From 474a7c465d1fccff4bb953b9091efe98cbfd4058 Mon Sep 17 00:00:00 2001 From: ammerss Date: Fri, 1 Apr 2022 01:45:26 -0400 Subject: [PATCH 1/2] feat: Takes refresh token to generate new tokens --- .../controller/AuthenticateController.java | 12 ++++++++ .../domain/user/jwt/AuthTokenFilter.java | 30 +++++++++++++------ 2 files changed, 33 insertions(+), 9 deletions(-) diff --git a/src/main/java/tp/farming_springboot/controller/AuthenticateController.java b/src/main/java/tp/farming_springboot/controller/AuthenticateController.java index dffe4d5..ca7def7 100644 --- a/src/main/java/tp/farming_springboot/controller/AuthenticateController.java +++ b/src/main/java/tp/farming_springboot/controller/AuthenticateController.java @@ -7,10 +7,13 @@ import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.security.core.Authentication; import org.springframework.web.bind.annotation.*; import tp.farming_springboot.domain.user.dto.TokenDto; import tp.farming_springboot.domain.user.dto.UserAuthenDto; import tp.farming_springboot.domain.user.dto.UserCreateDto; +import tp.farming_springboot.domain.user.model.User; +import tp.farming_springboot.domain.user.repository.UserRepository; import tp.farming_springboot.domain.user.service.AuthenticateService; import tp.farming_springboot.domain.user.service.OtpService; import tp.farming_springboot.domain.user.service.SmsService; @@ -20,6 +23,7 @@ import tp.farming_springboot.response.StatusEnum; import tp.farming_springboot.response.Message; import java.nio.charset.Charset; +import java.util.Optional; @CrossOrigin @RestController @@ -31,6 +35,7 @@ public class AuthenticateController { private final SmsService smsService; private final AuthenticateService authenticateService; private final UserService userService; + private final UserRepository userRepository; public HttpHeaders HttpHeaderSetting(){ HttpHeaders headers = new HttpHeaders(); @@ -47,6 +52,13 @@ public ResponseEntity temp(@RequestBody UserAuthenDto logger){ } //renew tokens + @GetMapping("/gen-tokens") + public ResponseEntity sendTokens(Authentication authentication){ + Optional user = userRepository.findByPhone(authentication.getName()); + TokenDto tokenDto = authenticateService.getNewTokens(user.get().getPhone()); + Message message = new Message(StatusEnum.OK,"Generating token success.", tokenDto); + return new ResponseEntity<>(message, HttpHeaderSetting(), HttpStatus.OK); + } //send otp number to user @PostMapping("/request-otp") diff --git a/src/main/java/tp/farming_springboot/domain/user/jwt/AuthTokenFilter.java b/src/main/java/tp/farming_springboot/domain/user/jwt/AuthTokenFilter.java index a854510..86842ec 100644 --- a/src/main/java/tp/farming_springboot/domain/user/jwt/AuthTokenFilter.java +++ b/src/main/java/tp/farming_springboot/domain/user/jwt/AuthTokenFilter.java @@ -18,7 +18,7 @@ import org.springframework.util.StringUtils; import org.springframework.web.filter.OncePerRequestFilter; import tp.farming_springboot.response.StatusEnum; - +import java.util.HashMap; @RequiredArgsConstructor @Component @@ -43,12 +43,19 @@ public class AuthTokenFilter extends OncePerRequestFilter { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException { try { - String jwt = parseJwt(request); - if (jwtUtils.validateJwtToken(jwt)) { + HashMap map = parseJwt(request); + if(map.containsKey("access")){ + String jwt = map.get("access"); + jwtUtils.validateJwtToken(jwt); String username = jwtUtils.getUserNameFromJwtToken(jwt); jwtUtils.createAuthentication(username); } - + else if(map.containsKey("refresh")){ + String jwt = map.get("refresh"); + jwtUtils.validateJwtRefresh(jwt); + String username = jwtUtils.getUserNameFromJwtRefreshToken(jwt); + jwtUtils.createAuthentication(username); + } filterChain.doFilter(request, response); } catch(BadCredentialsException e) { @@ -85,14 +92,19 @@ protected boolean shouldNotFilter(HttpServletRequest request) { return EXCLUDE_URL.stream().anyMatch(exclude -> exclude.equalsIgnoreCase(request.getServletPath())); } - private String parseJwt(HttpServletRequest request) { + private HashMap parseJwt(HttpServletRequest request) { String headerAuth = request.getHeader("Authorization"); - + HashMap map = new HashMap<>(); if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) { - return headerAuth.substring(7); - } else { + map.put("access",headerAuth.substring(7)); + } + else if(StringUtils.hasText(headerAuth) && headerAuth.startsWith("Refresh ")){ + map.put("refresh",headerAuth.substring(8)); + } + else { throw new BadCredentialsException("토큰 정보가 헤더에 없습니다."); } - + return map; } + } \ No newline at end of file From 53328c6c2e76463309f5cdbe425126a1f9622690 Mon Sep 17 00:00:00 2001 From: ammerss Date: Fri, 1 Apr 2022 01:57:21 -0400 Subject: [PATCH 2/2] fix: import error fixed --- .../tp/farming_springboot/api/AuthenticateController.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/tp/farming_springboot/api/AuthenticateController.java b/src/main/java/tp/farming_springboot/api/AuthenticateController.java index e392889..6cb4f33 100644 --- a/src/main/java/tp/farming_springboot/api/AuthenticateController.java +++ b/src/main/java/tp/farming_springboot/api/AuthenticateController.java @@ -14,6 +14,8 @@ import tp.farming_springboot.application.dto.request.UserCreateDto; import tp.farming_springboot.application.AuthenticateService; import tp.farming_springboot.application.OtpService; +import tp.farming_springboot.domain.entity.User; +import tp.farming_springboot.domain.repository.UserRepository; import tp.farming_springboot.infra.SmsService; import tp.farming_springboot.application.UserService; import tp.farming_springboot.domain.exception.UserExistsException; @@ -53,7 +55,7 @@ public ResponseEntity temp(@RequestBody UserAuthenDto logger){ public ResponseEntity sendTokens(Authentication authentication){ Optional user = userRepository.findByPhone(authentication.getName()); TokenDto tokenDto = authenticateService.getNewTokens(user.get().getPhone()); - Message message = new Message(StatusEnum.OK,"Generating token success.", tokenDto); + ApiResponse message = new ApiResponse(ResultCode.OK,"Generating token success.", tokenDto); return new ResponseEntity<>(message, HttpHeaderSetting(), HttpStatus.OK); }