Merge branches 'develop' and 'master' of https://github.com/JakduK/ja…

…kduk-api

build.gradle

@@ -4,15 +4,16 @@ apply plugin: 'base'
 allprojects  {
     apply plugin: 'maven'
     apply plugin: 'idea'
+    apply plugin: 'java'
 
     group = 'com.jakduk'
     version = '0.7.1-SNAPSHOT'
-}
 
-subprojects {
-    apply plugin: 'java'
     sourceCompatibility = 1.8
     targetCompatibility = 1.8
+}
+
+subprojects {
 
     // test task에서 spring profile을 위한 설정.
     test {
@@ -32,26 +33,17 @@ subprojects {
     }
 
     dependencies {
-        compile group: 'org.springframework', name: 'spring-oxm', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-web', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-webmvc', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-aspects', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-jdbc', version:"${springVersion}"
         compile group: 'org.springframework', name: 'spring-context-support', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-aop', version:"${springVersion}"
-        compile group: 'org.springframework', name: 'spring-orm', version:"${springVersion}"
         compile group: 'org.springframework.security', name: 'spring-security-core', version:"${springSecurityVersion}"
-        compile group: 'org.springframework.security', name: 'spring-security-web', version:"${springSecurityVersion}"
-        compile group: 'org.springframework.security', name: 'spring-security-config', version:"${springSecurityVersion}"
-        compile group: 'org.springframework.security', name: 'spring-security-taglibs', version:"${springSecurityVersion}"
-        compile group: 'org.springframework.data', name: 'spring-data-rest-webmvc', version:'2.5.1.RELEASE'
+        compile group: 'org.springframework.mobile', name: 'spring-mobile-device', version:'1.1.5.RELEASE'
         compile group: 'org.springframework.data', name: 'spring-data-mongodb', version:'1.9.1.RELEASE'
-         compile group: 'org.springframework.mobile', name: 'spring-mobile-device', version:'1.1.5.RELEASE'
+        compile group: 'org.springframework.data', name: 'spring-data-rest-webmvc', version:'2.5.1.RELEASE'
         compile group: 'org.mongodb', name: 'mongo-java-driver', version:'3.2.2'
         compile group: 'org.jongo', name: 'jongo', version:'1.3.0'
-        compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version:"${jacksonVerstion}"
-        compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version:"${jacksonVerstion}"
-        compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version:"${jacksonVerstion}"
+
+        compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version:"${jacksonVersion}"
+        compile group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version:"${jacksonVersion}"
+        compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version:"${jacksonVersion}"
         compile group: 'org.slf4j', name: 'slf4j-api', version:'1.7.21'
         compile group: 'org.slf4j', name: 'jcl-over-slf4j', version:'1.7.21'
         compile group: 'ch.qos.logback', name: 'logback-classic', version:'1.1.7'
@@ -60,12 +52,13 @@ subprojects {
         compile group: 'commons-fileupload', name: 'commons-fileupload', version:'1.3.2'
         compile group: 'commons-io', name: 'commons-io', version:'2.4'
         compile group: 'rome', name: 'rome', version:'1.0'
-        compile group: 'org.elasticsearch', name: 'elasticsearch', version:'1.7.5'
-        compile group: 'io.searchbox', name: 'jest', version:'2.0.2'
+        compile group: 'org.elasticsearch', name: 'elasticsearch', version:'2.4.0'
+        compile group: 'io.searchbox', name: 'jest', version:'2.0.3'
         compile group: 'net.gpedro.integrations.slack', name: 'slack-webhook', version:'1.1.1'
         compile group: 'javax.mail', name: 'mail', version:'1.4.7'
         compile 'commons-beanutils:commons-beanutils:1.9.2'
-        compile 'org.freemarker:freemarker:2.3.23'
+        compile 'org.thymeleaf:thymeleaf:3.0.1.RELEASE'
+        compile 'org.thymeleaf:thymeleaf-spring4:3.0.1.RELEASE'
 
         testCompile group: 'org.springframework', name: 'spring-test', version:"${springVersion}"
         testCompile group: 'junit', name: 'junit', version:'4.12'

gradle.properties

@@ -1,3 +1,3 @@
-springVersion = 4.3.0.RELEASE
+springVersion = 4.3.2.RELEASE
 springSecurityVersion = 4.1.0.RELEASE
-jacksonVerstion = 2.7.5
+jacksonVersion = 2.7.5

gradle/wrapper/gradle-wrapper.properties

@@ -3,4 +3,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.14-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-3.0-all.zip

jakduk-api/build.gradle

@@ -6,11 +6,18 @@ description = 'jakduk-api'
 dependencies {
   compile project(':jakduk-core')
 
