PR for review

.gitignore

@@ -4,6 +4,11 @@ build/
 !gradle/wrapper/gradle-wrapper.jar
 !**/src/main/**/build/
 !**/src/test/**/build/
+application-prod.yaml
+aws.yaml
+
+**/src/main/resources/application*
+**/src/main/resources/application-local.yaml
 
 ### STS ###
 .apt_generated

build.gradle

@@ -19,12 +19,41 @@ repositories {
 }
 
 dependencies {
-    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-    implementation 'org.springframework.boot:spring-boot-starter-web'
+    implementation 'org.springframework.boot:spring-boot-starter-web:2.5.3'
+    developmentOnly 'org.springframework.boot:spring-boot-devtools:2.5.3'
+
+    runtimeOnly 'com.h2database:h2:1.4.200'
+//    runtimeOnly 'mysql:mysql-connector-java'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa:2.5.3'
+
+    implementation 'org.springframework.boot:spring-boot-starter-actuator'
+    implementation 'de.codecentric:spring-boot-admin-starter-client:2.4.1'
+
+    implementation 'org.springdoc:springdoc-openapi-ui:1.5.7'
+
+    //security
+    implementation 'org.springframework.boot:spring-boot-starter-security:2.5.3'
+    implementation 'org.springframework.security:spring-security-test:5.5.1'
+
+    //jwt
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.2'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.2'
+
+    //redis
+    implementation 'org.springframework.boot:spring-boot-starter-data-redis'
+    implementation 'org.modelmapper:modelmapper:2.3.6'
+
+    // aws cloud
+    implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-aws', version: '2.2.6.RELEASE'
+
+    //sms 인증
+    implementation 'net.nurigo:javaSDK:2.2'
+
+
     compileOnly 'org.projectlombok:lombok'
-    developmentOnly 'org.springframework.boot:spring-boot-devtools'
-    runtimeOnly 'com.h2database:h2'
     annotationProcessor 'org.projectlombok:lombok'
+
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
 }
 

src/main/java/com/example/youtubedb/YoutubeDbApplication.java

@@ -1,13 +1,19 @@
 package com.example.youtubedb;
 
-import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @SpringBootApplication
+@EnableJpaAuditing
 public class YoutubeDbApplication {
+    public static final String APPLICATION_LOCATIONS = "spring.config.location="
+            + "classpath:application.yaml,"
+            + "classpath:aws.yaml";
 
     public static void main(String[] args) {
-        SpringApplication.run(YoutubeDbApplication.class, args);
+        new SpringApplicationBuilder(YoutubeDbApplication.class)
+                .properties(APPLICATION_LOCATIONS)
+                .run(args);
     }
-
 }

src/main/java/com/example/youtubedb/config/MultiSecurityConfig.java

@@ -0,0 +1,90 @@
+/*
+package com.example.youtubedb.config;
+
+import com.example.youtubedb.auth.JwtAuthenticationFilter;
+import com.example.youtubedb.auth.JwtTokenProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@EnableWebSecurity
+public class MultiSecurityConfig {
+
+    @Configuration
+    @Order(1)
+    public static class ApiWebSecurityConfigurationAdapter extends WebSecurityConfigurerAdapter {
+
+        private final JwtTokenProvider jwtTokenProvider;
+
+        @Autowired
+        public ApiWebSecurityConfigurationAdapter(JwtTokenProvider jwtTokenProvider) {
+            this.jwtTokenProvider = jwtTokenProvider;
+        }
+
+        @Bean
+        public PasswordEncoder passwordEncoder() {
+            return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+        }
+
+        @Bean
+        @Override
+        public AuthenticationManager authenticationManagerBean() throws Exception {
+            return super.authenticationManagerBean();
+        }
+
+        protected void configure(HttpSecurity http) throws Exception {
+            http
+                    .headers().frameOptions().disable() // h2 콘솔때문에
+                    .and()
+                    .httpBasic().disable()
+                    .csrf().disable()
+                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                    .and()
+                    .authorizeRequests()
+                    .antMatchers("/api/member/**").permitAll()
+                    .antMatchers("/api/**").hasAnyRole("USER", "ADMIN")
+                    .antMatchers("/admin/**").hasRole("ADMIN")
+                    .anyRequest().permitAll()
+                    .and()
+                    .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider),
+                            UsernamePasswordAuthenticationFilter.class);
+        }
+    }
+
+    @Configuration
+    public static class FormLoginWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
+
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http
+                    .headers().frameOptions().disable() // h2 콘솔때문에
+                    .and()
+                    .httpBasic().disable()
+                    .csrf().disable()
+                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                    .and()
+                    .authorizeRequests()
+                    .antMatchers("/api/member/**").permitAll()
+                    .antMatchers("/api/**").hasAnyRole("USER", "ADMIN")
+                    .antMatchers("/admin/**").hasRole("ADMIN")
+                    .anyRequest().permitAll()
+                    .and()
+                    .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider),
+                            UsernamePasswordAuthenticationFilter.class).formLogin();
+
+
+        }
+    }
+}*/
+
+
+// 그냥 테스트 페이지 무시 ㄱ

