refact: token refresh logic

windeer9 · Jan 19, 2024 · 064b499 · 064b499
1 parent ad42527
commit 064b499
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 14 deletions.
diff --git a/server/src/main/java/com/green/greenearthforus/login/filter/JwtAuthenticationFilter.java b/server/src/main/java/com/green/greenearthforus/login/filter/JwtAuthenticationFilter.java
@@ -55,7 +55,7 @@ protected void successfulAuthentication(HttpServletRequest request,
         response.setHeader("Refresh", refreshToken);
     }
 
-    private String delegateAccessToken(User user){
+    public String delegateAccessToken(User user){
         Map<String, Object> claims = new HashMap<>();
         claims.put("userId", user.getUserId());
         claims.put("userName", user.getUserName());

diff --git a/server/src/main/java/com/green/greenearthforus/login/filter/JwtVerificationFilter.java b/server/src/main/java/com/green/greenearthforus/login/filter/JwtVerificationFilter.java
@@ -1,7 +1,11 @@
 package com.green.greenearthforus.login.filter;
 
+import com.green.greenearthforus.exception.BusinessLogicException;
+import com.green.greenearthforus.exception.ExceptionCode;
 import com.green.greenearthforus.login.util.CustomAuthorityUtils;
 import com.green.greenearthforus.login.jwttoken.JwtTokenizer;
+import com.green.greenearthforus.user.entity.User;
+import com.green.greenearthforus.user.repository.UserRepository;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.ExpiredJwtException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -18,16 +22,26 @@
 import java.util.Date;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
+
 import io.jsonwebtoken.Jwts;
 
 public class JwtVerificationFilter extends OncePerRequestFilter {
     private final JwtTokenizer jwtTokenizer;
     private final CustomAuthorityUtils authorityUtils;
 
+    private final UserRepository userRepository;
+
+    private final JwtAuthenticationFilter jwtAuthenticationFilter;
+
     public JwtVerificationFilter(JwtTokenizer jwtTokenizer,
-                                 CustomAuthorityUtils customAuthorityUtils){
+                                 CustomAuthorityUtils customAuthorityUtils,
+                                 UserRepository userRepository,
+                                 JwtAuthenticationFilter jwtAuthenticationFilter){
         this.authorityUtils = customAuthorityUtils;
         this.jwtTokenizer = jwtTokenizer;
+        this.userRepository = userRepository;
+        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
     }
 
     @Override
@@ -43,18 +57,25 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                         // refresh토큰으로 만료된 access토큰을 재발급하는 로직
                         String jws = request.getHeader("Refresh");
                         String base64EncodedSecretKey = jwtTokenizer.key();
-                        Claims accessClaims = jwtTokenizer.getClaims(jws, base64EncodedSecretKey).getBody();
-                        String neoAccessToken = generateNewAccessTokenUsingRefreshToken(request.getHeader("Refresh"), base64EncodedSecretKey, accessClaims);
-                        if (neoAccessToken != null) {
+                        String subject = jwtTokenizer.getClaims(jws, base64EncodedSecretKey).getBody().getSubject();
+                        Optional<User> optionalUser = userRepository.findByUserName(subject);
+                        if(optionalUser.isPresent()){
+                            User user = optionalUser.get();
+                            String neoAccessToken = jwtAuthenticationFilter.delegateAccessToken(user);
                             response.setHeader("Authorization", "Bearer " + neoAccessToken);
                         }
+
+
+//                        Claims accessClaims = jwtTokenizer.getClaims(jws, base64EncodedSecretKey).getBody();
+//
+//                        String neoAccessToken = generateNewAccessTokenUsingRefreshToken(request.getHeader("Refresh"), base64EncodedSecretKey, accessClaims, subject);
+//                        if (neoAccessToken != null) {
+//                            response.setHeader("Authorization", "Bearer " + neoAccessToken);
+//                        }
                     }
                 }
             }
         }
-
-
-
         chain.doFilter(request, response);
     }
 
