From 4dbbb8bbd9b027c4c14efb2c09207f2632febd2b Mon Sep 17 00:00:00 2001 From: liquidjoo Date: Fri, 31 May 2019 16:01:24 +0900 Subject: [PATCH] social login user resolver fix --- .../domain/social/UserArgumentResolver.java | 55 ++++++++++++++++--- .../user/CustomUserDetailsServiceImpl.java | 1 - 2 files changed, 47 insertions(+), 9 deletions(-) diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java index ced2707..dab71ff 100644 --- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java @@ -3,8 +3,11 @@ package io.bluemoon.authorizationserver.domain.social; import io.bluemoon.authorizationserver.config.annotation.SocialUser; import io.bluemoon.authorizationserver.domain.user.User; import io.bluemoon.authorizationserver.domain.user.UserRepository; +import io.bluemoon.authorizationserver.domain.user.UserRole; +import io.bluemoon.authorizationserver.domain.user.UserRoleRepository; import org.springframework.core.MethodParameter; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; @@ -20,16 +23,24 @@ import org.springframework.web.method.support.ModelAndViewContainer; import javax.servlet.http.HttpSession; import java.time.LocalDateTime; +import java.util.ArrayList; import java.util.HashMap; +import java.util.List; import java.util.Map; @Component public class UserArgumentResolver implements HandlerMethodArgumentResolver { private UserRepository userRepository; + private UserRoleRepository userRoleRepository; - public UserArgumentResolver(UserRepository userRepository) { + public UserArgumentResolver( + UserRepository userRepository, + UserRoleRepository userRoleRepository + ) { this.userRepository = userRepository; + this.userRoleRepository = userRoleRepository; + } @Override @@ -70,8 +81,18 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver { user = userRepository.findByEmail(convertUser.getEmail()); if (user == null) { user = userRepository.save(convertUser); + UserRole userRole = UserRole.builder() + .role("USER") + .user(user) + .build(); + UserRole userRoles = userRoleRepository.save(userRole); + } - setRoleIfNotSame(user, authentication, map); + + List userRoles = userRoleRepository.findByUser(user); + // role 부여 + + setRoleIfNotSame(user, authentication, map, userRoles); session.setAttribute("user", user); } catch (ClassCastException e) { return user; @@ -139,7 +160,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver { * @param authentication * @param map */ - private void setRoleIfNotSame(User user, OAuth2AuthenticationToken authentication, Map map) { + private void setRoleIfNotSame(User user, OAuth2AuthenticationToken authentication, Map map, List userRoles) { Map principalMap = new HashMap<>(); if (user.getSocialType().getVaule().equals("google")) { principalMap.put("id", map.get("sub")); @@ -151,12 +172,30 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver { // spring security authentiaction params setting // 후.. 찾기 힘들었다.. - if (!authentication.getAuthorities().contains( - new SimpleGrantedAuthority(user.getSocialType().getRoleType()))) { - SecurityContextHolder.getContext().setAuthentication( - new UsernamePasswordAuthenticationToken(principalMap, "N/A", AuthorityUtils.createAuthorityList(user.getSocialType().getRoleType())) - ); +// if (!authentication.getAuthorities().contains( +// new SimpleGrantedAuthority(user.getSocialType().getRoleType()))) { +// SecurityContextHolder.getContext().setAuthentication( +// new UsernamePasswordAuthenticationToken(principalMap, "N/A", AuthorityUtils.createAuthorityList(user.getSocialType().getRoleType())) +// ); +// } + + // social default user role + if (userRoles != null) { + List authoritiesRole = new ArrayList<>(userRoles.size()); + for (UserRole ur : userRoles) { + authoritiesRole.add(new SimpleGrantedAuthority(ur.getRole())); + } + + if (!authentication.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_USER"))) { + + SecurityContextHolder.getContext().setAuthentication( + new UsernamePasswordAuthenticationToken(principalMap, "N/A", authoritiesRole) + ); + } + } else { + SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(principalMap, "N/A", AuthorityUtils.createAuthorityList("ROLE_NONE"))); } + } diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java index 3231154..aa51494 100644 --- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java @@ -43,7 +43,6 @@ public class CustomUserDetailsServiceImpl implements UserDetailsService { } CustomUserDetails userDetail = new CustomUserDetails(user, urs); - userDetail.getAuthorities(); System.out.println(userDetail); return userDetail; }