106 lines
4.3 KiB
Java
106 lines
4.3 KiB
Java
package egovframework.com.security;
|
|
|
|
import egovframework.com.jwt.JwtAuthenticationEntryPoint;
|
|
import egovframework.com.jwt.JwtAuthenticationFilter;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.http.HttpMethod;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
import org.springframework.web.cors.CorsConfiguration;
|
|
import org.springframework.web.cors.CorsConfigurationSource;
|
|
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
|
import java.util.Arrays;
|
|
|
|
/**
|
|
* fileName : SecurityConfig
|
|
* author : crlee
|
|
* date : 2023/06/10
|
|
* description :
|
|
* ===========================================================
|
|
* DATE AUTHOR NOTE
|
|
* -----------------------------------------------------------
|
|
* 2023/06/10 crlee 최초 생성
|
|
*/
|
|
@Configuration
|
|
@EnableWebSecurity
|
|
public class SecurityConfig {
|
|
|
|
//Http Methpd : Get 인증예외 List
|
|
private String[] AUTH_GET_WHITELIST = {
|
|
"/schedule/daily", //일별 일정 조회
|
|
"/schedule/week", //주간 일정 조회
|
|
"/schedule/{schdulId}", //일정 상세조회
|
|
};
|
|
|
|
// 인증 예외 List
|
|
private String[] AUTH_WHITELIST = {
|
|
"/",
|
|
"/login/**",
|
|
"/auth/login-jwt",//JWT 로그인
|
|
"/auth/login",//일반 로그인
|
|
"/cmm/main/**.do", // 메인페이지
|
|
"/cmm/fms/FileDown.do", //파일 다운로드
|
|
"/cmm/fms/getImage.do", //갤러리 이미지보기
|
|
|
|
"/cop/bbs/selectUserBBSMasterInfAPI.do", //게시판 마스터 상세 조회
|
|
"/cop/bbs/selectBoardListAPI.do", //게시판 목록조회
|
|
"/cop/bbs/selectBoardArticleAPI.do", //게시물 상세조회
|
|
|
|
/* swagger v2 */
|
|
"/v2/api-docs",
|
|
"/swagger-resources",
|
|
"/swagger-resources/**",
|
|
"/swagger-ui.html",
|
|
"/swagger-ui/**"
|
|
};
|
|
private static final String[] ORIGINS_WHITELIST = {
|
|
"http://localhost:3000",
|
|
};
|
|
|
|
@Bean
|
|
public JwtAuthenticationFilter authenticationTokenFilterBean() throws Exception {
|
|
return new JwtAuthenticationFilter();
|
|
}
|
|
|
|
|
|
@Bean
|
|
protected CorsConfigurationSource corsConfigurationSource() {
|
|
CorsConfiguration configuration = new CorsConfiguration();
|
|
|
|
configuration.setAllowedOriginPatterns(Arrays.asList("*"));
|
|
configuration.setAllowedMethods(Arrays.asList("HEAD","POST","GET","DELETE","PUT"));
|
|
configuration.setAllowedOrigins(Arrays.asList(ORIGINS_WHITELIST));
|
|
configuration.setAllowedHeaders(Arrays.asList("*"));
|
|
configuration.setAllowCredentials(true);
|
|
|
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
|
source.registerCorsConfiguration("/**", configuration);
|
|
return source;
|
|
}
|
|
@Bean
|
|
protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
|
|
return http
|
|
.csrf(AbstractHttpConfigurer::disable)
|
|
.authorizeHttpRequests(authorize -> authorize
|
|
.antMatchers(AUTH_WHITELIST).permitAll()
|
|
.antMatchers(HttpMethod.GET,AUTH_GET_WHITELIST).permitAll()
|
|
.anyRequest().authenticated()
|
|
).sessionManagement((sessionManagement) ->
|
|
sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
|
)
|
|
.cors().and()
|
|
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
|
|
.exceptionHandling(exceptionHandlingConfigurer ->
|
|
exceptionHandlingConfigurer
|
|
.authenticationEntryPoint(new JwtAuthenticationEntryPoint())
|
|
)
|
|
.build();
|
|
}
|
|
|
|
} |