[#48] refactor: 프론트에 에러 출력 세분화 (#49)

Author: ymkim97

Diff for: build.gradle

@@ -41,7 +41,7 @@ sonar {
         property "sonar.host.url", "https://sonarcloud.io"
         property "sonar.coverage.jacoco.xmlReportPaths", "build/reports/jacoco/test/jacocoTestReport.xml"
         property "sonar.exclusions", "**/*Application*.java, **/*Config*.java, **/*GlobalExceptionHandler.java, **/Q*.java, **/DynamicQuery.java, " +
-                "**/*Exception.java, **/*Adapter.java, **/CustomOAuth2UserService.java, **/*SearchRepository.java"
+                "**/*Exception.java, **/*Adapter.java, **/CustomOAuth2UserService.java, **/*SearchRepository.java, **/*Filter.java"
         property "sonar.java.coveragePlugin", "jacoco"
     }
 }
@@ -123,7 +123,8 @@ jacocoTestCoverageVerification {
                     '*.Q*',
                     '*.DynamicQuery',
                     '*.*Adapter',
-                    '*.*SearchRepository'
+                    '*.*SearchRepository',
+                    '*.*.CustomUserDetails'
             ]
         }
     }

Diff for: src/main/java/com/tnt/common/error/handler/GlobalExceptionHandler.java

@@ -3,14 +3,12 @@
 import static com.tnt.common.error.model.ErrorMessage.INPUT_VALUE_IS_INVALID;
 import static com.tnt.common.error.model.ErrorMessage.MISSING_REQUIRED_PARAMETER_ERROR;
 import static com.tnt.common.error.model.ErrorMessage.PARAMETER_FORMAT_NOT_CORRECT;
-import static com.tnt.common.error.model.ErrorMessage.SERVER_ERROR;
 import static org.springframework.http.HttpStatus.BAD_REQUEST;
 import static org.springframework.http.HttpStatus.CONFLICT;
 import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR;
 import static org.springframework.http.HttpStatus.NOT_FOUND;
 import static org.springframework.http.HttpStatus.UNAUTHORIZED;
 
-import java.security.SecureRandom;
 import java.time.DateTimeException;
 import java.util.List;
 
@@ -37,12 +35,6 @@
 @RestControllerAdvice
 public class GlobalExceptionHandler {
 
-	private static final String ERROR_KEY_FORMAT = "%n error key : %s";
-	private static final String CHARACTERS = "abcdefghijklmnopqrstuvwxyz";
-	private static final int ERROR_KEY_LENGTH = 5;
-	private static final String EXCEPTION_CLASS_TYPE_MESSAGE_FORMANT = "%n class type : %s";
-	private final SecureRandom secureRandom = new SecureRandom();
-
 	// 필수 파라미터 예외
 	@ResponseStatus(BAD_REQUEST)
 	@ExceptionHandler(MissingServletRequestParameterException.class)
@@ -154,17 +146,8 @@ protected ErrorResponse handleIllegalArgumentException(IllegalArgumentException
 	@ResponseStatus(INTERNAL_SERVER_ERROR)
 	@ExceptionHandler(RuntimeException.class)
 	protected ErrorResponse handleRuntimeException(RuntimeException exception) {
-		StringBuilder sb = new StringBuilder();
-
-		for (int i = 0; i < ERROR_KEY_LENGTH; i++) {
-			sb.append(CHARACTERS.charAt(secureRandom.nextInt(CHARACTERS.length())));
-		}
-
-		String errorKeyInfo = String.format(ERROR_KEY_FORMAT, sb);
-		String exceptionTypeInfo = String.format(EXCEPTION_CLASS_TYPE_MESSAGE_FORMANT, exception.getClass());
-
-		log.error("{} {} {}", exception.getMessage(), errorKeyInfo, exceptionTypeInfo, exception);
+		log.error(exception.getMessage(), exception);
 
-		return new ErrorResponse(SERVER_ERROR + errorKeyInfo);
+		return new ErrorResponse(exception.getMessage());
 	}
 }

Diff for: src/main/java/com/tnt/gateway/config/SecurityConfig.java

@@ -1,5 +1,7 @@
 package com.tnt.gateway.config;
 
+import static jakarta.servlet.http.HttpServletResponse.SC_NOT_FOUND;
+
 import java.util.Arrays;
 
 import org.springframework.context.annotation.Bean;
@@ -14,12 +16,11 @@
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.logout.LogoutFilter;
 
-import com.tnt.gateway.filter.ServletExceptionFilter;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.tnt.common.error.model.ErrorResponse;
 import com.tnt.gateway.filter.SessionAuthenticationFilter;
-import com.tnt.gateway.service.CustomOAuth2UserService;
 import com.tnt.gateway.service.SessionService;
 
-import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
@@ -40,7 +41,7 @@ public class SecurityConfig {
 		"/members/sign-up"
 	};
 
