lombok.NoArgsConstructor;
|
||||
@NoArgsConstructor
|
||||
public class User extends AbstractEntity {
|
||||
|
||||
public User(String name, String email, String password, UserGrade grade, String phone) {
|
||||
this.name = name;
|
||||
this.email = email;
|
||||
this.password = password;
|
||||
this.grade = grade;
|
||||
this.phone = phone;
|
||||
}
|
||||
|
||||
@Column(name = "name")
|
||||
@NotEmpty(message = "{validation.not.empty.name}")
|
||||
private String name;
|
||||
@@ -52,17 +58,9 @@ public class User extends AbstractEntity {
|
||||
|
||||
private LocalDateTime deletedAt;
|
||||
|
||||
public User(String name, String email, String password, UserGrade grade, String phone) {
|
||||
this.name = name;
|
||||
this.email = email;
|
||||
this.password = password;
|
||||
this.grade = grade;
|
||||
this.phone = phone;
|
||||
}
|
||||
|
||||
public User delete(DeleteUserDTO deleteUser) {
|
||||
if (isDeleted) {
|
||||
throw new TicketingException(DELETED_EMAIL);
|
||||
throw new AlreadyDeletedException("이미 탈퇴된 회원 입니다.");
|
||||
}
|
||||
|
||||
checkPassword(deleteUser);
|
||||
@@ -81,7 +79,7 @@ public class User extends AbstractEntity {
|
||||
|
||||
public void checkPassword(PasswordMatches passwordMatches) {
|
||||
if (!passwordMatches.passwordMatches(password)) {
|
||||
throw new TicketingException(MISMATCH_PASSWORD);
|
||||
throw new PasswordMismatchException();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,38 +1,5 @@
|
||||
package com.ticketing.server.user.domain;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
@RequiredArgsConstructor
|
||||
public enum UserGrade {
|
||||
ADMIN(ROLES.ADMIN, null),
|
||||
STAFF(ROLES.STAFF, ROLES.ADMIN),
|
||||
GUEST(ROLES.GUEST, ROLES.STAFF);
|
||||
|
||||
private final String roleName;
|
||||
private final String parentName;
|
||||
|
||||
public static class ROLES {
|
||||
|
||||
public static final String ADMIN = "ROLE_ADMIN";
|
||||
public static final String STAFF = "ROLE_STAFF";
|
||||
public static final String GUEST = "ROLE_GUEST";
|
||||
|
||||
private ROLES() {
|
||||
}
|
||||
}
|
||||
|
||||
public static String getRoleHierarchy() {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
|
||||
for (UserGrade grade : UserGrade.values()) {
|
||||
if (grade.parentName != null) {
|
||||
sb.append(grade.parentName);
|
||||
sb.append(" > ");
|
||||
sb.append(grade.roleName);
|
||||
sb.append("\n");
|
||||
}
|
||||
}
|
||||
|
||||
return sb.toString();
|
||||
}
|
||||
GUEST, STAFF
|
||||
}
|
||||
|
||||
@@ -1,100 +0,0 @@
|
||||
package com.ticketing.server.user.service;
|
||||
|
||||
import static com.ticketing.server.global.exception.ErrorCode.REFRESH_TOKEN_NOT_FOUND;
|
||||
import static com.ticketing.server.global.exception.ErrorCode.TOKEN_TYPE;
|
||||
import static com.ticketing.server.global.exception.ErrorCode.UNAVAILABLE_REFRESH_TOKEN;
|
||||
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.global.redis.RefreshRedisRepository;
|
||||
import com.ticketing.server.global.redis.RefreshToken;
|
||||
import com.ticketing.server.global.security.jwt.JwtProperties;
|
||||
import com.ticketing.server.global.security.jwt.JwtProvider;
|
||||
import com.ticketing.server.user.application.response.LogoutResponse;
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import com.ticketing.server.user.service.interfaces.AuthenticationService;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
public class AuthenticationServiceImpl implements AuthenticationService {
|
||||
|
||||
private final RefreshRedisRepository refreshRedisRepository;
|
||||
|
||||
private final JwtProvider jwtProvider;
|
||||
private final JwtProperties jwtProperties;
|
||||
private final AuthenticationManagerBuilder authenticationManagerBuilder;
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public TokenDto generateTokenDto(UsernamePasswordAuthenticationToken authenticationToken) {
|
||||
// 회원인증
|
||||
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
||||
|
||||
String email = authenticationToken.getName();
|
||||
|
||||
// 토큰 발급
|
||||
TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
|
||||
|
||||
// refresh 토큰이 있으면 수정, 없으면 생성
|
||||
refreshRedisRepository.findByEmail(email)
|
||||
.ifPresentOrElse(
|
||||
tokenEntity -> tokenEntity.changeToken(tokenDto.getRefreshToken()),
|
||||
() -> refreshRedisRepository.save(new RefreshToken(email, tokenDto.getRefreshToken()))
|
||||
);
|
||||
|
||||
return tokenDto;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public TokenDto reissueTokenDto(String bearerRefreshToken) {
|
||||
String refreshToken = resolveToken(bearerRefreshToken);
|
||||
|
||||
// 토큰 검증
|
||||
jwtProvider.validateToken(refreshToken);
|
||||
|
||||
Authentication authentication = jwtProvider.getAuthentication(refreshToken);
|
||||
|
||||
// Redis 에 토큰이 있는지 검증
|
||||
RefreshToken findTokenEntity = refreshRedisRepository.findByEmail(authentication.getName())
|
