Merge branch 'develop' into CLAP-243

Author: Sihun23

…rver/config/security/SecurityConfig.java …ter/inbound/security/SecurityConfig.javasrc/main/java/clap/server/config/security/SecurityConfig.java renamed to src/main/java/clap/server/adapter/inbound/security/SecurityConfig.java src/main/java/clap/server/config/security/SecurityConfig.java renamed to src/main/java/clap/server/adapter/inbound/security/SecurityConfig.java

@@ -1,8 +1,8 @@
-package clap.server.config.security;
+package clap.server.adapter.inbound.security;
 
-import clap.server.adapter.inbound.security.LoginAttemptFilter;
 import clap.server.adapter.inbound.security.filter.JwtAuthenticationFilter;
 import clap.server.adapter.inbound.security.filter.JwtExceptionFilter;
+import clap.server.adapter.inbound.security.filter.LoginAttemptFilter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.boot.autoconfigure.security.ConditionalOnDefaultWebSecurity;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
@@ -24,7 +24,7 @@
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsConfigurationSource;
 
-import static clap.server.config.security.WebSecurityUrl.*;
+import static clap.server.adapter.inbound.security.WebSecurityUrl.*;
 
 
 @Configuration

src/main/java/clap/server/adapter/inbound/security/WebSecurityUrl.java

@@ -0,0 +1,18 @@
+package clap.server.adapter.inbound.security;
+
+public class WebSecurityUrl {
+    private WebSecurityUrl() {
+        throw new IllegalStateException("Utility class");
+    }
+
+    public static final String [] HEALTH_CHECK_ENDPOINT = {"/health"};
+    public static final String[] READ_ONLY_PUBLIC_ENDPOINTS = {"/favicon.ico"};
+    public static final String LOGIN_ENDPOINT = "/api/auths/login";
+    public static final String[] SWAGGER_ENDPOINTS = {
+            "/swagger/api-docs/**", "/swagger/v3/api-docs/**",
+            "/swagger-ui/**", "/swagger"
+    };
+    public static final String REISSUANCE_ENDPOINTS = "/api/auths/reissuance";
+    public static final String[] PUBLIC_ENDPOINTS = {LOGIN_ENDPOINT, REISSUANCE_ENDPOINTS};
+    public static final String TEMPORARY_TOKEN_ALLOWED_ENDPOINT = "/api/members/initial-password";
+}

src/main/java/clap/server/adapter/inbound/security/filter/JwtAuthenticationFilter.java

@@ -4,6 +4,7 @@
 import clap.server.adapter.outbound.jwt.access.AccessTokenClaimKeys;
 import clap.server.application.port.outbound.auth.ForbiddenTokenPort;
 import clap.server.application.port.outbound.auth.JwtProvider;
+import clap.server.exception.AuthException;
 import clap.server.exception.JwtException;
 import clap.server.exception.code.AuthErrorCode;
 import io.jsonwebtoken.Claims;
@@ -27,12 +28,14 @@
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
+import java.util.Arrays;
+
+import static clap.server.adapter.inbound.security.WebSecurityUrl.*;
 
 @Slf4j
 @Component
 @RequiredArgsConstructor
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
-    private static final String TEMPORARY_TOKEN_ALLOWED_ENDPOINT = "/api/members/initial-password";
     private final UserDetailsService securityUserDetailsService;
     private final JwtProvider accessTokenProvider;
     private final JwtProvider temporaryTokenProvider;

src/main/java/clap/server/adapter/inbound/security/filter/JwtErrorCodeUtil.java

@@ -36,7 +36,7 @@ public static BaseErrorCode determineErrorCode(Exception exception, BaseErrorCod
     public static JwtException determineAuthErrorException(Exception exception) {
         return findAuthErrorException(exception).orElseGet(
                 () -> {
-                    BaseErrorCode errorCode = determineErrorCode(exception, GlobalErrorCode.INTERNAL_SERVER_ERROR);
+                    BaseErrorCode errorCode = determineErrorCode(exception, AuthErrorCode.UNAUTHORIZED);
                     log.debug(exception.getMessage(), exception);
                     return new JwtException(errorCode);
                 }

src/main/java/clap/server/adapter/inbound/security/filter/JwtExceptionFilter.java

