-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
Showing
8 changed files
with
219 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
19 changes: 19 additions & 0 deletions
19
cakk-api/src/main/java/com/cakk/api/provider/oauth/OidcProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
package com.cakk.api.provider.oauth; | ||
|
||
import static com.cakk.common.utils.DecodeUtils.*; | ||
|
||
import java.io.IOException; | ||
import java.security.GeneralSecurityException; | ||
import java.util.Map; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
|
||
public abstract class OidcProvider { | ||
|
||
public abstract String getProviderId(String idToken) throws GeneralSecurityException, IOException; | ||
|
||
protected Map<String, String> parseHeaders(String token) throws IOException { | ||
String header = token.split("\\.")[0]; | ||
return new ObjectMapper().readValue(decodeBase64(header), Map.class); | ||
} | ||
} |
41 changes: 41 additions & 0 deletions
41
cakk-api/src/main/java/com/cakk/api/provider/oauth/PublicKeyProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
package com.cakk.api.provider.oauth; | ||
|
||
import static com.cakk.common.enums.ReturnCode.*; | ||
import static com.cakk.common.utils.DecodeUtils.*; | ||
|
||
import java.math.BigInteger; | ||
import java.security.KeyFactory; | ||
import java.security.NoSuchAlgorithmException; | ||
import java.security.PublicKey; | ||
import java.security.spec.InvalidKeySpecException; | ||
import java.security.spec.RSAPublicKeySpec; | ||
import java.util.Map; | ||
|
||
import org.springframework.stereotype.Component; | ||
|
||
import com.cakk.client.vo.OidcPublicKey; | ||
import com.cakk.client.vo.OidcPublicKeyList; | ||
import com.cakk.common.exception.CakkException; | ||
|
||
@Component | ||
public class PublicKeyProvider { | ||
|
||
public PublicKey generatePublicKey(Map<String, String> tokenHeaders, OidcPublicKeyList publicKeys) { | ||
OidcPublicKey publicKey = publicKeys.getMatchedKey(tokenHeaders.get("kid"), tokenHeaders.get("alg")); | ||
|
||
return getPublicKey(publicKey); | ||
} | ||
|
||
private PublicKey getPublicKey(OidcPublicKey publicKey) { | ||
byte[] nBytes = decodeBase64(publicKey.n()); | ||
byte[] eBytes = decodeBase64(publicKey.e()); | ||
|
||
RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(new BigInteger(1, nBytes), new BigInteger(1, eBytes)); | ||
|
||
try { | ||
return KeyFactory.getInstance(publicKey.kty()).generatePublic(publicKeySpec); | ||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) { | ||
throw new CakkException(EXTERNAL_SERVER_ERROR); | ||
} | ||
} | ||
} |
11 changes: 11 additions & 0 deletions
11
cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/AppleAuthProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
package com.cakk.api.provider.oauth.impl; | ||
|
||
import com.cakk.api.provider.oauth.OidcProvider; | ||
|
||
public class AppleAuthProvider extends OidcProvider { | ||
|
||
@Override | ||
public String getProviderId(String idToken) { | ||
return null; | ||
} | ||
} |
36 changes: 36 additions & 0 deletions
36
cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/GoogleAuthProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
package com.cakk.api.provider.oauth.impl; | ||
|
||
import static com.cakk.common.enums.ReturnCode.*; | ||
|
||
import java.io.IOException; | ||
import java.security.GeneralSecurityException; | ||
|
||
import org.springframework.stereotype.Component; | ||
|
||
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; | ||
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier; | ||
|
||
import lombok.RequiredArgsConstructor; | ||
|
||
import com.cakk.api.provider.oauth.OidcProvider; | ||
import com.cakk.common.exception.CakkException; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class GoogleAuthProvider extends OidcProvider { | ||
|
||
private final GoogleIdTokenVerifier googleIdTokenVerifier; | ||
|
||
@Override | ||
public String getProviderId(String idToken) { | ||
return getGoogleIdToken(idToken).getPayload().getSubject(); | ||
} | ||
|
||
private GoogleIdToken getGoogleIdToken(String idToken) { | ||
try { | ||
return googleIdTokenVerifier.verify(idToken); | ||
} catch (GeneralSecurityException | IOException e) { | ||
throw new CakkException(EXTERNAL_SERVER_ERROR); | ||
} | ||
} | ||
} |
19 changes: 19 additions & 0 deletions
19
cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/KakaoAuthProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
package com.cakk.api.provider.oauth.impl; | ||
|
||
import org.springframework.stereotype.Component; | ||
import lombok.RequiredArgsConstructor; | ||
|
||
import com.cakk.api.provider.oauth.OidcProvider; | ||
import com.cakk.client.web.KakaoAuthClient; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class KakaoAuthProvider extends OidcProvider { | ||
|
||
private final KakaoAuthClient kakaoAuthClient; | ||
|
||
@Override | ||
public String getProviderId(String idToken) { | ||
return null; | ||
} | ||
} |
91 changes: 91 additions & 0 deletions
91
cakk-api/src/main/java/com/cakk/api/vo/OAuthUserDetails.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
package com.cakk.api.vo; | ||
|
||
import java.util.Collection; | ||
import java.util.List; | ||
import java.util.Map; | ||
|
||
import org.springframework.security.core.GrantedAuthority; | ||
import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.security.oauth2.core.oidc.OidcIdToken; | ||
import org.springframework.security.oauth2.core.oidc.OidcUserInfo; | ||
import org.springframework.security.oauth2.core.oidc.user.OidcUser; | ||
import org.springframework.security.oauth2.core.user.OAuth2User; | ||
|
||
import com.cakk.domain.entity.user.User; | ||
|
||
public class OAuthUserDetails implements UserDetails, OidcUser, OAuth2User { | ||
|
||
private final User user; | ||
private final Map<String, Object> attribute; | ||
|
||
public OAuthUserDetails(User user, Map<String, Object> attribute) { | ||
this.user = user; | ||
this.attribute = attribute; | ||
} | ||
|
||
public OAuthUserDetails(User user) { | ||
this.user = user; | ||
this.attribute = Map.of("id", user.getId()); | ||
} | ||
|
||
@Override | ||
public String getName() { | ||
return user.getId().toString(); | ||
} | ||
|
||
@Override | ||
public Map<String, Object> getAttributes() { | ||
return attribute; | ||
} | ||
|
||
@Override | ||
public Collection<? extends GrantedAuthority> getAuthorities() { | ||
return List.of(new SimpleGrantedAuthority(user.getRole().getSecurityRole())); | ||
} | ||
|
||
@Override | ||
public String getPassword() { | ||
return "password"; | ||
} | ||
|
||
@Override | ||
public String getUsername() { | ||
return user.getId().toString(); | ||
} | ||
|
||
@Override | ||
public boolean isAccountNonExpired() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isAccountNonLocked() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isCredentialsNonExpired() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public boolean isEnabled() { | ||
return true; | ||
} | ||
|
||
@Override | ||
public Map<String, Object> getClaims() { | ||
return null; | ||
} | ||
|
||
@Override | ||
public OidcUserInfo getUserInfo() { | ||
return null; | ||
} | ||
|
||
@Override | ||
public OidcIdToken getIdToken() { | ||
return null; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters