gc/gc-guide-api
2
0
포크 0
코드 이슈 풀 리퀘스트 Actions 위키 활동

Compare commits

base: gc:c295da16d11f861982127c9f5159e4c5e76085f5
브랜치 태그
gc:main
gc:develop
gc:feature/proxy-auth
gc:fix/logging-guideline
gc:fix/sync-commit-msg
gc:feature/audit-log
gc:feature/wing-proxy
gc:codex/wing-login
gc:feature/admin-and-api
gc:feature/auth-api
..
compare: gc:19551659854c5bbe7c88f0dc15d93c7f8ce92756
브랜치 태그
gc:main
gc:develop
gc:feature/proxy-auth
gc:fix/logging-guideline
gc:fix/sync-commit-msg
gc:feature/audit-log
gc:feature/wing-proxy
gc:codex/wing-login
gc:feature/admin-and-api
gc:feature/auth-api

No commits in common. "c295da16d11f861982127c9f5159e4c5e76085f5" and "19551659854c5bbe7c88f0dc15d93c7f8ce92756" have entirely different histories.
c295da16d1 ... 1955165985

1개의 변경된 파일1개의 추가작업 그리고 32개의 파일을 삭제
Show Stats Expand all files Collapse all files

33
src/main/java/com/gcsc/guide/config/SecurityConfig.java
파일 보기

@ -1,13 +1,10 @@
package com.gcsc.guide.config; package com.gcsc.guide.config;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.gcsc.guide.auth.JwtAuthenticationFilter; import com.gcsc.guide.auth.JwtAuthenticationFilter;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
@ -17,9 +14,7 @@ import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.time.LocalDateTime;
import java.util.List; import java.util.List;
import java.util.Map;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@ -27,7 +22,6 @@ import java.util.Map;
public class SecurityConfig { public class SecurityConfig {
private final JwtAuthenticationFilter jwtAuthenticationFilter; private final JwtAuthenticationFilter jwtAuthenticationFilter;
private final ObjectMapper objectMapper;
@Value("${app.cors.allowed-origins:http://localhost:5173,https://guide.gc-si.dev}") @Value("${app.cors.allowed-origins:http://localhost:5173,https://guide.gc-si.dev}")
private List<String> allowedOrigins; private List<String> allowedOrigins;
@ -52,30 +46,6 @@ public class SecurityConfig {
.requestMatchers("/api/admin/**").authenticated() .requestMatchers("/api/admin/**").authenticated()
.anyRequest().authenticated() .anyRequest().authenticated()
) )
.exceptionHandling(ex -> ex
.authenticationEntryPoint((request, response, authException) -> {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
objectMapper.writeValue(response.getOutputStream(), Map.of(
"status", 401,
"error", "Unauthorized",
"message", "인증이 필요합니다. JWT 토큰을 Authorization 헤더에 포함하세요.",
"timestamp", LocalDateTime.now().toString()
));
})
.accessDeniedHandler((request, response, accessDeniedException) -> {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
objectMapper.writeValue(response.getOutputStream(), Map.of(
"status", 403,
"error", "Forbidden",
"message", "접근 권한이 없습니다.",
"timestamp", LocalDateTime.now().toString()
));
})
)
.headers(headers -> headers.frameOptions(frame -> frame.sameOrigin())) .headers(headers -> headers.frameOptions(frame -> frame.sameOrigin()))
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
@ -88,12 +58,11 @@ public class SecurityConfig {
config.setAllowedOrigins(allowedOrigins); config.setAllowedOrigins(allowedOrigins);
config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS")); config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
config.setAllowedHeaders(List.of("*")); config.setAllowedHeaders(List.of("*"));
config.setExposedHeaders(List.of("Authorization"));
config.setAllowCredentials(true); config.setAllowCredentials(true);
config.setMaxAge(3600L); config.setMaxAge(3600L);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", config); source.registerCorsConfiguration("/api/**", config);
return source; return source;
} }
} }