+  compile group: 'org.springframework', name: 'spring-web', version:"${springVersion}"
+  compile group: 'org.springframework', name: 'spring-webmvc', version:"${springVersion}"
+  compile group: 'org.springframework.security', name: 'spring-security-web', version:"${springSecurityVersion}"
+  compile group: 'org.springframework.security', name: 'spring-security-config', version:"${springSecurityVersion}"
+  compile group: 'org.springframework.security', name: 'spring-security-taglibs', version:"${springSecurityVersion}"
+
+  compile 'javax.el:javax.el-api:3.0.0'
   compile group: 'javax.servlet', name: 'jstl', version:'1.2'
   compile 'io.springfox:springfox-swagger2:2.5.0'
   compile 'io.springfox:springfox-swagger-ui:2.5.0'
   compile 'org.springframework.data:spring-data-rest-hal-browser:2.5.1.RELEASE'
-  compile 'io.jsonwebtoken:jjwt:0.6.0'
+  compile 'io.jsonwebtoken:jjwt:0.7.0'
 
   providedCompile 'javax.servlet:javax.servlet-api:3.1.0'
   providedCompile 'javax.servlet.jsp:javax.servlet.jsp-api:2.3.1'

jakduk-api/src/main/java/com/jakduk/api/common/util/JwtTokenUtil.java

@@ -2,16 +2,16 @@
 
 import com.jakduk.api.common.vo.AttemptSocialUser;
 import com.jakduk.core.authentication.common.CommonPrincipal;
-import com.jakduk.core.authentication.common.SocialUserDetail;
 import com.jakduk.core.common.CommonConst;
+import com.jakduk.core.exception.ServiceError;
+import com.jakduk.core.exception.ServiceException;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import org.springframework.aop.AopInvocationException;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.mobile.device.Device;
-import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
 
@@ -40,47 +40,28 @@ public class JwtTokenUtil implements Serializable {
     private Long expiration;
 
     public String getUsernameFromToken(String token) {
-        String username;
-        try {
-            final Claims claims = getClaimsFromToken(token);
-            username = claims.getIssuer();
-        } catch (Exception e) {
-            username = null;
-        }
-        return username;
+        final Claims claims = getClaimsFromToken(token);
+
+        return claims.getIssuer();
     }
 
     public String getProviderIdFromToken(String token) {
-        String providerId;
-        try {
-            final Claims claims = getClaimsFromToken(token);
-            providerId = (String) claims.get(CLAIM_KEY_PROVIDER_ID);
-        } catch (Exception e) {
-            providerId = null;
-        }
-        return providerId;
+        final Claims claims = getClaimsFromToken(token);
+
+        return (String) claims.get(CLAIM_KEY_PROVIDER_ID);
     }
 
     public Date getExpirationDateFromToken(String token) {
-        Date expiration;
-        try {
-            final Claims claims = getClaimsFromToken(token);
-            expiration = claims.getExpiration();
-        } catch (Exception e) {
-            expiration = null;
-        }
-        return expiration;
+        final Claims claims = getClaimsFromToken(token);
+
+        return claims.getExpiration();
     }
 
     public String getAudienceFromToken(String token) {
-        String audience;
-        try {
-            final Claims claims = getClaimsFromToken(token);
-            audience = (String) claims.get(Claims.AUDIENCE);
-        } catch (Exception e) {
-            audience = null;
-        }
-        return audience;
+
+        final Claims claims = getClaimsFromToken(token);
+
+        return (String) claims.get(Claims.AUDIENCE);
     }
 
     public AttemptSocialUser getAttemptedFromToken(String token) {
@@ -111,10 +92,24 @@ public AttemptSocialUser getAttemptedFromToken(String token) {
     }
 
     private Claims getClaimsFromToken(String token) {
-        return Jwts.parser()
-                .setSigningKey(secret)
-                .parseClaimsJws(token)
-                .getBody();
+
+        Claims claims;
+
+        try {
+            claims = Jwts.parser()
+                    .setSigningKey(secret)
+                    .parseClaimsJws(token)
+                    .getBody();
+        } catch (ExpiredJwtException e) {
+            throw new ServiceException(ServiceError.EXPIRATION_TOKEN, e);
+        } catch (IllegalArgumentException e) {
+            claims = null;
+        } catch (Exception e) {
+            e.printStackTrace();
+            throw new ServiceException(ServiceError.INTERNAL_SERVER_ERROR, e);
+        }
+
+        return claims;
     }
 
     private Date generateExpirationDate() {
@@ -198,15 +193,10 @@ public String refreshToken(String token) {
         return refreshedToken;
     }
 
