From 9bf5b563504fdc08e398a0c2e14824c53b78a329 Mon Sep 17 00:00:00 2001 From: jaewohong Date: Mon, 8 Dec 2025 11:28:22 +0900 Subject: [PATCH 1/8] =?UTF-8?q?persistent-store-type=EC=9D=84=20memory?= =?UTF-8?q?=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- WebContent/WEB-INF/weblogic.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WebContent/WEB-INF/weblogic.xml b/WebContent/WEB-INF/weblogic.xml index 44b772f..71b418f 100644 --- a/WebContent/WEB-INF/weblogic.xml +++ b/WebContent/WEB-INF/weblogic.xml @@ -6,7 +6,7 @@ 1800 JSESSIONID_EMS - none + memory From 332797bacb05b45138a3f2ca36aca11642a2b499 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Tue, 30 Dec 2025 14:03:19 +0900 Subject: [PATCH 2/8] =?UTF-8?q?verifyClient=EC=97=90=EC=84=9C=20client=20s?= =?UTF-8?q?ecret=20=EA=B2=80=EC=A6=9D=20=EC=B6=94=EA=B0=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../custom/KjbMGOAuth2Controller.java | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java index 00781b8..9f376ea 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java @@ -92,7 +92,7 @@ public class KjbMGOAuth2Controller { } ClientDetails clientDetails = OAuth2Manager.getInstance().getClientDeatilsStore().get(clientId); - verifyClient(clientDetails, clientId, scopeSet); + verifyClient(clientDetails, clientId, clientSecret, scopeSet); String traceId = UUID.randomUUID().toString().replace("-", ""); response.setHeader(HEADER_TRACEID, traceId); @@ -139,7 +139,7 @@ public class KjbMGOAuth2Controller { } } - private void verifyClient(ClientDetails clientDetails, String clientId, Set scopeSet) + private void verifyClient(ClientDetails clientDetails, String clientId, String clientSecret, Set scopeSet) throws JwtAuthException { if (StringUtils.isBlank(clientId)) { @@ -148,13 +148,24 @@ public class KjbMGOAuth2Controller { "Invalid Mandatory Field {client_id}"); } - if (clientDetails == null) { throw new JwtAuthException( String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_ACCESS_TOKEN, "00"), "Unauthorized. [client not found]"); } + if (StringUtils.isBlank(clientSecret)) { + throw new JwtAuthException( + String.format("%d%s%s", HttpStatus.BAD_REQUEST.value(), SERVICE_CODE_ACCESS_TOKEN, "02"), + "Invalid Mandatory Field {client_secret}"); + } + + if (StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { + throw new JwtAuthException( + String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_ACCESS_TOKEN, "00"), + "Unauthorized. [Bad client credentials(Client Secret is not match)]"); + } + if (scopeSet.isEmpty()) { throw new JwtAuthException( String.format("%d%s%s", HttpStatus.BAD_REQUEST.value(), SERVICE_CODE_ACCESS_TOKEN, "02"), From 9a0d035005e643b79a9c329c526b2bee0a4e340f Mon Sep 17 00:00:00 2001 From: jaewohong Date: Wed, 31 Dec 2025 09:49:09 +0900 Subject: [PATCH 3/8] to make git index sync --- WebContent/WEB-INF/properties/env.D.properties | 1 - 1 file changed, 1 deletion(-) diff --git a/WebContent/WEB-INF/properties/env.D.properties b/WebContent/WEB-INF/properties/env.D.properties index f73d61a..0bd3db5 100644 --- a/WebContent/WEB-INF/properties/env.D.properties +++ b/WebContent/WEB-INF/properties/env.D.properties @@ -20,4 +20,3 @@ eai.systemmode=D eai.systemtype=API eai.tableowner=AGWADM eai.server.extractor=[0,2],[0,2],[-2] - From d6d4770655b4d9564f1508faf9bce955b40a8bf8 Mon Sep 17 00:00:00 2001 From: jaewohong Date: Wed, 31 Dec 2025 09:53:15 +0900 Subject: [PATCH 4/8] TO MAKE GIT INDEX SYNC --- .../com/eactive/eai/adapter/service/ApiAdapterService.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java b/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java index 6ce7b1b..cc8da25 100644 --- a/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java +++ b/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java @@ -141,6 +141,8 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { case PUT: if (StringUtils.contains(request.getContentType(), "application/x-www-form-urlencoded")) { isParameterType = true; + } else if (request.getContentType() == null || request.getContentType().isEmpty()) { // jwhong + isParameterType = true; } else { isParameterType = false; } @@ -480,7 +482,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { e.printStackTrace(); logger.error("HttpClientAdapterServiceRest] AES128 Decryption error=" + e.getMessage()); } - break; + break; case "AES128-TOGETHER": try { String key128 = clientSecretKey.substring(44,60); //togetherEncoder 경우는 substring(44,60) 이네?? From ca578388110838087eb740ea6dd2d74683413c5d Mon Sep 17 00:00:00 2001 From: jaewohong Date: Fri, 2 Jan 2026 09:31:18 +0900 Subject: [PATCH 5/8] =?UTF-8?q?