KJB HMAC-SHA256 Filter 추가

This commit is contained in:
Yunsam.Eo
2025-12-12 10:02:03 +09:00
parent f52ce1fe3f
commit 0578a3e84d
@@ -40,8 +40,12 @@ public class KjbHmacSha256VerifyFilter implements HttpAdapterFilter, HttpAdapter
String xObpPartnercode = request.getHeader("x-obp-partnercode");
String xObpSignatureUrl = request.getHeader("x-obp-signature-url");
String xObpSignatureBody = request.getHeader("x-obp-signature-body");
if (StringUtils.isBlank(xObpPartnercode) || StringUtils.isBlank(xObpSignatureUrl) || StringUtils.isBlank(xObpSignatureBody)) {
throw new JwtAuthException(String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"), "Can not find mandatory Http Header");
if (StringUtils.isBlank(xObpPartnercode)
|| StringUtils.isBlank(xObpSignatureUrl)
|| StringUtils.isBlank(xObpSignatureBody)) {
throw new JwtAuthException(
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Can not find mandatory Http Header");
}
if (StringUtils.isNotBlank(prop.getProperty(INBOUND_QUERY_STRING))) {
@@ -57,13 +61,13 @@ public class KjbHmacSha256VerifyFilter implements HttpAdapterFilter, HttpAdapter
if (!StringUtils.equals(xObpSignatureUrl, macUrl)) {
throw new JwtAuthException(
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"),
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Signature verifying failed : x-obp-signature-url");
}
if (!StringUtils.equals(xObpSignatureBody, macBody)) {
throw new JwtAuthException(
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"),
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Signature verifying failed : x-obp-signature-body");
}
@@ -73,7 +77,7 @@ public class KjbHmacSha256VerifyFilter implements HttpAdapterFilter, HttpAdapter
} catch (Exception e) {
logger.error(e.getMessage());
throw new JwtAuthException(
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"),
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Signature verifying failed(unkown)");
}
@@ -92,14 +96,14 @@ public class KjbHmacSha256VerifyFilter implements HttpAdapterFilter, HttpAdapter
String clientId = assignClientId(prop, request);
if (StringUtils.isBlank(clientId)) {
throw new JwtAuthException(
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"),
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Can not find clientId info");
}
ClientVO client = (ClientVO) OAuth2Manager.getInstance().getClientDeatilsStore().get(clientId);
if (client == null) {
throw new JwtAuthException(
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_UNKNOWN, "00"),
String.valueOf(HttpStatus.UNAUTHORIZED.value()),
"Can not find client info");
}