diff --git a/src/main/java/demo/api/auth/AuthServiceImpl.java b/src/main/java/demo/api/auth/AuthServiceImpl.java index 840c347..a98af71 100644 --- a/src/main/java/demo/api/auth/AuthServiceImpl.java +++ b/src/main/java/demo/api/auth/AuthServiceImpl.java @@ -99,7 +99,7 @@ public class AuthServiceImpl implements AuthService { } // 2. Access Token 에서 User email 를 가져옵니다. - Authentication authentication = jwtTokenProvider.getAuthentication(refresh_token); + Authentication authentication = jwtTokenProvider.getAuthenticationByRefreshToken(refresh_token); // 3. Redis 에서 User email 을 기반으로 저장된 Refresh Token 값을 가져옵니다. String refreshToken = (String)redisTemplate.opsForValue().get(authentication.getName()); diff --git a/src/main/java/demo/api/config/SecurityConfig.java b/src/main/java/demo/api/config/SecurityConfig.java index 543b585..e1d7aeb 100644 --- a/src/main/java/demo/api/config/SecurityConfig.java +++ b/src/main/java/demo/api/config/SecurityConfig.java @@ -50,6 +50,7 @@ public class SecurityConfig { "/user/userList", "/auth/signIn*", "/user/profile/view/**", + "/auth/regenerateToken", "/favicon.ico" ).permitAll() .anyRequest().authenticated(); diff --git a/src/main/java/demo/api/jwt/JwtTokenFilter.java b/src/main/java/demo/api/jwt/JwtTokenFilter.java index b807387..12cd523 100644 --- a/src/main/java/demo/api/jwt/JwtTokenFilter.java +++ b/src/main/java/demo/api/jwt/JwtTokenFilter.java @@ -27,7 +27,7 @@ public class JwtTokenFilter extends OncePerRequestFilter { String token = jwtTokenProvider.resolveToken(request); try { if (token != null && jwtTokenProvider.validateAccessToken(token)) { - Authentication auth = jwtTokenProvider.getAuthentication(token); + Authentication auth = jwtTokenProvider.getAuthenticationByAccessToken(token); SecurityContextHolder.getContext().setAuthentication(auth); // 정상 토큰이면 SecurityContext에 저장 } } catch (CustomException e) { diff --git a/src/main/java/demo/api/jwt/JwtTokenProvider.java b/src/main/java/demo/api/jwt/JwtTokenProvider.java index d622f1f..7637216 100644 --- a/src/main/java/demo/api/jwt/JwtTokenProvider.java +++ b/src/main/java/demo/api/jwt/JwtTokenProvider.java @@ -74,17 +74,29 @@ public class JwtTokenProvider { } /** - * 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환 - * @param token + * Access 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환 + * @param access_token * @return */ - public Authentication getAuthentication(String token) { + public Authentication getAuthenticationByAccessToken(String token) { String username = Jwts.parser().setSigningKey(access_token_secret_key).parseClaimsJws(token).getBody().getSubject(); UserDetails userDetails = userDetailsService.loadUserByUsername(username); return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities()); } + /** + * Refresh 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환 + * @param refresh_token + * @return + */ + public Authentication getAuthenticationByRefreshToken(String token) { + String username = Jwts.parser().setSigningKey(refresh_token_secret_key).parseClaimsJws(token).getBody().getSubject(); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); + + return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities()); + } + /** * http 헤더로부터 bearer 토큰을 가져옴. * @param req