Generate Refresh token && save to Redis
This commit is contained in:
hou27
@@ -26,7 +26,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
|
||||
) throws ServletException, IOException {
|
||||
String token = jwtTokenProvider.resolveToken(request);
|
||||
try {
|
||||
if (token != null && jwtTokenProvider.validateToken(token)) {
|
||||
if (token != null && jwtTokenProvider.validateAccessToken(token)) {
|
||||
Authentication auth = jwtTokenProvider.getAuthentication(token);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth); // 정상 토큰이면 SecurityContext에 저장
|
||||
}
|
||||
|
||||
@@ -19,33 +19,57 @@ import org.springframework.stereotype.Component;
|
||||
// 유저 정보로 JWT 토큰을 만들거나 토큰을 바탕으로 유저 정보를 가져옴
|
||||
@Component
|
||||
public class JwtTokenProvider {
|
||||
@Value("${jwt.token.secret-key}")
|
||||
private String secret_key;
|
||||
@Value("${jwt.token.access-token-secret-key}")
|
||||
private String access_token_secret_key;
|
||||
|
||||
@Value("${jwt.token.expire-length}")
|
||||
private long expire_time;
|
||||
@Value("${jwt.token.refresh-token-secret-key}")
|
||||
private String refresh_token_secret_key;
|
||||
|
||||
@Value("${jwt.token.access-token-expire-length}")
|
||||
private long access_token_expire_time;
|
||||
|
||||
@Value("${jwt.token.refresh-token-expire-length}")
|
||||
private long refresh_token_expire_time;
|
||||
|
||||
@Autowired
|
||||
private UserDetailsService userDetailsService;
|
||||
|
||||
/**
|
||||
* 적절한 설정을 통해 토큰을 생성하여 반환
|
||||
* 적절한 설정을 통해 Access 토큰을 생성하여 반환
|
||||
* @param authentication
|
||||
* @return
|
||||
* @return access token
|
||||
*/
|
||||
public String generateToken(Authentication authentication) {
|
||||
|
||||
public String generateAccessToken(Authentication authentication) {
|
||||
Claims claims = Jwts.claims().setSubject(authentication.getName());
|
||||
// claims.put("auth", appUserRoles.stream().map(s -> new SimpleGrantedAuthority(s.getAuthority())).filter(Objects::nonNull).collect(Collectors.toList()));
|
||||
|
||||
Date now = new Date();
|
||||
Date expiresIn = new Date(now.getTime() + expire_time);
|
||||
Date expiresIn = new Date(now.getTime() + access_token_expire_time);
|
||||
|
||||
return Jwts.builder()
|
||||
.setClaims(claims)
|
||||
.setIssuedAt(now)
|
||||
.setExpiration(expiresIn)
|
||||
.signWith(SignatureAlgorithm.HS256, secret_key)
|
||||
.signWith(SignatureAlgorithm.HS256, access_token_secret_key)
|
||||
.compact();
|
||||
}
|
||||
|
||||
/**
|
||||
* 적절한 설정을 통해 Refresh 토큰을 생성하여 반환
|
||||
* @param authentication
|
||||
* @return refresh token
|
||||
*/
|
||||
public String generateRefreshToken(Authentication authentication) {
|
||||
Claims claims = Jwts.claims().setSubject(authentication.getName());
|
||||
|
||||
Date now = new Date();
|
||||
Date expiresIn = new Date(now.getTime() + refresh_token_expire_time);
|
||||
|
||||
return Jwts.builder()
|
||||
.setClaims(claims)
|
||||
.setIssuedAt(now)
|
||||
.setExpiration(expiresIn)
|
||||
.signWith(SignatureAlgorithm.HS256, refresh_token_secret_key)
|
||||
.compact();
|
||||
}
|
||||
|
||||
@@ -55,7 +79,7 @@ public class JwtTokenProvider {
|
||||
* @return
|
||||
*/
|
||||
public Authentication getAuthentication(String token) {
|
||||
String username = Jwts.parser().setSigningKey(secret_key).parseClaimsJws(token).getBody().getSubject();
|
||||
String username = Jwts.parser().setSigningKey(access_token_secret_key).parseClaimsJws(token).getBody().getSubject();
|
||||
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
|
||||
|
||||
return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
|
||||
@@ -75,17 +99,32 @@ public class JwtTokenProvider {
|
||||
}
|
||||
|
||||
/**
|
||||
* 토큰을 검증
|
||||
* Access 토큰을 검증
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
public boolean validateToken(String token) {
|
||||
public boolean validateAccessToken(String token) {
|
||||
try {
|
||||
Jwts.parser().setSigningKey(secret_key).parseClaimsJws(token);
|
||||
Jwts.parser().setSigningKey(access_token_secret_key).parseClaimsJws(token);
|
||||
return true;
|
||||
} catch (JwtException e) {
|
||||
// MalformedJwtException | ExpiredJwtException | IllegalArgumentException
|
||||
throw new CustomException("Error on Token", HttpStatus.INTERNAL_SERVER_ERROR);
|
||||
throw new CustomException("Error on Access Token", HttpStatus.INTERNAL_SERVER_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Refresh 토큰을 검증
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
public boolean validateRefreshToken(String token) {
|
||||
try {
|
||||
Jwts.parser().setSigningKey(refresh_token_secret_key).parseClaimsJws(token);
|
||||
return true;
|
||||
} catch (JwtException e) {
|
||||
// MalformedJwtException | ExpiredJwtException | IllegalArgumentException
|
||||
throw new CustomException("Error on Refresh Token", HttpStatus.INTERNAL_SERVER_ERROR);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user