||||
.orElseThrow(() -> new TicketingException(REFRESH_TOKEN_NOT_FOUND));
|
||||
|
||||
// redis 토큰과 input 토큰이 일치한지 확인
|
||||
if (!refreshToken.equals(findTokenEntity.getToken())) {
|
||||
throw new TicketingException(UNAVAILABLE_REFRESH_TOKEN);
|
||||
}
|
||||
|
||||
// 토큰 발급
|
||||
TokenDto tokenDto = jwtProvider.generateTokenDto(authentication);
|
||||
|
||||
// 토큰 최신화
|
||||
findTokenEntity.changeToken(tokenDto.getRefreshToken());
|
||||
refreshRedisRepository.save(findTokenEntity);
|
||||
|
||||
return tokenDto;
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public LogoutResponse deleteRefreshToken(String email) {
|
||||
return refreshRedisRepository.findByEmail(email)
|
||||
.map(tokenDto -> {
|
||||
refreshRedisRepository.delete(tokenDto);
|
||||
return LogoutResponse.from(tokenDto);
|
||||
}).orElseGet(() -> LogoutResponse.from(email));
|
||||
}
|
||||
|
||||
private String resolveToken(String bearerToken) {
|
||||
if (StringUtils.hasText(bearerToken) && jwtProperties.hasTokenStartsWith(bearerToken)) {
|
||||
return bearerToken.substring(7);
|
||||
}
|
||||
throw new TicketingException(TOKEN_TYPE);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,9 +1,7 @@
|
||||
package com.ticketing.server.user.service;
|
||||
|
||||
import static com.ticketing.server.global.exception.ErrorCode.DUPLICATE_EMAIL;
|
||||
import static com.ticketing.server.global.exception.ErrorCode.EMAIL_NOT_FOUND;
|
||||
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.global.exception.NotFoundEmailException;
|
||||
import com.ticketing.server.global.jwt.JwtProvider;
|
||||
import com.ticketing.server.user.domain.User;
|
||||
import com.ticketing.server.user.domain.repository.UserRepository;
|
||||
import com.ticketing.server.user.service.dto.ChangePasswordDTO;
|
||||
@@ -14,6 +12,9 @@ import java.util.Optional;
|
||||
import javax.validation.Valid;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
@@ -26,22 +27,37 @@ import org.springframework.validation.annotation.Validated;
|
||||
public class UserServiceImpl implements UserService {
|
||||
|
||||
private final UserRepository userRepository;
|
||||
private final AuthenticationManagerBuilder authenticationManagerBuilder;
|
||||
private final JwtProvider jwtProvider;
|
||||
|
||||
@Override
|
||||
public String login(UsernamePasswordAuthenticationToken authenticationToken) {
|
||||
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
||||
return jwtProvider.createToken(authentication);
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public User register(@Valid SignUpDTO signUpDto) {
|
||||
Optional<User> user = userRepository.findByEmail(signUpDto.getEmail());
|
||||
if (user.isEmpty()) {
|
||||
return userRepository.save(signUpDto.toUser());
|
||||
if (user.isPresent()) {
|
||||
log.error("이미 존재하는 이메일이기 때문에 신규 회원가입을 진행할 수 없습니다. :: {}", signUpDto);
|
||||
throw new IllegalArgumentException("이미 존재하는 이메일이기 때문에 신규 회원가입을 진행할 수 없습니다.");
|
||||
}
|
||||
|
||||
throw new TicketingException(DUPLICATE_EMAIL);
|
||||
return userRepository.save(signUpDto.toUser());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public User delete(@Valid DeleteUserDTO deleteUserDto) {
|
||||
User user = findNotDeletedUserByEmail(deleteUserDto.getEmail());
|
||||
User user = userRepository.findByEmail(deleteUserDto.getEmail())
|
||||
.orElseThrow(() -> {
|
||||
log.error("존재하지 않는 이메일 입니다. :: {}", deleteUserDto.getEmail());
|
||||
throw new NotFoundEmailException();
|
||||
}
|
||||
);
|
||||
|
||||
return user.delete(deleteUserDto);
|
||||
}
|
||||
|
||||
@@ -52,19 +68,12 @@ public class UserServiceImpl implements UserService {
|
||||
return user.changePassword(changePasswordDto);
|
||||
}
|
||||
|
||||
@Override
|
||||
public User findByEmail(String email) {
|
||||
return userRepository.findByEmail(email)
|
||||
.orElseThrow(UserServiceImpl::throwEmailNotFound);
|
||||
}
|
||||
|
||||
private User findNotDeletedUserByEmail(String email) {
|
||||
return userRepository.findByEmailAndIsDeletedFalse(email)
|
||||
.orElseThrow(UserServiceImpl::throwEmailNotFound);
|
||||
}
|
||||
|
||||
private static RuntimeException throwEmailNotFound() {
|
||||
throw new TicketingException(EMAIL_NOT_FOUND);
|
||||
.orElseThrow(() -> {
|
||||
log.error("존재하지 않는 이메일 입니다. :: {}", email);
|
||||
throw new NotFoundEmailException();
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -6,6 +6,13 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
public class ChangePasswordDTO implements PasswordMatches {
|
||||
|
||||
public ChangePasswordDTO(String email, String oldPassword, String newPassword, PasswordEncoder passwordEncoder) {
|
||||
this.email = email;
|
||||
this.oldPassword = oldPassword;
|
||||
this.newPassword = newPassword;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
}
|
||||
|
||||
@NotEmpty(message = "{validation.not.empty.email}")
|
||||
@Email(message = "{validation.email}")
|
||||
