Skip to content

Commit 97f43f7

Browse files
feature : Add the Authorization Code feature
1 parent 08654fb commit 97f43f7

File tree

101 files changed

+6063
-5634
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

101 files changed

+6063
-5634
lines changed

README.md

Lines changed: 242 additions & 206 deletions
Large diffs are not rendered by default.

client/pom.xml

Lines changed: 322 additions & 321 deletions
Large diffs are not rendered by default.
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,22 @@
1-
package com.patternknife.securityhelper.oauth2.client;
2-
3-
import org.springframework.boot.SpringApplication;
4-
import org.springframework.boot.autoconfigure.SpringBootApplication;
5-
6-
import javax.annotation.PostConstruct;
7-
import java.util.TimeZone;
8-
9-
10-
@SpringBootApplication(scanBasePackages = {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
11-
public class SpringSecurityOauth2PasswordJpaImplApplication {
12-
13-
@PostConstruct
14-
void init() {
15-
TimeZone.setDefault(TimeZone.getTimeZone("Asia/Seoul"));
16-
}
17-
18-
public static void main(String[] args) {
19-
SpringApplication.run(SpringSecurityOauth2PasswordJpaImplApplication.class, args);
20-
}
21-
22-
}
1+
package com.patternknife.securityhelper.oauth2.client;
2+
3+
import org.springframework.boot.SpringApplication;
4+
import org.springframework.boot.autoconfigure.SpringBootApplication;
5+
6+
import javax.annotation.PostConstruct;
7+
import java.util.TimeZone;
8+
9+
10+
@SpringBootApplication(scanBasePackages = {"com.patternknife.securityhelper.oauth2.client", "io.github.patternknife.securityhelper.oauth2.api"})
11+
public class SpringSecurityOauth2PasswordJpaImplApplication {
12+
13+
@PostConstruct
14+
void init() {
15+
TimeZone.setDefault(TimeZone.getTimeZone("Asia/Seoul"));
16+
}
17+
18+
public static void main(String[] args) {
19+
SpringApplication.run(SpringSecurityOauth2PasswordJpaImplApplication.class, args);
20+
}
21+
22+
}

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/logger/common/LoggingFilter.java

