From 7def257df1e5728a1dd11bdecb03b198df3c2a0a Mon Sep 17 00:00:00 2001 From: jiwon1217 Date: Mon, 28 Jul 2025 13:10:11 +0900 Subject: [PATCH 1/3] =?UTF-8?q?:recycle:=20refactor:=20=EC=9E=84=EC=8B=9C?= =?UTF-8?q?=20=EC=9D=B8=EC=A6=9D=20=EA=B0=9D=EC=B2=B4=20=EC=83=9D=EC=84=B1?= =?UTF-8?q?=20=EA=B8=B0=EB=8A=A5=20=EC=82=AD=EC=A0=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../f1/backend/domain/user/entity/User.java | 2 - .../backend/global/config/SecurityConfig.java | 4 - .../global/filter/DevTokenAuthFilter.java | 76 ------------------- 3 files changed, 82 deletions(-) delete mode 100644 backend/src/main/java/io/f1/backend/global/filter/DevTokenAuthFilter.java diff --git a/backend/src/main/java/io/f1/backend/domain/user/entity/User.java b/backend/src/main/java/io/f1/backend/domain/user/entity/User.java index 4402e4e0..169f739a 100644 --- a/backend/src/main/java/io/f1/backend/domain/user/entity/User.java +++ b/backend/src/main/java/io/f1/backend/domain/user/entity/User.java @@ -15,12 +15,10 @@ import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; -import lombok.Setter; import java.time.LocalDateTime; @Getter -@Setter // quizService의 퀴즈 조회 메서드 구현 시까지 임시 사용 @Entity @Table(name = "`user`") @NoArgsConstructor diff --git a/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java b/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java index 652e201a..41c95493 100644 --- a/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java +++ b/backend/src/main/java/io/f1/backend/global/config/SecurityConfig.java @@ -6,7 +6,6 @@ import io.f1.backend.domain.user.app.handler.CustomAuthenticationEntryPoint; import io.f1.backend.domain.user.app.handler.OAuthSuccessHandler; import io.f1.backend.domain.user.app.handler.UserAndAdminLogoutSuccessHandler; -import io.f1.backend.global.filter.DevTokenAuthFilter; import lombok.RequiredArgsConstructor; @@ -19,7 +18,6 @@ import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.web.SecurityFilterChain; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @Configuration @EnableWebSecurity @@ -40,8 +38,6 @@ public class SecurityConfig { public SecurityFilterChain userFilterChain(HttpSecurity http) throws Exception { http.csrf(AbstractHttpConfigurer::disable) .cors(Customizer.withDefaults()) - .addFilterBefore( - new DevTokenAuthFilter(), UsernamePasswordAuthenticationFilter.class) .exceptionHandling( exception -> exception.authenticationEntryPoint(customAuthenticationEntryPoint)) diff --git a/backend/src/main/java/io/f1/backend/global/filter/DevTokenAuthFilter.java b/backend/src/main/java/io/f1/backend/global/filter/DevTokenAuthFilter.java deleted file mode 100644 index 0266a6b1..00000000 --- a/backend/src/main/java/io/f1/backend/global/filter/DevTokenAuthFilter.java +++ /dev/null @@ -1,76 +0,0 @@ -package io.f1.backend.global.filter; - -import io.f1.backend.domain.admin.dto.AdminPrincipal; -import io.f1.backend.domain.admin.entity.Admin; -import io.f1.backend.domain.user.dto.UserPrincipal; -import io.f1.backend.domain.user.entity.User; - -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; - -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.stereotype.Component; -import org.springframework.web.filter.OncePerRequestFilter; - -import java.io.IOException; -import java.time.LocalDateTime; -import java.util.List; -import java.util.Map; - -@Component -public class DevTokenAuthFilter extends OncePerRequestFilter { - - private static final String DEV_TOKEN = "dev-secret-token-1234"; - private static final String ADMIN_TOKEN = "admin-secret-token-1234"; - - @Override - protected void doFilterInternal( - HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) - throws ServletException, IOException { - - User fakeUser = - User.builder() - .provider("kakao") - .providerId("dev") - .lastLogin(LocalDateTime.now()) - .build(); - - fakeUser.setId(1L); - fakeUser.updateNickname("user"); - - UserPrincipal principal = new UserPrincipal(fakeUser, Map.of()); - - Admin fakeAdmin = - Admin.builder() - .id(1L) - .username("admin") - .password("admin") - .lastLogin(LocalDateTime.now()) - .build(); - - AdminPrincipal adminPrincipal = new AdminPrincipal(fakeAdmin); - - String authHeader = request.getHeader("Authorization"); - - if (authHeader != null && authHeader.equals("Bearer " + DEV_TOKEN)) { - List authorities = List.of(new SimpleGrantedAuthority("ROLE_USER")); - - Authentication auth = - new UsernamePasswordAuthenticationToken(principal, null, authorities); - SecurityContextHolder.getContext().setAuthentication(auth); - } else if (authHeader != null && authHeader.equals("Bearer " + ADMIN_TOKEN)) { - List authorities = List.of(new SimpleGrantedAuthority("ROLE_ADMIN")); - - Authentication auth = - new UsernamePasswordAuthenticationToken(adminPrincipal, null, authorities); - SecurityContextHolder.getContext().setAuthentication(auth); - } - filterChain.doFilter(request, response); - } -} From 18eed302842dabe70d86223470da208620e9dccb Mon Sep 17 00:00:00 2001 From: jiwon1217 Date: Mon, 28 Jul 2025 13:56:24 +0900 Subject: [PATCH 2/3] =?UTF-8?q?:recycle:=20refactor:=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=EB=A6=AC=EB=8B=A4=EC=9D=B4=EB=A0=89=ED=8A=B8=20url?= =?UTF-8?q?