로그인 작업중.

egovframe-template-simple-react-contribution/src/App.js

@@ -13,9 +13,7 @@ function App() {
 
   return (
     <div className="wrap">
-      <React.StrictMode>
         <RootRoutes />
-      </React.StrictMode>
     </div>
   )
 }

egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx

@@ -74,6 +74,7 @@ function EgovLoginContent(props) {
         EgovNet.requestFetch(loginUrl,
             requestOptions,
             (resp) => {
+                debugger
                 let resultVO = resp.resultVO;
                 let jToken = resp?.jToken || null;
 
@@ -107,7 +108,7 @@ function EgovLoginContent(props) {
                 <p className="txt">전자정부표준프레임워크 경량환경 홈페이지 로그인 페이지입니다.<br />로그인을 하시면 모든 서비스를 제한없이 이용하실 수 있습니다.</p>
 
                 <div className="login_box">
-                    <form name="" method="" action="" >
+                    <form name="" method="" action="" onSubmit={submitFormHandler}>
                         <fieldset>
                             <legend>로그인</legend>
                             <span className="group">
@@ -126,7 +127,7 @@ function EgovLoginContent(props) {
                                     <Link to={URL.JOIN}><em>회원가입</em></Link>
                                 </Col>
                             </Row>
-                            <button type="button" onClick={submitFormHandler}><span>LOGIN</span></button>
+                            <button type="submit"><span>LOGIN</span></button>
                         </fieldset>
                     </form>
                 </div>

egovframe-template-simple-react-contribution/src/pages/standardCode/viewer.js

@@ -252,8 +252,8 @@ function CodeViewer(props) {
 }
 
 CodeViewer.defaultProps = {
-    docCode: 'KDS 10 10 00',
+    docCode: 'KDS 24 10 11',
-    docName: '설계기준 총칙'
+    docName: '교량 설계 일반사항(한계상태설계법)'
 }
 
 export default CodeViewer;

kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java

@@ -101,4 +101,9 @@ public class EgovLoginApiController extends BaseController {
 		}
 		return resultMap;
 	}
+
+	@RequestMapping("/auth/loginSuccess")
+	public HashMap<String, Object> loginSuccess(HttpServletRequest request, HttpServletResponse response){
+		return new HashMap<>();
+	}
 }

kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java

@@ -3,14 +3,16 @@ package com.dbnt.kcscbackend.config.jwt;
 
 import com.dbnt.kcscbackend.auth.entity.UserInfo;
 import com.dbnt.kcscbackend.config.egov.EgovProperties;
-import com.dbnt.kcscbackend.auth.entity.LoginVO;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
 import java.io.Serializable;
+import java.nio.charset.StandardCharsets;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -67,12 +69,13 @@ public class EgovJwtTokenUtil implements Serializable{
   //for retrieveing any information from token we will need the secret key
   public Claims getAllClaimsFromToken(String token) {
     log.debug("===>>> secret = "+SECRET_KEY);
-        return Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(token).getBody();
+
+    return Jwts.parserBuilder().setSigningKey(SECRET_KEY.getBytes(StandardCharsets.UTF_8)).build().parseClaimsJws(token).getBody();
   }
 
   //generate token for user
   public String generateToken(UserInfo loginVO) {
-        return doGenerateToken(loginVO, "Authorization");
+    return doGenerateToken(loginVO);
   }
 
   //while creating the token -
@@ -80,18 +83,23 @@ public class EgovJwtTokenUtil implements Serializable{
   //2. Sign the JWT using the HS512 algorithm and secret key.
   //3. According to JWS Compact Serialization(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41#section-3.1)
   //   compaction of the JWT to a URL-safe string
-    private String doGenerateToken(UserInfo loginVO, String subject) {
+  private String doGenerateToken(UserInfo loginVO) {
 
     Map<String, Object> claims = new HashMap<>();
     claims.put("id", loginVO.getUserId() );
     claims.put("userSe", loginVO.getUserSe() );
     claims.put("uniqId", loginVO.getUserSeq() );
-        claims.put("type", subject);
+    claims.put("type", "Authorization");
 
     log.debug("===>>> secret = "+SECRET_KEY);
-        return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
+
+    JwtBuilder builder = Jwts.builder()
+        .setClaims(claims)
+        .setSubject("Authorization")
+        .setIssuedAt(new Date(System.currentTimeMillis()))
         .setExpiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000))
-            .signWith(SignatureAlgorithm.HS512, SECRET_KEY).compact();
+        .signWith(Keys.hmacShaKeyFor(SECRET_KEY.getBytes(StandardCharsets.UTF_8)), SignatureAlgorithm.HS512);
+    return builder.compact();
   }
 
 

kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/SecurityConfig.java

@@ -71,8 +71,6 @@ public class SecurityConfig {
             "/",
             "/login/**",
             "/login",
-            "/auth/login-jwt",//JWT 로그인
-            "/auth/login",//일반 로그인
             "/auth/join",//회원가입
             "/cmm/main/**.do", // 메인페이지
             "/cmm/fms/FileDown.do", //파일 다운로드
@@ -118,15 +116,17 @@ public class SecurityConfig {
     }
     @Bean
     protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        http.csrf(AbstractHttpConfigurer::disable)
+
-            .authorizeHttpRequests(authorize -> authorize
+        http.httpBasic().disable()
+            .csrf().disable()
+            .formLogin().disable();
+
+        http.authorizeHttpRequests(authorize -> authorize
                 .antMatchers(AUTH_WHITELIST).permitAll()
                 .antMatchers(HttpMethod.GET,AUTH_GET_WHITELIST).permitAll()
                 .anyRequest().authenticated()
             );
-        http.sessionManagement((sessionManagement) ->
+        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
-                sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
-            );
 
         http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
             .exceptionHandling(exceptionHandlingConfigurer ->
@@ -134,14 +134,6 @@ public class SecurityConfig {
                     .authenticationEntryPoint(new JwtAuthenticationEntryPoint())
             );
 
-        http.httpBasic().disable()
-            .csrf().disable()
-            .formLogin().disable();
-
-//        http.authorizeHttpRequests()
-//            .requestMatchers(new AntPathRequestMatcher("/auth/login")).permitAll()
-//            .anyRequest().authenticated();
-
         http.cors().and().addFilterBefore(jsonUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
         return http.build();
     }
@@ -150,11 +142,11 @@ public class SecurityConfig {
     public AuthenticationSuccessHandler loginSuccessHandler() {
         return (request, response, authentication) -> {
             UserInfo info = (UserInfo)authentication.getPrincipal();
-            if (info != null && info.getUserId() != null && !info.getUserId().equals("")){
+
             String jwtToken = jwtTokenUtil.generateToken(info);
-                String userName = jwtTokenUtil.getUserSeFromToken(jwtToken);
+            // String userName = jwtTokenUtil.getUserSeFromToken(jwtToken);
-            }
+            response.addHeader("Authorization", "BEARER "+jwtToken);
-            new DefaultRedirectStrategy().sendRedirect(request,response,"/");
+
         };
     }