Config: SpringSecurity 설정

readyvery · Nov 1, 2023 · f24880d · f24880d
1 parent e8c1458
commit f24880d
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 23 deletions.
diff --git a/build.gradle b/build.gradle
@@ -1,42 +1,77 @@
 plugins {
-	id 'java'
-	id 'org.springframework.boot' version '3.1.5'
-	id 'io.spring.dependency-management' version '1.1.3'
-	id 'checkstyle'
+    id 'java'
+    id 'org.springframework.boot' version '3.1.5'
+    id 'io.spring.dependency-management' version '1.1.3'
+    id 'checkstyle'
 }
 
 group = 'com.readyvery'
 version = '0.0.1-SNAPSHOT'
 
 java {
-	sourceCompatibility = '17'
+    sourceCompatibility = '17'
 }
 
 configurations {
-	compileOnly {
-		extendsFrom annotationProcessor
-	}
+    compileOnly {
+        extendsFrom annotationProcessor
+    }
 }
 
 repositories {
-	mavenCentral()
+    mavenCentral()
 }
 
 dependencies {
-	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
-	implementation 'org.springframework.boot:spring-boot-starter-web'
-	compileOnly 'org.projectlombok:lombok'
-	annotationProcessor 'org.projectlombok:lombok'
-	testImplementation 'org.springframework.boot:spring-boot-starter-test'
+    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+    implementation 'org.springframework.boot:spring-boot-starter-web'
+    compileOnly 'org.projectlombok:lombok'
+    annotationProcessor 'org.projectlombok:lombok'
+    testImplementation 'org.springframework.boot:spring-boot-starter-test'
+
+    //Querydsl 추가
+    implementation 'com.querydsl:querydsl-core:5.0.0'
+    implementation 'com.querydsl:querydsl-jpa:5.0.0:jakarta'
+
+    annotationProcessor "com.querydsl:querydsl-apt:5.0.0:jakarta"
+    annotationProcessor "jakarta.annotation:jakarta.annotation-api"
+    annotationProcessor "jakarta.persistence:jakarta.persistence-api"
+
+    // mysql driver
+    runtimeOnly 'com.mysql:mysql-connector-j'
+
+    // spring security & OAuth2
+    implementation 'org.springframework.boot:spring-boot-starter-security'
+    implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
+
+    // jwt
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.11.5'
 }
 
 checkstyle {
-	maxWarnings = 0 // 규칙이 어긋나는 코드가 하나라도 있을 경우 빌드 fail을 내고 싶다면 이 선언을 추가한다.
-	configFile = file("${rootDir}/naver-checkstyle-rules.xml")
-	configProperties = ["suppressionFile": "${rootDir}/naver-checkstyle-suppressions.xml"]
-	toolVersion = "8.24"  // checkstyle 버전 8.24 이상 선언
+    maxWarnings = 0 // 규칙이 어긋나는 코드가 하나라도 있을 경우 빌드 fail을 내고 싶다면 이 선언을 추가한다.
+    configFile = file("${rootDir}/naver-checkstyle-rules.xml")
+    configProperties = ["suppressionFile": "${rootDir}/naver-checkstyle-suppressions.xml"]
+    toolVersion = "8.24"  // checkstyle 버전 8.24 이상 선언
 }
 
 tasks.named('test') {
-	useJUnitPlatform()
+    useJUnitPlatform()
+}
+
+
+def querydslSrcDir = 'src/main/generated'
+
+sourceSets {
+    main.java.srcDirs += "$projectDir/build/generated"
+}
+
+compileJava {
+    options.compilerArgs << '-Aquerydsl.generatedAnnotationClass=javax.annotation.Generated'
+}
+
+clean {
+    delete file(querydslSrcDir)
 }
diff --git a/src/main/java/com/readyvery/readyverydemo/config/SpringSecurityConfig.java b/src/main/java/com/readyvery/readyverydemo/config/SpringSecurityConfig.java
diff --git a/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java b/src/main/java/com/readyvery/readyverydemo/security/config/SpringSecurityConfig.java
@@ -0,0 +1,29 @@
+package com.readyvery.readyverydemo.security.config;
+
+import static org.springframework.security.config.Customizer.*;
+
+import org.springframework.boot.autoconfigure.security.servlet.PathRequest;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+public class SpringSecurityConfig {
+	@Bean
+	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+		http.authorizeHttpRequests((authz) -> authz
+				//.requestMatchers("/api/v1/user").authenticated() // 해당 요청은 인증이 필요함
+				.anyRequest().permitAll() // 위를 제외한 나머지는 모두 허용
+			)
+			//.formLogin(withDefaults()) // 기본 로그인 페이지 사용
+			.httpBasic(withDefaults());
+		return http.build();
+	}
+
+	@Bean
+	public WebSecurityCustomizer webSecurityCustomizer() {
+		return (web) -> web.ignoring().requestMatchers(PathRequest.toStaticResources().atCommonLocations());
+	} // 정적 리소스 보안 필터 해제
+}
diff --git a/src/main/java/com/readyvery/readyverydemo/src/user/UserController.java b/src/main/java/com/readyvery/readyverydemo/src/user/UserController.java
@@ -0,0 +1,4 @@
+package com.readyvery.readyverydemo.src.user;
+
+public class UserController {
+}