Autoflow
/
autoflow-server-mgmt
23
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[MOD] jwt cors 수정

Browse Source
main
bjkim 10 months ago
parent 58f88ca566
commit f8e2ca913f
1 changed files with 68 additions and 51 deletions
Show Stats Download Patch File Download Diff File

113
src/main/java/kr/re/etri/autoflow/security/WebSecurityConfig.java
Unescape View File

@ -17,11 +17,16 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import kr.re.etri.autoflow.security.jwt.AuthEntryPointJwt; import kr.re.etri.autoflow.security.jwt.AuthEntryPointJwt;
import kr.re.etri.autoflow.security.jwt.AuthTokenFilter; import kr.re.etri.autoflow.security.jwt.AuthTokenFilter;
import kr.re.etri.autoflow.security.services.UserDetailsServiceImpl; import kr.re.etri.autoflow.security.services.UserDetailsServiceImpl;
import java.util.Arrays;
@Configuration @Configuration
//@EnableWebSecurity //@EnableWebSecurity
@EnableMethodSecurity @EnableMethodSecurity
@ -29,31 +34,31 @@ import kr.re.etri.autoflow.security.services.UserDetailsServiceImpl;
//jsr250Enabled = true, //jsr250Enabled = true,
//prePostEnabled = true) // by default //prePostEnabled = true) // by default
public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter { public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
UserDetailsServiceImpl userDetailsService; UserDetailsServiceImpl userDetailsService;
@Autowired @Autowired
private AuthEntryPointJwt unauthorizedHandler; private AuthEntryPointJwt unauthorizedHandler;
@Bean @Bean
public AuthTokenFilter authenticationJwtTokenFilter() { public AuthTokenFilter authenticationJwtTokenFilter() {
return new AuthTokenFilter(); return new AuthTokenFilter();
} }
// @Override // @Override
// public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { // public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
// authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); // authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
// } // }
@Bean @Bean
public DaoAuthenticationProvider authenticationProvider() { public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
authProvider.setUserDetailsService(userDetailsService); authProvider.setUserDetailsService(userDetailsService);
authProvider.setPasswordEncoder(passwordEncoder()); authProvider.setPasswordEncoder(passwordEncoder());
return authProvider; return authProvider;
} }
// @Bean // @Bean
// @Override // @Override
@ -61,15 +66,15 @@ public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
// return super.authenticationManagerBean(); // return super.authenticationManagerBean();
// } // }
@Bean @Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception { public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
return authConfig.getAuthenticationManager(); return authConfig.getAuthenticationManager();
} }
@Bean @Bean
public PasswordEncoder passwordEncoder() { public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
} }
// @Override // @Override
// protected void configure(HttpSecurity http) throws Exception { // protected void configure(HttpSecurity http) throws Exception {
@ -83,38 +88,50 @@ public class WebSecurityConfig { // extends WebSecurityConfigurerAdapter {
// http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); // http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
// } // }
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf(AbstractHttpConfigurer::disable)
.exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth ->
auth.requestMatchers("/api/auth/**").permitAll()
.requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html").permitAll()
.requestMatchers("/api/test/**").permitAll()
.anyRequest().authenticated()
);
http.authenticationProvider(authenticationProvider());
http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
return http.build();
}
// 임시 설정
// @Bean // @Bean
// public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// http.csrf(AbstractHttpConfigurer::disable) // http.csrf(AbstractHttpConfigurer::disable)
// .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler)) // .exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
// .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
// .authorizeHttpRequests(auth -> // .authorizeHttpRequests(auth ->
// auth.anyRequest().permitAll() // 모든 요청 허용 // auth.requestMatchers("/api/auth/**").permitAll()
// ); // .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html").permitAll()
// .requestMatchers("/api/test/**").permitAll()
// .anyRequest().authenticated()
// );
// //
// http.authenticationProvider(authenticationProvider()); // http.authenticationProvider(authenticationProvider());
//
// http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); // http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
// //
// return http.build(); // return http.build();
// } // }
//임시 설정
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
.csrf(AbstractHttpConfigurer::disable)
.exceptionHandling(exception -> exception.authenticationEntryPoint(unauthorizedHandler))
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.authorizeHttpRequests(auth ->
auth.anyRequest().permitAll() // 모든 요청 허용
);
http.authenticationProvider(authenticationProvider());
http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
return http.build();
}
@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList("*"));
configuration.setAllowedMethods(Arrays.asList("*"));
configuration.setAllowedHeaders(Arrays.asList("*"));
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
} }

Write Preview
Loading…
Cancel
Save