Lines changed: 0 additions & 48 deletions
This file was deleted.
Original file line numberDiff line numberDiff line change
@@ -1,69 +1,69 @@
1-
package com.patternknife.securityhelper.oauth2.client.config.response.error;
2-
3-
4-
import com.patternknife.securityhelper.oauth2.client.config.response.error.message.GeneralErrorMessage;
5-
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.util.ExceptionKnifeUtils;
6-
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
7-
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
8-
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
9-
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
10-
import io.github.patternknife.securityhelper.oauth2.api.config.util.OrderConstants;
11-
import lombok.RequiredArgsConstructor;;
12-
import org.springframework.core.annotation.Order;
13-
import org.springframework.http.HttpStatus;
14-
import org.springframework.http.ResponseEntity;
15-
import org.springframework.security.access.AccessDeniedException;
16-
import org.springframework.security.core.AuthenticationException;
17-
import org.springframework.web.bind.annotation.ControllerAdvice;
18-
import org.springframework.web.bind.annotation.ExceptionHandler;
19-
20-
import org.springframework.web.context.request.WebRequest;
21-
22-
23-
/*
24-
*
25-
* Customize the exception payload by implementing this, which replaces
26-
* 'io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.handler.SecurityKnifeExceptionHandler'
27-
*
28-
* Once you create 'GlobalExceptionHandler', you should insert the following two (authenticationException, authorizationException) as default. Otherwise, 'unhandledExceptionHandler' is prior to 'io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.handler.SecurityKnifeExceptionHandler'.
29-
* "OrderConstants.SECURITY_KNIFE_EXCEPTION_HANDLER_ORDER - 1" means this is prior to "SecurityKnifeExceptionHandler"
30-
* */
31-
@Order(OrderConstants.SECURITY_KNIFE_EXCEPTION_HANDLER_ORDER - 1)
32-
@ControllerAdvice
33-
@RequiredArgsConstructor
34-
public class GlobalExceptionHandler {
35-
36-
private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
37-
38-
// 401 : Authentication
39-
@ExceptionHandler({AuthenticationException.class})
40-
public ResponseEntity<?> authenticationException(Exception ex, WebRequest request) {
41-
SecurityKnifeErrorResponsePayload errorResponsePayload;
42-
if(ex instanceof KnifeOauth2AuthenticationException && ((KnifeOauth2AuthenticationException) ex).getErrorMessages() != null) {
43-
errorResponsePayload = new SecurityKnifeErrorResponsePayload(((KnifeOauth2AuthenticationException) ex).getErrorMessages(),
44-
ex, request.getDescription(false), ExceptionKnifeUtils.getAllStackTraces(ex),
45-
ExceptionKnifeUtils.getAllCauses(ex), null);
46-
}else {
47-
errorResponsePayload = new SecurityKnifeErrorResponsePayload(ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false), iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
48-
ex.getMessage(), ex.getStackTrace()[0].toString());
49-
}
50-
return new ResponseEntity<>(errorResponsePayload, HttpStatus.UNAUTHORIZED);
51-
}
52-
53-
// 403 : Authorization
54-
@ExceptionHandler({ AccessDeniedException.class })
55-
public ResponseEntity<?> authorizationException(Exception ex, WebRequest request) {
56-
SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage() != null ? ex.getMessage() : ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false),
57-
ex.getMessage() == null || ex.getMessage().equals("Access Denied") ? iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHORIZATION_FAILURE) : ex.getMessage(), ex.getStackTrace()[0].toString());
58-
return new ResponseEntity<>(errorResponsePayload, HttpStatus.FORBIDDEN);
59-
}
60-
61-
// Unhandled
62-
@ExceptionHandler(Exception.class)
63-
public ResponseEntity<?> unhandledExceptionHandler(Exception ex, WebRequest request) {
64-
SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage(), request.getDescription(false), GeneralErrorMessage.UNHANDLED_ERROR.getUserMessage(),
65-
CustomExceptionUtils.getAllStackTraces(ex), CustomExceptionUtils.getAllCauses(ex));
66-
return new ResponseEntity<>(errorResponsePayload, HttpStatus.INTERNAL_SERVER_ERROR);
67-
}
68-
69-
}
1+
package com.patternknife.securityhelper.oauth2.client.config.response.error;
2+
3+
4+
import com.patternknife.securityhelper.oauth2.client.config.response.error.message.GeneralErrorMessage;
5+
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.util.ExceptionKnifeUtils;
6+
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.SecurityKnifeErrorResponsePayload;
7+
import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
8+
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
9+
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
10+
import io.github.patternknife.securityhelper.oauth2.api.config.util.OrderConstants;
11+
import lombok.RequiredArgsConstructor;;
12+
import org.springframework.core.annotation.Order;
13+
import org.springframework.http.HttpStatus;
14+
import org.springframework.http.ResponseEntity;
15+
import org.springframework.security.access.AccessDeniedException;
16+
import org.springframework.security.core.AuthenticationException;
17+
import org.springframework.web.bind.annotation.ControllerAdvice;
18+
import org.springframework.web.bind.annotation.ExceptionHandler;
19+
20+
import org.springframework.web.context.request.WebRequest;
21+
22+
23+
/*
24+
*
25+
* Customize the exception payload by implementing this, which replaces
26+
* 'io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.handler.SecurityKnifeExceptionHandler'
27+
*
28+
* Once you create 'GlobalExceptionHandler', you should insert the following two (authenticationException, authorizationException) as default. Otherwise, 'unhandledExceptionHandler' is prior to 'io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.handler.SecurityKnifeExceptionHandler'.
29+
* "OrderConstants.SECURITY_KNIFE_EXCEPTION_HANDLER_ORDER - 1" means this is prior to "SecurityKnifeExceptionHandler"
30+
* */
31+
@Order(OrderConstants.SECURITY_KNIFE_EXCEPTION_HANDLER_ORDER - 1)
32+
@ControllerAdvice
