Search

api/src/main/java/com/jakduk/api/common/constraint/ExistUsernameOnEditValidator.java

@@ -2,7 +2,7 @@
 
 import com.jakduk.api.common.util.UserUtils;
 import com.jakduk.api.configuration.authentication.user.CommonPrincipal;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.exception.ServiceException;
 import com.jakduk.core.model.simple.UserProfile;
 import com.jakduk.core.service.UserService;
@@ -35,7 +35,7 @@ public boolean isValid(String value, ConstraintValidatorContext context) {
         CommonPrincipal commonPrincipal = UserUtils.getCommonPrincipal();
 
         if (ObjectUtils.isEmpty(commonPrincipal))
-            throw new ServiceException(ServiceExceptionCode.NEED_TO_LOGIN);
+            throw new ServiceException(ServiceError.NEED_TO_LOGIN);
 
         UserProfile userProfile = userService.findByNEIdAndUsername(commonPrincipal.getId().trim(), value.trim());
 

api/src/main/java/com/jakduk/api/common/util/JwtTokenUtils.java

@@ -3,7 +3,7 @@
 import com.jakduk.api.common.vo.AttemptSocialUser;
 import com.jakduk.api.configuration.authentication.user.CommonPrincipal;
 import com.jakduk.core.common.CoreConst;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.exception.ServiceException;
 import io.jsonwebtoken.*;
 import org.springframework.aop.AopInvocationException;
@@ -100,12 +100,12 @@ private Claims getClaimsFromToken(String token) {
         } catch (IllegalArgumentException e) {
             claims = null;
         } catch (ExpiredJwtException e) {
-            throw new ServiceException(ServiceExceptionCode.EXPIRATION_TOKEN, e);
+            throw new ServiceException(ServiceError.EXPIRATION_TOKEN, e);
         } catch (MalformedJwtException e) {
-            throw new ServiceException(ServiceExceptionCode.INVALID_TOKEN, e);
+            throw new ServiceException(ServiceError.INVALID_TOKEN, e);
         }  catch (Exception e) {
             e.printStackTrace();
-            throw new ServiceException(ServiceExceptionCode.INTERNAL_SERVER_ERROR, e);
+            throw new ServiceException(ServiceError.INTERNAL_SERVER_ERROR, e);
         }
 
         return claims;

api/src/main/java/com/jakduk/api/common/util/UserUtils.java

@@ -7,6 +7,7 @@
 import com.jakduk.api.configuration.authentication.user.SocialUserDetail;
 import com.jakduk.core.common.CommonRole;
 import com.jakduk.core.model.db.User;
+import com.jakduk.core.model.embedded.CommonWriter;
 import com.jakduk.core.model.etc.AuthUserProfile;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
@@ -18,6 +19,7 @@
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
+import org.springframework.util.ObjectUtils;
 import org.springframework.web.client.RestTemplate;
 
 import java.util.ArrayList;
@@ -236,6 +238,19 @@ public static CommonPrincipal getCommonPrincipal() {
         return commonPrincipal;
     }
 
+    /**
+     * CommonWriter를 가져온다.
+     */
+    public static CommonWriter getCommonWriter() {
+        CommonPrincipal commonPrincipal = getCommonPrincipal();
+
+        if (! ObjectUtils.isEmpty(commonPrincipal)) {
+            return new CommonWriter(commonPrincipal.getId(), commonPrincipal.getUsername(), commonPrincipal.getProviderId());
+        } else {
+            return null;
+        }
+    }
+
     /**
      * 이메일 기반 회원의 로그인 처리
      * @param user User 객체

api/src/main/java/com/jakduk/api/configuration/ApiSecurityConfig.java

@@ -37,6 +37,12 @@ public class ApiSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private PasswordEncoder passwordEncoder;
 
+    @Autowired
+    private RestAccessDeniedHandler restAccessDeniedHandler;
+
+    @Autowired
+    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;
+
     @Override
     public void configure(WebSecurity web) throws Exception {
         web.ignoring().antMatchers("/resources/**");
@@ -53,8 +59,8 @@ protected void configure(HttpSecurity http) throws Exception {
                 .addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class)
 
                 .exceptionHandling()
-                .authenticationEntryPoint(restAuthenticationEntryPoint())
-                .accessDeniedHandler(restAccessDeniedHandler())
+                .authenticationEntryPoint(restAuthenticationEntryPoint)
+                .accessDeniedHandler(restAccessDeniedHandler)
 