private String email;
|
||||
@@ -18,13 +25,6 @@ public class ChangePasswordDTO implements PasswordMatches {
|
||||
|
||||
private PasswordEncoder passwordEncoder;
|
||||
|
||||
public ChangePasswordDTO(String email, String oldPassword, String newPassword, PasswordEncoder passwordEncoder) {
|
||||
this.email = email;
|
||||
this.oldPassword = oldPassword;
|
||||
this.newPassword = newPassword;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
@@ -6,6 +6,12 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
public class DeleteUserDTO implements PasswordMatches {
|
||||
|
||||
public DeleteUserDTO(String email, String inputPassword, PasswordEncoder passwordEncoder) {
|
||||
this.email = email;
|
||||
this.inputPassword = inputPassword;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
}
|
||||
|
||||
@NotEmpty(message = "{validation.not.empty.email}")
|
||||
@Email(message = "{validation.email}")
|
||||
private String email;
|
||||
@@ -15,12 +21,6 @@ public class DeleteUserDTO implements PasswordMatches {
|
||||
|
||||
private PasswordEncoder passwordEncoder;
|
||||
|
||||
public DeleteUserDTO(String email, String inputPassword, PasswordEncoder passwordEncoder) {
|
||||
this.email = email;
|
||||
this.inputPassword = inputPassword;
|
||||
this.passwordEncoder = passwordEncoder;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean passwordMatches(String password) {
|
||||
return passwordEncoder.matches(this.inputPassword, password);
|
||||
|
||||
@@ -1,15 +0,0 @@
|
||||
package com.ticketing.server.user.service.interfaces;
|
||||
|
||||
import com.ticketing.server.user.application.response.LogoutResponse;
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
|
||||
public interface AuthenticationService {
|
||||
|
||||
TokenDto generateTokenDto(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken);
|
||||
|
||||
TokenDto reissueTokenDto(String bearerRefreshToken);
|
||||
|
||||
LogoutResponse deleteRefreshToken(String email);
|
||||
|
||||
}
|
||||
@@ -5,14 +5,17 @@ import com.ticketing.server.user.service.dto.ChangePasswordDTO;
|
||||
import com.ticketing.server.user.service.dto.DeleteUserDTO;
|
||||
import com.ticketing.server.user.service.dto.SignUpDTO;
|
||||
import javax.validation.Valid;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
public interface UserService {
|
||||
|
||||
String login(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken);
|
||||
|
||||
User register(@Valid SignUpDTO signUpDto);
|
||||
|
||||
User delete(@Valid DeleteUserDTO deleteUserDto);
|
||||
|
||||
User changePassword(@Valid ChangePasswordDTO changePasswordDto);
|
||||
|
||||
User findByEmail(String email);
|
||||
}
|
||||
|
||||
@@ -4,9 +4,6 @@ server:
|
||||
spring:
|
||||
profiles:
|
||||
active: local
|
||||
redis:
|
||||
host: localhost
|
||||
port: 6379
|
||||
|
||||
jpa:
|
||||
hibernate:
|
||||
@@ -18,24 +15,12 @@ spring:
|
||||
maximum-pool-size: 10 # default 10
|
||||
max-lifetime: 1800000 # default 30 minutes
|
||||
|
||||
mvc:
|
||||
pathmatch:
|
||||
matching-strategy: ant_path_matcher
|
||||
throw-exception-if-no-handler-found: true
|
||||
|
||||
jasypt:
|
||||
encryptor:
|
||||
bean: jasyptStringEncryptor
|
||||
|
||||
jwt:
|
||||
access-header: Authorization
|
||||
refresh-header: REFRESH_TOKEN
|
||||
access-header: ACCESS_TOKEN
|
||||
prefix: Bearer
|
||||
secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
|
||||
access-token-validity-in-seconds: 60 # 1분
|
||||
refresh-token-validity-in-seconds: 259200 # 3일
|
||||
|
||||
springfox:
|
||||
documentation:
|
||||
swagger:
|
||||
use-model-v3: false
|
||||
token-validity-in-seconds: 86400
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
validation.not.empty.name=\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.email=\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.password=\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.oldpassword=\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.newpassword=\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.grade=\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.phone=\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.email=\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
|
||||
validation.phone=\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
|
||||
validation.password.not.change=\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
|
||||
validation.not.empty.name="\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.email="\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.password="\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.oldpassword="\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.newpassword="\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.grade="\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.phone="\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.email="\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."
