[FEAT] Bearer 토큰 내용 오류 예외 처리 추가

nonsoolmate · Jan 18, 2024 · 42c64ae · 42c64ae
1 parent 63e0f93
commit 42c64ae
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/...Server/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java b/...Server/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java
@@ -18,6 +18,7 @@
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.security.SignatureException;
 import jakarta.servlet.http.HttpServletRequest;
 import java.util.Date;
 import java.util.Optional;
@@ -74,7 +75,7 @@ public MemberReissueResponseDTO reissueToken(HttpServletRequest request) {
 
         try {
             validateToken(refreshToken);
-        } catch (MalformedJwtException e) {
+        } catch (MalformedJwtException | SignatureException e) {
             throw new AuthException(INVALID_REFRESH_TOKEN);
         } catch (ExpiredJwtException e){
             throw new AuthException(UNAUTHORIZED_REFRESH_TOKEN);
@@ -106,7 +107,7 @@ public Long extractMemberIdFromAccessToken(final String atk) throws JsonProcessi
         return jwtTokenProvider.getMemberIdFromClaim(tokenClaims, AUTH_USER);
     }
 
-    public Boolean validateToken(final String atk) throws ExpiredJwtException, MalformedJwtException {
+    public Boolean validateToken(final String atk) throws ExpiredJwtException, MalformedJwtException, SignatureException {
         Claims tokenClaims = jwtTokenProvider.getTokenClaims(atk);
         return !tokenClaims.getExpiration().before(new Date());
     }

diff --git a/...ava/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java b/...ava/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java
@@ -13,6 +13,7 @@
 import com.nonsoolmate.nonsoolmateServer.global.jwt.utils.RequestUtils;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.security.SignatureException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -71,7 +72,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             log.info("Authentication Principal : {}", authentication.getPrincipal().toString());
             SecurityContextHolder.getContext().setAuthentication(authentication);
 
-        } catch (JsonProcessingException | MalformedJwtException e) {
+        } catch (JsonProcessingException | MalformedJwtException | SignatureException e) {
             throw new AuthException(INVALID_ACCESS_TOKEN);
         } catch (ExpiredJwtException e){
             throw new AuthException(UNAUTHORIZED_ACCESS_TOKEN);