@@ -33,7 +33,6 @@ protected void doFilterInternal(
 
     private void sendAuthError(HttpServletResponse response, JwtException e) throws IOException {
         if (!response.isCommitted()) {
-            response.setContentType("application/json;charset=UTF-8");
             response.setStatus(e.getErrorCode().getHttpStatus().value());
             response.getWriter().write(e.getErrorCode().getCustomCode());
         }

…inbound/security/LoginAttemptFilter.java …/security/filter/LoginAttemptFilter.javasrc/main/java/clap/server/adapter/inbound/security/LoginAttemptFilter.java renamed to src/main/java/clap/server/adapter/inbound/security/filter/LoginAttemptFilter.java src/main/java/clap/server/adapter/inbound/security/LoginAttemptFilter.java renamed to src/main/java/clap/server/adapter/inbound/security/filter/LoginAttemptFilter.java

@@ -1,4 +1,4 @@
-package clap.server.adapter.inbound.security;
+package clap.server.adapter.inbound.security.filter;
 
 import clap.server.application.service.auth.LoginAttemptService;
 import clap.server.exception.AuthException;
@@ -17,20 +17,19 @@
 import java.io.IOException;
 import java.util.ArrayList;
 
+import static clap.server.adapter.inbound.security.WebSecurityUrl.LOGIN_ENDPOINT;
 import static clap.server.common.constants.AuthConstants.SESSION_ID;
 
 
 @RequiredArgsConstructor
 @Slf4j
 public class LoginAttemptFilter extends OncePerRequestFilter {
 
-    private static final String LOGIN_ENDPOINT = "/api/auths/login";
     private final LoginAttemptService loginAttemptService;
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
             throws ServletException, IOException {
-
         String sessionId = request.getHeader(SESSION_ID.getValue().toLowerCase());
 
         if (request.getRequestURI().equals(LOGIN_ENDPOINT)) {

…und/security/CustomGrantedAuthority.java …rity/service/CustomGrantedAuthority.javasrc/main/java/clap/server/adapter/inbound/security/CustomGrantedAuthority.java renamed to src/main/java/clap/server/adapter/inbound/security/service/CustomGrantedAuthority.java src/main/java/clap/server/adapter/inbound/security/CustomGrantedAuthority.java renamed to src/main/java/clap/server/adapter/inbound/security/service/CustomGrantedAuthority.java

@@ -1,4 +1,4 @@
-package clap.server.adapter.inbound.security;
+package clap.server.adapter.inbound.security.service;
 
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;

…nbound/security/SecurityUserDetails.java …ecurity/service/SecurityUserDetails.javasrc/main/java/clap/server/adapter/inbound/security/SecurityUserDetails.java renamed to src/main/java/clap/server/adapter/inbound/security/service/SecurityUserDetails.java src/main/java/clap/server/adapter/inbound/security/SecurityUserDetails.java renamed to src/main/java/clap/server/adapter/inbound/security/service/SecurityUserDetails.java

@@ -1,4 +1,4 @@
-package clap.server.adapter.inbound.security;
+package clap.server.adapter.inbound.security.service;
 
 import clap.server.adapter.outbound.persistense.entity.member.MemberEntity;
 import clap.server.adapter.outbound.persistense.entity.member.constant.MemberStatus;

…security/SecurityUserDetailsService.java …/service/SecurityUserDetailsService.javasrc/main/java/clap/server/adapter/inbound/security/SecurityUserDetailsService.java renamed to src/main/java/clap/server/adapter/inbound/security/service/SecurityUserDetailsService.java src/main/java/clap/server/adapter/inbound/security/SecurityUserDetailsService.java renamed to src/main/java/clap/server/adapter/inbound/security/service/SecurityUserDetailsService.java

@@ -1,4 +1,4 @@
-package clap.server.adapter.inbound.security;
+package clap.server.adapter.inbound.security.service;
 
 import clap.server.adapter.outbound.persistense.repository.member.MemberRepository;
 import clap.server.exception.AuthException;

src/main/java/clap/server/adapter/inbound/web/admin/AddCategoryController.java

@@ -1,6 +1,6 @@
 package clap.server.adapter.inbound.web.admin;
 
-import clap.server.adapter.inbound.security.SecurityUserDetails;
+import clap.server.adapter.inbound.security.service.SecurityUserDetails;
 import clap.server.adapter.inbound.web.dto.admin.AddMainCategoryRequest;
 import clap.server.adapter.inbound.web.dto.admin.AddSubCategoryRequest;
 import clap.server.application.port.inbound.admin.AddMainCategoryUsecase;