Merge pull request #98 from zeze1004/chore/auth-permit-swagger

[#97] Swagger API 호출시 401 리턴되는 이슈 수정
zeze1004 · May 23, 2024 · 38678ef · 38678ef
2 parents e04d536 + 524cb7b
commit 38678ef
Show file tree

Hide file tree

Showing 7 changed files with 57 additions and 52 deletions.
diff --git a/src/main/java/org/wedding/adapter/in/web/security/JwtAuthenticationFilter.java b/src/main/java/org/wedding/adapter/in/web/security/JwtAuthenticationFilter.java
@@ -25,7 +25,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         String requestURI = request.getRequestURI();
 
         // 인증이 필요하지 않은 경로인 경우 바로 컨트롤러로 전달
-        if (requestURI.startsWith("/api/v1/auth/")) {
+        if (requestURI.startsWith("/api/v1/auth/") || requestURI.startsWith("/swagger-ui") || requestURI.startsWith(
+            "/v3/api-docs") || requestURI.startsWith("/favicon.ico") || requestURI.startsWith("/swagger-resources")) {
             filterChain.doFilter(request, response);
             return;
         }
@@ -35,15 +36,17 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         if (token != null && JwtUtils.validateToken(token)) {
             int userId = JwtUtils.getUserIdFromToken(token);
 
-            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
-                userId, null, Collections.emptyList());
+            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userId, null,
+                Collections.emptyList());
 
             SecurityContextHolder.getContext().setAuthentication(authentication);
-            filterChain.doFilter(request, response);
         } else {
             SecurityContextHolder.clearContext();
-            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid JWT Token");
+            return;
         }
+
+        filterChain.doFilter(request, response);
     }
 
     private String getTokenFromRequest(HttpServletRequest request) {

diff --git a/src/main/java/org/wedding/config/SecurityConfig.java b/src/main/java/org/wedding/config/SecurityConfig.java
@@ -7,7 +7,6 @@
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
@@ -31,7 +30,12 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .authorizeHttpRequests(auth -> auth
                 .requestMatchers(
-                    "/api/v1/auth/**"
+                    "/api/v1/auth/**",
+                    "/swagger-ui/**",
+                    "/swagger-resources/**",
+                    "/v3/api-docs/**",
+                    "/error",
+                    "/favicon.ico"
                 ).permitAll()
                 .anyRequest().authenticated()
             )
@@ -46,18 +50,6 @@ public AuthenticationManager authenticationManager(AuthenticationConfiguration a
         return authenticationConfiguration.getAuthenticationManager();
     }
 
-    @Bean
-    public WebSecurityCustomizer webSecurityCustomizer() {
-        return (web) -> web.ignoring()
-            .requestMatchers(
-                "/swagger-ui/**",
-                "/swagger-resources/**",
-                "/v3/api-docs/**",
-                "/error",
-                "/favicon.ico"
-            );
-    }
-
     @Bean
     public PasswordEncoder passwordEncoder() {
         return new BCryptPasswordEncoder();

diff --git a/src/main/java/org/wedding/config/SwaggerConfig.java b/src/main/java/org/wedding/config/SwaggerConfig.java
@@ -1,26 +1,33 @@
 package org.wedding.config;
 
 import org.springframework.context.annotation.Bean;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.context.annotation.Configuration;
 
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.Info;
+import io.swagger.v3.oas.models.security.SecurityRequirement;
+import io.swagger.v3.oas.models.security.SecurityScheme;
 
-@EnableWebMvc
+@Configuration
 public class SwaggerConfig {
 
     @Bean
     public OpenAPI openAPI() {
         return new OpenAPI()
-            .components(new Components())
+            .addSecurityItem(new SecurityRequirement().addList("BearerAuth"))
+            .components(new Components().addSecuritySchemes("BearerAuth",
+                new SecurityScheme()
+                    .type(SecurityScheme.Type.HTTP)
+                    .scheme("bearer")
+                    .bearerFormat("JWT")))
             .info(apiInfo());
     }
 
     private Info apiInfo() {
         return new Info()
-            .title("Wedding Project API 명세서")
-            .description("Wedding Project 프로젝트에 사용되는 API 명세서")
+            .title("Wedding JIRA Planner API 명세서")
+            .description("Wedding JIRA Planner 프로젝트에 사용되는 API 명세서")
             .version("1.0.0");
     }
 }
diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
diff --git a/src/main/resources/application-local.yml b/src/main/resources/application-local.yml
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -0,0 +1,30 @@
+# local 프로필 설정
+spring:
+  profiles:
+    active: local
+  datasource:
+    url: jdbc:mysql://localhost:3306/wedding
+    username: root
+    password:
+mybatis:
+  mapper-locations: classpath:mapper/**/*.xml
+  type-aliases-package: org.wedding.*
+  configuration:
+    map-underscore-to-camel-case: true
+  type-handlers-package: org.wedding.adapter.out.persistence.mybatis
+
+---
+
+# dev 프로필 설정
+spring:
+  config:
+    activate:
+      on-profile: dev
+  datasource:
+    url: jdbc:mysql://mysql:3306/wedding
+mybatis:
+  mapper-locations: classpath:mapper/**/*.xml
+  type-aliases-package: org.wedding.*
+  configuration:
+    map-underscore-to-camel-case: true
+  type-handlers-package: org.wedding.adapter.out.persistence.mybatis
diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml
@@ -3,6 +3,7 @@
     <include resource="org/springframework/boot/logging/logback/defaults.xml"/>
     <property name="LOG_DIR" value="logs"/>
     <property name="LOG_FILE" value="wedding.log"/>
+    <property name="CONSOLE_LOG_PATTERN" value="%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n"/>
 
     <springProfile name="local">
         <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">