Fix: Security, Filter 예외에 monitoring path 동적으로 추가

Genti2024 · Aug 6, 2024 · 6fc7fcf · 6fc7fcf
1 parent 23bc24e
commit 6fc7fcf
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 22 deletions.
diff --git a/genti-auth/src/main/java/com/gt/genti/config/SecurityConfig.java b/genti-auth/src/main/java/com/gt/genti/config/SecurityConfig.java
@@ -31,11 +31,11 @@
 public class SecurityConfig {
 	private final JwtAuthenticationFilter jwtAuthenticationFilter;
 	private final GentiAuthenticationEntryPoint gentiAuthenticationEntryPoint;
+	private final WhiteListConstants whiteListConstants;
 	//TODO cors allowed origin 목록을 properties로 받아서 corsConfig에 추가하는 로직
 	// edited at 2024-07-22
 	// author 서병렬
 
-
 	@Bean
 	public CorsConfigurationSource corsConfigurationSource() {
 		CorsConfiguration config = new CorsConfiguration();
@@ -45,7 +45,6 @@ public CorsConfigurationSource corsConfigurationSource() {
 		config.addAllowedOrigin("http://www.googleapis.com");
 		config.addAllowedOrigin("https://www.googleapis.com");
 
-
 		config.setAllowedOriginPatterns(List.of("*"));
 
 		config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS"));
@@ -74,11 +73,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 				sessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.NEVER))
 			.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry ->
 				authorizationManagerRequestMatcherRegistry
-						.requestMatchers("/auth/v1/logout").authenticated()
-						.requestMatchers(WhiteListConstants.SECURITY_WHITE_LIST).permitAll())
+					.requestMatchers("/auth/v1/logout").authenticated()
+					.requestMatchers(whiteListConstants.getSecurtiyWhiteArray()).permitAll())
 			.authorizeHttpRequests(authorizationManagerRequestMatcherRegistry ->
 				authorizationManagerRequestMatcherRegistry
-					// .anyRequest().permitAll()
 					.requestMatchers("/api/*/users/**").hasAuthority(UserRole.USER.getAuthority())
 					.requestMatchers("/api/*/admin/**").hasAuthority(UserRole.ADMIN.getAuthority())
 					.requestMatchers("/api/*/creators/**").hasAuthority(UserRole.CREATOR.getAuthority())

diff --git a/genti-auth/src/main/java/com/gt/genti/security/JwtAuthenticationFilter.java b/genti-auth/src/main/java/com/gt/genti/security/JwtAuthenticationFilter.java
@@ -32,10 +32,13 @@
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
 	private final JwtTokenProvider jwtTokenProvider;
+	private final WhiteListConstants whiteListConstants;
+
 
 	@Override
 	protected boolean shouldNotFilter(HttpServletRequest request) {
-		return PatternMatchUtils.simpleMatch(WhiteListConstants.FILTER_WHITE_LIST, request.getRequestURI());
+		return PatternMatchUtils.simpleMatch(whiteListConstants.getFilterWhiteArray(), request.getRequestURI());
+
 	}
 
 	@Override

diff --git a/genti-common/src/main/java/com/gt/genti/constants/WhiteListConstants.java b/genti-common/src/main/java/com/gt/genti/constants/WhiteListConstants.java
@@ -1,35 +1,50 @@
 package com.gt.genti.constants;
 
+import java.util.List;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import jakarta.annotation.PostConstruct;
+import lombok.Getter;
+
+@Component
 public class WhiteListConstants {
+	@Value("${management.endpoints.web.base-path}")
+	private String monitoringPath;
 
-	public static final String[] FILTER_WHITE_LIST = {
-		"/login/oauth2/code/kakao",
-		"/login/oauth2/code/google",
-		"/oauth/authorize",
-		"/v1/login",
-		"/login/**",
-		"/actuator/health",
+	@Getter
+	private String[] filterWhiteArray;
+	@Getter
+	private String[] securtiyWhiteArray;
+	@PostConstruct
+	void postConstruct() {
+		this.filterWhiteList.add(monitoringPath + "/**");
+		this.securityWhiteList.add(monitoringPath + "/**");
+		filterWhiteArray = filterWhiteList.toArray(String[]::new);
+		securtiyWhiteArray = securityWhiteList.toArray(String[]::new);
+	}
+
+	private List<String> filterWhiteList = List.of(
 		"/favicon.ico",
 		"/error",
 		"/auth/**",
-		// swagger
+		"/login/**",
 		"/swagger-ui",
 		"/swagger-ui/**",
 		"/swagger-resources/**",
+		"/springdoc/**",
 		"/api-docs/**",
 		"/v3/api-docs/**",
 		"/h2-console/**",
 		"/h2-console"
-	};
+	);
 
-	public static final String[] SECURITY_WHITE_LIST = {
-		"/azcztzuzaztzozrz",
-		"/azcztzuzaztzozrz/**",
+	private List<String> securityWhiteList = List.of(
+		"/favicon.ico",
+		"/error",
 		"/auth/**",
-		"/v1/login",
 		"/login/**",
-		"/auth/jwt/kakao/v1",
-		"/error",
 		"/swagger-ui",
 		"/swagger-ui/**",
 		"/swagger-resources/**",
@@ -38,6 +53,8 @@ public class WhiteListConstants {
 		"/v3/api-docs/**",
 		"/h2-console/**",
 		"/h2-console"
-	};
+	);
+
+
 
 }