diff --git a/egovframe-template-simple-react-contribution/src/App.js b/egovframe-template-simple-react-contribution/src/App.js
index 8095686..42f0827 100644
--- a/egovframe-template-simple-react-contribution/src/App.js
+++ b/egovframe-template-simple-react-contribution/src/App.js
@@ -13,9 +13,7 @@ function App() {
return (
-
-
)
}
diff --git a/egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx b/egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx
index 483452b..584997f 100644
--- a/egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx
+++ b/egovframe-template-simple-react-contribution/src/pages/login/EgovLoginContent.jsx
@@ -74,6 +74,7 @@ function EgovLoginContent(props) {
EgovNet.requestFetch(loginUrl,
requestOptions,
(resp) => {
+ debugger
let resultVO = resp.resultVO;
let jToken = resp?.jToken || null;
@@ -107,7 +108,7 @@ function EgovLoginContent(props) {
전자정부표준프레임워크 경량환경 홈페이지 로그인 페이지입니다.
로그인을 하시면 모든 서비스를 제한없이 이용하실 수 있습니다.
-
diff --git a/egovframe-template-simple-react-contribution/src/pages/standardCode/viewer.js b/egovframe-template-simple-react-contribution/src/pages/standardCode/viewer.js
index 48bd223..80d6264 100644
--- a/egovframe-template-simple-react-contribution/src/pages/standardCode/viewer.js
+++ b/egovframe-template-simple-react-contribution/src/pages/standardCode/viewer.js
@@ -252,8 +252,8 @@ function CodeViewer(props) {
}
CodeViewer.defaultProps = {
- docCode: 'KDS 10 10 00',
- docName: '설계기준 총칙'
+ docCode: 'KDS 24 10 11',
+ docName: '교량 설계 일반사항(한계상태설계법)'
}
export default CodeViewer;
diff --git a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java
index e083aa2..00acfea 100644
--- a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java
+++ b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/auth/EgovLoginApiController.java
@@ -101,4 +101,9 @@ public class EgovLoginApiController extends BaseController {
}
return resultMap;
}
+
+ @RequestMapping("/auth/loginSuccess")
+ public HashMap loginSuccess(HttpServletRequest request, HttpServletResponse response){
+ return new HashMap<>();
+ }
}
\ No newline at end of file
diff --git a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java
index e865982..3ead837 100644
--- a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java
+++ b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/jwt/EgovJwtTokenUtil.java
@@ -3,20 +3,22 @@ package com.dbnt.kcscbackend.config.jwt;
import com.dbnt.kcscbackend.auth.entity.UserInfo;
import com.dbnt.kcscbackend.config.egov.EgovProperties;
-import com.dbnt.kcscbackend.auth.entity.LoginVO;
import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import java.io.Serializable;
+import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
/**
- *
+ *
* @author : 정완배
* @since : 2023. 8. 9.
* @version : 1.0
@@ -40,59 +42,65 @@ import java.util.Map;
@Component
public class EgovJwtTokenUtil implements Serializable{
- private static final long serialVersionUID = -5180902194184255251L;
- //public static final long JWT_TOKEN_VALIDITY = 24 * 60 * 60; //하루
- public static final long JWT_TOKEN_VALIDITY = (long) ((1 * 60 * 60) / 60) * 60; //토큰의 유효시간 설정, 기본 60분
-
- public static final String SECRET_KEY = EgovProperties.getProperty("Globals.jwt.secret");
-
- //retrieve username from jwt token
- public String getUserIdFromToken(String token) {
- Claims claims = getClaimFromToken(token);
- return claims.get("id").toString();
- }
- public String getUserSeFromToken(String token) {
- Claims claims = getClaimFromToken(token);
- return claims.get("userSe").toString();
- }
- public String getInfoFromToken(String type, String token) {
- Claims claims = getClaimFromToken(token);
- return claims.get(type).toString();
- }
- public Claims getClaimFromToken(String token) {
- final Claims claims = getAllClaimsFromToken(token);
- return claims;
- }
-
- //for retrieveing any information from token we will need the secret key
- public Claims getAllClaimsFromToken(String token) {
- log.debug("===>>> secret = "+SECRET_KEY);
- return Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(token).getBody();
- }
+ private static final long serialVersionUID = -5180902194184255251L;
+ //public static final long JWT_TOKEN_VALIDITY = 24 * 60 * 60; //하루
+ public static final long JWT_TOKEN_VALIDITY = (long) ((1 * 60 * 60) / 60) * 60; //토큰의 유효시간 설정, 기본 60분
- //generate token for user
- public String generateToken(UserInfo loginVO) {
- return doGenerateToken(loginVO, "Authorization");
- }
+ public static final String SECRET_KEY = EgovProperties.getProperty("Globals.jwt.secret");
- //while creating the token -
- //1. Define claims of the token, like Issuer, Expiration, Subject, and the ID
- //2. Sign the JWT using the HS512 algorithm and secret key.
