Merge branch 'develop' into CLAP-256-팀-작업-현황-에러-재수정

Author: hyoseong-Choi

src/main/java/clap/server/adapter/inbound/security/SecurityConfig.java

@@ -57,8 +57,6 @@ public SecurityFilterChain defaultFilterChain(HttpSecurity http) throws Exceptio
                 .authorizeHttpRequests(
                         auth ->
                                 defaultAuthorizeHttpRequest(auth)
-                                        .requestMatchers(SWAGGER_ENDPOINTS).permitAll()
-                                        .requestMatchers(LOGIN_ENDPOINT).permitAll()
                                         .anyRequest().authenticated()
                 ).build();
     }
@@ -83,8 +81,10 @@ private AbstractRequestMatcherRegistry<AuthorizeHttpRequestsConfigurer<HttpSecur
                 .requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
                 .requestMatchers(HttpMethod.OPTIONS, "*").permitAll()
                 .requestMatchers(HttpMethod.GET, READ_ONLY_PUBLIC_ENDPOINTS).permitAll()
+                .requestMatchers(SWAGGER_ENDPOINTS).permitAll()
+                .requestMatchers(LOGIN_ENDPOINT).permitAll()
                 .requestMatchers(HEALTH_CHECK_ENDPOINT).permitAll()
-                .requestMatchers(REISSUANCE_ENDPOINTS).permitAll()
+                .requestMatchers(REISSUANCE_ENDPOINT).permitAll()
                 .requestMatchers(SWAGGER_ENDPOINTS).permitAll();
     }
 

src/main/java/clap/server/adapter/inbound/security/WebSecurityUrl.java

@@ -12,7 +12,6 @@ private WebSecurityUrl() {
             "/swagger/api-docs/**", "/swagger/v3/api-docs/**",
             "/swagger-ui/**", "/swagger"
     };
-    public static final String REISSUANCE_ENDPOINTS = "/api/auths/reissuance";
-    public static final String[] PUBLIC_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINTS};
+    public static final String REISSUANCE_ENDPOINT = "/api/auths/reissuance";
     public static final String TEMPORARY_TOKEN_ALLOWED_ENDPOINT = "/api/members/initial-password";
 }

src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java

@@ -2,9 +2,8 @@
 
 import clap.server.adapter.outbound.jwt.JwtClaims;
 import clap.server.adapter.outbound.jwt.access.AccessTokenClaimKeys;
-import clap.server.application.port.outbound.auth.ForbiddenTokenPort;
+import clap.server.application.port.outbound.auth.forbidden.ForbiddenTokenPort;
 import clap.server.application.port.outbound.auth.JwtProvider;
-import clap.server.exception.AuthException;
 import clap.server.exception.JwtException;
 import clap.server.exception.code.AuthErrorCode;
 import io.jsonwebtoken.Claims;
@@ -24,11 +23,13 @@
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
 import org.springframework.util.StringUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
 import java.util.Arrays;
+import java.util.stream.Stream;
 
 import static clap.server.adapter.inbound.security.WebSecurityUrl.*;
 
@@ -42,13 +43,22 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     private final AccessDeniedHandler accessDeniedHandler;
     private final ForbiddenTokenPort forbiddenTokenPort;
 
+    public static final String[] PUBLIC_ENDPOINTS = Stream.of(
+            HEALTH_CHECK_ENDPOINT,
+            READ_ONLY_PUBLIC_ENDPOINTS,
+            SWAGGER_ENDPOINTS
+    ).flatMap(Arrays::stream).toArray(String[]::new);
+
+    public static final String[] ANONYMOUS_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINT};
+
     @Override
     protected void doFilterInternal(
             @NotNull HttpServletRequest request,
             @NotNull HttpServletResponse response,
             @NotNull FilterChain filterChain
     ) throws ServletException, IOException {
         try {
+
             if (isAnonymousRequest(request)) {
                 filterChain.doFilter(request, response);
                 return;
@@ -66,10 +76,19 @@ protected void doFilterInternal(
     }
 
     private boolean isAnonymousRequest(HttpServletRequest request) {
-        String accessToken = request.getHeader(HttpHeaders.AUTHORIZATION);
-        return accessToken == null;
+        boolean isAnonymousURI = Arrays.stream(ANONYMOUS_ENDPOINTS)
+                .anyMatch(endpoint -> new AntPathMatcher().match(endpoint, request.getRequestURI()));
+        boolean isAnonymous = request.getHeader(HttpHeaders.AUTHORIZATION) == null;
+        return isAnonymousURI && isAnonymous;
     }
 