@@ -142,8 +163,10 @@ public boolean isRefreshTokenExpired(HttpServletRequest request){
         }
     }
 
-    public String generateNewAccessTokenUsingRefreshToken(String refreshToken, String key, Claims accessTokenClaims) {
+    public String generateNewAccessTokenUsingRefreshToken(String refreshToken, String key, Claims accessTokenClaims, String subject) {
 //        Key currentKey = jwtTokenizer.getKeyFromBase64EncodedKey(key);
+
+
 //
 //        Claims claims = Jwts.parserBuilder()
 //                .setSigningKey(currentKey)
@@ -152,7 +175,7 @@ public String generateNewAccessTokenUsingRefreshToken(String refreshToken, Strin
 //                .getBody();
 //
 //        String username = claims.getSubject();
-        String subject = jwtTokenizer.getClaims(refreshToken, key).getBody().getSubject();
+
 
         return jwtTokenizer.generateAccessToken(accessTokenClaims, subject, jwtTokenizer.getTokenExpiration(jwtTokenizer.getAccessTokenExpirationMinutes()), key);
     }

diff --git a/server/src/main/java/com/green/greenearthforus/login/jwttoken/JwtTokenizer.java b/server/src/main/java/com/green/greenearthforus/login/jwttoken/JwtTokenizer.java
@@ -71,8 +71,14 @@ public Jws<Claims> getClaims(String jws, String base64EncodedSecretKey) {
                 .build()
                 .parseClaimsJws(jws);
     }
-
-    // 단순히 검증만 하는 용도로 쓰일 경우
+    public String getSubject(String jws, String base64EncodedSecretKey)
+    {
+        Key key = getKeyFromBase64EncodedKey(base64EncodedSecretKey);
+        return Jwts.parserBuilder()
+                .setSigningKey(key)
+                .build()
+                .parseClaimsJws(jws).getBody().getSubject();
+    }    // 단순히 검증만 하는 용도로 쓰일 경우
     public void verifySignature(String jws, String base64EncodedSecretKey) {
         Key key = getKeyFromBase64EncodedKey(base64EncodedSecretKey);
 

diff --git a/server/src/main/java/com/green/greenearthforus/securityconfig/SecurityConfig.java b/server/src/main/java/com/green/greenearthforus/securityconfig/SecurityConfig.java
@@ -9,6 +9,7 @@
 import com.green.greenearthforus.login.jwttoken.JwtTokenizer;
 import com.green.greenearthforus.login.filter.JwtVerificationFilter;
 import com.green.greenearthforus.user.controller.UserController;
+import com.green.greenearthforus.user.repository.UserRepository;
 import io.jsonwebtoken.Claims;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -35,10 +36,14 @@ public class SecurityConfig{
     private final JwtTokenizer jwtTokenizer;
     private final CustomAuthorityUtils authorityUtils;
 
+    private final UserRepository userRepository;
+
     public SecurityConfig(JwtTokenizer jwtTokenizer,
-                          CustomAuthorityUtils authorityUtils){
+                          CustomAuthorityUtils authorityUtils,
+                          UserRepository userRepository){
         this.jwtTokenizer = jwtTokenizer;
         this.authorityUtils = authorityUtils;
+        this.userRepository = userRepository;
     }
 
     @Bean
@@ -112,7 +117,7 @@ public void configure(HttpSecurity builder){
                     new JwtAuthenticationFilter(aUthenticationManager, jwtTokenizer);
             jwtAuthenticationFilter.setFilterProcessesUrl("/auth/login");
 
-            JwtVerificationFilter jwtVerificationFilter = new JwtVerificationFilter(jwtTokenizer, authorityUtils);
+            JwtVerificationFilter jwtVerificationFilter = new JwtVerificationFilter(jwtTokenizer, authorityUtils, userRepository, jwtAuthenticationFilter);
 
             builder.addFilter(jwtAuthenticationFilter)
                     .addFilterAfter(jwtVerificationFilter, JwtAuthenticationFilter.class);