default

Author: boorownie

build.gradle

@@ -1,17 +1,12 @@
 plugins {
+    id 'org.springframework.boot' version '3.3.0'
+    id 'io.spring.dependency-management' version '1.1.5'
     id 'java'
-    id 'org.springframework.boot' version '3.3.4'
-    id 'io.spring.dependency-management' version '1.1.6'
 }
 
-group = 'nextstep'
+group = 'com.example'
 version = '0.0.1-SNAPSHOT'
-
-java {
-    toolchain {
-        languageVersion = JavaLanguageVersion.of(21)
-    }
-}
+sourceCompatibility = '17'
 
 repositories {
     mavenCentral()

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

src/main/java/nextstep/app/domain/Member.java

@@ -36,4 +36,8 @@ public String getImageUrl() {
     public Set<String> getRoles() {
         return roles;
     }
+
+    public boolean matchPassword(String password) {
+        return this.password.equals(password);
+    }
 }

src/main/java/nextstep/app/infrastructure/InmemoryMemberRepository.java

@@ -4,20 +4,16 @@
 import nextstep.app.domain.MemberRepository;
 import org.springframework.stereotype.Repository;
 
-import java.util.*;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 @Repository
 public class InmemoryMemberRepository implements MemberRepository {
-    public static final Member ADMIN_MEMBER = new Member("[email protected]", "password", "a", "", Set.of("ADMIN"));
-    public static final Member USER_MEMBER = new Member("[email protected]", "password", "b", "", Set.of("USER"));
     private static final Map<String, Member> members = new HashMap<>();
 
-    static {
-        members.put(ADMIN_MEMBER.getEmail(), ADMIN_MEMBER);
-        members.put(USER_MEMBER.getEmail(), USER_MEMBER);
-    }
-
     @Override
     public Optional<Member> findByEmail(String email) {
         return Optional.ofNullable(members.get(email));

src/main/java/nextstep/app/ui/LoginController.java

@@ -4,7 +4,6 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
-//import nextstep.oauth2.userinfo.OAuth2User;
 import nextstep.security.authentication.Authentication;
 import nextstep.security.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;

src/main/java/nextstep/security/access/MvcRequestMatcher.java

@@ -1,8 +1,7 @@
 package nextstep.security.access;
 
-import org.springframework.http.HttpMethod;
-
 import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.http.HttpMethod;
 
 public class MvcRequestMatcher implements RequestMatcher {
 

src/main/java/nextstep/security/authentication/BasicAuthenticationFilter.java

@@ -1,5 +1,9 @@
 package nextstep.security.authentication;
 
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import nextstep.security.context.SecurityContext;
 import nextstep.security.context.SecurityContextHolder;
 import nextstep.security.userdetails.UserDetailsService;
@@ -8,10 +12,6 @@
 import org.springframework.util.StringUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;

src/main/java/nextstep/security/authentication/UsernamePasswordAuthenticationFilter.java

@@ -1,5 +1,11 @@
 package nextstep.security.authentication;
 
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import nextstep.security.access.MvcRequestMatcher;
 import nextstep.security.context.HttpSessionSecurityContextRepository;
 import nextstep.security.context.SecurityContext;
@@ -9,12 +15,6 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.web.filter.GenericFilterBean;
 
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.ServletRequest;
-import jakarta.servlet.ServletResponse;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.List;
 

src/main/java/nextstep/security/authorization/AuthorizationFilter.java

@@ -1,16 +1,16 @@
 package nextstep.security.authorization;
 
-import nextstep.security.authentication.Authentication;
-import nextstep.security.authentication.AuthenticationException;
-import nextstep.security.context.SecurityContextHolder;
-import org.springframework.web.filter.GenericFilterBean;
-
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletRequest;
 import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import nextstep.security.authentication.Authentication;
+import nextstep.security.authentication.AuthenticationException;
+import nextstep.security.context.SecurityContextHolder;
+import org.springframework.web.filter.GenericFilterBean;
+
 import java.io.IOException;
 
 public class AuthorizationFilter extends GenericFilterBean {

src/main/java/nextstep/security/authorization/RequestAuthorizationManager.java

@@ -1,10 +1,10 @@
 package nextstep.security.authorization;
 
+import jakarta.servlet.http.HttpServletRequest;
 import nextstep.security.access.RequestMatcher;
 import nextstep.security.access.RequestMatcherEntry;
 import nextstep.security.authentication.Authentication;
 
-import jakarta.servlet.http.HttpServletRequest;
 import java.util.List;
 
 public class RequestAuthorizationManager implements AuthorizationManager<HttpServletRequest> {

src/main/java/nextstep/security/config/DefaultSecurityFilterChain.java

@@ -2,6 +2,7 @@
 
 import jakarta.servlet.Filter;
 import jakarta.servlet.http.HttpServletRequest;
+
 import java.util.List;
 
 public class DefaultSecurityFilterChain implements SecurityFilterChain {

src/main/java/nextstep/security/config/DelegatingFilterProxy.java

@@ -1,8 +1,8 @@
 package nextstep.security.config;
 
+import jakarta.servlet.*;
 import org.springframework.web.filter.GenericFilterBean;
 
-import jakarta.servlet.*;
 import java.io.IOException;
 
 public class DelegatingFilterProxy extends GenericFilterBean {

src/main/java/nextstep/security/config/FilterChainProxy.java

@@ -1,9 +1,9 @@
 package nextstep.security.config;
 
