Implement getAuthenticationByRefreshToken

2022-06-18 17:52:33 +09:00
parent a31df05aa4
commit a845fe1b63
4 changed files with 18 additions and 5 deletions
--- a/src/main/java/demo/api/auth/AuthServiceImpl.java
+++ b/src/main/java/demo/api/auth/AuthServiceImpl.java
@@ -99,7 +99,7 @@ public class AuthServiceImpl implements AuthService {
      }

      // 2. Access Token 에서 User email 를 가져옵니다.
-      Authentication authentication = jwtTokenProvider.getAuthentication(refresh_token);
+      Authentication authentication = jwtTokenProvider.getAuthenticationByRefreshToken(refresh_token);

      // 3. Redis 에서 User email 을 기반으로 저장된 Refresh Token 값을 가져옵니다.
      String refreshToken = (String)redisTemplate.opsForValue().get(authentication.getName());
--- a/src/main/java/demo/api/config/SecurityConfig.java
+++ b/src/main/java/demo/api/config/SecurityConfig.java
@@ -50,6 +50,7 @@ public class SecurityConfig {
            "/user/userList",
            "/auth/signIn*",
            "/user/profile/view/**",
+            "/auth/regenerateToken",
            "/favicon.ico"
        ).permitAll()
        .anyRequest().authenticated();
--- a/src/main/java/demo/api/jwt/JwtTokenFilter.java
+++ b/src/main/java/demo/api/jwt/JwtTokenFilter.java
@@ -27,7 +27,7 @@ public class JwtTokenFilter extends OncePerRequestFilter {
    String token = jwtTokenProvider.resolveToken(request);
    try {
      if (token != null && jwtTokenProvider.validateAccessToken(token)) {
-        Authentication auth = jwtTokenProvider.getAuthentication(token);
+        Authentication auth = jwtTokenProvider.getAuthenticationByAccessToken(token);
        SecurityContextHolder.getContext().setAuthentication(auth); // 정상 토큰이면 SecurityContext에 저장
      }
    } catch (CustomException e) {
--- a/src/main/java/demo/api/jwt/JwtTokenProvider.java
+++ b/src/main/java/demo/api/jwt/JwtTokenProvider.java
@@ -74,17 +74,29 @@ public class JwtTokenProvider {
  }

  /**
-   * 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환
-   * @param token
+   * Access 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환
+   * @param access_token
   * @return
   */
-  public Authentication getAuthentication(String token) {
+  public Authentication getAuthenticationByAccessToken(String token) {
    String username = Jwts.parser().setSigningKey(access_token_secret_key).parseClaimsJws(token).getBody().getSubject();
    UserDetails userDetails = userDetailsService.loadUserByUsername(username);
    
    return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
  }

+  /**
+   * Refresh 토큰으로부터 클레임을 만들고, 이를 통해 User 객체를 생성하여 Authentication 객체를 반환
+   * @param refresh_token
+   * @return
+   */
+  public Authentication getAuthenticationByRefreshToken(String token) {
+    String username = Jwts.parser().setSigningKey(refresh_token_secret_key).parseClaimsJws(token).getBody().getSubject();
+    UserDetails userDetails = userDetailsService.loadUserByUsername(username);
+
+    return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
+  }
+
  /**
   * http 헤더로부터 bearer 토큰을 가져옴.
   * @param req