diff --git a/api/src/main/kotlin/com/backgu/amaker/auth/service/AuthFacade.kt b/api/src/main/kotlin/com/backgu/amaker/auth/service/AuthFacade.kt index e27e574e..e4256e9a 100644 --- a/api/src/main/kotlin/com/backgu/amaker/auth/service/AuthFacade.kt +++ b/api/src/main/kotlin/com/backgu/amaker/auth/service/AuthFacade.kt @@ -2,7 +2,7 @@ package com.backgu.amaker.auth.service import com.backgu.amaker.auth.dto.JwtTokenResponse import com.backgu.amaker.auth.dto.oauth.google.GoogleUserInfoDto -import com.backgu.amaker.security.jwt.service.JwtService +import com.backgu.amaker.security.jwt.component.JwtComponent import com.backgu.amaker.user.dto.UserCreateDto import com.backgu.amaker.user.dto.UserDto import com.backgu.amaker.user.service.UserService @@ -13,7 +13,7 @@ import org.springframework.transaction.annotation.Transactional @Transactional(readOnly = true) class AuthFacade( val oauthService: OAuthService, - val jwtService: JwtService, + val jwtComponent: JwtComponent, val userService: UserService, ) { @Transactional @@ -21,7 +21,7 @@ class AuthFacade( val userInfo: GoogleUserInfoDto = oauthService.googleLogin(authorizationCode) val savedUser: UserDto = userService.saveOrGetUser(UserCreateDto(userInfo.name, userInfo.email, userInfo.picture)) - val token: String = jwtService.create(savedUser.id, savedUser.userRole.key) + val token: String = jwtComponent.create(savedUser.id, savedUser.userRole.key) return JwtTokenResponse(token, savedUser) } diff --git a/api/src/main/kotlin/com/backgu/amaker/security/config/JwtSecurityConfig.kt b/api/src/main/kotlin/com/backgu/amaker/security/config/JwtSecurityConfig.kt index b72dc2cb..59b04cc3 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/config/JwtSecurityConfig.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/config/JwtSecurityConfig.kt @@ -1,24 +1,24 @@ package com.backgu.amaker.security.config -import com.backgu.amaker.security.JwtAccessDeniedHandler import com.backgu.amaker.security.JwtAuthenticationProvider -import com.backgu.amaker.security.JwtAuthenticationTokenFilter -import com.backgu.amaker.security.jwt.service.JwtService +import com.backgu.amaker.security.filter.JwtAuthenticationTokenFilter +import com.backgu.amaker.security.handler.AuthAccessDeniedHandler +import com.backgu.amaker.security.jwt.component.JwtComponent import com.backgu.amaker.user.service.UserService import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration @Configuration class JwtSecurityConfig( - private var jwtService: JwtService, + private var jwtComponent: JwtComponent, private var userService: UserService, ) { @Bean - fun jwtAuthenticationFilter(): JwtAuthenticationTokenFilter = JwtAuthenticationTokenFilter(jwtService) + fun jwtAuthenticationFilter(): JwtAuthenticationTokenFilter = JwtAuthenticationTokenFilter(jwtComponent) @Bean fun jwtAuthenticationProvider(): JwtAuthenticationProvider = JwtAuthenticationProvider(userService) @Bean - fun jwtAccessDeniedHandler(): JwtAccessDeniedHandler = JwtAccessDeniedHandler() + fun jwtAccessDeniedHandler(): AuthAccessDeniedHandler = AuthAccessDeniedHandler() } diff --git a/api/src/main/kotlin/com/backgu/amaker/security/config/SecurityConfig.kt b/api/src/main/kotlin/com/backgu/amaker/security/config/SecurityConfig.kt index f0078eb5..8f8ad5ea 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/config/SecurityConfig.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/config/SecurityConfig.kt @@ -1,8 +1,8 @@ package com.backgu.amaker.security.config -import com.backgu.amaker.security.JwtAccessDeniedHandler -import com.backgu.amaker.security.JwtAuthenticationEntryPoint -import com.backgu.amaker.security.JwtAuthenticationTokenFilter +import com.backgu.amaker.security.filter.JwtAuthenticationTokenFilter +import com.backgu.amaker.security.handler.AuthAccessDeniedHandler +import com.backgu.amaker.security.handler.AuthEntryPoint import org.springframework.context.annotation.Bean import org.springframework.context.annotation.Configuration import org.springframework.security.config.annotation.web.builders.HttpSecurity @@ -16,8 +16,8 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic @EnableWebSecurity class SecurityConfig( private val jwtAuthenticationTokenFilter: JwtAuthenticationTokenFilter, - private val jwtAccessDeniedHandler: JwtAccessDeniedHandler, - private val jwtAuthenticationEntryPoint: JwtAuthenticationEntryPoint, + private val authAccessDeniedHandler: AuthAccessDeniedHandler, + private val authEntryPoint: AuthEntryPoint, ) { @Bean fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { @@ -35,8 +35,8 @@ class SecurityConfig( }.addFilterBefore(jwtAuthenticationTokenFilter, ExceptionTranslationFilter::class.java) .