                 //Configures url based authorization
                 .and()
@@ -116,15 +122,4 @@ public AuthenticationManager authenticationManagerBean() throws Exception {
     public AuthenticationTokenFilter authenticationTokenFilter() throws Exception {
         return new AuthenticationTokenFilter();
     }
-
-    @Bean
-    public RestAccessDeniedHandler restAccessDeniedHandler() {
-        return new RestAccessDeniedHandler();
-    }
-
-    @Bean
-    public RestAuthenticationEntryPoint restAuthenticationEntryPoint() {
-        return new RestAuthenticationEntryPoint();
-    }
-
 }

api/src/main/java/com/jakduk/api/configuration/authentication/AuthenticationTokenFilter.java

@@ -6,6 +6,7 @@
 import com.jakduk.api.restcontroller.exception.ApiRestErrorResponse;
 import com.jakduk.core.common.CoreConst;
 import com.jakduk.core.exception.ServiceException;
+import com.jakduk.core.exception.ServiceError;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -79,11 +80,13 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
             chain.doFilter(request, response);
 
         } catch (ServiceException e) {
+            ServiceError serviceError = e.getServiceError();
+
             httpResponse.setContentType("application/json");
-            httpResponse.setStatus(e.getServiceExceptionCode().getHttpStatus());
+            httpResponse.setStatus(serviceError.getHttpStatus());
             httpResponse.setCharacterEncoding("utf-8");
 
-            ApiRestErrorResponse error = new ApiRestErrorResponse(e.getServiceExceptionCode().getCode(), e.getMessage());
+            ApiRestErrorResponse error = new ApiRestErrorResponse(serviceError);
 
             String errorJson = new ObjectMapper().writeValueAsString(error);
 

api/src/main/java/com/jakduk/api/configuration/authentication/JakdukDetailsService.java

@@ -5,7 +5,7 @@
 import com.jakduk.core.common.CoreConst;
 import com.jakduk.core.common.util.CoreUtils;
 import com.jakduk.core.exception.ServiceException;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.model.simple.UserOnAuthentication;
 import com.jakduk.core.repository.user.UserRepository;
 import lombok.extern.slf4j.Slf4j;
@@ -16,6 +16,8 @@
 import org.springframework.stereotype.Component;
 import org.springframework.util.ObjectUtils;
 
+import java.util.Optional;
+
 @Slf4j
 @Component
 public class JakdukDetailsService implements UserDetailsManager {
@@ -29,14 +31,16 @@ public UserDetails loadUserByUsername(String email) throws UsernameNotFoundExcep
 		if (ObjectUtils.isEmpty(email)) {
 			throw new IllegalArgumentException("email 은 꼭 필요한 값입니다.");
 		} else {
-			UserOnAuthentication user = userRepository.findAuthUserByEmail(email);
+			Optional<UserOnAuthentication> oUser = userRepository.findAuthUserByEmail(email);
 
-			if (ObjectUtils.isEmpty(user))
-				throw new ServiceException(ServiceExceptionCode.NOT_FOUND_JAKDUK_ACCOUNT,
+			if (! oUser.isPresent())
+				throw new ServiceException(ServiceError.NOT_FOUND_ACCOUNT,
 						CoreUtils.getExceptionMessage("exception.not.found.jakduk.account", email));
 
+			UserOnAuthentication user = oUser.get();
+
 			if (! user.getProviderId().equals(CoreConst.ACCOUNT_TYPE.JAKDUK))
-				throw new ServiceException(ServiceExceptionCode.NOT_FOUND_JAKDUK_ACCOUNT,
+				throw new ServiceException(ServiceError.NOT_FOUND_ACCOUNT,
 						CoreUtils.getExceptionMessage("exception.not.jakduk.user", email, user.getProviderId()));
 
 			log.debug("Jakduk user=" + user);

api/src/main/java/com/jakduk/api/configuration/authentication/SocialDetailService.java

@@ -2,6 +2,9 @@
 
 import com.jakduk.api.common.util.UserUtils;
 import com.jakduk.api.configuration.authentication.user.SocialUserDetail;
+import com.jakduk.core.common.util.CoreUtils;
+import com.jakduk.core.exception.ServiceError;
+import com.jakduk.core.exception.ServiceException;
 import com.jakduk.core.model.simple.UserOnAuthentication;
 import com.jakduk.core.repository.user.UserRepository;
 import lombok.extern.slf4j.Slf4j;
@@ -12,6 +15,7 @@
 import org.springframework.stereotype.Component;
 
 import java.util.Objects;
+import java.util.Optional;
 
 /**
  * @author pyohwan
@@ -31,10 +35,13 @@ public UserDetails loadUserByUsername(String email) throws UsernameNotFoundExcep
         if (Objects.isNull(email)) {
             throw new IllegalArgumentException("email 는 꼭 필요한 값입니다.");
         } else {
-            UserOnAuthentication user = userRepository.findAuthUserByEmail(email);
+			Optional<UserOnAuthentication> oUser = userRepository.findAuthUserByEmail(email);
 