|
||||
validation.phone="\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
validation.not.empty.name=name is required.
|
||||
validation.not.empty.email=email is required.
|
||||
validation.not.empty.password=password is required.
|
||||
validation.not.empty.oldpassword=Old Password is required.
|
||||
validation.not.empty.newpassword=New Password is required.
|
||||
validation.not.empty.grade=user grade is required.
|
||||
validation.not.empty.phone=phone is required.
|
||||
validation.email=email is not valid.
|
||||
validation.phone=phone is not valid.
|
||||
validation.password.not.change=password not change.
|
||||
validation.not.empty.name="name is required."
|
||||
validation.not.empty.email="email is required."
|
||||
validation.not.empty.password="password is required."
|
||||
validation.not.empty.oldpassword="Old Password is required."
|
||||
validation.not.empty.newpassword="New Password is required."
|
||||
validation.not.empty.grade="user grade is required."
|
||||
validation.not.empty.phone="phone is required."
|
||||
validation.email="email is not valid."
|
||||
validation.phone="phone is not valid."
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
validation.not.empty.name=\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.email=\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.password=\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.oldpassword=\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.newpassword=\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.grade=\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.not.empty.phone=\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4.
|
||||
validation.email=\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
|
||||
validation.phone=\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
|
||||
validation.password.not.change=\uB3D9\uC77C\uD55C \uD328\uC2A4\uC6CC\uB4DC\uB85C \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
|
||||
validation.not.empty.name="\uC774\uB984\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.email="\uC774\uBA54\uC77C\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.password="\uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.oldpassword="\uD604\uC7AC \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.newpassword="\uBCC0\uACBD\uD560 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.grade="\uC0AC\uC6A9\uC790 \uB4F1\uAE09\uC740 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.not.empty.phone="\uD734\uB300\uBC88\uD638\uB294 \uD544\uC218 \uC785\uB2C8\uB2E4."
|
||||
validation.email="\uC774\uBA54\uC77C\uC774 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."
|
||||
validation.phone="\uD734\uB300\uBC88\uD638\uAC00 \uC62C\uBC14\uB974\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4."
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertAll;
|
||||
@@ -27,38 +27,10 @@ class JwtPropertiesTest {
|
||||
// when
|
||||
// then
|
||||
assertAll(
|
||||
() -> assertThat(jwtProperties.getAccessHeader()).isEqualTo("Authorization")
|
||||
, () -> assertThat(jwtProperties.getRefreshHeader()).isEqualTo("REFRESH_TOKEN")
|
||||
() -> assertThat(jwtProperties.getAccessHeader()).isEqualTo("ACCESS_TOKEN")
|
||||
, () -> assertThat(jwtProperties.getPrefix()).isEqualTo("Bearer")
|
||||
, () -> assertThat(jwtProperties.getAccessTokenValidityInSeconds()).isEqualTo(60)
|
||||
, () -> assertThat(jwtProperties.getRefreshTokenValidityInSeconds()).isEqualTo(259200)
|
||||
, () -> assertThat(jwtProperties.getTokenValidityInSeconds()).isEqualTo(86400)
|
||||
, () -> assertThat(jwtProperties.getSecretKey()).isNotEmpty());
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("token prefix 가 일치할 경우")
|
||||
void hasTokenStartsWithTrue() {
|
||||
// given
|
||||
String token = jwtProperties.getPrefix() + " " + "tokenPrefixTest";
|
||||
|
||||
// when
|
||||
boolean result = jwtProperties.hasTokenStartsWith(token);
|
||||
|
||||
// then
|
||||
assertThat(result).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("token prefix 가 일치하지 않을 경우")
|
||||
void hasTokenStartsWithFalse() {
|
||||
// given
|
||||
String token = "tokenPrefixTest";
|
||||
|
||||
// when
|
||||
boolean result = jwtProperties.hasTokenStartsWith(token);
|
||||
|
||||
// then
|
||||
assertThat(result).isFalse();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,9 +1,8 @@
|
||||
package com.ticketing.server.global.security.jwt;
