Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: security 관련 Bean 추가 구현 #13

Merged
merged 4 commits into from
May 8, 2024
Merged

Feature: security 관련 Bean 추가 구현 #13

merged 4 commits into from
May 8, 2024

Conversation

lcomment
Copy link
Collaborator

@lcomment lcomment commented May 7, 2024

Issue Number

#4

Description

  • 인증 필터 및 예외 필터 구현
  • 소셜 로그인 Provider 관련 Factory 구현
  • 로그인 유저 관련 Resolver 구현

Core Code

. . .
	public String getProviderId(Provider provider, String idToken) {
		return getProvider(provider).getProviderId(idToken);
	}

	private OidcProvider getProvider(Provider provider) {
		OidcProvider oidcProvider = authProviderMap.get(provider);

		if (oidcProvider == null) {
			throw new CakkException(ReturnCode.WRONG_PROVIDER);
		}

		return oidcProvider;
	}
. . .
  • EnumMap을 활용하여 Factory를 구현하였습니다.
  • 필터에서 발생하는 예외는 디스패처 서블릿까지 넘어오지 않기 때문에 예외 필터를 따로 구성하였습니다.

etc

@lcomment lcomment added the feature 새로운 기능 개발 label May 7, 2024
@lcomment lcomment requested a review from YongsHub May 7, 2024 07:40
@lcomment lcomment self-assigned this May 7, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 7, 2024

Test Results

7 tests  ±0   6 ✅  - 1   1s ⏱️ ±0s
2 suites ±0   1 💤 +1 
2 files   ±0   0 ❌ ±0 

Results for commit e7e12db. ± Comparison against base commit 6a5678d.

This pull request removes 1 and adds 1 tests. Note that renamed tests count towards both. 
com.cakk.api.ArchitectureTest ‑ Provider 클래스는 Service, Provider 클래스에만 의존해야 한다.

com.cakk.api.ArchitectureTest ‑ Provider 클래스는 Service, Filter, Provider 클래스에만 의존해야 한다.

YongsHub
YongsHub approved these changes May 7, 2024
View reviewed changes
Copy link
Contributor

@YongsHub YongsHub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

고생하셨습니다

cakk-api/src/main/java/com/cakk/api/filter/JwtExceptionFilter.java
Comment on lines +25 to +33
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws
ServletException,
IOException {
try {
filterChain.doFilter(request, response);
} catch (CakkException exception) {
setErrorResponse(exception.getReturnCode(), response);
}
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JwtExceptionFilter에 대해서는 Interceptor에서 하지 않고 Filter에서 처리하는 이유가 Spring Security에서 필터를 활용하기 때문인가요~?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

네, 맞습니다. Security 설정 시, 필터의 순서를 결정할 수 있습니다. 이 필터들이 doFilter 메서드를 통해 다음 필터로 넘기고 마지막에 디스패처 서블릿으로 요청을 위임하는데, 필터에서 예외처리를 하지 않으면 서버 에러가 그대로 내려오게 됩니다. 그래서 ExceptionFilter를 인증 필터 뒤에 설정한거구요.

인터셉터는 디스패쳐 서블릿에서 받는 요청과 응답에 대해 컨트롤하는, 스프링 컨테이너와 관련된 기술이므로, 필터가 맞다고 판단했습니다.

@lcomment lcomment merged commit fa69753 into master May 8, 2024
2 checks passed
@lcomment lcomment deleted the feature/#4 branch May 8, 2024 00:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YongsHub YongsHub YongsHub approved these changes

Assignees

@lcomment lcomment

Labels
feature 새로운 기능 개발
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lcomment @YongsHub