From 6c9ef1d6830a0503168e222f82a0fb644c9c638f Mon Sep 17 00:00:00 2001 From: sunwoong Date: Thu, 11 Jul 2024 03:47:51 +0900 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20at=20&=20rt=20=EA=B2=80=EC=A6=9D=20?= =?UTF-8?q?=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95=20(#166)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/org/doorip/auth/jwt/JwtGenerator.java | 8 ++++++++ .../main/java/org/doorip/auth/jwt/JwtType.java | 6 ++++++ .../java/org/doorip/auth/jwt/JwtValidator.java | 18 ++++++++++++++---- 3 files changed, 28 insertions(+), 4 deletions(-) create mode 100644 doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java diff --git a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtGenerator.java b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtGenerator.java index 5f1b146..344c277 100644 --- a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtGenerator.java +++ b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtGenerator.java @@ -27,6 +27,7 @@ public String generateToken(Long userId, boolean isAccessToken) { return Jwts.builder() .setHeaderParam(Header.TYPE, Header.JWT_TYPE) .setSubject(String.valueOf(userId)) + .setIssuer(setIssuerBy(isAccessToken).toString()) .setIssuedAt(now) .setExpiration(expiration) .signWith(getSigningKey(), SignatureAlgorithm.HS256) @@ -62,4 +63,11 @@ private String encodeSecretKey() { return Base64.getEncoder() .encodeToString(secretKey.getBytes()); } + + private JwtType setIssuerBy(boolean isAccessToken) { + if (isAccessToken) { + return JwtType.AT; + } + return JwtType.RT; + } } diff --git a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java new file mode 100644 index 0000000..3fec31f --- /dev/null +++ b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java @@ -0,0 +1,6 @@ +package org.doorip.auth.jwt; + +public enum JwtType { + AT, + RT; +} diff --git a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java index d85b10d..c36f1f6 100644 --- a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java +++ b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java @@ -1,5 +1,6 @@ package org.doorip.auth.jwt; +import io.jsonwebtoken.Claims; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.JwtParser; import lombok.RequiredArgsConstructor; @@ -14,7 +15,11 @@ public class JwtValidator { public void validateAccessToken(String accessToken) { try { - parseToken(accessToken); + Claims claims = parseToken(accessToken); + String issuer = claims.getIssuer(); + if (issuer.equals(JwtType.RT.toString())) { + throw new UnauthorizedException(ErrorMessage.INVALID_ACCESS_TOKEN_VALUE); + } } catch (ExpiredJwtException e) { throw new UnauthorizedException(ErrorMessage.EXPIRED_ACCESS_TOKEN); } catch (Exception e) { @@ -24,7 +29,11 @@ public void validateAccessToken(String accessToken) { public void validateRefreshToken(String refreshToken) { try { - parseToken(refreshToken); + Claims claims = parseToken(refreshToken); + String issuer = claims.getIssuer(); + if (issuer.equals(JwtType.AT.toString())) { + throw new UnauthorizedException(ErrorMessage.INVALID_ACCESS_TOKEN_VALUE); + } } catch (ExpiredJwtException e) { throw new UnauthorizedException(ErrorMessage.EXPIRED_REFRESH_TOKEN); } catch (Exception e) { @@ -38,8 +47,9 @@ public void equalsRefreshToken(String refreshToken, String storedRefreshToken) { } } - private void parseToken(String token) { + private Claims parseToken(String token) { JwtParser jwtParser = jwtGenerator.getJwtParser(); - jwtParser.parseClaimsJws(token); + return jwtParser.parseClaimsJws(token) + .getBody(); } } From 13b754941edbb73742a889fcc14744fddb769dcb Mon Sep 17 00:00:00 2001 From: sunwoong Date: Thu, 11 Jul 2024 03:55:15 +0900 Subject: [PATCH 2/2] =?UTF-8?q?fix:=20=EC=98=A4=ED=83=80=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20(#166)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java index c36f1f6..3fd3c20 100644 --- a/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java +++ b/doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java @@ -32,7 +32,7 @@ public void validateRefreshToken(String refreshToken) { Claims claims = parseToken(refreshToken); String issuer = claims.getIssuer(); if (issuer.equals(JwtType.AT.toString())) { - throw new UnauthorizedException(ErrorMessage.INVALID_ACCESS_TOKEN_VALUE); + throw new UnauthorizedException(ErrorMessage.INVALID_REFRESH_TOKEN_VALUE); } } catch (ExpiredJwtException e) { throw new UnauthorizedException(ErrorMessage.EXPIRED_REFRESH_TOKEN);