Skip to content

Commit

Permalink
feat: Spring Security 설정 및 JWT, OAuth2 로그인 통합
Browse files Browse the repository at this point in the history
- CORS 설정: 로컬 개발 환경에서의 접근 허용 (http://localhost:8080, http://localhost:3000)
- OAuth2 로그인: 구글 로그인 후 성공 시 CustomOAuth2SuccessHandler 호출
- JWT 인증: JWT 토큰을 처리하는 TokenAuthenticationFilter와 예외 처리 필터 추가
- 세션 관리: 항상 세션 생성하도록 설정 (SessionCreationPolicy.ALWAYS)
- 인증 및 권한 설정: API 문서 및 구글 로그인 페이지를 제외한 모든 요청에 대해 인증 필요
- 예외 처리: JwtAuthenticationEntryPoint와 CustomAccessDeniedHandler를 통한 예외 처리
  • Loading branch information
yechan-kim committed Nov 16, 2024
1 parent 73f71da commit d5a02a4
Showing 1 changed file with 85 additions and 0 deletions.
85 changes: 85 additions & 0 deletions src/main/java/com/dpbr/dpbrbe/global/config/SecurityConfig.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
package com.dpbr.dpbrbe.global.config;

import lombok.RequiredArgsConstructor;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

import java.util.Arrays;
import java.util.List;

import com.dpbr.dpbrbe.global.auth.handler.CustomOAuth2SuccessHandler;
import com.dpbr.dpbrbe.global.error.exception.CustomAccessDeniedHandler;
import com.dpbr.dpbrbe.global.filter.ExceptionHandleFilter;
import com.dpbr.dpbrbe.global.jwt.JwtAuthenticationEntryPoint;
import com.dpbr.dpbrbe.global.jwt.JwtProvider;
import com.dpbr.dpbrbe.global.jwt.TokenAuthenticationFilter;

@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {

private final JwtProvider tokenProvider;
private final JwtAuthenticationEntryPoint authenticationEntryPoint;
private final CustomAccessDeniedHandler accessDeniedHandler;

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.httpBasic(AbstractHttpConfigurer::disable)
.cors((cors) -> cors
.configurationSource(corsConfigurationSource())
)
.csrf(AbstractHttpConfigurer::disable)
.formLogin(AbstractHttpConfigurer::disable)
.sessionManagement(
(sessionManagement) -> sessionManagement.sessionCreationPolicy(SessionCreationPolicy.ALWAYS))
.oauth2Login(oauth2 -> oauth2.successHandler(new CustomOAuth2SuccessHandler()));

http
.authorizeHttpRequests((authorize) ->
authorize
.requestMatchers("/v3/api-docs/**", "/swagger-ui/**").permitAll() // API 명세서
.requestMatchers("/login/**").permitAll() // 구글 로그인
.anyRequest().authenticated()
);

http
.exceptionHandling(exceptionHandlingCustomizer ->
exceptionHandlingCustomizer
.authenticationEntryPoint(authenticationEntryPoint)
.accessDeniedHandler(accessDeniedHandler)
);

http
.addFilterBefore(new TokenAuthenticationFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(new ExceptionHandleFilter(), TokenAuthenticationFilter.class);

return http.build();
}

@Bean
CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(Arrays.asList(
"http://localhost:8080",
"http://localhost:3000"));
configuration.setAllowedMethods(Arrays.asList("HEAD", "GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
configuration.setAllowCredentials(true);
configuration.setAllowedHeaders(List.of("*"));

UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
}

0 comments on commit d5a02a4

Please sign in to comment.