|
||||
package com.ticketing.server.global.jwt;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
import com.ticketing.server.global.factory.YamlPropertySourceFactory;
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import java.util.Collections;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
@@ -26,12 +25,12 @@ class TokenProviderTest {
|
||||
@Autowired
|
||||
private JwtProperties jwtProperties;
|
||||
|
||||
JwtProvider jwtProvider;
|
||||
JwtProvider tokenProvider;
|
||||
|
||||
|
||||
@BeforeEach
|
||||
void init() {
|
||||
jwtProvider = new JwtProvider(jwtProperties);
|
||||
tokenProvider = new JwtProvider(jwtProperties);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -43,10 +42,10 @@ class TokenProviderTest {
|
||||
new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
|
||||
|
||||
// when
|
||||
TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
|
||||
String token = tokenProvider.createToken(authenticationToken);
|
||||
|
||||
// then
|
||||
assertThat(tokenDto).isInstanceOf(TokenDto.class);
|
||||
assertThat(token).isNotEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -58,8 +57,8 @@ class TokenProviderTest {
|
||||
new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
|
||||
|
||||
// when
|
||||
TokenDto tokenDto = jwtProvider.generateTokenDto(authenticationToken);
|
||||
Authentication authentication = jwtProvider.getAuthentication(tokenDto.getAccessToken());
|
||||
String token = tokenProvider.createToken(authenticationToken);
|
||||
Authentication authentication = tokenProvider.getAuthentication(token);
|
||||
|
||||
// then
|
||||
assertThat(authentication.getName()).isEqualTo("ticketing@gmail.com");
|
||||
@@ -1,75 +0,0 @@
|
||||
package com.ticketing.server.global.redis;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertAll;
|
||||
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.DisplayName;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
|
||||
@SpringBootTest
|
||||
class RefreshRedisRepositoryTest {
|
||||
|
||||
@Autowired
|
||||
RefreshRedisRepository refreshRedisRepository;
|
||||
|
||||
@AfterEach
|
||||
void tearDown() {
|
||||
refreshRedisRepository.deleteAll();
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("기본 등록 및 조회기능")
|
||||
void saveAndFind() {
|
||||
// given
|
||||
RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
|
||||
|
||||
// when
|
||||
refreshRedisRepository.save(refreshToken);
|
||||
|
||||
// then
|
||||
RefreshToken findRefreshToken = refreshRedisRepository.findById(refreshToken.getId()).get();
|
||||
assertAll(
|
||||
() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
|
||||
, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("기본 등록 및 이메일 조회")
|
||||
void saveAndFindByEmail() {
|
||||
// given
|
||||
RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
|
||||
|
||||
// when
|
||||
refreshRedisRepository.save(refreshToken);
|
||||
|
||||
// then
|
||||
RefreshToken findRefreshToken = refreshRedisRepository.findByEmail(refreshToken.getEmail()).get();
|
||||
assertAll(
|
||||
() -> assertThat(findRefreshToken.getEmail()).isEqualTo("ticketing@gmail.com")
|
||||
, () -> assertThat(findRefreshToken.getToken()).isEqualTo("refreshToken")
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("기본 등록 및 수정기능")
|
||||
void saveAndSave() {
|
||||
// given
|
||||
RefreshToken refreshToken = new RefreshToken("ticketing@gmail.com", "refreshToken");
|
||||
refreshRedisRepository.save(refreshToken);
|
||||
Long id = refreshToken.getId();
|
||||
|
||||
// when
|
||||
RefreshToken savedRefreshToken = refreshRedisRepository.findById(id).get();
|
||||
savedRefreshToken.changeToken("refreshToken2");
|
||||
refreshRedisRepository.save(savedRefreshToken);
|
||||
|
||||
// then
|
||||
RefreshToken lastSavedRefreshToken = refreshRedisRepository.findById(id).get();
|
||||
assertThat(lastSavedRefreshToken.getToken()).isEqualTo("refreshToken2");
|
||||
}
|
||||
|
||||
}
|
||||
@@ -27,7 +27,7 @@ public class MovieRepositoryTest {
|
||||
@Order(1)
|
||||
@Test
|
||||
@Rollback(value = false)
|
||||
@DisplayName("Movie Repository Test - saving movie")
|
||||
@DisplayName("Movie Repository - test saving movie")
|
||||
void shouldAbleToSaveMovie() {
|
||||
// given
|
||||
Movie movie = new Movie("범죄도시 2", 106);
|
||||
|
||||
@@ -1,66 +1,9 @@
|
||||
package com.ticketing.server.movie.service;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.ticketing.server.movie.domain.Movie;
