fix: booking, event 모듈 SecurityCustomException 예외처리 (#197)

* fix: booking, event 모듈 SecurityCustomException 예외처리 * fix: bracket 추가
Team-BingBong · Jan 10, 2024 · be031be · be031be
1 parent 6088ce9
commit be031be
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 9 deletions.
diff --git a/...i-booking/src/main/java/com/pgms/apibooking/common/exception/BookingExceptionHandler.java b/...i-booking/src/main/java/com/pgms/apibooking/common/exception/BookingExceptionHandler.java
@@ -15,8 +15,10 @@
 import org.springframework.web.context.request.WebRequest;
 import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
 
+import com.pgms.coredomain.domain.common.BaseErrorCode;
 import com.pgms.coredomain.domain.common.BookingErrorCode;
 import com.pgms.coredomain.response.ErrorResponse;
+import com.pgms.coresecurity.security.exception.SecurityCustomException;
 
 import lombok.extern.slf4j.Slf4j;
 
@@ -68,4 +70,11 @@ protected ResponseEntity<ErrorResponse> handleBookingException(BookingException
 		log.warn("Booking Exception Occurred : {}", response.getErrorMessage());
 		return ResponseEntity.status(ex.getErrorCode().getStatus()).body(response);
 	}
+
+	@ExceptionHandler(SecurityCustomException.class)
+	protected ResponseEntity<ErrorResponse> handleSecurityCustomException(SecurityCustomException ex) {
+		log.warn("SecurityCustomException Occurred: {}", ex);
+		BaseErrorCode errorCode = ex.getErrorCode();
+		return ResponseEntity.status(errorCode.getStatus()).body(errorCode.getErrorResponse());
+	}
 }
diff --git a/api/api-event/src/main/java/com/pgms/apievent/exception/EventGlobalExceptionHandler.java b/api/api-event/src/main/java/com/pgms/apievent/exception/EventGlobalExceptionHandler.java
@@ -1,8 +1,10 @@
 package com.pgms.apievent.exception;
 
-import com.pgms.coredomain.domain.common.BaseErrorCode;
-import com.pgms.coredomain.response.ErrorResponse;
-import lombok.extern.slf4j.Slf4j;
+import static com.pgms.apievent.exception.EventErrorCode.*;
+
+import java.util.List;
+import java.util.Objects;
+
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.validation.BindingResult;
@@ -11,10 +13,11 @@
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 
-import java.util.List;
-import java.util.Objects;
+import com.pgms.coredomain.domain.common.BaseErrorCode;
+import com.pgms.coredomain.response.ErrorResponse;
+import com.pgms.coresecurity.security.exception.SecurityCustomException;
 
-import static com.pgms.apievent.exception.EventErrorCode.VALIDATION_FAILED;
+import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
 @RestControllerAdvice
@@ -40,6 +43,13 @@ protected ResponseEntity<ErrorResponse> handleMethodArgumentNotValidException(Me
 		return ResponseEntity.status(ex.getStatusCode()).body(errorResponse);
 	}
 
+	@ExceptionHandler(SecurityCustomException.class)
+	protected ResponseEntity<ErrorResponse> handleSecurityCustomException(SecurityCustomException ex) {
+		log.warn(">>>>> SecurityCustomException : {}", ex);
+		BaseErrorCode errorCode = ex.getErrorCode();
+		return ResponseEntity.status(errorCode.getStatus()).body(errorCode.getErrorResponse());
+	}
+
 	@ExceptionHandler(Exception.class)
 	protected ResponseEntity<ErrorResponse> handleGlobalException(Exception ex) {
 		log.error(">>>>> Internal Server Error : {}", ex);

diff --git a/...src/main/java/com/pgms/coresecurity/security/resolver/CurrentAccountArgumentResolver.java b/...src/main/java/com/pgms/coresecurity/security/resolver/CurrentAccountArgumentResolver.java
@@ -3,6 +3,7 @@
 import java.util.Objects;
 
 import org.springframework.core.MethodParameter;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.support.WebDataBinderFactory;
@@ -27,13 +28,13 @@ public boolean supportsParameter(MethodParameter parameter) {
 	public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer,
 		NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
 		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-		checkAuthenticated(authentication);
+		validateAuthentication(authentication);
 		UserDetailsImpl userDetails = (UserDetailsImpl)authentication.getPrincipal();
 		return userDetails.getId();
 	}
 
-	private void checkAuthenticated(Authentication authentication) {
-		if (Objects.isNull(authentication)) {
+	private void validateAuthentication(Authentication authentication) {
+		if (Objects.isNull(authentication) || !(authentication instanceof UsernamePasswordAuthenticationToken)) {
 			throw new SecurityCustomException(SecurityErrorCode.UNAUTHORIZED);
 		}
 	}