Merge: (#14)남은 시큐리티 설정

src/main/kotlin/team/sfe/server/global/security/jwt/ConfigurationPropertiesConfig.kt → src/main/kotlin/team/sfe/server/global/config/ConfigurationPropertiesConfig.kt

@@ -1,4 +1,4 @@
-package team.sfe.server.global.security.jwt
+package team.sfe.server.global.config
 
 import org.springframework.boot.context.properties.ConfigurationPropertiesScan
 import org.springframework.context.annotation.Configuration

src/main/kotlin/team/sfe/server/global/filter/JwtFilter.kt

@@ -0,0 +1,36 @@
+package team.sfe.server.global.filter
+
+import jakarta.servlet.FilterChain
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.springframework.web.filter.OncePerRequestFilter
+import team.sfe.server.global.security.jwt.JwtConstant.HEADER
+import team.sfe.server.global.security.jwt.JwtConstant.PREFIX
+import team.sfe.server.global.security.jwt.JwtParser
+
+class JwtFilter(
+    private val jwtParser: JwtParser
+) : OncePerRequestFilter() {
+
+    override fun doFilterInternal(
+        request: HttpServletRequest,
+        response: HttpServletResponse,
+        filterChain: FilterChain
+    ) {
+        val token = getToken(request)
+        token?.let {
+            TODO()
+        }
+        filterChain.doFilter(request, response)
+    }
+
+    private fun getToken(request: HttpServletRequest): String? {
+        val token = request.getHeader(HEADER)
+
+        return if (token.isNotEmpty() && token.startsWith(PREFIX)) {
+            token.substring(PREFIX.length)
+        } else {
+            null
+        }
+    }
+}

src/main/kotlin/team/sfe/server/global/security/SecurityConfig.kt

@@ -1,24 +1,40 @@
 package team.sfe.server.global.security
 
+import com.fasterxml.jackson.databind.ObjectMapper
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpMethod
 import org.springframework.security.config.Customizer
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
 import org.springframework.security.crypto.password.PasswordEncoder
 import org.springframework.security.web.SecurityFilterChain
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
+import team.sfe.server.global.filter.GlobalExceptionFilter
+import team.sfe.server.global.filter.JwtFilter
+import team.sfe.server.global.security.jwt.JwtParser
 
 @Configuration
-class SecurityConfig {
+class SecurityConfig(
+    private val jwtParser: JwtParser,
+    private val objectMapper: ObjectMapper
+) {
+
     @Bean
     fun filterChain(http: HttpSecurity): SecurityFilterChain {
         return http
             .csrf { it.disable() }
             .formLogin { it.disable() }
             .cors(Customizer.withDefaults())
             .sessionManagement { it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
-            .authorizeHttpRequests { it.anyRequest().permitAll() }
+            .authorizeHttpRequests {
+                // health check
+                it.requestMatchers(HttpMethod.GET, "/").permitAll()
+                    .anyRequest().permitAll()
+            }
+            .addFilterBefore(JwtFilter(jwtParser), UsernamePasswordAuthenticationFilter::class.java)
+            .addFilterBefore(GlobalExceptionFilter(objectMapper), JwtFilter::class.java)
             .build()
     }
 

src/main/kotlin/team/sfe/server/global/security/auth/AuthDetails.kt

@@ -0,0 +1,26 @@
+package team.sfe.server.global.security.auth
+
+import org.springframework.security.core.GrantedAuthority
+import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.userdetails.UserDetails
+import team.sfe.server.domain.user.domain.type.Authority
+
+class AuthDetails(
+    private val userId: Long,
+    private val authority: Authority
+) : UserDetails {
+    override fun getAuthorities(): MutableCollection<out GrantedAuthority> =
+        mutableListOf(SimpleGrantedAuthority(authority.name))
+
+    override fun getPassword(): String? = null
+
+    override fun getUsername(): String = userId.toString()
+
+    override fun isAccountNonExpired(): Boolean = true
+
+    override fun isAccountNonLocked(): Boolean = true
+
+    override fun isCredentialsNonExpired(): Boolean = true
+
+    override fun isEnabled(): Boolean = true
+}

src/main/kotlin/team/sfe/server/global/security/auth/AuthDetailsService.kt

@@ -0,0 +1,12 @@
+package team.sfe.server.global.security.auth
+
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.stereotype.Component
+
+@Component
+class AuthDetailsService : UserDetailsService {
+    override fun loadUserByUsername(username: String?): UserDetails {
+        TODO("Not yet implemented")
+    }
+}

src/main/kotlin/team/sfe/server/global/security/jwt/JwtParser.kt

@@ -5,6 +5,7 @@ import io.jsonwebtoken.ExpiredJwtException
 import io.jsonwebtoken.Jws
 import io.jsonwebtoken.JwtException
 import io.jsonwebtoken.Jwts
+import org.springframework.security.core.Authentication
 import org.springframework.stereotype.Component
 import team.sfe.server.global.exception.InternalServerErrorException
 import team.sfe.server.global.security.exception.ExpiredTokenException
@@ -15,6 +16,10 @@ class JwtParser(
     private val jwtProperties: JwtProperties
 ) {
 
+    fun getAuthentication(token: String): Authentication {
+        TODO()
+    }
+
     private fun getClaims(token: String): Jws<Claims> {
         return try {
             Jwts.parser()