Jwt 인증 필터
@Component
@RequiredArgsConstructor
public class JwtAuthenticationFilter extends OncePerRequestFilter {
private final JwtService jwtService;
private final MemberService memberService;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
final String authHeader = request.getHeader("Authorization");
final String jwt;
final String username;
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
filterChain.doFilter(request, response);
return;
}
jwt = authHeader.substring(7);
username = jwtService.extractUsername(jwt);
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
UserDetails userDetails = this.memberService.loadUserByUsername(username);
}
}
}
Jwt 서비스 코드
Encryption Key Generator 에서 시크릿 키를 생성한다.
https://www.allkeysgenerator.com/Random/Security-Encryption-Key-Generator.aspx
Encryption Key Generator
Encryption Key Generator The all-in-one ultimate online toolbox that generates all kind of keys ! Every coder needs All Keys Generator in its favorites ! It is provided for free and only supported by ads and donations.
www.allkeysgenerator.com
@Service
public class JwtService {
@Value("${secret_key}") // application.properties
private static String SECRET_KEY;
public String extractUsername(String token) {
return extractClaim(token, Claims::getSubject);
}
public <T> T extractClaim(String token, Function<Claims, T> claimsResolver) {
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
public String generateAccessToken(UserDetails userDetails) {
return generateAccessToken(new HashMap<>(), userDetails);
}
public String generateAccessToken(
Map<String, Object> extraClaims,
UserDetails userDetails
){
return Jwts
.builder()
.setClaims(extraClaims)
.setSubject(userDetails.getUsername())
.setIssuedAt(new Date(System.currentTimeMillis())) // 토큰 발행 시간
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 24)) // 토큰 만료 시간
.signWith(getSignInKey(), SignatureAlgorithm.HS256) // 토큰 알고리즘
.compact();
}
public boolean isTokenValid(String token, UserDetails userDetails) {
final String username = extractUsername(token);
return (username.equals(userDetails.getUsername())) && !isTokenExpired(token);
}
private boolean isTokenExpired(String token) {
return extractExpiration(token).before(new Date());
}
private Date extractExpiration(String token) {
return extractClaim(token, Claims::getExpiration);
}
private Claims extractAllClaims(String token) {
return Jwts.parserBuilder()
.setSigningKey(getSignInKey())
.build()
.parseClaimsJws(token)
.getBody();
}
private Key getSignInKey() {
byte[] keyBytes = Decoders.BASE64.decode(SECRET_KEY);
return Keys.hmacShaKeyFor(keyBytes);
}
}