Merge pull request #8 from URECA-PODONG/User

feat/#7: 소셜로그인(kakao업로드)

build.gradle

@@ -63,6 +63,13 @@ dependencies {
 	implementation 'io.jsonwebtoken:jjwt-api:0.11.2'
 	implementation 'io.jsonwebtoken:jjwt-impl:0.11.2'
 	implementation 'io.jsonwebtoken:jjwt-jackson:0.11.2' // 또는 jjwt-gson
+
+
+
+	implementation 'org.springframework.boot:spring-boot-starter-security'
+    testImplementation 'org.springframework.security:spring-security-test'
+	//Oauth 2.0
+    implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
 
 }
 

logs/spring-boot.log

@@ -1409,3 +1409,39 @@ Caused by: com.mysql.cj.exceptions.UnableToConnectException: Public Key Retrieva
 	at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:805) ~[mysql-connector-j-8.3.0.jar:8.3.0]
 	... 58 common frames omitted
 
+2024-11-03T16:37:16.743+09:00  INFO 20192 --- [sole-paradise] [restartedMain] c.u.s.SoleParadiseApplication            : Starting SoleParadiseApplication using Java 17.0.11 with PID 20192 (C:\Users\tjdgu\Desktop\podong-BackEnd\BackEnd\bin\main started by tjdgu in C:\Users\tjdgu\Desktop\podong-BackEnd\BackEnd)
+2024-11-03T16:37:16.745+09:00  INFO 20192 --- [sole-paradise] [restartedMain] c.u.s.SoleParadiseApplication            : No active profile set, falling back to 1 default profile: "default"
+2024-11-03T16:37:16.780+09:00  INFO 20192 --- [sole-paradise] [restartedMain] .e.DevToolsPropertyDefaultsPostProcessor : Devtools property defaults active! Set 'spring.devtools.add-properties' to 'false' to disable
+2024-11-03T16:37:16.780+09:00  INFO 20192 --- [sole-paradise] [restartedMain] .e.DevToolsPropertyDefaultsPostProcessor : For additional web related logging consider setting the 'logging.level.web' property to 'DEBUG'
+2024-11-03T16:37:17.451+09:00  INFO 20192 --- [sole-paradise] [restartedMain] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
+2024-11-03T16:37:17.593+09:00  INFO 20192 --- [sole-paradise] [restartedMain] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 136 ms. Found 7 JPA repository interfaces.
+2024-11-03T16:37:18.007+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port 8080 (http)
+2024-11-03T16:37:18.017+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
+2024-11-03T16:37:18.017+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.apache.catalina.core.StandardEngine    : Starting Servlet engine: [Apache Tomcat/10.1.31]
+2024-11-03T16:37:18.076+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.a.c.c.C.[Tomcat].[localhost].[/api]    : Initializing Spring embedded WebApplicationContext
+2024-11-03T16:37:18.076+09:00  INFO 20192 --- [sole-paradise] [restartedMain] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1295 ms
+2024-11-03T16:37:18.189+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.hibernate.jpa.internal.util.LogHelper  : HHH000204: Processing PersistenceUnitInfo [name: default]
+2024-11-03T16:37:18.231+09:00  INFO 20192 --- [sole-paradise] [restartedMain] org.hibernate.Version                    : HHH000412: Hibernate ORM core version 6.5.3.Final
+2024-11-03T16:37:18.256+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.h.c.internal.RegionFactoryInitiator    : HHH000026: Second-level cache disabled
+2024-11-03T16:37:18.469+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.s.o.j.p.SpringPersistenceUnitInfo      : No LoadTimeWeaver setup: ignoring JPA class transformer
+2024-11-03T16:37:18.492+09:00  INFO 20192 --- [sole-paradise] [restartedMain] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Starting...
+2024-11-03T16:37:18.593+09:00  INFO 20192 --- [sole-paradise] [restartedMain] com.zaxxer.hikari.pool.HikariPool        : HikariPool-1 - Added connection com.mysql.cj.jdbc.ConnectionImpl@646b376f
