diff --git a/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java b/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java index 8a52f08..ee4fcc9 100644 --- a/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java +++ b/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java @@ -64,6 +64,7 @@ public ResponseEntity tokenRotation(@AuthenticationPrincipal final UserDet final HttpHeaders headers = new HttpHeaders(); headers.add("Access-Token", tokenBox.getAccessToken()); headers.add("Refresh-Token", tokenBox.getRefreshToken()); + headers.add("Authority", tokenBox.getAuthority()); return ResponseEntity.ok().headers(headers).build(); } diff --git a/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java b/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java index 72a314f..eef3d68 100644 --- a/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java +++ b/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java @@ -9,10 +9,14 @@ import dmu.dasom.api.global.auth.jwt.JwtUtil; import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl; import lombok.RequiredArgsConstructor; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import java.util.Collection; +import java.util.Iterator; + @RequiredArgsConstructor @Service @Transactional(readOnly = true) @@ -49,7 +53,13 @@ public void signUp(final SignupRequestDto request) { // 토큰 갱신 @Override public TokenBox tokenRotation(final UserDetailsImpl userDetails) { - return jwtUtil.tokenRotation(userDetails); + final Collection authorities = userDetails.getAuthorities(); + final Iterator iterator = authorities.iterator(); + final GrantedAuthority auth = iterator.next(); + + final String authority = auth.getAuthority(); + + return jwtUtil.tokenRotation(userDetails.getUsername(), authority); } } diff --git a/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java b/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java index 7ebf7b3..7d27da7 100644 --- a/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java +++ b/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java @@ -19,4 +19,8 @@ public class TokenBox { @NotNull private String refreshToken; + @Schema(description = "권한") + @NotNull + private String authority; + } diff --git a/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java b/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java index 1338812..63e997a 100644 --- a/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java +++ b/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java @@ -17,9 +17,12 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import java.io.IOException; +import java.util.Collection; +import java.util.Iterator; @RequiredArgsConstructor public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter { @@ -47,12 +50,19 @@ protected void successfulAuthentication(final HttpServletRequest request, final // 기존 토큰 만료 처리 jwtUtil.blacklistTokens(authResult.getName()); + final Collection authorities = authResult.getAuthorities(); + final Iterator iterator = authorities.iterator(); + final GrantedAuthority auth = iterator.next(); + + final String authority = auth.getAuthority(); + // 토큰 생성 - final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName()); + final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName(), authority); response.setStatus(HttpStatus.OK.value()); response.setHeader("Access-Token", tokenBox.getAccessToken()); response.setHeader("Refresh-Token", tokenBox.getRefreshToken()); + response.setHeader("Authority", tokenBox.getAuthority()); } @Override diff --git a/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java b/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java index ee5ec28..1ebe6e3 100644 --- a/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java +++ b/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java @@ -38,10 +38,11 @@ public JwtUtil(@Value("${jwt.secret}") final String secretKey, final StringRedis } // Access, Refresh 토큰 생성 - public TokenBox generateTokenBox(final String email) { + public TokenBox generateTokenBox(final String email, final String authority) { final TokenBox tokenBox = TokenBox.builder() .accessToken(generateToken(email, accessTokenExpiration)) .refreshToken(generateToken(email, refreshTokenExpiration)) + .authority(authority) .build(); saveTokens(tokenBox, email); @@ -132,9 +133,9 @@ public boolean isExpired(final String token) { } // Access, Refresh 토큰 갱신 - public TokenBox tokenRotation(final UserDetailsImpl userDetails) { - blacklistTokens(userDetails.getUsername()); - return generateTokenBox(userDetails.getUsername()); + public TokenBox tokenRotation(final String email, final String authority) { + blacklistTokens(email); + return generateTokenBox(email, authority); } }