Merge branch 'develop' into CLAP-328

hyoseong-Choi · web-flow · commit 45a82cd4fa18 · 2025-02-07T18:29:54.000+09:00
diff --git a/src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java b/src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java
@@ -49,7 +49,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
             SWAGGER_ENDPOINTS
     ).flatMap(Arrays::stream).toArray(String[]::new);
 
-    public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINT, PASSWORD_EMAIL_ENDPOINT};
+    public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, PASSWORD_EMAIL_ENDPOINT};
 
     @Override
     protected void doFilterInternal(
@@ -58,7 +58,6 @@ protected void doFilterInternal(
             @NotNull FilterChain filterChain
     ) throws ServletException, IOException {
         try {
-
             if (isAnonymousRequest(request)) {
                 filterChain.doFilter(request, response);
                 return;
@@ -76,10 +75,11 @@ protected void doFilterInternal(
     }
 
     private boolean isAnonymousRequest(HttpServletRequest request) {
+        String requestUri = request.getRequestURI();
         boolean isAnonymousURI = Arrays.stream(ANONYMOUS_ENDPOINTS)
-                .anyMatch(endpoint -> new AntPathMatcher().match(endpoint, request.getRequestURI()));
+                .anyMatch(endpoint -> new AntPathMatcher().match(endpoint, requestUri));
         boolean isAnonymous = request.getHeader(HttpHeaders.AUTHORIZATION) == null;
-        return isAnonymousURI && isAnonymous;
+        return (isAnonymousURI && isAnonymous) || requestUri.equals(REISSUANCE_ENDPOINT);
     }
 
     @Override