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter::class.java) .exceptionHandling { - it.authenticationEntryPoint(jwtAuthenticationEntryPoint) - it.accessDeniedHandler(jwtAccessDeniedHandler) + it.authenticationEntryPoint(authEntryPoint) + it.accessDeniedHandler(authAccessDeniedHandler) }.httpBasic { it.disable() }.anonymous { diff --git a/api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationTokenFilter.kt b/api/src/main/kotlin/com/backgu/amaker/security/filter/JwtAuthenticationTokenFilter.kt similarity index 88% rename from api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationTokenFilter.kt rename to api/src/main/kotlin/com/backgu/amaker/security/filter/JwtAuthenticationTokenFilter.kt index 49891d8b..e5a9708c 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationTokenFilter.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/filter/JwtAuthenticationTokenFilter.kt @@ -1,6 +1,8 @@ -package com.backgu.amaker.security +package com.backgu.amaker.security.filter -import com.backgu.amaker.security.jwt.service.JwtService +import com.backgu.amaker.security.JwtAuthentication +import com.backgu.amaker.security.JwtAuthenticationToken +import com.backgu.amaker.security.jwt.component.JwtComponent import jakarta.servlet.FilterChain import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse @@ -18,7 +20,7 @@ import java.util.regex.Pattern import java.util.stream.Collectors class JwtAuthenticationTokenFilter( - private val jwtService: JwtService, + private val jwtComponent: JwtComponent, ) : OncePerRequestFilter() { private val bearerRegex: Pattern = Pattern.compile("^Bearer$", Pattern.CASE_INSENSITIVE) private val headerKey: String = "Authorization" @@ -32,7 +34,7 @@ class JwtAuthenticationTokenFilter( val authorizationToken: String? = obtainAuthorizationToken(req) try { if (authorizationToken != null) { - val claims: JwtService.Claims = jwtService.verify(authorizationToken) + val claims: JwtComponent.Claims = jwtComponent.verify(authorizationToken) val id: UUID = UUID.fromString(claims.id.replace("\"", "")) val authorities: List = obtainAuthorities(claims) @@ -73,7 +75,7 @@ class JwtAuthenticationTokenFilter( return null } - private fun obtainAuthorities(claims: JwtService.Claims): List { + private fun obtainAuthorities(claims: JwtComponent.Claims): List { val roles: Array = claims.roles return if (roles.isEmpty()) { emptyList() diff --git a/api/src/main/kotlin/com/backgu/amaker/security/JwtAccessDeniedHandler.kt b/api/src/main/kotlin/com/backgu/amaker/security/handler/AuthAccessDeniedHandler.kt similarity index 69% rename from api/src/main/kotlin/com/backgu/amaker/security/JwtAccessDeniedHandler.kt rename to api/src/main/kotlin/com/backgu/amaker/security/handler/AuthAccessDeniedHandler.kt index 14434c4a..8568d24b 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/JwtAccessDeniedHandler.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/handler/AuthAccessDeniedHandler.kt @@ -1,4 +1,4 @@ -package com.backgu.amaker.security +package com.backgu.amaker.security.handler import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse @@ -7,13 +7,13 @@ import org.springframework.security.web.access.AccessDeniedHandler import org.springframework.stereotype.Component @Component -class JwtAccessDeniedHandler : AccessDeniedHandler { +class AuthAccessDeniedHandler : AccessDeniedHandler { override fun handle( - request: HttpServletRequest?, + request: HttpServletRequest, response: HttpServletResponse, - accessDeniedException: AccessDeniedException?, + accessDeniedException: AccessDeniedException, ) { // TODO 후에 에러 폼이 수정되면 다시 작성 - response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException?.message) + response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.message) } } diff --git a/api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationEntryPoint.kt b/api/src/main/kotlin/com/backgu/amaker/security/handler/AuthEntryPoint.kt similarity index 55% rename from api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationEntryPoint.kt rename to api/src/main/kotlin/com/backgu/amaker/security/handler/AuthEntryPoint.kt index ed104404..917d51bb 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/JwtAuthenticationEntryPoint.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/handler/AuthEntryPoint.kt @@ -1,4 +1,4 @@ -package com.backgu.amaker.security +package com.backgu.amaker.security.handler import jakarta.servlet.http.HttpServletRequest import jakarta.servlet.http.HttpServletResponse @@ -7,13 +7,13 @@ import org.springframework.security.web.AuthenticationEntryPoint import org.springframework.stereotype.Component @Component -class JwtAuthenticationEntryPoint : AuthenticationEntryPoint { +class AuthEntryPoint : AuthenticationEntryPoint { override fun commence( - request: HttpServletRequest?, - response: HttpServletResponse?, - authException: AuthenticationException?, + request: HttpServletRequest, + response: HttpServletResponse, + authException: AuthenticationException, ) { // TODO 후에 에러 폼이 수정되면 다시 작성 - response?.