+2024-11-03T16:37:18.594+09:00  INFO 20192 --- [sole-paradise] [restartedMain] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Start completed.
+2024-11-03T16:37:18.624+09:00  WARN 20192 --- [sole-paradise] [restartedMain] org.hibernate.orm.deprecation            : HHH90000025: MySQL8Dialect does not need to be specified explicitly using 'hibernate.dialect' (remove the property setting and it will be selected by default)
+2024-11-03T16:37:18.625+09:00  WARN 20192 --- [sole-paradise] [restartedMain] org.hibernate.orm.deprecation            : HHH90000026: MySQL8Dialect has been deprecated; use org.hibernate.dialect.MySQLDialect instead
+2024-11-03T16:37:19.163+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.h.m.i.EntityInstantiatorPojoStandard   : HHH000182: No default (no-argument) constructor for class: com.ureca.sole_paradise.petItem.db.entity.PetItemEntity (class must be instantiated by Interceptor)
+2024-11-03T16:37:19.196+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.h.m.i.EntityInstantiatorPojoStandard   : HHH000182: No default (no-argument) constructor for class: com.ureca.sole_paradise.payments.db.entity.PaymentsEntity (class must be instantiated by Interceptor)
+2024-11-03T16:37:19.336+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.h.e.t.j.p.i.JtaPlatformInitiator       : HHH000489: No JTA platform available (set 'hibernate.transaction.jta.platform' to enable JTA platform integration)
+2024-11-03T16:37:20.159+09:00  INFO 20192 --- [sole-paradise] [restartedMain] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
+2024-11-03T16:37:20.905+09:00  INFO 20192 --- [sole-paradise] [restartedMain] g.w.e.AbstractErrorHandlingConfiguration : Error Handling Spring Boot Starter active with 8 handlers
+2024-11-03T16:37:20.950+09:00  WARN 20192 --- [sole-paradise] [restartedMain] ion$DefaultTemplateResolverConfiguration : Cannot find template location: classpath:/templates/ (please add some templates, check your Thymeleaf configuration, or set spring.thymeleaf.check-template-location=false)
+2024-11-03T16:37:21.076+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.s.b.d.a.OptionalLiveReloadServer       : LiveReload server is running on port 35729
+2024-11-03T16:37:21.130+09:00  INFO 20192 --- [sole-paradise] [restartedMain] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port 8080 (http) with context path '/api'
+2024-11-03T16:37:21.137+09:00  INFO 20192 --- [sole-paradise] [restartedMain] c.u.s.SoleParadiseApplication            : Started SoleParadiseApplication in 4.78 seconds (process running for 5.39)
+2024-11-03T16:37:50.878+09:00  INFO 20192 --- [sole-paradise] [http-nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/api]    : Initializing Spring DispatcherServlet 'dispatcherServlet'
+2024-11-03T16:37:50.878+09:00  INFO 20192 --- [sole-paradise] [http-nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
+2024-11-03T16:37:50.880+09:00  INFO 20192 --- [sole-paradise] [http-nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 1 ms
+2024-11-03T16:38:15.482+09:00  INFO 20192 --- [sole-paradise] [RMI TCP Connection(10)-127.0.0.1] inMXBeanRegistrar$SpringApplicationAdmin : Application shutdown requested.
+2024-11-03T16:38:15.537+09:00  INFO 20192 --- [sole-paradise] [RMI TCP Connection(10)-127.0.0.1] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
+2024-11-03T16:38:15.542+09:00  INFO 20192 --- [sole-paradise] [RMI TCP Connection(10)-127.0.0.1] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown initiated...
+2024-11-03T16:38:15.546+09:00  INFO 20192 --- [sole-paradise] [RMI TCP Connection(10)-127.0.0.1] com.zaxxer.hikari.HikariDataSource       : HikariPool-1 - Shutdown completed.

