From c185866f15e8573a58c5fbe07def8fa08e49a111 Mon Sep 17 00:00:00 2001 From: leejh7 <777joonho@kookmin.ac.kr> Date: Fri, 15 Mar 2024 02:46:07 +0900 Subject: [PATCH] =?UTF-8?q?feat=20#13=20-=20Security=20Config=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 예외 핸들링 커스텀이 가능하도록 설정 변경 --- .../{ => security}/config/SecurityConfig.java | 32 +++++++++++++++++-- 1 file changed, 29 insertions(+), 3 deletions(-) rename src/main/java/org/capstone/maru/{ => security}/config/SecurityConfig.java (57%) diff --git a/src/main/java/org/capstone/maru/config/SecurityConfig.java b/src/main/java/org/capstone/maru/security/config/SecurityConfig.java similarity index 57% rename from src/main/java/org/capstone/maru/config/SecurityConfig.java rename to src/main/java/org/capstone/maru/security/config/SecurityConfig.java index 3616a68..6dab6a7 100644 --- a/src/main/java/org/capstone/maru/config/SecurityConfig.java +++ b/src/main/java/org/capstone/maru/security/config/SecurityConfig.java @@ -1,26 +1,43 @@ -package org.capstone.maru.config; +package org.capstone.maru.security.config; import lombok.extern.slf4j.Slf4j; import org.capstone.maru.security.service.CustomOAuth2UserService; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.autoconfigure.security.servlet.PathRequest; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; @Slf4j @Configuration +@EnableWebSecurity public class SecurityConfig { + private final AuthenticationEntryPoint authEntryPoint; + + private final AuthenticationFailureHandler authFailureHandler; + + public SecurityConfig( + @Qualifier("customAuthenticationEntryPoint") AuthenticationEntryPoint authEntryPoint, + @Qualifier("customAuthenticationFailureHandler") AuthenticationFailureHandler authFailureHandler + ) { + this.authEntryPoint = authEntryPoint; + this.authFailureHandler = authFailureHandler; + } + @Bean @ConditionalOnProperty(name = "spring.h2.console.enabled", havingValue = "true") public WebSecurityCustomizer configureH2ConsoleEnable() { return web -> web.ignoring() - .requestMatchers(PathRequest.toH2Console()); + .requestMatchers(PathRequest.toH2Console()); } @Bean @@ -33,7 +50,12 @@ public SecurityFilterChain securityFilterChain( .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll() .requestMatchers( HttpMethod.GET, - "/" + "/", "/login", "login-kakao", "login-naver", "/oauth2/**", "/login/oauth2/**", + "/errorTest" + ).permitAll() + .requestMatchers( + HttpMethod.POST, + "/login" ).permitAll() .anyRequest().authenticated() ) @@ -41,6 +63,10 @@ public SecurityFilterChain securityFilterChain( .userInfoEndpoint(userInfo -> userInfo .userService(customOAuth2UserService) ) + .failureHandler(authFailureHandler) + ) + .exceptionHandling(hc -> hc + .authenticationEntryPoint(authEntryPoint) ) .csrf( csrf -> csrf