|
||||
import com.ticketing.server.movie.domain.repository.MovieRepository;
|
||||
import com.ticketing.server.movie.service.dto.MovieDto;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.DisplayName;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.mockito.InjectMocks;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.junit.jupiter.MockitoExtension;
|
||||
|
||||
@ExtendWith(MockitoExtension.class)
|
||||
public class MovieServiceImplTest {
|
||||
|
||||
Movie movie;
|
||||
MovieDto movieDto;
|
||||
List<Movie> movies = new ArrayList<>();
|
||||
List<MovieDto> movieDtos = new ArrayList<>();
|
||||
|
||||
@Mock
|
||||
MovieRepository movieRepository;
|
||||
|
||||
@InjectMocks
|
||||
MovieServiceImpl movieService;
|
||||
|
||||
@Test
|
||||
@DisplayName("Movie Service Test - get movies when there is no movie")
|
||||
void shouldGetEmptyList() {
|
||||
// given
|
||||
when(movieRepository.findValidMovies()).thenReturn(Collections.emptyList());
|
||||
|
||||
// when
|
||||
List<MovieDto> movieDtoList = movieService.getMovies();
|
||||
|
||||
// then
|
||||
assertTrue(movieDtoList.isEmpty());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("Movie Service Test - get movies")
|
||||
void shouldAbleToGetMovies() {
|
||||
// given
|
||||
movie = new Movie("범죄도시2", 106);
|
||||
movieDto = movie.toDto();
|
||||
movies.add(movie);
|
||||
movieDtos.add(movieDto);
|
||||
|
||||
when(movieRepository.findValidMovies()).thenReturn(movies);
|
||||
|
||||
// when
|
||||
List<MovieDto> movieDtoList = movieService.getMovies();
|
||||
|
||||
// then
|
||||
assertTrue(!movieDtoList.isEmpty());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -3,15 +3,14 @@ package com.ticketing.server.user.application;
|
||||
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.springSecurity;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.ticketing.server.global.redis.RefreshRedisRepository;
|
||||
import com.ticketing.server.user.application.request.LoginRequest;
|
||||
import com.ticketing.server.user.application.request.SignUpRequest;
|
||||
import com.ticketing.server.user.service.interfaces.UserService;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.DisplayName;
|
||||
import org.junit.jupiter.api.Test;
|
||||
@@ -27,10 +26,7 @@ import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
@SpringBootTest
|
||||
@Transactional
|
||||
class AuthControllerTest {
|
||||
|
||||
private static final String LOGIN_URL = "/api/auth/token";
|
||||
private static final String REGISTER_URL = "/api/users";
|
||||
class UserControllerTest {
|
||||
|
||||
@Autowired
|
||||
WebApplicationContext context;
|
||||
@@ -44,11 +40,22 @@ class AuthControllerTest {
|
||||
@Autowired
|
||||
ObjectMapper objectMapper;
|
||||
|
||||
@Autowired
|
||||
RefreshRedisRepository refreshRedisRepository;
|
||||
|
||||
MockMvc mvc;
|
||||
|
||||
@BeforeEach
|
||||
void init() throws Exception {
|
||||
mvc = MockMvcBuilders
|
||||
.webAppContextSetup(context)
|
||||
.apply(springSecurity())
|
||||
.build();
|
||||
|
||||
SignUpRequest signUpRequest = new SignUpRequest("ticketing", "ticketing@gmail.com", "qwe123", "010-2240-7920");
|
||||
|
||||
mvc.perform(post("/user")
|
||||
.content(asJsonString(signUpRequest))
|
||||
.contentType(MediaType.APPLICATION_JSON));
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("로그인 인증 성공")
|
||||
void loginSuccess() throws Exception {
|
||||
@@ -56,13 +63,14 @@ class AuthControllerTest {
|
||||
LoginRequest request = new LoginRequest("ticketing@gmail.com", "qwe123");
|
||||
|
||||
// when
|
||||
ResultActions actions = mvc.perform(post(LOGIN_URL)
|
||||
ResultActions actions = mvc.perform(post("/user/login")
|
||||
.content(asJsonString(request))
|
||||
.contentType(MediaType.APPLICATION_JSON));
|
||||
|
||||
// then
|
||||
actions.andDo(print())
|
||||
.andExpect(status().isOk());
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(header().exists("ACCESS_TOKEN"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -72,7 +80,7 @@ class AuthControllerTest {
|
||||
LoginRequest request = new LoginRequest("ticketing@gmail.com", "qwe1234");
|
||||
|
||||
// when
|
||||
ResultActions actions = mvc.perform(post(LOGIN_URL)
|
||||
ResultActions actions = mvc.perform(post("/user/login")
|
||||
.content(asJsonString(request))
|
||||
.contentType(MediaType.APPLICATION_JSON));
|
||||
|