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException?.message) + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.message) } } diff --git a/api/src/main/kotlin/com/backgu/amaker/security/jwt/service/JwtService.kt b/api/src/main/kotlin/com/backgu/amaker/security/jwt/component/JwtComponent.kt similarity index 93% rename from api/src/main/kotlin/com/backgu/amaker/security/jwt/service/JwtService.kt rename to api/src/main/kotlin/com/backgu/amaker/security/jwt/component/JwtComponent.kt index ab7fd98b..b2976ff5 100644 --- a/api/src/main/kotlin/com/backgu/amaker/security/jwt/service/JwtService.kt +++ b/api/src/main/kotlin/com/backgu/amaker/security/jwt/component/JwtComponent.kt @@ -1,16 +1,16 @@ -package com.backgu.amaker.security.jwt.service +package com.backgu.amaker.security.jwt.component import com.auth0.jwt.JWT import com.auth0.jwt.JWTCreator import com.auth0.jwt.algorithms.Algorithm import com.auth0.jwt.interfaces.DecodedJWT import com.backgu.amaker.security.jwt.config.JwtConfig -import org.springframework.stereotype.Service +import org.springframework.stereotype.Component import java.util.Date import java.util.UUID -@Service -class JwtService( +@Component +class JwtComponent( private var jwtConfig: JwtConfig, ) { private val jwtHashAlgorithm: Algorithm = Algorithm.HMAC256(jwtConfig.clientSecret) diff --git a/api/src/test/kotlin/com/backgu/amaker/auth/service/AuthFacadeTest.kt b/api/src/test/kotlin/com/backgu/amaker/auth/service/AuthFacadeTest.kt index 79581686..e7001561 100644 --- a/api/src/test/kotlin/com/backgu/amaker/auth/service/AuthFacadeTest.kt +++ b/api/src/test/kotlin/com/backgu/amaker/auth/service/AuthFacadeTest.kt @@ -3,7 +3,7 @@ package com.backgu.amaker.auth.service import com.backgu.amaker.auth.dto.JwtTokenResponse import com.backgu.amaker.fixture.AuthFixture import com.backgu.amaker.fixture.UserFixture -import com.backgu.amaker.security.jwt.service.JwtService +import com.backgu.amaker.security.jwt.component.JwtComponent import com.backgu.amaker.user.repository.UserRepository import com.ninjasquad.springmockk.MockkBean import io.mockk.every @@ -28,7 +28,7 @@ class AuthFacadeTest { lateinit var authFacade: AuthFacade @Autowired - lateinit var jwtService: JwtService + lateinit var jwtComponent: JwtComponent @MockkBean lateinit var oauthService: OAuthService @@ -43,7 +43,7 @@ class AuthFacadeTest { val googleLogin: JwtTokenResponse = authFacade.googleLogin("authCode") // then - assertThat(jwtService.verify(googleLogin.token)).isNotNull() + assertThat(jwtComponent.verify(googleLogin.token)).isNotNull() } companion object { diff --git a/api/src/test/kotlin/com/backgu/amaker/security/jwt/service/JwtServiceTest.kt b/api/src/test/kotlin/com/backgu/amaker/security/jwt/component/JwtComponentTest.kt similarity index 81% rename from api/src/test/kotlin/com/backgu/amaker/security/jwt/service/JwtServiceTest.kt rename to api/src/test/kotlin/com/backgu/amaker/security/jwt/component/JwtComponentTest.kt index 901e3e15..2c6a2c1e 100644 --- a/api/src/test/kotlin/com/backgu/amaker/security/jwt/service/JwtServiceTest.kt +++ b/api/src/test/kotlin/com/backgu/amaker/security/jwt/component/JwtComponentTest.kt @@ -1,4 +1,4 @@ -package com.backgu.amaker.security.jwt.service +package com.backgu.amaker.security.jwt.component import com.auth0.jwt.exceptions.JWTDecodeException import com.backgu.amaker.fixture.UserFixture @@ -14,9 +14,9 @@ import kotlin.test.Test @DisplayName("JwtService 테스트") @ExtendWith(SpringExtension::class) @SpringBootTest -class JwtServiceTest { +class JwtComponentTest { @Autowired - lateinit var jwtService: JwtService + lateinit var jwtComponent: JwtComponent @Test @DisplayName("토큰 생성 테스트") @@ -26,7 +26,7 @@ class JwtServiceTest { val userRole = UserRole.USER.key // when - val token = jwtService.create(userId, userRole) + val token = jwtComponent.create(userId, userRole) // then Assertions.assertThat(token).isNotNull() @@ -38,10 +38,10 @@ class JwtServiceTest { // given val userId = UserFixture.defaultUserId val userRole = UserRole.USER.key - val token = jwtService.create(userId, userRole) + val token = jwtComponent.create(userId, userRole) // when - val verify = jwtService.verify(token) + val verify = jwtComponent.verify(token) // then Assertions.assertThat(verify).isNotNull() @@ -55,7 +55,7 @@ class JwtServiceTest { // when & then Assertions - .assertThatThrownBy { jwtService.verify(token) } + .assertThatThrownBy { jwtComponent.verify(token) } .isInstanceOf(JWTDecodeException::class.java) .hasMessage("The token was expected to have 3 parts, but got 1.") }