33+
@RequiredArgsConstructor
34+
public class GlobalExceptionHandler {
35+
36+
private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
37+
38+
// 401 : Authentication
39+
@ExceptionHandler({AuthenticationException.class})
40+
public ResponseEntity<?> authenticationException(Exception ex, WebRequest request) {
41+
SecurityKnifeErrorResponsePayload errorResponsePayload;
42+
if(ex instanceof KnifeOauth2AuthenticationException && ((KnifeOauth2AuthenticationException) ex).getErrorMessages() != null) {
43+
errorResponsePayload = new SecurityKnifeErrorResponsePayload(((KnifeOauth2AuthenticationException) ex).getErrorMessages(),
44+
ex, request.getDescription(false), ExceptionKnifeUtils.getAllStackTraces(ex),
45+
ExceptionKnifeUtils.getAllCauses(ex), null);
46+
}else {
47+
errorResponsePayload = new SecurityKnifeErrorResponsePayload(ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false), iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_FAILURE),
48+
ex.getMessage(), ex.getStackTrace()[0].toString());
49+
}
50+
return new ResponseEntity<>(errorResponsePayload, HttpStatus.UNAUTHORIZED);
51+
}
52+
53+
// 403 : Authorization
54+
@ExceptionHandler({ AccessDeniedException.class })
55+
public ResponseEntity<?> authorizationException(Exception ex, WebRequest request) {
56+
SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage() != null ? ex.getMessage() : ExceptionKnifeUtils.getAllCauses(ex), request.getDescription(false),
57+
ex.getMessage() == null || ex.getMessage().equals("Access Denied") ? iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHORIZATION_FAILURE) : ex.getMessage(), ex.getStackTrace()[0].toString());
58+
return new ResponseEntity<>(errorResponsePayload, HttpStatus.FORBIDDEN);
59+
}
60+
61+
// Unhandled
62+
/* @ExceptionHandler(Exception.class)
63+
public ResponseEntity<?> unhandledExceptionHandler(Exception ex, WebRequest request) {
64+
SecurityKnifeErrorResponsePayload errorResponsePayload = new SecurityKnifeErrorResponsePayload(ex.getMessage(), request.getDescription(false), GeneralErrorMessage.UNHANDLED_ERROR.getUserMessage(),
65+
CustomExceptionUtils.getAllStackTraces(ex), CustomExceptionUtils.getAllCauses(ex));
66+
return new ResponseEntity<>(errorResponsePayload, HttpStatus.INTERNAL_SERVER_ERROR);
67+
}*/
68+
69+
}
Original file line numberDiff line numberDiff line change
@@ -1,39 +1,39 @@
1-
package com.patternknife.securityhelper.oauth2.client.config.securityimpl.message;
2-
3-
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
4-
5-
public enum CustomSecurityUserExceptionMessage implements ExceptionMessageInterface {
6-
7-
AUTHENTICATION_LOGIN_FAILURE("1Authentication information is not valid. Please check and try again."),
8-
AUTHENTICATION_LOGIN_ERROR("1An error occurred during authentication. If the problem persists, please contact customer service."),
9-
AUTHENTICATION_TOKEN_FAILURE("1The authentication token has expired. Please log in again."),
10-
AUTHENTICATION_TOKEN_ERROR("1There was a problem verifying the authentication token. Please log in again."),
11-
AUTHORIZATION_FAILURE("1You do not have access permissions. Please request this from the administrator."),
12-
AUTHORIZATION_ERROR("1An error occurred with access permissions. If the problem persists, please contact customer service."),
13-
14-
// ID PASSWORD
15-
AUTHENTICATION_ID_NO_EXISTS("1The specified ID does not exist."),
16-
AUTHENTICATION_WRONG_ID_PASSWORD("1User information could not be verified. Please check your ID or password. If the problem persists, please contact customer service."),
17-
AUTHENTICATION_PASSWORD_FAILED_EXCEEDED("1The number of password attempts has been exceeded."),
18-
19-
// Wrong Authorization Code
20-
AUTHORIZATION_CODE_NO_EXISTS("1The specified Authorization code does not exist."),
21-
22-
// CLIENT ID, SECRET
23-
AUTHENTICATION_WRONG_CLIENT_ID_SECRET("1Client information is not verified."),
24-
25-
// GRANT TYPE
26-
AUTHENTICATION_WRONG_GRANT_TYPE("1Wrong Grant Type detected.");
27-
28-
private String message;
29-
30-
@Override
31-
public String getMessage() {
32-
return message;
33-
}
34-
35-
CustomSecurityUserExceptionMessage(String message) {
36-
this.message = message;
37-
}
38-
39-
}
1+
package com.patternknife.securityhelper.oauth2.client.config.securityimpl.message;
2+
3+
import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ExceptionMessageInterface;
4+
5+
public enum CustomSecurityUserExceptionMessage implements ExceptionMessageInterface {
6+
7+
AUTHENTICATION_LOGIN_FAILURE("1Authentication information is not valid. Please check and try again."),
8+
AUTHENTICATION_LOGIN_ERROR("1An error occurred during authentication. If the problem persists, please contact customer service."),
9+
AUTHENTICATION_TOKEN_FAILURE("1The authentication token has expired. Please log in again."),
10+
AUTHENTICATION_TOKEN_ERROR("1There was a problem verifying the authentication token. Please log in again."),
11+
AUTHORIZATION_FAILURE("1You do not have access permissions. Please request this from the administrator."),
12+
AUTHORIZATION_ERROR("1An error occurred with access permissions. If the problem persists, please contact customer service."),
13+
14+
// ID PASSWORD
15+
AUTHENTICATION_ID_NO_EXISTS("1The specified ID does not exist."),
16+
AUTHENTICATION_WRONG_ID_PASSWORD("1User information could not be verified. Please check your ID or password. If the problem persists, please contact customer service."),
17+
AUTHENTICATION_PASSWORD_FAILED_EXCEEDED("1The number of password attempts has been exceeded."),
18+
19+
// Wrong Authorization Code
20+
AUTHORIZATION_CODE_NO_EXISTS("1The specified Authorization code does not exist."),
21+
22+
// CLIENT ID, SECRET
23+
AUTHENTICATION_WRONG_CLIENT_ID_SECRET("1Client information is not verified."),
24+
25+
// GRANT TYPE
26+
AUTHENTICATION_WRONG_GRANT_TYPE("1Wrong Grant Type detected.");
27+
28+
private String message;
29+
30+
@Override
31+
public String getMessage() {
32+
return message;
33+
}
34+
35+
CustomSecurityUserExceptionMessage(String message) {
36+
this.message = message;
37+
}
38+
39+
}

0 commit comments

Comments
 (0)