16
16
import com .sponus .sponusbe .auth .jwt .exception .SecurityErrorCode ;
17
17
import com .sponus .sponusbe .auth .user .CustomUserDetails ;
18
18
19
+ import io .jsonwebtoken .Claims ;
19
20
import io .jsonwebtoken .Jwts ;
21
+ import io .jsonwebtoken .MalformedJwtException ;
22
+ import io .jsonwebtoken .UnsupportedJwtException ;
23
+ import io .jsonwebtoken .security .SignatureException ;
20
24
import jakarta .servlet .http .HttpServletRequest ;
21
25
import lombok .extern .slf4j .Slf4j ;
22
26
@@ -44,32 +48,6 @@ public JwtUtil(
44
48
redisUtil = redis ;
45
49
}
46
50
47
- public Long getId (String token ) {
48
- return Long .parseLong (Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ()
49
- .getSubject ());
50
- }
51
-
52
- public String getEmail (String token ) {
53
- return Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ()
54
- .get ("email" , String .class );
55
- }
56
-
57
- public String getAuthority (String token ) {
58
- return Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ()
59
- .get (AUTHORITIES_CLAIM_NAME , String .class );
60
- }
61
-
62
- public Boolean isExpired (String token ) {
63
- // 여기서 토큰 형식 이상한 것도 걸러짐
64
- return Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ().getExpiration ()
65
- .before (Date .from (Instant .now ()));
66
- }
67
-
68
- public Long getExpTime (String token ) {
69
- return Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ().getExpiration ()
70
- .getTime ();
71
- }
72
-
73
51
public String createJwtAccessToken (CustomUserDetails customUserDetails ) {
74
52
Instant issuedAt = Instant .now ();
75
53
Instant expiration = issuedAt .plusMillis (accessExpMs );
@@ -132,14 +110,11 @@ public String resolveAccessToken(HttpServletRequest request) {
132
110
String authorization = request .getHeader ("Authorization" );
133
111
134
112
if (authorization == null || !authorization .startsWith ("Bearer " )) {
135
-
136
113
log .warn ("[*] No token in req" );
137
-
138
114
return null ;
139
115
}
140
116
141
117
log .info ("[*] Token exists" );
142
-
143
118
return authorization .split (" " )[1 ];
144
119
}
145
120
@@ -154,4 +129,35 @@ public boolean validateRefreshToken(String refreshToken) {
154
129
}
155
130
return true ;
156
131
}
132
+
133
+ public Long getId (String token ) {
134
+ return Long .parseLong (getClaims (token ).getSubject ());
135
+ }
136
+
137
+ public String getEmail (String token ) {
138
+ return getClaims (token ).get ("email" , String .class );
139
+ }
140
+
141
+ public String getAuthority (String token ) {
142
+ return getClaims (token ).get (AUTHORITIES_CLAIM_NAME , String .class );
143
+ }
144
+
145
+ public Boolean isExpired (String token ) {
146
+ // 여기서 토큰 형식 이상한 것도 걸러짐
147
+ return getClaims (token ).getExpiration ().before (Date .from (Instant .now ()));
148
+ }
149
+
150
+ public Long getExpTime (String token ) {
151
+ return getClaims (token ).getExpiration ().getTime ();
152
+ }
153
+
154
+ private Claims getClaims (String token ) {
155
+ try {
156
+ return Jwts .parser ().verifyWith (secretKey ).build ().parseSignedClaims (token ).getPayload ();
157
+ } catch (UnsupportedJwtException | MalformedJwtException | IllegalArgumentException e ) {
158
+ throw new SecurityCustomException (SecurityErrorCode .INVALID_TOKEN , e );
159
+ } catch (SignatureException e ) {
160
+ throw new SecurityCustomException (SecurityErrorCode .TOKEN_SIGNATURE_ERROR , e );
161
+ }
162
+ }
157
163
}
0 commit comments