||||
@@ -85,23 +93,4 @@ class AuthControllerTest {
|
||||
return objectMapper.writeValueAsString(object);
|
||||
}
|
||||
|
||||
@BeforeEach
|
||||
void init() throws Exception {
|
||||
mvc = MockMvcBuilders
|
||||
.webAppContextSetup(context)
|
||||
.apply(springSecurity())
|
||||
.build();
|
||||
|
||||
SignUpRequest signUpRequest = new SignUpRequest("ticketing", "ticketing@gmail.com", "qwe123", "010-2240-7920");
|
||||
|
||||
mvc.perform(post(REGISTER_URL)
|
||||
.content(asJsonString(signUpRequest))
|
||||
.contentType(MediaType.APPLICATION_JSON));
|
||||
}
|
||||
|
||||
@AfterEach
|
||||
void tearDown() {
|
||||
refreshRedisRepository.deleteAll();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -4,7 +4,8 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.junit.jupiter.api.Assertions.assertAll;
|
||||
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.global.exception.AlreadyDeletedException;
|
||||
import com.ticketing.server.global.exception.PasswordMismatchException;
|
||||
import com.ticketing.server.user.service.dto.ChangePasswordDTO;
|
||||
import com.ticketing.server.user.service.dto.DeleteUserDTO;
|
||||
import com.ticketing.server.user.service.dto.DeleteUserDtoTest;
|
||||
@@ -44,7 +45,7 @@ class UserTest {
|
||||
// when
|
||||
// then
|
||||
assertThatThrownBy(() -> user.delete(deleteUser))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
.isInstanceOf(PasswordMismatchException.class);
|
||||
}
|
||||
|
||||
@ParameterizedTest
|
||||
@@ -59,8 +60,7 @@ class UserTest {
|
||||
|
||||
// then
|
||||
assertThatThrownBy(() -> user.delete(deleteUserDto))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
|
||||
.isInstanceOf(AlreadyDeletedException.class);
|
||||
}
|
||||
|
||||
@ParameterizedTest
|
||||
@@ -90,7 +90,7 @@ class UserTest {
|
||||
// when
|
||||
// then
|
||||
assertThatThrownBy(() -> user.changePassword(changePasswordDto))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
.isInstanceOf(PasswordMismatchException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -1,84 +0,0 @@
|
||||
package com.ticketing.server.user.service;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.junit.jupiter.api.Assertions.assertAll;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.ticketing.server.global.factory.YamlPropertySourceFactory;
|
||||
import com.ticketing.server.global.redis.RefreshRedisRepository;
|
||||
import com.ticketing.server.global.redis.RefreshToken;
|
||||
import com.ticketing.server.global.security.jwt.JwtProperties;
|
||||
import com.ticketing.server.global.security.jwt.JwtProvider;
|
||||
import com.ticketing.server.user.application.response.TokenDto;
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import java.util.Collections;
|
||||
import java.util.Optional;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.DisplayName;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.junit.jupiter.api.extension.ExtendWith;
|
||||
import org.mockito.InjectMocks;
|
||||
import org.mockito.Mock;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.test.context.junit.jupiter.SpringExtension;
|
||||
|
||||
@ExtendWith(SpringExtension.class)
|
||||
@EnableConfigurationProperties(value = JwtProperties.class)
|
||||
@PropertySource(value = "classpath:application.yml", factory = YamlPropertySourceFactory.class)
|
||||
class AuthenticationServiceImplTest {
|
||||
|
||||
@Autowired
|
||||
private JwtProperties useJwtProperties;
|
||||
private JwtProvider useJwtProvider;
|
||||
|
||||
@Mock
|
||||
JwtProperties jwtProperties;
|
||||
|
||||
@Mock
|
||||
JwtProvider jwtProvider;
|
||||
|
||||
@Mock
|
||||
RefreshRedisRepository redisRepository;
|
||||
|
||||
@InjectMocks
|
||||
AuthenticationServiceImpl authenticationService;
|
||||
|
||||
UsernamePasswordAuthenticationToken authenticationToken;
|
||||
|
||||
@BeforeEach
|
||||
void init() {
|
||||
useJwtProvider = new JwtProvider(useJwtProperties);
|
||||
SimpleGrantedAuthority grantedAuthority = new SimpleGrantedAuthority(UserGrade.GUEST.name());
|
||||
authenticationToken =
|
||||
new UsernamePasswordAuthenticationToken("ticketing@gmail.com", "123456", Collections.singleton(grantedAuthority));
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("토큰 재발급 성공")
|
||||
void reissueAccessToken() {
|
||||
// given
|
||||
String refreshToken = "Bearer eyJhbGciOiJIUzUxMiJ9";
|
||||
when(jwtProvider.validateToken(any())).thenReturn(true);
|