src/main/java/com/example/youtubedb/config/RedisConfig.java

@@ -0,0 +1,54 @@
+package com.example.youtubedb.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.repository.configuration.EnableRedisRepositories;
+
+@Configuration
+//@RequiredArgsConstructor
+@EnableRedisRepositories
+public class RedisConfig {
+
+    // TODO Redis 현재 DEAMON으로 돌려놓음 -> SYSTEMD로 추후 전환 필요
+
+    //    private final ObjectMapper objectMapper;
+//    private final RedisProperties redisProperties;
+    @Value("${spring.redis.host}")
+    private String redisHost;
+
+    @Value("${spring.redis.port}")
+    private int redisPort;
+
+//    @Bean
+//    public ModelMapper modelMapper(){
+//        ModelMapper modelMapper = new ModelMapper();
+//        modelMapper.getConfiguration().setMatchingStrategy(MatchingStrategies.STRICT);
+//        return modelMapper;
+//    }
+
+    @Bean
+    public RedisConnectionFactory redisConnectionFactory() {
+        return new LettuceConnectionFactory();
+    }
+
+//    @Bean
+//    public RedisTemplate<String, Object> redisTemplate() {
+//        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
+//        redisTemplate.setConnectionFactory(redisConnectionFactory());
+//        redisTemplate.setKeySerializer(new StringRedisSerializer());
+//        redisTemplate.setValueSerializer(new StringRedisSerializer());
+//
+//        return redisTemplate;
+//    }
+
+    @Bean
+    public RedisTemplate<?, ?> redisTemplate() {
+        RedisTemplate<byte[], byte[]> redisTemplate = new RedisTemplate<>();
+        redisTemplate.setConnectionFactory(redisConnectionFactory());
+        return redisTemplate;
+    }
+}

src/main/java/com/example/youtubedb/config/SpringConfig.java

@@ -0,0 +1,15 @@
+package com.example.youtubedb.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class SpringConfig implements WebMvcConfigurer {
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins("*")
+                .allowedMethods("*");
+    }
+}

src/main/java/com/example/youtubedb/config/TestConfig.java

@@ -0,0 +1,13 @@
+//package com.example.youtubedb.config;
+//
+//import org.springframework.context.annotation.Configuration;
+//import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+//import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+//
+//@Configuration
+//public class TestConfig implements WebMvcConfigurer {
+//    public void addViewControllers(ViewControllerRegistry registry) {
+//        registry.addViewController("/hello").setViewName("hello");
+//        registry.addViewController("/login").setViewName("login");
+//    }
+//}

src/main/java/com/example/youtubedb/config/WebSecurityConfig.java

@@ -0,0 +1,79 @@
+package com.example.youtubedb.config;
+
+import com.example.youtubedb.config.jwt.JwtAccessDeniedHandler;
+import com.example.youtubedb.config.jwt.JwtAuthenticationEntryPoint;
+import com.example.youtubedb.config.jwt.JwtSecurityConfig;
+import com.example.youtubedb.config.jwt.TokenProvider;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.cors.CorsUtils;
+
+@Configuration
+@RequiredArgsConstructor
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final TokenProvider tokenProvider;
+    private final JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
+    private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.csrf().disable()
+
+                .exceptionHandling()
+                .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+                .accessDeniedHandler(jwtAccessDeniedHandler)
+
+                .and()
+                .headers()
+                .frameOptions()
+                .sameOrigin()
+
+                .and()
+                .sessionManagement()
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+
+                .and()
+                .authorizeRequests()
+                .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
+                .antMatchers("/api/member").authenticated()
+                .antMatchers("/api/member/change").authenticated()
+                .antMatchers("/api/member/upload").authenticated()
+                .antMatchers("/api/member/**").permitAll()
+                .antMatchers("/api/**").authenticated()
+//                .antMatchers("/swagger-ui/**").hasRole("ADMIN")
+//                .anyRequest().permitAll()
+                .and()
+                .cors()
+                .and()
+                .apply(new JwtSecurityConfig(tokenProvider));
+
+
+
+//            .authorizeRequests()
+//                .antMatchers("/", "/applications").authenticated()
+//                .antMatchers("/admin").hasRole("ADMIN")
+//                .anyRequest().permitAll()
+//                .and()
+//            .formLogin()
+//                .loginPage("/login")
+//                .successForwardUrl("/")
+//                .permitAll()
+//                .and()
+//            .logout()
+//                .permitAll();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+    }
+}

src/main/java/com/example/youtubedb/config/jwt/JwtAccessDeniedHandler.java

@@ -0,0 +1,30 @@
+package com.example.youtubedb.config.jwt;
+
+import com.example.youtubedb.dto.error.AuthenticationEntryPointFailResponseDto;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class JwtAccessDeniedHandler implements AccessDeniedHandler {
+
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
+        response.setContentType("application/json;charset=UTF-8");
+        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+        ObjectMapper mapper = new ObjectMapper();
+        response.getWriter().write(
+                mapper.writeValueAsString(AuthenticationEntryPointFailResponseDto.builder()
+                        .status(HttpStatus.FORBIDDEN.value())
+                        .message(accessDeniedException.getMessage())
+                        .build())
+        );
+    }
+}

src/main/java/com/example/youtubedb/config/jwt/JwtAuthenticationEntryPoint.java

@@ -0,0 +1,29 @@
+package com.example.youtubedb.config.jwt;
+
+import com.example.youtubedb.dto.error.AuthenticationEntryPointFailResponseDto;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
+        response.setContentType("application/json;charset=UTF-8");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        ObjectMapper mapper = new ObjectMapper();
+        response.getWriter().write(
+                mapper.writeValueAsString(AuthenticationEntryPointFailResponseDto.builder()
+                        .status(HttpStatus.UNAUTHORIZED.value())
+                        .message(authException.getMessage())
+                        .build())
+        );
+    }
+}