feat(gateway-services): feign client jwt token 추가

2022-03-11 14:59:13 +09:00
parent 086d7f2e10
commit a3445dd0ec
5 changed files with 11 additions and 12 deletions
--- a/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/filter/AuthorizationHeaderFilter.java
+++ b/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/filter/AuthorizationHeaderFilter.java
@@ -48,6 +48,9 @@ public class AuthorizationHeaderFilter extends AbstractGatewayFilterFactory<Auth
            jwtTokenProvider.validateJwtToken(token);

            String subject = jwtTokenProvider.getUserId(token);
+
+            if (subject.equals("feign")) return chain.filter(exchange);
+
            if (false == jwtTokenProvider.getRoles(token).contains("StoreOwner")) {
                return onError(exchange, "권한 없음", HttpStatus.UNAUTHORIZED);
            }
--- a/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/handler/GlobalExceptionHandler.java
+++ b/owner-apigateway-service/src/main/java/com/justpickup/ownerapigatewayservice/handler/GlobalExceptionHandler.java
@@ -44,10 +44,10 @@ public class GlobalExceptionHandler implements ErrorWebExceptionHandler {
            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
            responseBody.put("code", "INVALID");
            responseBody.put("message", "Invalid Access Token");
-        }else{
-            exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
+        } else {
+            exchange.getResponse().setStatusCode(exchange.getResponse().getStatusCode());
            exchange.getResponse().getHeaders().setContentType(MediaType.APPLICATION_JSON);
-            responseBody.put("code", "INVALID");
+            responseBody.put("code", ex.getMessage());
        }

        DataBuffer wrap = null;
--- a/owner-apigateway-service/src/main/resources/application.yml
+++ b/owner-apigateway-service/src/main/resources/application.yml
@@ -42,13 +42,6 @@ spring:
            allowedHeaders: '*'
            allow-credentials: true
      routes:
-        - id: owner-frontend-service
-          uri: lb://OWNER-FRONTEND-SERVICE
-          predicates:
-            - Path=/owner-frontend-service/**
-          filters:
-            - RewritePath=/owner-frontend-service/(?<segment>.*),/$\{segment}
-
        - id: order-service
          uri: lb://ORDER-SERVCIE
          predicates:
@@ -105,6 +98,6 @@ spring:
 token:
  access-expired-time: 3600000
  refresh-expired-time: 604800000
-  secret: my-secret
+  secret: $2a$10$q42lY7Y18xqrFt1qbODZIO4OMTeOxnrCe7tF3n9bazJinVE7VH5Pi
  refresh-token-name: refresh-token
  access-token-name: access-token