From 42c64ae409d85446372b969e3cbfbca77fc84435 Mon Sep 17 00:00:00 2001 From: mikekks Date: Thu, 18 Jan 2024 16:51:43 +0900 Subject: [PATCH] =?UTF-8?q?[FEAT]=20Bearer=20=ED=86=A0=ED=81=B0=20?= =?UTF-8?q?=EB=82=B4=EC=9A=A9=20=EC=98=A4=EB=A5=98=20=EC=98=88=EC=99=B8=20?= =?UTF-8?q?=EC=B2=98=EB=A6=AC=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../nonsoolmateServer/global/jwt/service/JwtService.java | 5 +++-- .../global/security/filter/JwtAuthenticationFilter.java | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java b/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java index 4f7acdd..b9e11d4 100644 --- a/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java +++ b/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java @@ -18,6 +18,7 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.security.SignatureException; import jakarta.servlet.http.HttpServletRequest; import java.util.Date; import java.util.Optional; @@ -74,7 +75,7 @@ public MemberReissueResponseDTO reissueToken(HttpServletRequest request) { try { validateToken(refreshToken); - } catch (MalformedJwtException e) { + } catch (MalformedJwtException | SignatureException e) { throw new AuthException(INVALID_REFRESH_TOKEN); } catch (ExpiredJwtException e){ throw new AuthException(UNAUTHORIZED_REFRESH_TOKEN); @@ -106,7 +107,7 @@ public Long extractMemberIdFromAccessToken(final String atk) throws JsonProcessi return jwtTokenProvider.getMemberIdFromClaim(tokenClaims, AUTH_USER); } - public Boolean validateToken(final String atk) throws ExpiredJwtException, MalformedJwtException { + public Boolean validateToken(final String atk) throws ExpiredJwtException, MalformedJwtException, SignatureException { Claims tokenClaims = jwtTokenProvider.getTokenClaims(atk); return !tokenClaims.getExpiration().before(new Date()); } diff --git a/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java b/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java index 6741a8c..0d19cc5 100644 --- a/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java +++ b/nonsoolmateServer/src/main/java/com/nonsoolmate/nonsoolmateServer/global/security/filter/JwtAuthenticationFilter.java @@ -13,6 +13,7 @@ import com.nonsoolmate.nonsoolmateServer.global.jwt.utils.RequestUtils; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.security.SignatureException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -71,7 +72,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse log.info("Authentication Principal : {}", authentication.getPrincipal().toString()); SecurityContextHolder.getContext().setAuthentication(authentication); - } catch (JsonProcessingException | MalformedJwtException e) { + } catch (JsonProcessingException | MalformedJwtException | SignatureException e) { throw new AuthException(INVALID_ACCESS_TOKEN); } catch (ExpiredJwtException e){ throw new AuthException(UNAUTHORIZED_ACCESS_TOKEN);