mindol1004/spring-jwt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into 메뉴_등록

Browse Source
This commit is contained in:
Sangbum Park
2022-03-01 16:14:30 +09:00
committed by GitHub
parent 3499902bb9 53d709aed0
commit 5dd8b44518
25 changed files with 447 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/OwnerApigatewayServiceApplication.java
View File

@@ -1,8 +1,11 @@
package com.justpickup.ownerapigatewayservice;
import com.justpickup.ownerapigatewayservice.handler.GlobalExceptionHandler;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.context.annotation.Bean;
@SpringBootApplication
@EnableEurekaClient
@@ -12,4 +15,9 @@ public class OwnerApigatewayServiceApplication {
SpringApplication.run(OwnerApigatewayServiceApplication.class, args);
}
@Bean
public ErrorWebExceptionHandler globalExceptionHandler() {
return new GlobalExceptionHandler();
}
}

4
owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/filter/AuthorizationHeaderFilter.java
View File

@@ -44,9 +44,7 @@ public class AuthorizationHeaderFilter extends AbstractGatewayFilterFactory<Auth
// JWT 토큰 판별
String token = authorizationHeader.replace("Bearer", "");
if (!jwtTokenProvider.validateJwtToken(token)) {
return onError(exchange, "JWT token is not valid", HttpStatus.UNAUTHORIZED);
}
jwtTokenProvider.validateJwtToken(token);
String subject = jwtTokenProvider.getUserId(token);
if (false == jwtTokenProvider.getRoles(token).contains("StoreOwner")) {

46
owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/handler/GlobalExceptionHandler.java Normal file
View File

@@ -0,0 +1,46 @@
package com.justpickup.ownerapigatewayservice.handler;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.jsonwebtoken.ExpiredJwtException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.reactive.error.ErrorWebExceptionHandler;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.HashMap;
import java.util.Map;
public class GlobalExceptionHandler implements ErrorWebExceptionHandler {
@Autowired
private ObjectMapper objectMapper;
@Override
public Mono<Void> handle(ServerWebExchange exchange, Throwable ex) {
Class<? extends Throwable> exceptionClass = ex.getClass();
Map<String, Object> responseBody = new HashMap<>();
if (exceptionClass == ExpiredJwtException.class) {
exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
responseBody.put("code", "EXPIRED");
responseBody.put("message", "Access Token is Expired!");
}
DataBuffer wrap = null;
try {
byte[] bytes = objectMapper.writeValueAsBytes(responseBody);
wrap = exchange.getResponse().bufferFactory().wrap(bytes);
} catch (JsonProcessingException e) {
e.printStackTrace();
}
return exchange.getResponse().writeWith(Flux.just(wrap));
}
}

21
owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/security/JwtTokenProvider.java
View File

@@ -73,25 +73,12 @@ public class JwtTokenProvider {
return (List<String>) getClaimsFromJwtToken(token).get("roles");
}
public boolean validateJwtToken(String token) {
public void validateJwtToken(String token) {
try {
Jwts.parser().setSigningKey(SECRET).parseClaimsJws(token);
return true;
} catch (SignatureException e) {
log.error("Invalid JWT signature: {}", e.getMessage());
return false;
} catch (MalformedJwtException e) {
log.error("Invalid JWT token: {}", e.getMessage());
return false;
} catch (ExpiredJwtException e) {
log.error("JWT token is expired: {}", e.getMessage());
return false;
} catch (UnsupportedJwtException e) {
log.error("JWT token is unsupported: {}", e.getMessage());
return false;
} catch (IllegalArgumentException e) {
log.error("JWT claims string is empty: {}", e.getMessage());
return false;
} catch (SignatureException | MalformedJwtException |
UnsupportedJwtException | IllegalArgumentException | ExpiredJwtException jwtException) {
throw jwtException;
}
}

10
owner-apigateway-service/src/main/resources/application.yml
View File

@@ -23,7 +23,7 @@ spring:
globalcors:
cors-configurations:
'[/**]':
allowedOrigins: "*"
allowedOrigins: "http://localhost:8080"
allowedMethods:
- GET
- POST
@@ -32,6 +32,7 @@ spring:
- OPTIONS
- DELETE
allowedHeaders: '*'
allow-credentials: true
routes:
- id: owner-frontend-service
uri: lb://OWNER-FRONTEND-SERVICE
@@ -39,18 +40,22 @@ spring:
- Path=/owner-frontend-service/**
filters:
- RewritePath=/owner-frontend-service/(?<segment>.*),/$\{segment}
- id: order-service
uri: lb://ORDER-SERVCIE
predicates:
- Path=/order-service/**
filters:
- RewritePath=/order-service/(?<segment>.*),/$\{segment}
- AuthorizationHeaderFilter
- id: store-service
uri: lb://STORE-SERVCIE
predicates:
- Path=/store-service/**
filters:
- RewritePath=/store-service/(?<segment>.*),/$\{segment}
- id: user-service
uri: lb://USER-SERVICE
predicates:
@@ -61,7 +66,7 @@ spring:
- id: user-service
uri: lb://USER-SERVICE
predicates:
- Path=/user-service/refreshToken
- Path=/user-service/auth/reissue
- Method=GET
filters:
- RewritePath=/user-service/(?<segment>.*),/$\{segment}
@@ -85,6 +90,7 @@ spring:
- Path=/user-service/**
filters:
- RewritePath=/user-service/(?<segment>.*),/$\{segment}
- AuthorizationHeaderFilter
token:
access-expired-time: 3600000