-import org.springframework.web.filter.GenericFilterBean;
-
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.web.filter.GenericFilterBean;
+
 import java.io.IOException;
 import java.util.List;
 

src/main/java/nextstep/security/config/SecurityFilterChain.java

@@ -2,6 +2,7 @@
 
 import jakarta.servlet.Filter;
 import jakarta.servlet.http.HttpServletRequest;
+
 import java.util.List;
 
 public interface SecurityFilterChain {

src/main/java/nextstep/security/context/SecurityContextHolderFilter.java

@@ -1,12 +1,12 @@
 package nextstep.security.context;
 
-import org.springframework.web.filter.GenericFilterBean;
-
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletRequest;
 import jakarta.servlet.ServletResponse;
 import jakarta.servlet.http.HttpServletRequest;
+import org.springframework.web.filter.GenericFilterBean;
+
 import java.io.IOException;
 
 public class SecurityContextHolderFilter extends GenericFilterBean {

src/test/java/nextstep/app/BasicAuthTest.java

@@ -1,9 +1,8 @@
 package nextstep.app;
 
 import nextstep.app.domain.Member;
-import nextstep.app.infrastructure.InmemoryMemberRepository;
-import nextstep.security.authentication.Authentication;
-import nextstep.security.context.SecurityContextHolder;
+import nextstep.app.domain.MemberRepository;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -15,20 +14,29 @@
 import org.springframework.test.web.servlet.result.MockMvcResultMatchers;
 
 import java.util.Base64;
+import java.util.Set;
 
-import static org.assertj.core.api.Assertions.assertThat;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 @SpringBootTest
 @AutoConfigureMockMvc
 class BasicAuthTest {
-    private static final Member TEST_ADMIN_MEMBER = InmemoryMemberRepository.ADMIN_MEMBER;
-    private static final Member TEST_USER_MEMBER = InmemoryMemberRepository.USER_MEMBER;
+    private final Member TEST_ADMIN_MEMBER = new Member("[email protected]", "password", "a", "", Set.of("ADMIN"));
+    private final Member TEST_USER_MEMBER = new Member("[email protected]", "password", "b", "", Set.of());
 
     @Autowired
     private MockMvc mockMvc;
 
+    @Autowired
+    private MemberRepository memberRepository;
+
+    @BeforeEach
+    void setUp() {
+        memberRepository.save(TEST_ADMIN_MEMBER);
+        memberRepository.save(TEST_USER_MEMBER);
+    }
+
     @DisplayName("ADMIN 권한을 가진 사용자가 요청할 경우 모든 회원 정보를 조회할 수 있다.")
     @Test
     void request_success_with_admin_user() throws Exception {

src/test/java/nextstep/app/FormLoginTest.java

@@ -1,7 +1,8 @@
 package nextstep.app;
 
 import nextstep.app.domain.Member;
-import nextstep.app.infrastructure.InmemoryMemberRepository;
+import nextstep.app.domain.MemberRepository;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -12,19 +13,30 @@
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
 
+import java.util.Set;
+
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
 @SpringBootTest
 @AutoConfigureMockMvc
 class FormLoginTest {
-    private static final Member TEST_ADMIN_MEMBER = InmemoryMemberRepository.ADMIN_MEMBER;
-    private static final Member TEST_USER_MEMBER = InmemoryMemberRepository.USER_MEMBER;
+    private final Member TEST_ADMIN_MEMBER = new Member("[email protected]", "password", "a", "", Set.of("ADMIN"));
+    private final Member TEST_USER_MEMBER = new Member("[email protected]", "password", "b", "", Set.of());
 
     @Autowired
     private MockMvc mockMvc;
 
+    @Autowired
+    private MemberRepository memberRepository;
+
+    @BeforeEach
+    void setUp() {
+        memberRepository.save(TEST_ADMIN_MEMBER);
+        memberRepository.save(TEST_USER_MEMBER);
+    }
+
     @DisplayName("로그인 성공")
     @Test
     void login_success() throws Exception {

src/test/java/nextstep/app/SecuredTest.java

@@ -1,7 +1,8 @@
 package nextstep.app;
 
 import nextstep.app.domain.Member;
-import nextstep.app.infrastructure.InmemoryMemberRepository;
+import nextstep.app.domain.MemberRepository;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -13,6 +14,7 @@
 import org.springframework.test.web.servlet.result.MockMvcResultMatchers;
 
 import java.util.Base64;
+import java.util.Set;
 
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
@@ -21,12 +23,21 @@
 @SpringBootTest
 @AutoConfigureMockMvc
 class SecuredTest {
-    private static final Member TEST_ADMIN_MEMBER = InmemoryMemberRepository.ADMIN_MEMBER;
-    private static final Member TEST_USER_MEMBER = InmemoryMemberRepository.USER_MEMBER;
+    private final Member TEST_ADMIN_MEMBER = new Member("[email protected]", "password", "a", "", Set.of("ADMIN"));
+    private final Member TEST_USER_MEMBER = new Member("[email protected]", "password", "b", "", Set.of());
 
     @Autowired
     private MockMvc mockMvc;
 
+    @Autowired
+    private MemberRepository memberRepository;
+
+    @BeforeEach
+    void setUp() {
+        memberRepository.save(TEST_ADMIN_MEMBER);
+        memberRepository.save(TEST_USER_MEMBER);
+    }
+
     @DisplayName("ADMIN 권한을 가진 사용자가 요청할 경우 모든 회원 정보를 조회할 수 있다.")
     @Test
     void request_search_success_with_admin_user() throws Exception {