[FEAT] 네이버 소셜 로그인 구현 #36
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| package com.talkka.server.oauth.controller; | ||
|
|
||
| import org.springframework.security.core.annotation.AuthenticationPrincipal; | ||
| import org.springframework.stereotype.Controller; | ||
| import org.springframework.ui.Model; | ||
| import org.springframework.web.bind.annotation.GetMapping; | ||
|
|
||
| import com.talkka.server.oauth.domain.OAuth2UserInfo; | ||
|
|
||
| // 인증 테스트를 위한 임시 컨트롤러 | ||
| @Controller | ||
| public class BaseController { | ||
| @GetMapping("/") | ||
| public String authIndex(Model model, @AuthenticationPrincipal OAuth2UserInfo userInfo) { | ||
| model.addAttribute("name", userInfo.getName()); | ||
| model.addAttribute("email", userInfo.getEmail()); | ||
| model.addAttribute("nickname", userInfo.getNickName()); | ||
| model.addAttribute("oauth2Id", userInfo.getOAuth2Id()); | ||
| model.addAttribute("provider", userInfo.getProvider()); | ||
| model.addAttribute("accessToken", userInfo.getAccessToken()); | ||
| return "index"; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| package com.talkka.server.oauth.domain; | ||
|
|
||
| import java.util.Collection; | ||
| import java.util.Map; | ||
|
|
||
| import org.springframework.security.core.GrantedAuthority; | ||
|
|
||
| public class NaverOAuth2User extends OAuth2UserInfo { | ||
|
|
||
| public NaverOAuth2User(Map<String, Object> attributes) { | ||
| super((Map<String, Object>)attributes.get("response")); | ||
| } | ||
|
|
||
| public NaverOAuth2User(Map<String, Object> attributes, Collection<? extends GrantedAuthority> authorities) { | ||
| super((Map<String, Object>)attributes, authorities); | ||
| } | ||
|
|
||
| @Override | ||
| public String getProvider() { | ||
| return "NAVER"; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| package com.talkka.server.oauth.domain; | ||
|
|
||
| import java.util.Collection; | ||
| import java.util.List; | ||
| import java.util.Map; | ||
|
|
||
| import org.springframework.security.core.GrantedAuthority; | ||
| import org.springframework.security.core.authority.SimpleGrantedAuthority; | ||
| import org.springframework.security.oauth2.core.user.OAuth2User; | ||
|
|
||
| public abstract class OAuth2UserInfo implements OAuth2User { | ||
|
|
||
| protected final Map<String, Object> attributes; | ||
| private final Collection<? extends GrantedAuthority> authorities; | ||
|
|
||
| public OAuth2UserInfo(Map<String, Object> attributes, Collection<? extends GrantedAuthority> authorities) { | ||
| this.attributes = attributes; | ||
| this.authorities = authorities; | ||
| } | ||
|
|
||
| // OAuth2 인증까지만 통과하면 UNREGISTERED 권한 부여 | ||
| public OAuth2UserInfo(Map<String, Object> attributes) { | ||
| this.attributes = attributes; | ||
| this.authorities = List.of(new SimpleGrantedAuthority("UNREGISTERED")); | ||
| } | ||
|
|
||
| @Override | ||
| public Map<String, Object> getAttributes() { | ||
| return attributes; | ||
| } | ||
|
|
||
| @Override | ||
| public Collection<? extends GrantedAuthority> getAuthorities() { | ||
| return authorities; | ||
| } | ||
|
|
||
| @Override | ||
| public String getName() { | ||
| return (String)attributes.get("name"); | ||
| } | ||
|
|
||
| public String getOAuth2Id() { | ||
| return (String)attributes.get("id"); | ||
| } | ||
|
|
||
| public String getEmail() { | ||
| return (String)attributes.get("email"); | ||
| } | ||
|
|
||
| public String getAccessToken() { | ||
| return (String)attributes.get("accessToken"); | ||
| } | ||
|
|
||
| public String getNickName() { | ||
| return (String)attributes.get("nickname"); | ||
| } | ||
|
Comment on lines
+38
to
+56
There was a problem hiding this comment. (String) 으로 강제 캐스팅하는 것이 꺼림칙한데, 어떤 이유가 있는지 궁금합니다
There was a problem hiding this comment. 동일한 질문입니다! There was a problem hiding this comment.
현재 OAuth2 인증객체( |
||
|
|
||
| // oauth provider 는 각 제공자 별로 구현 | ||
| public abstract String getProvider(); | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| package com.talkka.server.oauth.filter; | ||
|
|
||
| import java.io.IOException; | ||
| import java.util.Collection; | ||
|
|
||
| import org.springframework.security.core.Authentication; | ||
| import org.springframework.security.core.GrantedAuthority; | ||
| import org.springframework.security.core.context.SecurityContextHolder; | ||
|
|
||
| import jakarta.servlet.Filter; | ||
| import jakarta.servlet.FilterChain; | ||
| import jakarta.servlet.FilterConfig; | ||
| import jakarta.servlet.ServletException; | ||
| import jakarta.servlet.ServletRequest; | ||
| import jakarta.servlet.ServletResponse; | ||
| import jakarta.servlet.http.HttpServletRequest; | ||
| import jakarta.servlet.http.HttpServletResponse; | ||
|
|
||
| public class UnregisteredUserFilter implements Filter { | ||
|
|
||
| @Override | ||
| public void init(FilterConfig filterConfig) throws ServletException { | ||
| } | ||
|
|
||
| @Override | ||
| public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) | ||
| throws IOException, ServletException { | ||
| HttpServletRequest httpRequest = (HttpServletRequest)request; | ||
| HttpServletResponse httpResponse = (HttpServletResponse)response; | ||
|
|
||
| Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); | ||
|
|
||
| if (authentication != null) { | ||
| Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); | ||
| for (GrantedAuthority authority : authorities) { | ||
| if (authority.getAuthority().equals("UNREGISTERED") | ||
| && !httpRequest.getRequestURI().equals("/auth/signUp")) { | ||
| httpResponse.sendRedirect("/auth/signUp"); | ||
| return; | ||
| } | ||
| } | ||
| } | ||
|
|
||
| chain.doFilter(request, response); | ||
|
Comment on lines
+28
to
+44
There was a problem hiding this comment. final 로 Object reference 바뀌는지 안바뀌는지 확실히 해주는 것이 좋아보입니다. |
||
| } | ||
|
|
||
| @Override | ||
| public void destroy() { | ||
| } | ||
|
|
||
| } | ||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
앞으로 Session 에 저장된 유저 인가 정보를 조회할 때
@AuthenticationPrincipal을 사용하면 된다고 이해하면 될까요?그리고
OAuthUserInfo의 역할도 궁금합니다.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
저는 아직 시큐리티와 세션쪽을 잘 몰라서
@AuthenticationPrincipal외에도 세션을 관리할 수 있는 것들이 많다고 들었는데해당 어노테이션을 선택하신 이유가 궁금합니다!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@AuthenticationPrincipal를 사용해 현재 사용자의 인증 정보를 가져오는게 맞습니다.OAuthUserInfo는 인증객체 + dto 느낌으로 생각하면 될 것 같습니다.기본적인 인증 정보들과 함께 db에 보관중인 추가 정보를 넣을 수 있게
OAuth2User를 상속했습니다.SecurityContext나Authentication객체로 주입받을 경우getPrincipal()로 인증정보(OAuth2UserInfo)를 한번 더 꺼내야 하는 번거로움이 있어@AuthenticationPrincipal로OAuth2UserInfo를 직접 주입받았습니다.