[refactor] JWT 인증 에러 메시지 세분화

chanwoo7 · chanwoo7 · commit f848cf15037f · 2024-08-17T12:19:56.000+09:00
diff --git a/src/main/java/com/book/backend/domain/auth/service/JwtAuthenticationFilter.java b/src/main/java/com/book/backend/domain/auth/service/JwtAuthenticationFilter.java
@@ -44,37 +44,40 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         String authorization = wrappedRequest.getHeader("Authorization");
         String username = "", token = "";
 
-        if (authorization != null && authorization.startsWith("Bearer ")) {  // Bearer 토큰 파싱
-            token = authorization.substring(7);  // jwt token 파싱
-            try {
+        try {
+            if (authorization != null && authorization.startsWith("Bearer ")) {  // Bearer 토큰 파싱
+                token = authorization.substring(7);  // jwt token 파싱
                 username = jwtUtil.getUsernameFromToken(token);  // username 가져옴
-            } catch (ExpiredJwtException e) {
-                filterChain.doFilter(wrappedRequest, response);
-                return;
-            }
 
-            // 현재 SecurityContextHolder에 인증객체가 있는지 확인
-            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
-                UserDetails userDetails;
-                try {
-                    userDetails = userDetailsService.loadUserByUsername(username);
-                } catch (CustomException e) {
-                    userDetails = userDetailsService.loadUserByKakaoId(username);
-                }
+                // 현재 SecurityContextHolder에 인증객체가 있는지 확인
+                if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
+                    UserDetails userDetails;
+                    try {
+                        userDetails = userDetailsService.loadUserByUsername(username);
+                    } catch (CustomException e) {
+                        userDetails = userDetailsService.loadUserByKakaoId(username);
+                    }
 
-                // 토큰 유효성 검증
-                if (jwtUtil.isValidToken(token, userDetails)) {
-                    UsernamePasswordAuthenticationToken authenticated
-                            = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+                    // 토큰 유효성 검증
+                    if (jwtUtil.isValidToken(token, userDetails)) {
+                        UsernamePasswordAuthenticationToken authenticated
+                                = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
 
-                    authenticated.setDetails(new WebAuthenticationDetailsSource().buildDetails(wrappedRequest));
-                    SecurityContextHolder.getContext().setAuthentication(authenticated);
+                        authenticated.setDetails(new WebAuthenticationDetailsSource().buildDetails(wrappedRequest));
+                        SecurityContextHolder.getContext().setAuthentication(authenticated);
 
-                    // 토큰 갱신
-                    String newAccessToken = jwtUtil.generateToken(userDetails).getAccessToken();
-                    response.setHeader("Authorization", "Bearer " + newAccessToken);
+                        // 토큰 갱신
+                        String newAccessToken = jwtUtil.generateToken(userDetails).getAccessToken();
+                        response.setHeader("Authorization", "Bearer " + newAccessToken);
+                    }
                 }
+            } else {
+                request.setAttribute("JWTException", new CustomException(ErrorCode.JWT_NOT_FOUND));
             }
+        } catch (ExpiredJwtException e) {
+            request.setAttribute("JWTException", new CustomException(ErrorCode.JWT_EXPIRED));
+        } catch (Exception e) {
+            request.setAttribute("JWTException", new CustomException(ErrorCode.INVALID_CREDENTIALS));
         }
 
         filterChain.doFilter(wrappedRequest, response);
diff --git a/src/main/java/com/book/backend/exception/ErrorCode.java b/src/main/java/com/book/backend/exception/ErrorCode.java
@@ -23,7 +23,8 @@ public enum ErrorCode {
 
     INVALID_CREDENTIALS(HttpStatus.UNAUTHORIZED, "401", "사용자 인증에 실패했습니다."),
     LOGIN_REQUIRED(HttpStatus.UNAUTHORIZED, "401", "로그인이 필요합니다."),
-    JWT_EXPIRED(HttpStatus.UNAUTHORIZED, "401", "JWT 토큰이 만료되었습니다. 다시 로그인해주세요."),
+    JWT_NOT_FOUND(HttpStatus.UNAUTHORIZED, "401", "JWT 토큰이 입력되지 않았습니다."),
+    JWT_EXPIRED(HttpStatus.UNAUTHORIZED, "401", "JWT 토큰이 만료되었습니다."),
     USER_NOT_FOUND(HttpStatus.NOT_FOUND, "404", "해당하는 사용자를 찾을 수 없습니다."),
     LOGIN_ID_DUPLICATED(HttpStatus.CONFLICT,"409", "사용자의 아이디가 중복됩니다."),
     BAD_REQUEST(HttpStatus.BAD_REQUEST, "400", "요청이 잘못되었습니다."),
diff --git a/src/main/java/com/book/backend/global/CustomAuthenticationEntryPoint.java b/src/main/java/com/book/backend/global/CustomAuthenticationEntryPoint.java
@@ -1,7 +1,6 @@
 package com.book.backend.global;
 
 import com.book.backend.exception.CustomException;
-import com.book.backend.exception.ErrorCode;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@@ -13,7 +12,7 @@
 public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
     @Override
     public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
-        CustomException customException = new CustomException(ErrorCode.LOGIN_REQUIRED);
+        CustomException customException = (CustomException) request.getAttribute("JWTException");
         response.setStatus(customException.getCode().getStatus().value());
         response.setContentType("application/json");
         response.setCharacterEncoding("UTF-8");
