[Chore] 인증 관련 Security 및 JWT 설정 close #17

build.gradle

@@ -36,6 +36,15 @@ dependencies {
 
 	// swagger
 	implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.2.0'
+
+	// security
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+
+	// jwt
+	implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.11.2'
+	implementation group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.11.2'
+	runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-orgjson', version: '0.11.2'
+	implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.30.1'
 }
 
 tasks.named('test') {

src/main/java/kr/warmlink/common/jwt/filter/JwtAuthenticationFilter.java

@@ -0,0 +1,41 @@
+package kr.warmlink.common.jwt.filter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import kr.warmlink.common.jwt.util.JwtProvider;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import java.io.IOException;
+import java.util.Collections;
+
+@Component
+@RequiredArgsConstructor
+public class JwtAuthenticationFilter extends OncePerRequestFilter {
+
+    private final JwtProvider jwtProvider;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String token = jwtProvider.resolveToken(request);
+
+        if (token != null && jwtProvider.validateToken(token)) {
+            String email = jwtProvider.getEmail(token.split(" ")[1].trim());
+
+            Authentication authentication = new UsernamePasswordAuthenticationToken(
+                    email, null, Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+            );
+
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+        }
+
+        filterChain.doFilter(request, response);
+    }
+}

src/main/java/kr/warmlink/common/jwt/properties/JwtProperties.java

@@ -0,0 +1,15 @@
+package kr.warmlink.common.jwt.properties;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Data
+@Configuration
+@ConfigurationProperties(prefix = "jwt")
+public class JwtProperties {
+    private String secret;
+    private Long accessExpiration;
+    private Long refreshExpiration;
+    private String issuer;
+}

src/main/java/kr/warmlink/common/jwt/util/JwtProvider.java

@@ -0,0 +1,69 @@
+package kr.warmlink.common.jwt.util;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jws;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import jakarta.servlet.http.HttpServletRequest;
+import kr.warmlink.common.jwt.properties.JwtProperties;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+
+@Component
+@RequiredArgsConstructor
+public class JwtProvider {
+
+    private static final String AUTH_HEADER = "Authorization";
+    private static final String BEARER = "Bearer ";
+    private final JwtProperties jwtProperties;
+
+    public String generateToken(String email, long expiration) {
+        Claims claims = Jwts.claims();
+        claims.setSubject(email);
+
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuer(jwtProperties.getIssuer())
+                .setIssuedAt(new Date(System.currentTimeMillis()))
+                .setExpiration(new Date(System.currentTimeMillis() + expiration))
+                .signWith(SignatureAlgorithm.HS512, jwtProperties.getSecret().getBytes())
+                .compact();
+    }
+
+    public String generateAccessToken(String email) {
+        return generateToken(email, jwtProperties.getAccessExpiration());
+    }
+
+    public String generateRefreshToken(String email) {
+        return generateToken(email, jwtProperties.getRefreshExpiration());
+    }
+
+    public boolean validateToken(String token) {
+        try {
+            if (!token.startsWith(BEARER)) {
+                return false;
+            } else {
+                token = token.split(" ")[1].trim();
+            }
+            Jws<Claims> claims = Jwts.parserBuilder().setSigningKey(jwtProperties.getSecret().getBytes()).build().parseClaimsJws(token);
+            return !claims.getBody().getExpiration().before(new Date());
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
+    public String resolveToken(HttpServletRequest request) {
+        return request.getHeader(AUTH_HEADER);
+    }
+
+    public String getEmail(String token) {
+        return Jwts.parserBuilder()
+                .setSigningKey(jwtProperties.getSecret().getBytes())
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .getSubject();
+    }
+}

src/main/java/kr/warmlink/infrastructure/config/SecurityConfig.java

@@ -0,0 +1,42 @@
+package kr.warmlink.infrastructure.config;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+
+import java.util.Collections;
+
+@Configuration
+@RequiredArgsConstructor
+public class SecurityConfig {
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        return http
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .cors(cors -> cors.configurationSource(new CorsConfigurationSource() {
+                    @Override
+                    public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
+                        CorsConfiguration config = new CorsConfiguration();
+                        config.setAllowedOriginPatterns(Collections.singletonList("*"));
+                        config.setAllowedMethods(Collections.singletonList("*"));
+                        config.setAllowedHeaders(Collections.singletonList("*"));
+                        config.setExposedHeaders(Collections.singletonList("*"));
+                        config.setAllowCredentials(true);
+                        config.setMaxAge(3600L);
+                        return config;
+                    }
+                }))
+                .csrf(csrf -> csrf.disable())
+                .authorizeHttpRequests(request ->
+                        request.anyRequest().permitAll())
+                .formLogin(Customizer.withDefaults())
+                .build();
+    }
+}