Merge pull request #18 from DDD-Community/feature/POLABO-108

fix(POLABO-108): mvp 2차 개발 2차 수정
DDD-Community · Aug 11, 2024 · 714ab20 · 714ab20
2 parents a675244 + e054017
commit 714ab20
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 9 deletions.
diff --git a/src/main/kotlin/com/ddd/sonnypolabobe/global/security/JwtAuthenticationFilter.kt b/src/main/kotlin/com/ddd/sonnypolabobe/global/security/JwtAuthenticationFilter.kt
@@ -19,13 +19,14 @@ class JwtAuthenticationFilter(
         filterChain: FilterChain
     ) {
         val authorizationHeader = request.getHeader("Authorization")
+//        if(request.requestURI.contains("/api/v1/oauth")) {
+//            filterChain.doFilter(request, response)
+//            return
+//        }
 
         //JWT가 헤더에 있는 경우
         if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
-            if(request.requestURI.contains("/api/v1/oauth")) {
-                filterChain.doFilter(request, response)
-                return
-            }
+
             //JWT 유효성 검증
             if (jwtUtil.validateToken(authorizationHeader)) {
                 val userId = jwtUtil.getAuthenticatedMemberFromToken(authorizationHeader).id

diff --git a/src/main/kotlin/com/ddd/sonnypolabobe/global/security/JwtUtil.kt b/src/main/kotlin/com/ddd/sonnypolabobe/global/security/JwtUtil.kt
@@ -9,6 +9,7 @@ import io.jsonwebtoken.security.Keys
 import jakarta.xml.bind.DatatypeConverter
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.stereotype.Component
+import java.nio.charset.StandardCharsets
 import java.security.Key
 import java.util.*
 
@@ -31,7 +32,7 @@ class JwtUtil(
             .setClaims(claims)
             .setIssuedAt(now)
             .setExpiration(expiredDate)
-            .signWith(getKey(accessSecretKey), SignatureAlgorithm.HS512)
+            .signWith(SignatureAlgorithm.HS512, getKeyBytes(accessSecretKey))
             .compact()
         return UserDto.Companion.TokenRes(accessToken, expiredDate, true, request.nickName)
     }
@@ -46,7 +47,7 @@ class JwtUtil(
 
     fun validateToken(accessToken: String): Boolean {
         try {
-            val key = getKey(accessSecretKey)
+            val key = getKeyBytes(accessSecretKey)
             Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(subPrefix(accessToken))
             return true
         } catch (e: Exception) {
@@ -57,7 +58,7 @@ class JwtUtil(
 
     fun getClaimsFromAccessToken(token: String, secretKey: String): Claims {
         try {
-            val key = getKey(secretKey)
+            val key = getKeyBytes(secretKey)
             return Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token).body
         } catch (e: io.jsonwebtoken.security.SecurityException) {
             throw ApplicationException(CustomErrorCode.JWT_SIGNATURE)

diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
@@ -56,7 +56,7 @@ running:
   name: dev
 
 jwt:
-  access-key: ENC(dMTqjTdS4VJz/1Gduapvl1rDDXUUKkp0bilgqRWMI9X4DaAMVDXY13Fb7QMBDUkI)
+  access-key: ENC(43L/PYzgJ86ciTJurdPNLgq49TUMtOgF6ke+Z7d4/wEN2WMu2iakpdDlD2C8d9GUNZzFl0Y9ftK4tk545L5TSv05I5OgbYkBGf2m5O51cjUZmSRg897e+5o+Z5aLgwb1+9tcOcawZR/X9lgkA5hTxlzGc7DHf1vMepLDnbaQBk0I56ieDV314JEEqIaeID72)
   validity:
     access-seconds: ENC(KeRwqvZAr0MfEVmxw8nBQQFEITQ0v/Fl)
 

diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml
@@ -56,7 +56,7 @@ running:
   name: local
 
 jwt:
-  access-key: ENC(dMTqjTdS4VJz/1Gduapvl1rDDXUUKkp0bilgqRWMI9X4DaAMVDXY13Fb7QMBDUkI)
+  access-key: ENC(43L/PYzgJ86ciTJurdPNLgq49TUMtOgF6ke+Z7d4/wEN2WMu2iakpdDlD2C8d9GUNZzFl0Y9ftK4tk545L5TSv05I5OgbYkBGf2m5O51cjUZmSRg897e+5o+Z5aLgwb1+9tcOcawZR/X9lgkA5hTxlzGc7DHf1vMepLDnbaQBk0I56ieDV314JEEqIaeID72)
   validity:
     access-seconds: 86400000