From 4debc31d9ec04cbf8f411a3ef4a50e187b52bd9a Mon Sep 17 00:00:00 2001 From: kssumin <201566@jnu.ac.kr> Date: Sun, 8 Oct 2023 05:35:43 +0900 Subject: [PATCH 1/4] =?UTF-8?q?fix=20:=20security=20=EC=9D=98=EC=A1=B4=20?= =?UTF-8?q?=EB=A9=94=EC=84=9C=EB=93=9C=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/domain/service/LoginUserService.java | 6 +-- .../kakao/golajuma/config/SecurityConfig.java | 43 ------------------- 2 files changed, 3 insertions(+), 46 deletions(-) delete mode 100644 src/main/java/com/kakao/golajuma/config/SecurityConfig.java diff --git a/src/main/java/com/kakao/golajuma/auth/domain/service/LoginUserService.java b/src/main/java/com/kakao/golajuma/auth/domain/service/LoginUserService.java index 30822c6..f468542 100644 --- a/src/main/java/com/kakao/golajuma/auth/domain/service/LoginUserService.java +++ b/src/main/java/com/kakao/golajuma/auth/domain/service/LoginUserService.java @@ -1,6 +1,7 @@ package com.kakao.golajuma.auth.domain.service; import com.kakao.golajuma.auth.domain.exception.NotFoundException; +import com.kakao.golajuma.auth.domain.helper.Encoder; import com.kakao.golajuma.auth.domain.token.TokenProvider; import com.kakao.golajuma.auth.domain.token.TokenResolver; import com.kakao.golajuma.auth.infra.entity.UserEntity; @@ -9,7 +10,6 @@ import com.kakao.golajuma.auth.web.dto.request.LoginUserRequest; import com.kakao.golajuma.auth.web.dto.response.TokenResponse; import lombok.RequiredArgsConstructor; -import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -20,10 +20,10 @@ public class LoginUserService { private final TokenProvider tokenProvider; private final UserRepository userRepository; - private final PasswordEncoder passwordEncoder; private final TokenConverter tokenConverter; private final TokenResolver tokenResolver; private final TokenService tokenService; + private final Encoder encoder; @Transactional public TokenResponse execute(final LoginUserRequest request) { @@ -50,6 +50,6 @@ private void validPassword(final String requestPassword, final UserEntity userEn } private boolean matchPassword(final String requestPassword, final String password) { - return passwordEncoder.matches(requestPassword, password); + return encoder.matches(requestPassword, password); } } diff --git a/src/main/java/com/kakao/golajuma/config/SecurityConfig.java b/src/main/java/com/kakao/golajuma/config/SecurityConfig.java deleted file mode 100644 index 8a24b94..0000000 --- a/src/main/java/com/kakao/golajuma/config/SecurityConfig.java +++ /dev/null @@ -1,43 +0,0 @@ -package com.kakao.golajuma.config; - -import lombok.RequiredArgsConstructor; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.crypto.factory.PasswordEncoderFactories; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.web.SecurityFilterChain; - -@Configuration -@RequiredArgsConstructor -@EnableWebSecurity -public class SecurityConfig { - private final AuthenticationConfiguration authenticationConfiguration; - - @Bean - public PasswordEncoder passwordEncoder() { - return PasswordEncoderFactories.createDelegatingPasswordEncoder(); - } - - @Bean - public AuthenticationManager authenticationManager() throws Exception { - return authenticationConfiguration.getAuthenticationManager(); - } - - @Bean - public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http.csrf().disable(); - http.formLogin().disable(); - http.httpBasic().disable(); - http.cors(); - http.authorizeRequests().antMatchers(HttpMethod.POST, "/users/auth/**").permitAll(); - - http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); - return http.build(); - } -} From 0e88a41cdb92954dc9a8bb558d9d3bde97a28148 Mon Sep 17 00:00:00 2001 From: kssumin <201566@jnu.ac.kr> Date: Sun, 8 Oct 2023 05:39:58 +0900 Subject: [PATCH 2/4] =?UTF-8?q?fix=20:=20lint=20ci=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/lint.yml | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 .github/workflows/lint.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml deleted file mode 100644 index 985e218..0000000 --- a/.github/workflows/lint.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: lint - -on: - pull_request: - branches: [ '**' ] - -jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Set up JDK 17 - uses: actions/setup-java@v1 - with: - java-version: 17 - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - - name: Test with Spotless - run: ./gradlew --info :app:spotlessJavaCheck \ No newline at end of file From 6f0307756aa58558504452c6c680de7f2338b7c2 Mon Sep 17 00:00:00 2001 From: kssumin <201566@jnu.ac.kr> Date: Sun, 8 Oct 2023 05:42:41 +0900 Subject: [PATCH 3/4] =?UTF-8?q?fix=20:=20build=20ci=20=EC=97=90=EB=9F=AC?= =?UTF-8?q?=20=ED=95=B4=EA=B2=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 49 ++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f264046..db46b34 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,37 +1,38 @@ -name: ci +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle + +name: Java CI with Gradle on: + push: + branches: ["weekly"] pull_request: - branches: - - weekly # 'weekly' 브랜치로 PR이 생성될 때만 실행 + branches: ["weekly" ] + +permissions: + contents: read jobs: build: + runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v2 - + - uses: actions/checkout@v3 - name: Set up JDK 17 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '17' - distribution: 'adopt' - - - name: Cache Gradle dependencies - uses: actions/cache@v2 + distribution: 'temurin' + - name: init with Gradle + uses: gradle/gradle-build-action@v2 + - run: gradle init + - name: Build with Gradle + uses: gradle/gradle-build-action@v2 with: - path: ~/.gradle/caches - key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }} - restore-keys: ${{ runner.os }}-gradle - - - name: Build and Test - run: ./gradlew clean build - - name: Run Spring Boot App for 30 seconds - run: | - ./gradlew bootRun & - APP_PID=$! - sleep 30 - kill $APP_PID - continue-on-error: false \ No newline at end of file + gradle-version: 7.5.1 + arguments: build \ No newline at end of file From 31f1e065d458d015ea0244c42735e1b89aabcfa9 Mon Sep 17 00:00:00 2001 From: kssumin <201566@jnu.ac.kr> Date: Sun, 8 Oct 2023 05:47:26 +0900 Subject: [PATCH 4/4] =?UTF-8?q?fix=20:=20build=20ci=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci.yml | 38 -------------------------------------- 1 file changed, 38 deletions(-) delete mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index db46b34..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,38 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. -# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time -# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle - -name: Java CI with Gradle - -on: - push: - branches: ["weekly"] - pull_request: - branches: ["weekly" ] - -permissions: - contents: read - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - name: Set up JDK 17 - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - name: init with Gradle - uses: gradle/gradle-build-action@v2 - - run: gradle init - - name: Build with Gradle - uses: gradle/gradle-build-action@v2 - with: - gradle-version: 7.5.1 - arguments: build \ No newline at end of file