fix(owner-gateway-service): access token 없어도 200 ok 리턴하는 문제 해결

global exception handler에 ExpiredJwtException을 제외한 exception 처리하는 로직 추가.
2022-03-02 16:26:00 +09:00
parent 5ee3ac28cf
commit f1ac5fc654
1 changed files with 19 additions and 1 deletions
--- a/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/handler/GlobalExceptionHandler.java
+++ b/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/handler/GlobalExceptionHandler.java
@@ -3,6 +3,9 @@ package com.justpickup.ownerapigatewayservice.handler;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.SignatureException;
+import io.jsonwebtoken.UnsupportedJwtException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
 import org.springframework.core.io.buffer.DataBuffer;
@@ -13,6 +16,7 @@ import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;

 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;

 public class GlobalExceptionHandler implements ErrorWebExceptionHandler {
@@ -22,7 +26,11 @@ public class GlobalExceptionHandler implements ErrorWebExceptionHandler {

    @Override
    public Mono<Void> handle(ServerWebExchange exchange, Throwable ex) {
-
+        List<Class<? extends RuntimeException>> jwtExceptions =
+                List.of(SignatureException.class,
+                        MalformedJwtException.class,
+                        UnsupportedJwtException.class,
+                        IllegalArgumentException.class);
        Class<? extends Throwable> exceptionClass = ex.getClass();

        Map<String, Object> responseBody = new HashMap<>();
@@ -31,6 +39,15 @@ public class GlobalExceptionHandler implements ErrorWebExceptionHandler {
            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
            responseBody.put("code", "EXPIRED");
            responseBody.put("message", "Access Token is Expired!");
+        } else if (jwtExceptions.contains(exceptionClass)){
+            exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
+            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
+            responseBody.put("code", "INVALID");
+            responseBody.put("message", "Invalid Access Token");
+        }else{
+            exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
+            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
+            responseBody.put("code", "INVALID");
        }

        DataBuffer wrap = null;
@@ -43,4 +60,5 @@ public class GlobalExceptionHandler implements ErrorWebExceptionHandler {

        return exchange.getResponse().writeWith(Flux.just(wrap));
    }
+
 }