[MOD] jwt cors 수정

src/main/java/kr/re/etri/autoflow/common/WebConfiguration.java

@@ -12,20 +12,20 @@ public class WebConfiguration implements WebMvcConfigurer {
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
-                .allowedOrigins("*")
+                .allowedOriginPatterns("*") // allowedOrigins 대신 사용
                 .allowedMethods(
                         HttpMethod.GET.name(),
                         HttpMethod.HEAD.name(),
                         HttpMethod.POST.name(),
                         HttpMethod.PUT.name(),
-                        HttpMethod.DELETE.name())
+                        HttpMethod.DELETE.name()
+                )
                 .allowedHeaders("cuuva-jwt", "Content-Type", "Authorization")
-                .exposedHeaders("cuuva-jwt") // 응답에서 노출 필요 시
+                .exposedHeaders("cuuva-jwt") // 응답 헤더 노출
                 .allowCredentials(true)
                 .maxAge(3600);
     }
 
-
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
         registry.addInterceptor(new LoggingInterceptor())

src/main/java/kr/re/etri/autoflow/security/WebSecurityConfig.java

@@ -17,16 +17,11 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import kr.re.etri.autoflow.security.jwt.AuthEntryPointJwt;
 import kr.re.etri.autoflow.security.jwt.AuthTokenFilter;
 import kr.re.etri.autoflow.security.services.UserDetailsServiceImpl;
 
-import java.util.Arrays;
-
 @Configuration
 //@EnableWebSecurity
 @EnableMethodSecurity
@@ -34,31 +29,31 @@ import java.util.Arrays;
 //jsr250Enabled = true,
 //prePostEnabled = true) // by default
 public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
-    @Autowired
+  @Autowired
-    UserDetailsServiceImpl userDetailsService;
+  UserDetailsServiceImpl userDetailsService;
 
-    @Autowired
+  @Autowired
-    private AuthEntryPointJwt unauthorizedHandler;
+  private AuthEntryPointJwt unauthorizedHandler;
 
-    @Bean
+  @Bean
-    public AuthTokenFilter authenticationJwtTokenFilter() {
+  public AuthTokenFilter authenticationJwtTokenFilter() {
-        return new AuthTokenFilter();
+    return new AuthTokenFilter();
-    }
+  }
 
 //  @Override
 //  public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
 //    authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
 //  }
 
-    @Bean
+  @Bean
-    public DaoAuthenticationProvider authenticationProvider() {
+  public DaoAuthenticationProvider authenticationProvider() {
-        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+      DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
 
-        authProvider.setUserDetailsService(userDetailsService);
+      authProvider.setUserDetailsService(userDetailsService);
-        authProvider.setPasswordEncoder(passwordEncoder());
+      authProvider.setPasswordEncoder(passwordEncoder());
 
-        return authProvider;
+      return authProvider;
-    }
+  }
 
 //  @Bean
 //  @Override
@@ -66,15 +61,15 @@ public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
 //    return super.authenticationManagerBean();
 //  }
 
-    @Bean
+  @Bean
-    public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
+  public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
-        return authConfig.getAuthenticationManager();
+    return authConfig.getAuthenticationManager();
-    }
+  }
 
-    @Bean
+  @Bean
-    public PasswordEncoder passwordEncoder() {
+  public PasswordEncoder passwordEncoder() {
-        return new BCryptPasswordEncoder();
+    return new BCryptPasswordEncoder();
-    }
+  }
 
 //  @Override
 //  protected void configure(HttpSecurity http) throws Exception {
@@ -88,50 +83,38 @@ public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
 //    http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
 //  }
 
+  @Bean
+  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+    http.csrf(AbstractHttpConfigurer::disable)
+        .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
+        .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+        .authorizeHttpRequests(auth ->
+          auth.requestMatchers("/api/auth/**").permitAll()
+                  .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html").permitAll()
+                  .requestMatchers("/api/test/**").permitAll()
+              .anyRequest().authenticated()
+        );
+
+    http.authenticationProvider(authenticationProvider());
+
+    http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
+
+    return http.build();
+  }
+
+  // 임시 설정
 //  @Bean
 //  public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 //    http.csrf(AbstractHttpConfigurer::disable)
-//        .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
+//            .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
-//        .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+//            .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-//        .authorizeHttpRequests(auth ->
+//            .authorizeHttpRequests(auth ->
-//          auth.requestMatchers("/api/auth/**").permitAll()
+//                    auth.anyRequest().permitAll() // 모든 요청 허용
-//                  .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html").permitAll()
+//            );
-//                  .requestMatchers("/api/test/**").permitAll()
-//              .anyRequest().authenticated()
-//        );
 //
 //    http.authenticationProvider(authenticationProvider());
-//
 //    http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
 //
 //    return http.build();
 //  }
-
-    //임시 설정
-    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
-                .csrf(AbstractHttpConfigurer::disable)
-                .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
-                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .authorizeHttpRequests(auth ->
-                        auth.anyRequest().permitAll() // 모든 요청 허용
-                );
-
-        http.authenticationProvider(authenticationProvider());
-        http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
-
-        return http.build();
-    }
-
-    @Bean
-    CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList("*"));
-        configuration.setAllowedMethods(Arrays.asList("*"));
-        configuration.setAllowedHeaders(Arrays.asList("*"));
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", configuration);
-        return source;
-    }
 }