=20=ED=99=98=EA=B2=BD=EB=B3=80=EC=88=98=20=EB=B6=84=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../main/java/io/f1/backend/BackendApplication.java | 3 +++ .../domain/user/app/handler/OAuthSuccessHandler.java | 9 +++++---- .../domain/user/dto/OAuthRedirectProperties.java | 12 ++++++++++++ backend/src/main/resources/application.yml | 6 ++++++ 4 files changed, 26 insertions(+), 4 deletions(-) create mode 100644 backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java diff --git a/backend/src/main/java/io/f1/backend/BackendApplication.java b/backend/src/main/java/io/f1/backend/BackendApplication.java index e9ee8631..0509a874 100644 --- a/backend/src/main/java/io/f1/backend/BackendApplication.java +++ b/backend/src/main/java/io/f1/backend/BackendApplication.java @@ -1,11 +1,14 @@ package io.f1.backend; +import io.f1.backend.domain.user.dto.OAuthRedirectProperties; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.data.jpa.repository.config.EnableJpaAuditing; @EnableJpaAuditing @SpringBootApplication +@EnableConfigurationProperties(OAuthRedirectProperties.class) public class BackendApplication { public static void main(String[] args) { diff --git a/backend/src/main/java/io/f1/backend/domain/user/app/handler/OAuthSuccessHandler.java b/backend/src/main/java/io/f1/backend/domain/user/app/handler/OAuthSuccessHandler.java index 085f7644..5a616f6a 100644 --- a/backend/src/main/java/io/f1/backend/domain/user/app/handler/OAuthSuccessHandler.java +++ b/backend/src/main/java/io/f1/backend/domain/user/app/handler/OAuthSuccessHandler.java @@ -1,5 +1,6 @@ package io.f1.backend.domain.user.app.handler; +import io.f1.backend.domain.user.dto.OAuthRedirectProperties; import io.f1.backend.domain.user.dto.UserPrincipal; import jakarta.servlet.http.HttpServletRequest; @@ -17,6 +18,8 @@ @RequiredArgsConstructor public class OAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { + private final OAuthRedirectProperties redirectProperties; + @Override public void onAuthenticationSuccess( HttpServletRequest request, HttpServletResponse response, Authentication authentication) @@ -25,11 +28,9 @@ public void onAuthenticationSuccess( response.setContentType("application/json;charset=UTF-8"); if (principal.getUserNickname() == null) { - String SIGNUP_REDIRECT_URL = "http://localhost:3000/signup"; - getRedirectStrategy().sendRedirect(request, response, SIGNUP_REDIRECT_URL); + getRedirectStrategy().sendRedirect(request, response, redirectProperties.signupUrl()); } else { - String MAIN_REDIRECT_URL = "http://localhost:3000/room"; - getRedirectStrategy().sendRedirect(request, response, MAIN_REDIRECT_URL); + getRedirectStrategy().sendRedirect(request, response, redirectProperties.mainUrl()); } } } diff --git a/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java b/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java new file mode 100644 index 00000000..c625c4cd --- /dev/null +++ b/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java @@ -0,0 +1,12 @@ +package io.f1.backend.domain.user.dto; + +import org.springframework.boot.context.properties.ConfigurationProperties; + +@ConfigurationProperties(prefix = "custom.oauth.redirect") +public record OAuthRedirectProperties( + String signupUrl, + String mainUrl +) { + +} + diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml index c14341b2..714be876 100644 --- a/backend/src/main/resources/application.yml +++ b/backend/src/main/resources/application.yml @@ -64,6 +64,12 @@ server: secure: true http-only: true timeout: ${SESSION_TIMEOUT} + +custom: + oauth: + redirect: + signup-url: ${SIGNUP_URL} + main-url: ${MAIN_URL} --- spring: config: From 665a9d59819057dd53765a6d70e963dceb14d10c Mon Sep 17 00:00:00 2001 From: github-actions <> Date: Mon, 28 Jul 2025 04:57:05 +0000 Subject: [PATCH 3/3] =?UTF-8?q?chore:=20Java=20=EC=8A=A4=ED=83=80=EC=9D=BC?= =?UTF-8?q?=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/io/f1/backend/BackendApplication.java | 1 + .../backend/domain/user/dto/OAuthRedirectProperties.java | 8 +------- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/backend/src/main/java/io/f1/backend/BackendApplication.java b/backend/src/main/java/io/f1/backend/BackendApplication.java index 0509a874..b1411314 100644 --- a/backend/src/main/java/io/f1/backend/BackendApplication.java +++ b/backend/src/main/java/io/f1/backend/BackendApplication.java @@ -1,6 +1,7 @@ package io.f1.backend; import io.f1.backend.domain.user.dto.OAuthRedirectProperties; + import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.context.properties.EnableConfigurationProperties; diff --git a/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java b/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java index c625c4cd..43acfcb3 100644 --- a/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java +++ b/backend/src/main/java/io/f1/backend/domain/user/dto/OAuthRedirectProperties.java @@ -3,10 +3,4 @@ import org.springframework.boot.context.properties.ConfigurationProperties; @ConfigurationProperties(prefix = "custom.oauth.redirect") -public record OAuthRedirectProperties( - String signupUrl, - String mainUrl -) { - -} - +public record OAuthRedirectProperties(String signupUrl, String mainUrl) {}