Merge pull request #31 from prgrms-web-devcourse-final-project/fix/token/1

[fix] : validateToken 원상복구 - 토큰 검증 로직 오류 수정

Author: Hyeromon

src/main/java/org/dfbf/soundlink/global/auth/JwtAuthenticationFilter.java

@@ -10,63 +10,88 @@
 import lombok.RequiredArgsConstructor;
 import org.dfbf.soundlink.global.exception.ErrorCode;
 import org.dfbf.soundlink.global.exception.ResponseResult;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
 
+@Component
 @RequiredArgsConstructor
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
+
     private final JwtProvider jwtProvider;
     private final ObjectMapper objectMapper = new ObjectMapper();
 
+    private static final Logger logger = LoggerFactory.getLogger(JwtAuthenticationFilter.class);
+
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
             throws ServletException, IOException {
-    String accessToken = jwtProvider.resolveAccessToken(request);       //1.Access Token 추출
+
+        String accessToken = jwtProvider.resolveAccessToken(request);  // 1. Access Token 추출
+        logger.info("Extracted Access Token: {}", accessToken);
 
         try {
-            if(accessToken !=null && jwtProvider.validateToken(accessToken)) {  //2.유효성 검사
-                this.setAuthentication(accessToken);                            //3.유저정보 저장
-                }
-            filterChain.doFilter(request, response); //필터 체인 진행(전달)
+            if (accessToken != null && jwtProvider.validateToken(accessToken)) {  // 2. 유효성 검사
+                logger.info("Valid JWT Token found, setting authentication.");
+                setAuthentication(accessToken);  // 3. 유저 정보 저장
+            } else {
+                logger.warn("Invalid JWT Token or token is null");
+            }
         } catch (ExpiredJwtException e) {
-            handleException(response, ErrorCode.TOKEN_EXPIRED);
+            logger.error("Expired JWT Token: {}", e.getMessage(), e);  // 토큰 만료 예외 처리
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setContentType("application/json");
+            response.setCharacterEncoding("UTF-8");
+            response.getWriter().write(objectMapper.writeValueAsString(new ResponseResult(ErrorCode.TOKEN_EXPIRED)));
+            return;
         } catch (JwtException e) {
-            handleException(response, ErrorCode.TOKEN_INVALID);
-        }catch (Exception e) {
-            handleException(response, ErrorCode.INTERNAL_SERVER_ERROR);
+            logger.error("Invalid JWT Token: {}", e.getMessage(), e);  // 유효하지 않은 토큰 예외 처리
+            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            response.setContentType("application/json");
+            response.setCharacterEncoding("UTF-8");
+            response.getWriter().write(objectMapper.writeValueAsString(new ResponseResult(ErrorCode.TOKEN_INVALID)));
+            return;
+        } catch (IllegalArgumentException e) {
+            logger.error("Illegal Argument Exception: {}", e.getMessage(), e);  // 잘못된 인자 예외 처리
+            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+            response.setContentType("application/json");
+            response.setCharacterEncoding("UTF-8");
+            response.getWriter().write(objectMapper.writeValueAsString(new ResponseResult(ErrorCode.INTERNAL_SERVER_ERROR)));
+            return;
+        } catch (Exception e) {
+            logger.error("Unexpected error during token validation: {}", e.getMessage(), e);  // 예상치 못한 예외 처리
+            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "서버 오류가 발생했습니다.");
+            return;
         }
-    }
 
+        logger.info("Proceeding with filter chain.");
+        filterChain.doFilter(request, response);  // 필터 체인 진행
+    }
 
-    //유저정보 저장
+    // 유저 정보 저장
     public void setAuthentication(String token) {
-        Long userId = jwtProvider.getUserId(token); //userId 추출
+        Long userId = jwtProvider.getUserId(token);  // userId 추출
+        logger.info("Extracted userId from JWT: {}", userId);
 
         if (userId == null) {
+            logger.error("userId cannot be null");
             throw new IllegalArgumentException("userId cannot be null");
         }
 
         CustomUserDetails userDetails = new CustomUserDetails(userId);
+        logger.info("UserDetails created for userId: {}", userId);
 
-        // 인증토큰 생성
+        // 인증 토큰 생성
         UsernamePasswordAuthenticationToken authentication =
                 new UsernamePasswordAuthenticationToken(userId, null, userDetails.getAuthorities());
 
-        // 인증정보 설정
+        // 인증 정보 설정
         SecurityContextHolder.getContext().setAuthentication(authentication);
+        logger.info("Authentication set for userId: {}", userId);
     }
-
-    // 예외 발생 시 JSON 응답을 반환하는 메서드
-    private void handleException(HttpServletResponse response, ErrorCode errorCode) throws IOException {
-        ResponseResult responseResult = new ResponseResult(errorCode);
-
-        response.setStatus(errorCode.getStatus().value());
-        response.setContentType("application/json");
-        response.setCharacterEncoding("UTF-8");
-        response.getWriter().write(objectMapper.writeValueAsString(responseResult));
-    }
-
 }

src/main/java/org/dfbf/soundlink/global/auth/JwtProvider.java

@@ -5,6 +5,9 @@
 import io.jsonwebtoken.security.SignatureException;
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
+import org.dfbf.soundlink.domain.user.exception.ExpiredTokenException;
+import org.dfbf.soundlink.global.exception.ErrorCode;
+import org.dfbf.soundlink.global.exception.ResponseResult;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -71,15 +74,14 @@ public boolean validateToken(String token){
                     .build()
                     .parseClaimsJws(token);     //토큰 유효한지 확인.
             return true;
-        }catch (ExpiredJwtException e) {
-            throw e; // 만료된 토큰 예외 그대로 던짐
-        } catch (JwtException e) {
-            throw e; // 기타 JWT 관련 예외도 그대로 던짐
         } catch (Exception e) {
-            throw new RuntimeException("서버 내부 오류 발생", e);
+            System.out.println("[ERROR] Token validation failed: ");
+            return false;
         }
     }
 
+
+
     //액세스토큰 추출
     public String resolveAccessToken(HttpServletRequest request) {
         String bearerToken = request.getHeader("Authorization"); //토큰을 헤더에 포함했는지