Skip to content

Commit 2d9ca26

Browse files
joowojrjoowojr
authored
Merge pull request #414 from TaskFlow-CLAP/CLAP-329
CLAP-329 토큰 재발급 엔드포인트에 대해 액세스 토큰 검증을 하지 않도록 수정
2 parents 3bc8fb3 + 3f153a7 commit 2d9ca26

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
4949
SWAGGER_ENDPOINTS
5050
).flatMap(Arrays::stream).toArray(String[]::new);
5151

52-
public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINT, PASSWORD_EMAIL_ENDPOINT};
52+
public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, PASSWORD_EMAIL_ENDPOINT};
5353

5454
@Override
5555
protected void doFilterInternal(
@@ -58,7 +58,6 @@ protected void doFilterInternal(
5858
@NotNull FilterChain filterChain
5959
) throws ServletException, IOException {
6060
try {
61-
6261
if (isAnonymousRequest(request)) {
6362
filterChain.doFilter(request, response);
6463
return;
@@ -76,10 +75,11 @@ protected void doFilterInternal(
7675
}
7776

7877
private boolean isAnonymousRequest(HttpServletRequest request) {
78+
String requestUri = request.getRequestURI();
7979
boolean isAnonymousURI = Arrays.stream(ANONYMOUS_ENDPOINTS)
80-
.anyMatch(endpoint -> new AntPathMatcher().match(endpoint, request.getRequestURI()));
80+
.anyMatch(endpoint -> new AntPathMatcher().match(endpoint, requestUri));
8181
boolean isAnonymous = request.getHeader(HttpHeaders.AUTHORIZATION) == null;
82-
return isAnonymousURI && isAnonymous;
82+
return (isAnonymousURI && isAnonymous) || requestUri.equals(REISSUANCE_ENDPOINT);
8383
}
8484

8585
@Override

0 commit comments

Comments
 (0)