-    public Boolean isValidateToken(String token, UserDetails userDetails) {
+    public Boolean isValidateToken(String token, String email) {
         String username = this.getUsernameFromToken(token);
-        String email;
-        if (userDetails instanceof SocialUserDetail) {
-            email = ((SocialUserDetail) userDetails).getEmail();
-        } else {
-            email = userDetails.getUsername();
-        }
-        return (username.equals(email) && !isTokenExpired(token));
+
+        return (username.equals(email) && ! isTokenExpired(token));
     }
 
     public Boolean isValidateToken(String token) {

jakduk-api/src/main/java/com/jakduk/api/configuration/ApiMvcConfig.java

@@ -1,13 +1,12 @@
 package com.jakduk.api.configuration;
 
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.MessageSource;
 import org.springframework.context.annotation.*;
-import org.springframework.context.support.ReloadableResourceBundleMessageSource;
 import org.springframework.core.io.FileSystemResource;
 import org.springframework.http.MediaType;
 import org.springframework.mobile.device.DeviceResolverHandlerInterceptor;
 import org.springframework.stereotype.Controller;
+import org.springframework.validation.beanvalidation.MethodValidationPostProcessor;
 import org.springframework.web.accept.ContentNegotiationManager;
 import org.springframework.web.multipart.commons.CommonsMultipartResolver;
 import org.springframework.web.servlet.LocaleResolver;
@@ -91,6 +90,11 @@ public void addCorsMappings(CorsRegistry registry) {
     }
 */
 
+    @Bean
+    public LocaleResolver localeResolver() {
+        return new SessionLocaleResolver();
+    }
+
     @Bean
     public ViewResolver contentNegotiatingViewResolver(ContentNegotiationManager manager) {
         List<ViewResolver> viewResolvers = new ArrayList<>();
@@ -118,23 +122,6 @@ public ViewResolver contentNegotiatingViewResolver(ContentNegotiationManager man
         return resolver;
     }
 
-    @Bean
-    public LocaleResolver localeResolver() {
-        return new SessionLocaleResolver();
-    }
-
-    @Bean
-    public MessageSource messageSource() {
-        ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
-        messageSource.setBasenames("classpath:messages/common", "classpath:messages/board", "classpath:messages/user",
-                "classpath:messages/about", "classpath:messages/home", "classpath:messages/gallery",
-                "classpath:messages/stats", "classpath:messages/search", "classpath:messages/jakdu");
-        messageSource.setDefaultEncoding("UTF-8");
-        messageSource.setCacheSeconds(180);
-
-        return messageSource;
-    }
-
     @Bean
     public CommonsMultipartResolver multipartResolver() throws IOException {
         CommonsMultipartResolver multipartResolver = new CommonsMultipartResolver();
@@ -145,4 +132,12 @@ public CommonsMultipartResolver multipartResolver() throws IOException {
 
         return multipartResolver;
     }
+
+    /**
+     * RequestParam으로 입수되는 value에 대해서 validation체크를 할 수 있도록 해주는 Bean
+     */
+    @Bean
+    public MethodValidationPostProcessor methodValidationPostProcessor() {
+        return new MethodValidationPostProcessor();
+    }
 }

jakduk-api/src/main/java/com/jakduk/api/configuration/SecurityConfig.java

@@ -34,6 +34,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private SocialDetailService socialDetailService;
 
+    @Autowired
+    private PasswordEncoder passwordEncoder;
+
     @Override
     public void configure(WebSecurity web) throws Exception {
         web.ignoring().antMatchers("/resources/**");
@@ -103,7 +106,7 @@ protected void configure(HttpSecurity http) throws Exception {
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth
                 .userDetailsService(jakdukDetailsService)
-                .passwordEncoder(passwordEncoder());
+                .passwordEncoder(passwordEncoder);
 
         auth.userDetailsService(socialDetailService);
     }
@@ -119,11 +122,6 @@ public AuthenticationTokenFilter authenticationTokenFilter() throws Exception {
         return new AuthenticationTokenFilter();
     }
 
-    @Bean
-    public PasswordEncoder passwordEncoder() {
-        return new StandardPasswordEncoder();
-    }
-
     @Bean
     public RestAccessDeniedHandler restAccessDeniedHandler() {
         return new RestAccessDeniedHandler();

jakduk-api/src/main/java/com/jakduk/api/configuration/SwaggerConfig.java

@@ -32,14 +32,19 @@ public Docket api() {
         Set<String> protocols = new HashSet<>();
         protocols.add(environment.getProperty("swagger.protocol"));
 
+        Set<String> producesList = new HashSet<>();
+        producesList.add("application/json");
+
         return new Docket(DocumentationType.SWAGGER_2)
                 .select()
 //                .apis(RequestHandlerSelectors.basePackage("com.jakduk.restcontroller"))
                     .paths(PathSelectors.ant("/api/**"))
                 .build()
                 .protocols(protocols)
                 .host(environment.getProperty("swagger.host"))
-                .apiInfo(apiInfo());
+                .apiInfo(apiInfo())
+                .useDefaultResponseMessages(false)
+                .produces(producesList);
     }
 
     @Bean