Fix/security (#29)

* fix: @EnableGlobalMethodSecurity 어노테이션 추가

- AuthenticationPrincipal에 id추가
- 메서드별 권한 부여할 수 있는 어노테이션 추가

* fix: role이 회원가입시 ROLE_CUSTOMER로 저장되는 오류 수정

- ROLE_CUSTOMER -> ROLE_CONSUMER로 수정

src/main/java/com/anywayclear/config/SecurityConfig.java

@@ -6,13 +6,15 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.web.filter.CorsFilter;
 
 @Configuration
-@EnableWebSecurity
+@EnableWebSecurity // spring security filter가 spring filter chain에 등록됨
+@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true) // secured 어노테이션 활성화, preAuthorized, postAuthorized 어노테이션 활성화 -> 메소드 단위 권한설정 가능
 public class SecurityConfig {
 
     @Autowired

src/main/java/com/anywayclear/config/jwt/JwtProvider.java

@@ -21,12 +21,9 @@ public class JwtProvider {
 
     // 인증 정보를 기반으로 JWT 토큰 생성하는 메서드
     public String createToken(Authentication authentication) {
-        System.out.println(">>>>>>>>>>>> ");
 
         // 사용자 정보 가져오기
         OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal();
-        System.out.println("Provider ================== ");
-        System.out.println("oAuth2User.getAttributes() = " + oAuth2User.getAttributes());
 
         // 현재 시간과 토큰 만료 시간 설정
         Date now = new Date();

src/main/java/com/anywayclear/config/oauth/CustumOAuth2UserService.java

@@ -31,35 +31,28 @@ public class CustumOAuth2UserService extends DefaultOAuth2UserService {
     @Override
     public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
         OAuth2User oAuth2User = super.loadUser(userRequest);
-        Map<String, Object> kakao_account = (Map<String, Object>) oAuth2User.getAttributes().get("kakao_account");
-        Map<String, Object> profile = (Map<String, Object>) kakao_account.get("profile");
-
-        String emailAddress = (String) kakao_account.get("email");
-        String nickname = (String) profile.get("nickname");
-        String image = (String) profile.get("profile_image_url");
 
-        Member member = getOrCreateMember(emailAddress, nickname, image);
+        Member member = getOrCreateMember(oAuth2User);
 
-        String oauth2UserRole = member.getRole();
-        String oauth2UserId = member.getUserId();
-
-        Map<String, Object> userAttributes = new HashMap<>();
-        userAttributes.put("role", oauth2UserRole);
-        userAttributes.put("userId", oauth2UserId);
+        Map<String, Object> userAttributes = createNewAttribute(member);
 
         // Spring Security의 세션에 OAuth2User객체 저장됨
-        return new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority(oauth2UserRole)), userAttributes, "userId");
+        return new DefaultOAuth2User(Collections.singleton(new SimpleGrantedAuthority(member.getRole())), userAttributes, "id");
     }
 
-    private Member getOrCreateMember(String emailAddress, String nickname, String image) {
+    private Member getOrCreateMember(OAuth2User oAuth2User) {
+        Map<String, Object> kakao_account = (Map<String, Object>) oAuth2User.getAttributes().get("kakao_account");
+        String emailAddress = (String) kakao_account.get("email");
+
         Optional<Member> memberOptional = memberRepository.findByEmailAddress(emailAddress);
+
         if (memberOptional.isPresent()) {
-            System.out.println("이미 회원입니다");
-            Member member = memberOptional.get();
-            member.setImage(image);
-            return memberRepository.save(member);
+            return memberOptional.get();
         } else {
-            System.out.println("회원가입합니다");
+            Map<String, Object> profile = (Map<String, Object>) kakao_account.get("profile");
+            String nickname = (String) profile.get("nickname");
+            String image = (String) profile.get("profile_image_url");
+
             return createMember(emailAddress, nickname, image);
         }
     }
@@ -74,9 +67,17 @@ private Member createMember(String emailAddress, String nickname, String image)
                 .emailAddress(emailAddress)
                 .image(image)
                 .nickname(nickname)
-                .role("ROLE_CUSTOMER")
+                .role("ROLE_CONSUMER")
                 .build();
 
         return memberRepository.save(member);
     }
+
+    private Map<String, Object> createNewAttribute(Member member) {
+        Map<String, Object> newAttributes = new HashMap<>();
+        newAttributes.put("id", member.getId());
+        newAttributes.put("userId", member.getUserId());
+        newAttributes.put("role", member.getRole());
+        return newAttributes;
+    }
 }

src/main/java/com/anywayclear/controller/MemberController.java

@@ -4,6 +4,10 @@
 import com.anywayclear.dto.response.MemberResponse;
 import com.anywayclear.service.MemberService;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.web.bind.annotation.*;
 
 import javax.validation.Valid;