|
|
|
@ -2,24 +2,42 @@ package com.palnet.biz.api.acnt.jwt.filter;
|
|
|
|
|
|
|
|
|
|
import java.io.IOException; |
|
|
|
|
import java.io.Serializable; |
|
|
|
|
import java.util.HashMap; |
|
|
|
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest; |
|
|
|
|
import javax.servlet.http.HttpServletResponse; |
|
|
|
|
|
|
|
|
|
import com.palnet.comn.utils.JsonUtils; |
|
|
|
|
import lombok.extern.slf4j.Slf4j; |
|
|
|
|
import org.springframework.security.core.AuthenticationException; |
|
|
|
|
import org.springframework.security.web.AuthenticationEntryPoint; |
|
|
|
|
import org.springframework.stereotype.Component; |
|
|
|
|
|
|
|
|
|
//허가되지 않은 사용자라면, 접근 불가 메세지를 띄워 리소스 정보획득을 못하게 막아줍니다.
|
|
|
|
|
@Component |
|
|
|
|
@Slf4j |
|
|
|
|
public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint, Serializable { |
|
|
|
|
|
|
|
|
|
private static final long serialVersionUID = -7858869558953243875L; |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* 인증되지 않은 사용자의 Exception을 Handling하는 메소드입니다. |
|
|
|
|
* @param request that resulted in an <code>AuthenticationException</code> |
|
|
|
|
* @param response so that the user agent can begin authentication |
|
|
|
|
* @param authException that caused the invocation |
|
|
|
|
* @throws IOException |
|
|
|
|
*/ |
|
|
|
|
@Override |
|
|
|
|
public void commence(HttpServletRequest request, HttpServletResponse response, |
|
|
|
|
AuthenticationException authException) throws IOException { |
|
|
|
|
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { |
|
|
|
|
|
|
|
|
|
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); |
|
|
|
|
HashMap<String, Object> jsonResponseBody = new HashMap<>(); |
|
|
|
|
jsonResponseBody.put("status", HttpServletResponse.SC_UNAUTHORIZED); |
|
|
|
|
|
|
|
|
|
String jsonBody = JsonUtils.toJson(jsonResponseBody); |
|
|
|
|
|
|
|
|
|
response.setContentType("application/json"); |
|
|
|
|
response.setCharacterEncoding("UTF-8"); |
|
|
|
|
|
|
|
|
|
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); |
|
|
|
|
response.getWriter().write(jsonBody); |
|
|
|
|
} |
|
|
|
|
} |