src/main/java/com/ureca/sole_paradise/user/config/CustomSuccessHandler.java

@@ -0,0 +1,46 @@
+package com.ureca.sole_paradise.user.config;
+
+import com.ureca.sole_paradise.user.db.dto.CustomOAuth2User;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
+
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Iterator;
+
+@Component
+@RequiredArgsConstructor
+public class CustomSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
+
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+
+        //OAuth2User
+        CustomOAuth2User customUserDetails = (CustomOAuth2User) authentication.getPrincipal();
+
+        //ROLE 추출
+        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
+        Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
+        GrantedAuthority auth = iterator.next();
+        String role = auth.getAuthority();
+
+        // 04.14 - 비회원 상태일경우 가입 페이지로, 커스텀 필요
+        if (role.equals("ROLE_VALIDATE")) {
+            response.setStatus(205);
+            //회원가입 페이지
+            response.sendRedirect("http://localhost:5173/userRegister/:userId");
+            return;
+        }
+
+        response.sendRedirect("http://localhost:5173/userRegister/:userId");
+    }
+}

src/main/java/com/ureca/sole_paradise/user/config/ReferencedException.java

@@ -0,0 +1,17 @@
+package com.ureca.sole_paradise.user.config;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+
+@ResponseStatus(HttpStatus.CONFLICT)
+public class ReferencedException extends RuntimeException {
+
+    public ReferencedException() {
+        super();
+    }
+
+    public ReferencedException(final ReferencedWarning referencedWarning) {
+        super(referencedWarning.toMessage());
+    }
+
+}

src/main/java/com/ureca/sole_paradise/user/config/ReferencedWarning.java

@@ -0,0 +1,31 @@
+package com.ureca.sole_paradise.user.config;
+
+
+import java.util.ArrayList;
+import java.util.stream.Collectors;
+import lombok.Getter;
+import lombok.Setter;
+
+
+@Getter
+@Setter
+public class ReferencedWarning {
+
+    private String key = null;
+    private ArrayList<Object> params = new ArrayList<>();
+
+    public void addParam(final Object param) {
+        params.add(param);
+    }
+
+    public String toMessage() {
+        String message = key;
+        if (!params.isEmpty()) {
+            message += "," + params.stream()
+                    .map(Object::toString)
+                    .collect(Collectors.joining(","));
+        }
+        return message;
+    }
+
+}

src/main/java/com/ureca/sole_paradise/user/config/SecurityConfig.java

@@ -0,0 +1,95 @@
+package com.ureca.sole_paradise.user.config;
+
+import com.ureca.sole_paradise.user.service.CustomOAuth2UserService;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+
+import java.util.List;
+
+@Configuration
+@EnableWebSecurity
+@RequiredArgsConstructor
+public class SecurityConfig {
+
+	//OAuth 로그인
+    private final CustomOAuth2UserService customOAuth2UserService;
+    private final CustomSuccessHandler customSuccessHandler;
+
+    //AuthenticationManager Bean 등록
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration configuration) throws Exception {
+
+        return configuration.getAuthenticationManager();
+    }
+
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+
+        return new BCryptPasswordEncoder();
+    }
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+
+        http
+                .cors((corsCustomizer -> corsCustomizer.configurationSource(new CorsConfigurationSource() {
+
+                    @Override
+                    public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
+
+                        CorsConfiguration config = new CorsConfiguration();
+
+                        config.setAllowedOrigins(List.of("http://localhost:5173"));
+                        config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
+                        config.setAllowCredentials(true);
+                        config.setAllowedHeaders(List.of("*"));
+                        config.setMaxAge(3600L);
+
+                        return config;
+                    }
+                })));
+
+        //csrf disable
+        http
+                .csrf((auth) -> auth.disable());
+
+        //From 로그인 방식 disable
+        http
+                .formLogin((auth) -> auth.disable());
+
+        //http basic 인증 방식 disable
+        http
+                .httpBasic((auth) -> auth.disable());
+
+        // 04.14 작성 - 잠시 주석처리
+        // Oauth 소셜로그인
+        http
+                .oauth2Login((oauth2) -> oauth2
+                        .userInfoEndpoint((userInfoEndpointConfig) -> userInfoEndpointConfig
+                                .userService(customOAuth2UserService))
+                        .successHandler(customSuccessHandler));
+
+        //경로별 인가 작업
+        http
+                .authorizeHttpRequests((auth) -> auth
+                        .requestMatchers("/*", "/**").permitAll()
+//                        .requestMatchers("/api/**", "/api/*").permitAll() //개발 용 로그인 안했을때 postman 사용을 위해
+                        .anyRequest().authenticated())
+                        .exceptionHandling((exceptionConfig) ->
+                        exceptionConfig.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/user/error")));
+
+
+        return http.build();
+    }
+}