||||
when(jwtProvider.getAuthentication(any())).thenReturn(authenticationToken);
|
||||
when(jwtProvider.generateTokenDto(any())).thenReturn(useJwtProvider.generateTokenDto(authenticationToken));
|
||||
when(redisRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.of(new RefreshToken("ticketing@gmail.com", "eyJhbGciOiJIUzUxMiJ9")));
|
||||
when(jwtProperties.hasTokenStartsWith(refreshToken)).thenReturn(true);
|
||||
|
||||
// when
|
||||
TokenDto tokenDto = authenticationService.reissueTokenDto(refreshToken);
|
||||
|
||||
// then
|
||||
assertAll(
|
||||
() -> assertThat(tokenDto.getAccessToken()).isNotEmpty()
|
||||
, () -> assertThat(tokenDto.getRefreshToken()).isNotEmpty()
|
||||
, () -> assertThat(tokenDto.getTokenType()).isEqualTo("Bearer")
|
||||
, () -> assertThat(tokenDto.getExpiresIn()).isEqualTo(60)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -2,11 +2,10 @@ package com.ticketing.server.user.service;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatThrownBy;
|
||||
import static org.junit.jupiter.api.Assertions.assertAll;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import com.ticketing.server.global.exception.TicketingException;
|
||||
import com.ticketing.server.global.exception.NotFoundEmailException;
|
||||
import com.ticketing.server.user.domain.User;
|
||||
import com.ticketing.server.user.domain.UserGrade;
|
||||
import com.ticketing.server.user.domain.repository.UserRepository;
|
||||
@@ -54,7 +53,7 @@ class UserServiceImplTest {
|
||||
// when
|
||||
// then
|
||||
assertThatThrownBy(() -> userService.register(signUpDto))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -75,28 +74,25 @@ class UserServiceImplTest {
|
||||
@DisplayName("회원탈퇴 시 이메일이 존재하지 않을 경우")
|
||||
void deleteFail() {
|
||||
// given
|
||||
when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.empty());
|
||||
when(userRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.empty());
|
||||
|
||||
// when
|
||||
// then
|
||||
assertThatThrownBy(() -> userService.delete(deleteUserDto))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
.isInstanceOf(NotFoundEmailException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
@DisplayName("회원탈퇴 성공했을 경우")
|
||||
void deleteSuccess() {
|
||||
// given
|
||||
when(userRepository.findByEmailAndIsDeletedFalse("ticketing@gmail.com")).thenReturn(Optional.of(user));
|
||||
when(userRepository.findByEmail("ticketing@gmail.com")).thenReturn(Optional.of(user));
|
||||
|
||||
// when
|
||||
User user = userService.delete(deleteUserDto);
|
||||
|
||||
// then
|
||||
assertAll(
|
||||
() -> assertThat(user.isDeleted()).isTrue(),
|
||||
() -> assertThat(user.getDeletedAt()).isNotNull()
|
||||
);
|
||||
assertThat(user).isNotNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -108,7 +104,7 @@ class UserServiceImplTest {
|
||||
// when
|
||||
// then
|
||||
assertThatThrownBy(() -> userService.changePassword(changePasswordDto))
|
||||
.isInstanceOf(TicketingException.class);
|
||||
.isInstanceOf(NotFoundEmailException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -4,9 +4,6 @@ spring:
|
||||
username: ENC(LowN1n4w0Ep/DqLD8+q5Bq6AXM4b8e3V)
|
||||
password: ENC(OMvGcpZLpggFTiGNkqNe66Zq/SmJXF6o)
|
||||
driver-class-name: com.mysql.cj.jdbc.Driver
|
||||
redis:
|
||||
host: localhost
|
||||
port: 6379
|
||||
|
||||
jpa:
|
||||
properties:
|
||||
@@ -16,22 +13,17 @@ spring:
|
||||
hibernate:
|
||||
ddl-auto: create
|
||||
|
||||
mvc:
|
||||
pathmatch:
|
||||
matching-strategy: ant_path_matcher
|
||||
|
||||
jasypt:
|
||||
encryptor:
|
||||
bean: jasyptStringEncryptor
|
||||
|
||||
jwt:
|
||||
access-header: Authorization
|
||||
refresh-header: REFRESH_TOKEN
|
||||
access-header: ACCESS_TOKEN
|
||||
prefix: Bearer
|
||||
secret-key: Zi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXktZi1sYWItdGlja2V0aW5nLXByb2plY3Qtc3ByaW5nLWJvb3Qtc2VjdXJpdHktand0LXNlY3JldC1rZXkK
|
||||
access-token-validity-in-seconds: 60
|
||||
refresh-token-validity-in-seconds: 259200
|
||||
token-validity-in-seconds: 86400
|
||||
|
||||
tmdb:
|
||||
api-key: 0d1503b6dcbfe1c514299b5564c649b8
|
||||
read-access-token: eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiIwZDE1MDNiNmRjYmZlMWM1MTQyOTliNTU2NGM2NDliOCIsInN1YiI6IjYyOWYwODRlNzI2ZmIxMTA2NDA4MjI2NCIsInNjb3BlcyI6WyJhcGlfcmVhZCJdLCJ2ZXJzaW9uIjoxfQ.rs8KZea8QLyashILiggWFx2s46lgUtzo-xSWoDgE58A
|
||||
|
||||
|
||||
Reference in New Issue
Block a user