From 10c955d22ce400c3226d1d612323c629fa23a86d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=9D=B4=ED=98=84=EC=A4=80?= <11dlguswns@naver.com> Date: Wed, 18 Dec 2024 14:49:32 +0900 Subject: [PATCH] =?UTF-8?q?fix=20::=20=EC=BB=A4=EC=8A=A4=ED=85=80=20?= =?UTF-8?q?=EC=9D=B8=EC=A6=9D=20=EC=98=88=EC=99=B8=EC=B2=98=EB=A6=AC=20?= =?UTF-8?q?=EA=B8=B0=EB=8A=A5=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/exception/CustomErrorCode.java | 6 ++ .../CustomAuthenticationEntryPoint.java | 56 +++++++++++++++++++ .../security/configs/SecurityConfig.java | 5 +- 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 src/main/java/com/mango/amango/global/security/CustomAuthenticationEntryPoint.java diff --git a/src/main/java/com/mango/amango/global/exception/CustomErrorCode.java b/src/main/java/com/mango/amango/global/exception/CustomErrorCode.java index 433720a..a08c3e5 100644 --- a/src/main/java/com/mango/amango/global/exception/CustomErrorCode.java +++ b/src/main/java/com/mango/amango/global/exception/CustomErrorCode.java @@ -7,10 +7,16 @@ @Getter @RequiredArgsConstructor public enum CustomErrorCode { + UNAUTHORIZED(HttpStatus.UNAUTHORIZED, "인증에 실패했습니다."), + FORBIDDEN(HttpStatus.FORBIDDEN, "권한 증명에 실패했습니다."), + NOT_FOUND(HttpStatus.NOT_FOUND, "존재하지 않는 페이지 입니다."), + INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버에 문제가 발생했습니다."), + INVALID_PASSWORD(HttpStatus.UNAUTHORIZED, "유효하지 않은 비밀번호 입니다."), INVALID_EMAIL(HttpStatus.UNAUTHORIZED, "유효하지 않은 이메일 입니다."), MALFORMED_TOKEN(HttpStatus.BAD_REQUEST, "잘못된 토큰 형식 입니다."), USER_NOT_FOUND(HttpStatus.BAD_REQUEST, "존재하지 않는 유저 입니다."), + EXIST_EMAIL(HttpStatus.BAD_REQUEST, "이미 존재하는 이메일 입니다."), REFRESH_TOKEN_NOT_FOUND(HttpStatus.BAD_REQUEST, "Refresh 토큰을 찾을 수 없습니다."), VALIDATION_FAILED(HttpStatus.BAD_REQUEST, "유효하지 않는 요청 형식입니다."), diff --git a/src/main/java/com/mango/amango/global/security/CustomAuthenticationEntryPoint.java b/src/main/java/com/mango/amango/global/security/CustomAuthenticationEntryPoint.java new file mode 100644 index 0000000..014d31e --- /dev/null +++ b/src/main/java/com/mango/amango/global/security/CustomAuthenticationEntryPoint.java @@ -0,0 +1,56 @@ +package com.mango.amango.global.security; + +import com.mango.amango.global.exception.CustomErrorCode; +import com.mango.amango.global.exception.CustomException; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.context.annotation.Primary; +import org.springframework.security.authentication.InsufficientAuthenticationException; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerExceptionResolver; + +import java.io.IOException; + +@Primary +@Component +public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint { + + private final HandlerExceptionResolver resolver; + + public CustomAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver) { + this.resolver = resolver; + } + + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + resolver.resolveException(request, response, null, getCustomException(response, authException)); + } + + private CustomException getCustomException(HttpServletResponse response, AuthenticationException authException) { + if (isSuccessResponse(response) && isAuthError(authException)) { + return new CustomException(CustomErrorCode.UNAUTHORIZED); + + } else { + return switch (response.getStatus()) { + case 401 -> new CustomException(CustomErrorCode.UNAUTHORIZED); + case 403 -> new CustomException(CustomErrorCode.FORBIDDEN); + case 404 -> new CustomException(CustomErrorCode.NOT_FOUND); + case 500 -> new CustomException(CustomErrorCode.INTERNAL_SERVER_ERROR); + default -> throw authException; + + }; + } + } + + private boolean isSuccessResponse(HttpServletResponse response) { + return response.getStatus() == 200 || response.getStatus() == 201; + } + + private boolean isAuthError(AuthenticationException authException) { + return authException instanceof InsufficientAuthenticationException; + } +} diff --git a/src/main/java/com/mango/amango/global/security/configs/SecurityConfig.java b/src/main/java/com/mango/amango/global/security/configs/SecurityConfig.java index 58f9b37..fda1614 100644 --- a/src/main/java/com/mango/amango/global/security/configs/SecurityConfig.java +++ b/src/main/java/com/mango/amango/global/security/configs/SecurityConfig.java @@ -11,6 +11,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @@ -25,6 +26,7 @@ public class SecurityConfig { public static final String[] PERMITTED_URI = {"/auth", "/auth/login"}; private final JwtService jwtService; private final UserService userService; + private final AuthenticationEntryPoint authenticationEntryPoint; @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { @@ -53,7 +55,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .addFilterBefore(new JwtAuthenticationFilter(jwtService, userService), UsernamePasswordAuthenticationFilter.class) .addFilterBefore(new CustomExceptionFilter(), - JwtAuthenticationFilter.class); + JwtAuthenticationFilter.class) + .exceptionHandling((exception) -> exception.authenticationEntryPoint(authenticationEntryPoint)) ; return http.build();