- //3. According to JWS Compact Serialization(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41#section-3.1)
- // compaction of the JWT to a URL-safe string
- private String doGenerateToken(UserInfo loginVO, String subject) {
+ //retrieve username from jwt token
+ public String getUserIdFromToken(String token) {
+ Claims claims = getClaimFromToken(token);
+ return claims.get("id").toString();
+ }
+ public String getUserSeFromToken(String token) {
+ Claims claims = getClaimFromToken(token);
+ return claims.get("userSe").toString();
+ }
+ public String getInfoFromToken(String type, String token) {
+ Claims claims = getClaimFromToken(token);
+ return claims.get(type).toString();
+ }
+ public Claims getClaimFromToken(String token) {
+ final Claims claims = getAllClaimsFromToken(token);
+ return claims;
+ }
- Map claims = new HashMap<>();
- claims.put("id", loginVO.getUserId() );
- claims.put("userSe", loginVO.getUserSe() );
- claims.put("uniqId", loginVO.getUserSeq() );
- claims.put("type", subject);
+ //for retrieveing any information from token we will need the secret key
+ public Claims getAllClaimsFromToken(String token) {
+ log.debug("===>>> secret = "+SECRET_KEY);
- log.debug("===>>> secret = "+SECRET_KEY);
- return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
- .setExpiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000))
- .signWith(SignatureAlgorithm.HS512, SECRET_KEY).compact();
- }
+ return Jwts.parserBuilder().setSigningKey(SECRET_KEY.getBytes(StandardCharsets.UTF_8)).build().parseClaimsJws(token).getBody();
+ }
+
+ //generate token for user
+ public String generateToken(UserInfo loginVO) {
+ return doGenerateToken(loginVO);
+ }
+
+ //while creating the token -
+ //1. Define claims of the token, like Issuer, Expiration, Subject, and the ID
+ //2. Sign the JWT using the HS512 algorithm and secret key.
+ //3. According to JWS Compact Serialization(https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-41#section-3.1)
+ // compaction of the JWT to a URL-safe string
+ private String doGenerateToken(UserInfo loginVO) {
+
+ Map claims = new HashMap<>();
+ claims.put("id", loginVO.getUserId() );
+ claims.put("userSe", loginVO.getUserSe() );
+ claims.put("uniqId", loginVO.getUserSeq() );
+ claims.put("type", "Authorization");
+
+ log.debug("===>>> secret = "+SECRET_KEY);
+
+ JwtBuilder builder = Jwts.builder()
+ .setClaims(claims)
+ .setSubject("Authorization")
+ .setIssuedAt(new Date(System.currentTimeMillis()))
+ .setExpiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000))
+ .signWith(Keys.hmacShaKeyFor(SECRET_KEY.getBytes(StandardCharsets.UTF_8)), SignatureAlgorithm.HS512);
+ return builder.compact();
+ }
}
diff --git a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/SecurityConfig.java b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/SecurityConfig.java
index 008b853..9d974bb 100644
--- a/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/SecurityConfig.java
+++ b/kcsc-back-end/src/main/java/com/dbnt/kcscbackend/config/security/SecurityConfig.java
@@ -71,8 +71,6 @@ public class SecurityConfig {
"/",
"/login/**",
"/login",
- "/auth/login-jwt",//JWT 로그인
- "/auth/login",//일반 로그인
"/auth/join",//회원가입
"/cmm/main/**.do", // 메인페이지
"/cmm/fms/FileDown.do", //파일 다운로드
@@ -118,15 +116,17 @@ public class SecurityConfig {
}
@Bean
protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
- http.csrf(AbstractHttpConfigurer::disable)
- .authorizeHttpRequests(authorize -> authorize
+
+ http.httpBasic().disable()
+ .csrf().disable()
+ .formLogin().disable();
+
+ http.authorizeHttpRequests(authorize -> authorize
.antMatchers(AUTH_WHITELIST).permitAll()
.antMatchers(HttpMethod.GET,AUTH_GET_WHITELIST).permitAll()
.anyRequest().authenticated()
);
- http.sessionManagement((sessionManagement) ->
- sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- );
+ http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class)
.exceptionHandling(exceptionHandlingConfigurer ->
@@ -134,14 +134,6 @@ public class SecurityConfig {
.authenticationEntryPoint(new JwtAuthenticationEntryPoint())
);
- http.httpBasic().disable()
- .csrf().disable()
- .formLogin().disable();
-
-// http.authorizeHttpRequests()
-// .requestMatchers(new AntPathRequestMatcher("/auth/login")).permitAll()
-// .anyRequest().authenticated();
-
http.cors().and().addFilterBefore(jsonUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
return http.build();
}
@@ -150,11 +142,11 @@ public class SecurityConfig {
public AuthenticationSuccessHandler loginSuccessHandler() {
return (request, response, authentication) -> {
UserInfo info = (UserInfo)authentication.getPrincipal();
- if (info != null && info.getUserId() != null && !info.getUserId().equals("")){
- String jwtToken = jwtTokenUtil.generateToken(info);
- String userName = jwtTokenUtil.getUserSeFromToken(jwtToken);
- }
- new DefaultRedirectStrategy().sendRedirect(request,response,"/");
+
+ String jwtToken = jwtTokenUtil.generateToken(info);
+ // String userName = jwtTokenUtil.getUserSeFromToken(jwtToken);
+ response.addHeader("Authorization", "BEARER "+jwtToken);
+
};
}