Merge pull request #25 from DDD-Community/develop

4차 배포
DDD-Community · Sep 13, 2024 · 5bd130f · 5bd130f
2 parents 8a47588 + b93faf2
commit 5bd130f
Show file tree

Hide file tree

Showing 35 changed files with 1,046 additions and 519 deletions.
diff --git a/build.gradle b/build.gradle
@@ -53,6 +53,7 @@ dependencies {
     implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.0.2'
     implementation 'org.springframework.cloud:spring-cloud-starter-openfeign:4.1.0'
     implementation 'io.jsonwebtoken:jjwt:0.9.1'
+    implementation 'com.nimbusds:nimbus-jose-jwt:9.29'
     implementation group: 'javax.xml.bind', name: 'jaxb-api', version: '2.1'
 
     //QueryDSL
@@ -61,7 +62,7 @@ dependencies {
     annotationProcessor "jakarta.annotation:jakarta.annotation-api"
     annotationProcessor "jakarta.persistence:jakarta.persistence-api"
 
-    implementation  'org.springframework.cloud:spring-cloud-starter-aws:2.2.6.RELEASE'
+    implementation 'org.springframework.cloud:spring-cloud-starter-aws:2.2.6.RELEASE'
 }
 
 def QDomains = []

diff --git a/src/main/java/com/dissonance/itit/client/AppleInformationFeignClient.java b/src/main/java/com/dissonance/itit/client/AppleInformationFeignClient.java
@@ -0,0 +1,10 @@
+package com.dissonance.itit.client;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@FeignClient(name = "AppleInformationFeignClient", url = "${apple.api_url.information}")
+public interface AppleInformationFeignClient {
+	@GetMapping
+	String call();
+}
diff --git a/src/main/java/com/dissonance/itit/common/annotation/CurrentUser.java b/src/main/java/com/dissonance/itit/common/annotation/CurrentUser.java
@@ -0,0 +1,16 @@
+package com.dissonance.itit.common.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@AuthenticationPrincipal(expression = "getUser()")
+public @interface CurrentUser {
+}
diff --git a/src/main/java/com/dissonance/itit/common/exception/ErrorCode.java b/src/main/java/com/dissonance/itit/common/exception/ErrorCode.java
@@ -13,6 +13,8 @@ public enum ErrorCode {
 	INVALID_FILE_TYPE(HttpStatus.BAD_REQUEST, "파일 형식은 이미지만 가능합니다."),
 	INVALID_FILE_SIZE(HttpStatus.BAD_REQUEST, "파일 용량은 10MB를 넘을 수 없습니다."),
 	INVALID_DATE_FORMAT(HttpStatus.BAD_REQUEST, "날짜 변환에 실패했습니다."),
+	INVALID_APPLE_TOKEN(HttpStatus.BAD_REQUEST, "유효하지 않는 Apple Token입니다."),
+	INVALID_JSON_FORMAT(HttpStatus.BAD_REQUEST, "잘못된 JSON 형식입니다."),
 
 	// 404
 	NON_EXISTENT_USER_ID(HttpStatus.NOT_FOUND, "해당 id의 사용자가 존재하지 않습니다."),
@@ -22,8 +24,12 @@ public enum ErrorCode {
 	NON_EXISTENT_INFO_POST_ID(HttpStatus.NOT_FOUND, "해당 id의 공고 게시글이 존재하지 않습니다."),
 	REPORTED_INFO_POST_ID(HttpStatus.NOT_FOUND, "해당 id의 게시글은 신고 처리되었습니다."),
 
+	// 409
+	ALREADY_REPORTED_POST(HttpStatus.CONFLICT, "이미 신고한 공고입니다."),
+
 	// 500
-	IO_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR, "파일 입출력 에러");
+	IO_EXCEPTION(HttpStatus.INTERNAL_SERVER_ERROR, "파일 입출력 에러"),
+	INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 에러");
 
 	private final HttpStatus httpStatus;
 	private final String message;

diff --git a/src/main/java/com/dissonance/itit/common/jwt/filter/JwtAuthFilter.java b/src/main/java/com/dissonance/itit/common/jwt/filter/JwtAuthFilter.java
@@ -1,75 +1,55 @@
 package com.dissonance.itit.common.jwt.filter;
 
-import com.dissonance.itit.common.exception.ErrorCode;
-import com.dissonance.itit.common.exception.CustomException;
+import java.io.IOException;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+import org.springframework.web.filter.OncePerRequestFilter;
+
 import com.dissonance.itit.common.jwt.util.JwtUtil;
-import com.dissonance.itit.domain.entity.User;
-import com.dissonance.itit.repository.UserRepository;
+
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-import org.springframework.util.StringUtils;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import java.io.IOException;
-import java.util.List;
 
 @RequiredArgsConstructor
 @Slf4j
 @Component
 public class JwtAuthFilter extends OncePerRequestFilter {
+	private final JwtUtil jwtUtil;
 
-    private final JwtUtil jwtUtil;
-    private final UserRepository userRepository;
-
-
-    @Override
-    protected void doFilterInternal(HttpServletRequest request,
-                                    HttpServletResponse response,
-                                    FilterChain filterChain) throws ServletException, IOException {
-        String accessToken = resolveToken(request);
-
-        // 토큰 검사 생략
-        if (request.getServletPath().equals("/api/v1/reissue") || !StringUtils.hasText(accessToken)) {
-            filterChain.doFilter(request, response);
-            return;
-        }
-
-        if (jwtUtil.verifyToken(accessToken)) {
-            // AccessToken의 payload에 있는 email로 user를 조회한다.
-            User findUser = userRepository.findByEmail(jwtUtil.getUid(accessToken))
-                    .orElseThrow(() -> new CustomException(ErrorCode.NON_EXISTENT_EMAIL));
+	@Override
+	protected void doFilterInternal(HttpServletRequest request,
+		HttpServletResponse response,
+		FilterChain filterChain) throws ServletException, IOException {
+		String accessToken = resolveToken(request);
 
-            // SecurityContext에 인증 객체를 등록한다.
-            Authentication auth = getAuthentication(findUser);
-            SecurityContextHolder.getContext().setAuthentication(auth);
-        }
+		// 토큰 검사 생략
+		if (request.getServletPath().equals("/api/v1/reissue") || !StringUtils.hasText(accessToken)) {
+			filterChain.doFilter(request, response);
+			return;
+		}
 
-        filterChain.doFilter(request, response);
-    }
+		if (jwtUtil.verifyToken(accessToken)) {
+			Authentication auth = jwtUtil.getAuthentication(accessToken);
+			SecurityContextHolder.getContext().setAuthentication(auth);
+		}
 
-    // request Header에서 토큰 추출
-    private String resolveToken(HttpServletRequest httpServletRequest) {
-        String bearerToken = httpServletRequest.getHeader("Authorization");
+		filterChain.doFilter(request, response);
+	}
 
-        if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
-            return bearerToken.substring(7);
-        }
+	private String resolveToken(HttpServletRequest httpServletRequest) {
+		String bearerToken = httpServletRequest.getHeader("Authorization");
 
-        return null;
-    }
+		if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
+			return bearerToken.substring(7);
+		}
 
-    // Authentication 생성
-    private Authentication getAuthentication(User user) {
-        return new UsernamePasswordAuthenticationToken(user, "",
-                List.of(new SimpleGrantedAuthority(user.getRole().toString())));
-    }
+		return null;
+	}
 }