-            if (Objects.isNull(user))
-                throw new UsernameNotFoundException("로그인 할 사용자 데이터가 존재하지 않습니다. email=" + email);
+            if (! oUser.isPresent())
+                throw new ServiceException(ServiceError.NOT_FOUND_ACCOUNT,
+                        CoreUtils.getExceptionMessage("exception.not.found.jakduk.account", email));
+
+            UserOnAuthentication user = oUser.get();
 
             log.debug("user=" + user);
 

api/src/main/java/com/jakduk/api/configuration/authentication/handler/RestAccessDeniedHandler.java

@@ -2,7 +2,7 @@
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.jakduk.api.restcontroller.exception.ApiRestErrorResponse;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.service.CommonService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.AccessDeniedException;
@@ -33,7 +33,7 @@ public void handle(HttpServletRequest request, HttpServletResponse response, Acc
         response.setStatus(HttpServletResponse.SC_FORBIDDEN);
         response.setCharacterEncoding("utf-8");
 
-        ApiRestErrorResponse error = new ApiRestErrorResponse(ServiceExceptionCode.UNAUTHORIZED_ACCESS);
+        ApiRestErrorResponse error = new ApiRestErrorResponse(ServiceError.UNAUTHORIZED_ACCESS);
         String errorJson = new ObjectMapper().writeValueAsString(error);
 
         PrintWriter out = response.getWriter();

api/src/main/java/com/jakduk/api/configuration/authentication/handler/RestAuthenticationEntryPoint.java

@@ -1,10 +1,11 @@
 package com.jakduk.api.configuration.authentication.handler;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
 import com.jakduk.api.restcontroller.exception.ApiRestErrorResponse;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.common.util.ObjectMapperUtils;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.service.CommonService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.stereotype.Component;
@@ -29,12 +30,21 @@ public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {
     @Override
     public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
 
+        ServiceError serviceError = ServiceError.NEED_TO_LOGIN;
+        ApiRestErrorResponse apiRestErrorResponse;
+
+        if (authException.getClass().isAssignableFrom(BadCredentialsException.class)) {
+            serviceError = ServiceError.BAD_CREDENTIALS;
+            apiRestErrorResponse = new ApiRestErrorResponse(serviceError);
+        } else {
+            apiRestErrorResponse = new ApiRestErrorResponse(serviceError.getCode(), authException.getLocalizedMessage());
+        }
+
         response.setContentType("application/json");
-        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        response.setStatus(serviceError.getHttpStatus());
         response.setCharacterEncoding("utf-8");
 
-        ApiRestErrorResponse error = new ApiRestErrorResponse(ServiceExceptionCode.NEED_TO_LOGIN);
-        String errorJson = new ObjectMapper().writeValueAsString(error);
+        String errorJson = ObjectMapperUtils.getObjectMapper().writeValueAsString(apiRestErrorResponse);
 
         PrintWriter out = response.getWriter();
         out.print(errorJson);

api/src/main/java/com/jakduk/api/controller/GalleryController.java

@@ -2,7 +2,7 @@
 
 import com.jakduk.core.common.CoreConst;
 import com.jakduk.core.exception.ServiceException;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.model.db.Gallery;
 import com.jakduk.core.service.GalleryService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -41,7 +41,7 @@ public void getGallery(@PathVariable String id,	HttpServletResponse response) {
 		try {
 			byteStream.writeTo(response.getOutputStream());
 		} catch (IOException e) {
-			throw new ServiceException(ServiceExceptionCode.NOT_FOUND_GALLERY, e);
+			throw new ServiceException(ServiceError.NOT_FOUND_GALLERY, e);
 		}
 	}
 
@@ -57,7 +57,7 @@ public void getGalleyThumbnail(@PathVariable String id, HttpServletResponse resp
 		try {
 			byteStream.writeTo(response.getOutputStream());
 		} catch (IOException e) {
-			throw new ServiceException(ServiceExceptionCode.NOT_FOUND_GALLERY, e);
+			throw new ServiceException(ServiceError.NOT_FOUND_GALLERY, e);
 		}
 	}
 }

api/src/main/java/com/jakduk/api/restcontroller/admin/AdminRestController.java

@@ -6,7 +6,7 @@
 import com.jakduk.api.restcontroller.vo.HomeDescriptionRequest;
 import com.jakduk.api.restcontroller.vo.LeagueAttendanceForm;
 import com.jakduk.core.common.CoreConst;
-import com.jakduk.core.exception.ServiceExceptionCode;
+import com.jakduk.core.exception.ServiceError;
 import com.jakduk.core.exception.ServiceException;
 import com.jakduk.core.model.db.*;
 import com.jakduk.core.model.embedded.LocalName;