From 24827e0e692e9f8e55f50abeb9ee7a9f91baef31 Mon Sep 17 00:00:00 2001 From: YunChan-Oh Date: Tue, 26 Nov 2024 20:14:57 +0900 Subject: [PATCH 1/4] fix(oauth): CustomOAuth2UserService MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 커스텀 예외를 반환하도록 수정했습니다. --- .../server/domain/oauth/service/CustomOAuth2UserService.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/space/server/domain/oauth/service/CustomOAuth2UserService.java b/src/main/java/com/space/server/domain/oauth/service/CustomOAuth2UserService.java index 4c29a033..02547f03 100644 --- a/src/main/java/com/space/server/domain/oauth/service/CustomOAuth2UserService.java +++ b/src/main/java/com/space/server/domain/oauth/service/CustomOAuth2UserService.java @@ -1,5 +1,6 @@ package com.space.server.domain.oauth.service; +import com.space.server.domain.oauth.exception.SocialUserExistedException; import com.space.server.domain.oauth.service.dto.*; import com.space.server.domain.user.domain.Users; import com.space.server.domain.user.domain.repository.UserRepository; @@ -64,7 +65,7 @@ else if (registrationId.equals("kakao")){ if (existData.getType().equals("normal")) { log.warn("이미 존재합니다."); - throw new OAuth2AuthenticationException("Normal user already exists"); + throw new SocialUserExistedException(); } existData.updateSocial(oAuth2Response.getEmail(), type); From bbae8860f72c73b6526b9d69baab9260e09d43cd Mon Sep 17 00:00:00 2001 From: YunChan-Oh Date: Tue, 26 Nov 2024 20:18:04 +0900 Subject: [PATCH 2/4] refactor(oauth): CustomSuccessHandler MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit JSESSIONID 로그를 추가했습니다. --- .../space/server/domain/oauth/handler/CustomSuccessHandler.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/com/space/server/domain/oauth/handler/CustomSuccessHandler.java b/src/main/java/com/space/server/domain/oauth/handler/CustomSuccessHandler.java index 5eb13543..2b298103 100644 --- a/src/main/java/com/space/server/domain/oauth/handler/CustomSuccessHandler.java +++ b/src/main/java/com/space/server/domain/oauth/handler/CustomSuccessHandler.java @@ -70,11 +70,13 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { + log.warn("쿠키 탐색 : "+cookie.getName()); if ("JSESSIONID".equals(cookie.getName())) { cookie.setValue(""); cookie.setPath("/"); cookie.setMaxAge(0); response.addCookie(cookie); + log.warn("JSESSIONID 발견"); break; } } From c3a2e078dd934c5f780d37ae22d454228d031765 Mon Sep 17 00:00:00 2001 From: YunChan-Oh Date: Tue, 26 Nov 2024 20:19:48 +0900 Subject: [PATCH 3/4] fix(oauth): SecurityConfig MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit JSESSIONID 쿠키를 삭제하도록 추가했습니다. --- .../server/common/config/SecurityConfig.java | 44 +++++++++++++++++-- 1 file changed, 41 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/space/server/common/config/SecurityConfig.java b/src/main/java/com/space/server/common/config/SecurityConfig.java index ef40605e..43227e00 100644 --- a/src/main/java/com/space/server/common/config/SecurityConfig.java +++ b/src/main/java/com/space/server/common/config/SecurityConfig.java @@ -1,6 +1,9 @@ package com.space.server.common.config; +import jakarta.servlet.http.Cookie; import com.fasterxml.jackson.databind.ObjectMapper; +import com.space.server.common.exception.ErrorResponse; +import com.space.server.common.exception.security.SpaceSecurityException; import com.space.server.domain.auth.domain.repository.RefreshRepository; import com.space.server.common.exception.security.SpaceSecurityExceptionFilter; import com.space.server.common.jwt.exception.CustomAccessDeniedException; @@ -12,9 +15,11 @@ import com.space.server.domain.oauth.handler.CustomSuccessHandler; import com.space.server.domain.oauth.service.CustomOAuth2UserService; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; +import org.springframework.http.MediaType; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -26,10 +31,13 @@ import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.filter.CorsFilter; + +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Collections; import java.util.List; +@Slf4j @Configuration @EnableWebSecurity(debug = true) @RequiredArgsConstructor @@ -91,7 +99,39 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .oauth2Login((oauth2) -> oauth2 .userInfoEndpoint((userInfoEndpointConfig) -> userInfoEndpointConfig .userService(customOAuth2UserService)) - .successHandler(customSuccessHandler)); + .successHandler(customSuccessHandler) + .failureHandler((request, response, exception) -> { + if (exception instanceof SpaceSecurityException) { + SpaceSecurityException e = (SpaceSecurityException) exception; + response.setStatus(e.getStatus().value()); + response.setContentType(MediaType.APPLICATION_JSON_VALUE); + response.setCharacterEncoding(StandardCharsets.UTF_8.name()); + + ErrorResponse errorResponse = ErrorResponse.from( + e.getStatus().value(), + e.getErrorCode(), + e.getMessage() + ); + log.warn("소셜 스페이스 익셉션 동작"); + response.getWriter().write(objectMapper.writeValueAsString(errorResponse)); + } else { + response.sendRedirect("/login?error"); + } + Cookie[] cookies = request.getCookies(); + if (cookies != null) { + for (Cookie cookie : cookies) { + log.warn("쿠키 탐색 : "+cookie.getName()); + if ("JSESSIONID".equals(cookie.getName())) { + cookie.setValue(""); + cookie.setPath("/"); + cookie.setMaxAge(0); + response.addCookie(cookie); + log.warn("JSESSIONID 발견"); + break; + } + } + } + })); http .logout((auth) -> auth.disable()); @@ -130,8 +170,6 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .sessionManagement((session) -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)); - - return http.build(); } From 3cc995489e14e472a3ee7a74661ca1af625559d6 Mon Sep 17 00:00:00 2001 From: YunChan-Oh Date: Tue, 26 Nov 2024 20:20:33 +0900 Subject: [PATCH 4/4] feat(oauth): SocialUserExistedException MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 시큐리티용 커스텀 예외를 추가했습니다. --- .../oauth/exception/SocialUserExistedException.java | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/main/java/com/space/server/domain/oauth/exception/SocialUserExistedException.java diff --git a/src/main/java/com/space/server/domain/oauth/exception/SocialUserExistedException.java b/src/main/java/com/space/server/domain/oauth/exception/SocialUserExistedException.java new file mode 100644 index 00000000..bc37ecd7 --- /dev/null +++ b/src/main/java/com/space/server/domain/oauth/exception/SocialUserExistedException.java @@ -0,0 +1,10 @@ +package com.space.server.domain.oauth.exception; + +import com.space.server.common.exception.security.SpaceSecurityException; +import org.springframework.http.HttpStatus; + +public class SocialUserExistedException extends SpaceSecurityException { + public SocialUserExistedException() { + super(HttpStatus.CONFLICT, "USER_EXISTED", "유저가 이미 존재합니다."); + } +}