Skip to content

Commit c23b07d

Browse files
authored
fix: swagger 토큰 삽입 문제 수정 (#58)
1 parent 14e32a3 commit c23b07d

File tree

3 files changed

+38
-20
lines changed

3 files changed

+38
-20
lines changed

src/main/java/com/sponus/sponusbe/auth/annotation/AuthOrganizationArgumentResolver.java

+9-3
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,8 @@
99
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
1010
import org.springframework.web.method.support.ModelAndViewContainer;
1111

12+
import com.sponus.sponusbe.auth.jwt.exception.SecurityCustomException;
13+
import com.sponus.sponusbe.auth.jwt.exception.SecurityErrorCode;
1214
import com.sponus.sponusbe.auth.user.CustomUserDetails;
1315
import com.sponus.sponusbe.domain.organization.entity.Organization;
1416
import com.sponus.sponusbe.domain.organization.exception.OrganizationErrorCode;
@@ -36,12 +38,16 @@ public boolean supportsParameter(MethodParameter parameter) {
3638
@Override
3739
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer,
3840
NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
39-
// TODO : Access Token 없는 경우 처리
40-
CustomUserDetails userDetails = (CustomUserDetails)SecurityContextHolder.getContext()
41+
Object userDetails = SecurityContextHolder.getContext()
4142
.getAuthentication()
4243
.getPrincipal();
4344

44-
return organizationRepository.findById(userDetails.getId())
45+
if (userDetails instanceof String) {
46+
log.error("userDetails is String");
47+
throw new SecurityCustomException(SecurityErrorCode.TOKEN_NOT_FOUND);
48+
}
49+
50+
return organizationRepository.findById(((CustomUserDetails)userDetails).getId())
4551
.orElseThrow(() -> new OrganizationException(OrganizationErrorCode.ORGANIZATION_NOT_FOUND));
4652
}
4753
}

src/main/java/com/sponus/sponusbe/global/config/SecurityConfig.java

+2-2
Original file line numberDiff line numberDiff line change
@@ -78,8 +78,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
7878
http
7979
.authorizeHttpRequests(auth -> auth
8080
.requestMatchers(allowedUrls).permitAll()
81-
.requestMatchers("/**").permitAll()
82-
.anyRequest().authenticated()
81+
.requestMatchers("/**").authenticated()
82+
.anyRequest().permitAll()
8383
);
8484

8585
// Jwt Filter (with login)

src/main/java/com/sponus/sponusbe/global/config/SwaggerConfig.java

+27-15
Original file line numberDiff line numberDiff line change
@@ -7,19 +7,23 @@
77
import io.swagger.v3.oas.models.OpenAPI;
88
import io.swagger.v3.oas.models.info.Info;
99
import io.swagger.v3.oas.models.info.License;
10+
import io.swagger.v3.oas.models.security.SecurityRequirement;
1011
import io.swagger.v3.oas.models.security.SecurityScheme;
1112
import io.swagger.v3.oas.models.servers.Server;
1213

1314
@Configuration
1415
public class SwaggerConfig {
1516
// url : http://localhost:8080/swagger-ui/index.html#/
17+
private static final String SECURITY_SCHEME_NAME = "bearerAuth";
18+
1619
@Bean
17-
public OpenAPI getOpenApi() {
20+
public OpenAPI api() {
1821
Server server = new Server().url("/");
1922

2023
return new OpenAPI()
21-
.info(getSwaggerInfo())
24+
.addSecurityItem(new SecurityRequirement().addList(SECURITY_SCHEME_NAME))
2225
.components(authSetting())
26+
.info(getSwaggerInfo())
2327
.addServersItem(server);
2428
}
2529

@@ -35,23 +39,31 @@ private Info getSwaggerInfo() {
3539
}
3640

3741
private Components authSetting() {
42+
3843
return new Components()
39-
.addSecuritySchemes(
40-
"access-token",
41-
new SecurityScheme()
42-
.type(SecurityScheme.Type.HTTP)
43-
.scheme("bearer")
44-
.bearerFormat("JWT")
45-
.in(SecurityScheme.In.HEADER)
46-
.name("Authorization"))
47-
.addSecuritySchemes(
48-
"refresh-token",
44+
.addSecuritySchemes(SECURITY_SCHEME_NAME,
4945
new SecurityScheme()
46+
.name(SECURITY_SCHEME_NAME)
5047
.type(SecurityScheme.Type.HTTP)
5148
.scheme("bearer")
52-
.bearerFormat("JWT")
53-
.in(SecurityScheme.In.HEADER)
54-
.name("refreshToken"));
49+
.bearerFormat("JWT"));
50+
// return new Components()
51+
// .addSecuritySchemes(
52+
// "access-token",
53+
// new SecurityScheme()
54+
// .type(SecurityScheme.Type.HTTP)
55+
// .scheme("Bearer")
56+
// .bearerFormat("JWT")
57+
// .in(SecurityScheme.In.HEADER)
58+
// .name("Authorization"))
59+
// .addSecuritySchemes(
60+
// "refresh-token",
61+
// new SecurityScheme()
62+
// .type(SecurityScheme.Type.HTTP)
63+
// .scheme("Bearer")
64+
// .bearerFormat("JWT")
65+
// .in(SecurityScheme.In.HEADER)
66+
// .name("refreshToken"));
5567
}
5668
}
5769

0 commit comments

Comments
 (0)