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
+        return Arrays.stream(PUBLIC_ENDPOINTS)
+                .anyMatch(endpoint -> new AntPathMatcher().match(endpoint, request.getRequestURI()));
+    }
+
+
     private String resolveAccessToken(
             HttpServletRequest request
     ) throws ServletException {
@@ -106,6 +125,8 @@ private String resolveAccessToken(
     }
 
 
+
+
     private boolean isTemporaryTokenAllowed(String requestUrl) {
         return requestUrl.equals(TEMPORARY_TOKEN_ALLOWED_ENDPOINT);
     }

src/main/java/clap/server/adapter/inbound/web/admin/AddCategoryController.java

@@ -16,7 +16,7 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [작업 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements")

src/main/java/clap/server/adapter/inbound/web/admin/DeleteCategoryController.java

@@ -12,7 +12,7 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [작업 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements")

src/main/java/clap/server/adapter/inbound/web/admin/DeleteMemberController.java

@@ -14,7 +14,7 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [회원 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements")

src/main/java/clap/server/adapter/inbound/web/admin/FindDepartmentController.java

@@ -13,7 +13,7 @@
 
 import java.util.List;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [회원 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements")

src/main/java/clap/server/adapter/inbound/web/admin/FindMemberController.java

@@ -5,6 +5,7 @@
 import clap.server.adapter.inbound.web.dto.common.PageResponse;
 import clap.server.application.port.inbound.admin.FindMembersWithFilterUsecase;
 
+import clap.server.common.annotation.architecture.WebAdapter;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
@@ -16,7 +17,8 @@
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.web.bind.annotation.*;
 
-@RestController
+@Tag(name = "05. Admin [회원 관리]")
+@WebAdapter
 @RequestMapping("/api/managements")
 @RequiredArgsConstructor
 public class FindMemberController {

src/main/java/clap/server/adapter/inbound/web/admin/ManageMemberController.java

@@ -2,32 +2,41 @@
 
 import clap.server.adapter.inbound.security.service.SecurityUserDetails;
 import clap.server.adapter.inbound.web.dto.admin.request.UpdateMemberRequest;
+import clap.server.adapter.inbound.web.dto.admin.response.MemberDetailsResponse;
+import clap.server.application.port.inbound.admin.MemberDetailUsecase;
 import clap.server.application.port.inbound.admin.UpdateMemberUsecase;
 import clap.server.common.annotation.architecture.WebAdapter;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.*;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [회원 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements/members")
 public class ManageMemberController {
     private final UpdateMemberUsecase updateMemberUsecase;
+    private final MemberDetailUsecase memberDetailUsecase;
 
     @Operation(summary = "회원 정보 수정 API")
     @PostMapping("/{memberId}")
     @Secured("ROLE_ADMIN")
     public void registerMember(@AuthenticationPrincipal SecurityUserDetails userInfo,
                                @PathVariable Long memberId,
-                               @RequestBody @Valid UpdateMemberRequest request){
+                               @RequestBody @Valid UpdateMemberRequest request) {
         updateMemberUsecase.updateMemberInfo(userInfo.getUserId(), memberId, request);
     }
+
+    @Operation(summary = "회원 상세 정보 조회 API")
+    @GetMapping("/{memberId}/details")
+    @Secured("ROLE_ADMIN")
+    public ResponseEntity<MemberDetailsResponse> getMemberDetail(@AuthenticationPrincipal SecurityUserDetails userInfo,
+                                                                 @PathVariable Long memberId) {
+        return ResponseEntity.ok(memberDetailUsecase.getMemberDetail(memberId));
+    }
 }

src/main/java/clap/server/adapter/inbound/web/admin/ManagementLabelController.java

@@ -17,7 +17,7 @@
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
-@Tag(name = "05. Admin")
+@Tag(name = "05. Admin [작업 관리]")
 @WebAdapter
 @RequiredArgsConstructor
 @RequestMapping("/api/managements/labels")