-	private final CustomOAuth2UserService customOAuth2UserService;
+	private final ObjectMapper objectMapper;
 	private final SessionService sessionService;
 
 	@Bean
@@ -54,30 +55,23 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 			.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin))
 			.sessionManagement(sessionManagement ->
 				sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-			.oauth2Login(oauth2 -> oauth2.userInfoEndpoint(userInfo -> userInfo.userService(customOAuth2UserService)))
 			.authorizeHttpRequests(request -> request
 				.requestMatchers(ALLOWED_URIS).permitAll().anyRequest().authenticated())
-			.addFilterBefore(servletExceptionFilter(), LogoutFilter.class)
 			.addFilterAfter(sessionAuthenticationFilter(), LogoutFilter.class)
-			.exceptionHandling(exceptionHandling ->
-				exceptionHandling.authenticationEntryPoint((request, response, authException) -> {
-					log.error("SecurityFilter Exception.", authException);
-					response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-					response.setContentType("application/json;charset=UTF-8");
-					response.getWriter().write("{\"message\":\"Security 사용자 인증에 실패했습니다.\"}");
-				})
-			);
+			.exceptionHandling(e -> e.authenticationEntryPoint((request, response, authException) -> {
+				log.error("(Invalid URL) Security Filter Error: {}", authException.getMessage(), authException);
 
-		return http.build();
-	}
+				response.setStatus(SC_NOT_FOUND);
+				response.setContentType("application/json;charset=UTF-8");
+				response.getWriter()
+					.write(objectMapper.writeValueAsString(new ErrorResponse("Invalid URL")));
+			}));
 
-	@Bean
-	public ServletExceptionFilter servletExceptionFilter() {
-		return new ServletExceptionFilter();
+		return http.build();
 	}
 
 	@Bean
 	public SessionAuthenticationFilter sessionAuthenticationFilter() {
-		return new SessionAuthenticationFilter(Arrays.asList(ALLOWED_URIS), sessionService);
+		return new SessionAuthenticationFilter(Arrays.asList(ALLOWED_URIS), sessionService, objectMapper);
 	}
 }

Diff for: src/main/java/com/tnt/gateway/filter/ServletExceptionFilter.java

@@ -1,5 +1,7 @@
 package com.tnt.gateway.filter;
 
+import static jakarta.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
+
 import java.io.IOException;
 import java.util.List;
 
@@ -12,6 +14,9 @@
 import org.springframework.util.AntPathMatcher;
 import org.springframework.web.filter.OncePerRequestFilter;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.tnt.common.error.exception.UnauthorizedException;
+import com.tnt.common.error.model.ErrorResponse;
 import com.tnt.gateway.service.SessionService;
 
 import jakarta.servlet.FilterChain;
@@ -25,10 +30,13 @@
 @RequiredArgsConstructor
 public class SessionAuthenticationFilter extends OncePerRequestFilter {
 
+	private static final String AUTHORIZATION_HEADER = "Authorization";
+
 	private final GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
 	private final AntPathMatcher pathMatcher = new AntPathMatcher();
 	private final List<String> allowedUris;
 	private final SessionService sessionService;
+	private final ObjectMapper objectMapper;
 
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
@@ -44,7 +52,16 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 			return;
 		}
 
-		saveAuthentication(sessionService.authenticate(request));
+		try {
+			saveAuthentication(sessionService.authenticate(request.getHeader(AUTHORIZATION_HEADER)));
+		} catch (UnauthorizedException e) {
+			response.setContentType("application/json;charset=UTF-8");
+			response.setStatus(SC_BAD_REQUEST);
+			response.getWriter().write(objectMapper.writeValueAsString(new ErrorResponse(e.getMessage())));
+
+			return;
+		}
+
 		filterChain.doFilter(request, response);
 	}
 

Diff for: src/main/java/com/tnt/gateway/filter/SessionAuthenticationFilter.java

@@ -12,7 +12,6 @@
 
 import com.tnt.common.error.exception.UnauthorizedException;
 
-import jakarta.servlet.http.HttpServletRequest;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
@@ -22,13 +21,11 @@
 public class SessionService {
 
 	private static final long SESSION_DURATION = 7L * 24 * 60 * 60; // 24시간 * 7일
-	private static final String AUTHORIZATION_HEADER = "Authorization";
 	private static final String SESSION_ID_PREFIX = "SESSION-ID ";
 
 	private final StringRedisTemplate redisTemplate;
 
-	public String authenticate(HttpServletRequest request) {
-		String authHeader = request.getHeader(AUTHORIZATION_HEADER);
+	public String authenticate(String authHeader) {
 
 		if (isBlank(authHeader) || !authHeader.startsWith(SESSION_ID_PREFIX)) {
 			log.error("Authorization Header Error: [{}]", authHeader);