=EB=B3=B5=ED=98=B8=ED=99=94=20=EC=97=90?= =?UTF-8?q?=EB=9F=AC=EB=A9=94=EC=8B=9C=EC=A7=80=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../adapter/service/ApiAdapterService.java | 43 +++++++++++-------- 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java b/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java index a70dbd5..1f7be85 100644 --- a/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java +++ b/src/main/java/com/eactive/eai/adapter/service/ApiAdapterService.java @@ -346,7 +346,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { // jwhong decrypt - private String doPreDecryption(String eaiBody, Properties transactionProp, HttpServletRequest request) { + private String doPreDecryption(String eaiBody, Properties transactionProp, HttpServletRequest request) throws Exception { String decryptAlgorithm = transactionProp.getProperty(ENCRYPT_ALGORITHM, ""); String xElinkClientId = transactionProp.getProperty(HEADER_NAME_CLIENT_ID, ""); // 이 값이 OAuth의 client id 값이다 . http header 에 포함되어 온다. jwhong String encryptBaseKeyType = transactionProp.getProperty(ENCRYPT_BASE_TYPE); @@ -381,6 +381,11 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { byte[] decryptedMessage = null; decryptedMessage = doInboundPreDecrypt(eaiBody, decryptAlgorithm,clientSecret,secretAES256Iv, secretAES256Key ); + if (decryptedMessage == null) { + throw new Exception("[HttpClient5AdapterServiceRest] Decrypt Error : Invalid encrypted message"); + } + + String resultMessage = new String(decryptedMessage, StandardCharsets.UTF_8 ); return resultMessage; //return new String(decryptedMessage, StandardCharsets.UTF_8 ); @@ -453,25 +458,28 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { } - private byte[] doInboundPreDecrypt(String eaiStringBody, String decryptAlgorithm, String clientSecretKey, String secretAES256Iv, String secretAES256Key) { + private byte[] doInboundPreDecrypt(String eaiStringBody, String decryptAlgorithm, String clientSecretKey, String secretAES256Iv, String secretAES256Key) throws Exception { byte[] decryptedMessage = null; //String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8); eaiStringBody = extractBodyMsg(decryptAlgorithm, eaiStringBody); + if (eaiStringBody == null) { + throw new Exception("[HttpClient5AdapterServiceRest] Cannot decrypt Error : input is plain text"); + } + //test source - //System.out.println("eaiBody 바이트 배열 길이: " + eaiBody.length); - System.out.println("Base64 문자열: " + eaiStringBody); - System.out.println("Base64 문자열 길이: " + eaiStringBody.length()); - System.out.println("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10)); + logger.debug("Base64 문자열: " + eaiStringBody); + logger.debug("Base64 문자열 길이: " + eaiStringBody.length()); + logger.debug("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10)); // Base64 디코딩 테스트 try { byte[] decoded = Base64.getDecoder().decode(eaiStringBody); - System.out.println("디코딩 성공, 길이: " + decoded.length); + logger.debug("디코딩 성공, 길이: " + decoded.length); } catch (IllegalArgumentException e) { - System.out.println("Base64 디코딩 실패: " + e.getMessage()); + logger.debug("Base64 디코딩 실패: " + e.getMessage()); } // end test source @@ -586,12 +594,12 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { try { JSONParser parser = new JSONParser(); JSONObject jsonObject = (JSONObject) parser.parse(eaiStringBody); - decryptedBodyMessage = (String) jsonObject.get(decryptedJsonKey); + decryptedBodyMessage = (String) jsonObject.get(decryptedJsonKey); } catch (Exception e) { e.printStackTrace(); logger.error("HttpClient5AdapterServiceRest] extractBodyMsg error : " + e.getMessage()); } - + return decryptedBodyMessage; } @@ -602,17 +610,16 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { //String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8); //test source - //System.out.println("eaiBody 바이트 배열 길이: " + eaiBody.length); - System.out.println("Base64 문자열: " + eaiStringBody); - System.out.println("Base64 문자열 길이: " + eaiStringBody.length()); - System.out.println("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10)); + logger.debug("Base64 문자열: " + eaiStringBody); + logger.debug("Base64 문자열 길이: " + eaiStringBody.length()); + logger.debug("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10)); // Base64 디코딩 테스트 try { byte[] decoded = Base64.getDecoder().decode(eaiStringBody); - System.out.println("디코딩 성공, 길이: " + decoded.length); + logger.debug("디코딩 성공, 길이: " + decoded.length); } catch (IllegalArgumentException e) { - System.out.println("Base64 디코딩 실패: " + e.getMessage()); + logger.debug("Base64 디코딩 실패: " + e.getMessage()); } // end test source @@ -705,7 +712,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { logger.error(e.getMessage()); } - System.out.println("Token is: " + Token); + logger.debug("Token is: " + Token); return Token; } @@ -721,7 +728,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport { tokenClientId = ""; } - System.out.println("Token Client ID: " + tokenClientId); + logger.debug("Token Client ID: " + tokenClientId); return tokenClientId; } From cebb12c511194329f723e4a123a61cce91228252 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Fri, 2 Jan 2026 11:32:22 +0900 Subject: [PATCH 6/8] =?UTF-8?q?Path=20Variable=EC=B2=98=EB=A6=AC,=20API?= =?UTF-8?q?=EC=8B=9D=EB=B3=84=EB=B0=A9=EC=8B=9D=20=EB=B3=80=EA=B2=BD(DAO->?= =?UTF-8?q?STDMessageManager)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/ApiAdapterController.java | 36 ++++++++++++------- 1 file changed, 23 insertions(+), 13 deletions(-) diff --git a/src/main/java/com/eactive/eai/adapter/controller/ApiAdapterController.java b/src/main/java/com/eactive/eai/adapter/controller/ApiAdapterController.java index 6d8d7db..11feef8 100644 --- a/src/main/java/com/eactive/eai/adapter/controller/ApiAdapterController.java +++ b/src/main/java/com/eactive/eai/adapter/controller/ApiAdapterController.java @@ -11,6 +11,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.util.AntPathMatcher; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -27,8 +28,8 @@ import com.eactive.eai.adapter.service.ApiAdapterService; import com.eactive.eai.common.TransactionContextKeys; import com.eactive.eai.common.exception.ExceptionUtil; import com.eactive.eai.common.server.EAIServerManager; -import com.eactive.eai.common.stdmessage.STDMessageDAO; -import com.eactive.eai.common.util.ApplicationContextProvider; +import com.eactive.eai.common.stdmessage.STDMessageManager; +import com.eactive.eai.common.stdmessage.STDMsgInfoAddOnVO; import com.eactive.eai.common.util.DatetimeUtil; import com.eactive.eai.common.util.InboundErrorLogger; import com.eactive.eai.common.util.Logger; @@ -40,7 +41,6 @@ import com.eactive.eai.inbound.error.InboundErrorInfoVO; import org.json.simple.JSONObject; import java.util.HashMap; import java.util.Map; -import com.eactive.eai.data.entity.onl.stdmessage.StandardMessageInfo; @RestController public class ApiAdapterController implements HttpAdapterServiceKey { @@ -65,16 +65,24 @@ public class ApiAdapterController implements HttpAdapterServiceKey { //** jwhong TSEAIHS04의 api full path와 비교하여 adapter를 가져온다 String methodAndUri = servletRequest.getMethod() + "|" + apiUri; HttpDynamicInAdapterUri adptUri = null; - String adapterGrpName =""; - String apiSvcCode = ""; + String bzwkSvcKeyName = ""; // Adapter Group별 Action Class에 따라 구성이 달라짐. 예) _AGW_IN_RST_SyS:POST/account/{acc_no} + String adapterGrpName = ""; // Adapter Group명 예) _AGW_IN_RST_SyS : API_PATH(/api/test) + String apiSvcCode = ""; // eaiSvcCd 예) LONNCHCON00005S2 + String apiFullPathKey = ""; // 예) POST|/api/test/account/list, POST|/api/test/account/{acc_no} + Map pathVariables = null; try { - STDMessageDAO dao = ApplicationContextProvider.getContext().getBean(STDMessageDAO.class); - StandardMessageInfo stdInfo = dao.getSTDMsgByPath(methodAndUri); - String serviceKey = stdInfo.getBzwksvckeyname(); - int idx = serviceKey.indexOf(":"); - adapterGrpName = (idx != -1) ? serviceKey.substring(0, idx) : serviceKey; // ':' 이전 문자열 추출 - apiSvcCode = stdInfo.getEaisvcname(); - //아래 원래 Logic + // PathVariable(ex:/api/test/account/{acc_no}) 대응 및 DAO조회 제거. + // /api/test/account/1234567 호출시 /api/test/account/{acc_no} API 로 식별. + STDMessageManager manager = STDMessageManager.getInstance(); + STDMsgInfoAddOnVO stdMsgInfo = manager.getStdMsgInfoAddOn(methodAndUri); + bzwkSvcKeyName = stdMsgInfo.getBzwksvckeyname(); + apiSvcCode = stdMsgInfo.getEaiSvcCd(); + adapterGrpName = stdMsgInfo.gAdapterGroupName(); + apiFullPathKey = stdMsgInfo.getApiFullPath(); + if (STDMessageManager.isPathVariable(apiFullPathKey)) { + pathVariables = new AntPathMatcher().extractUriTemplateVariables(apiFullPathKey, methodAndUri); + } + adptUri = findAdptUri(apiUri, HttpDynamicInAdapterManager.getInstance(), adapterGrpName); } catch (Exception e) { adptUri = null; @@ -121,6 +129,9 @@ public class ApiAdapterController implements HttpAdapterServiceKey { // jwhong, put api received time, eaiSvcCode transactionProp.put(INBOUND_REQUESTED_TIME, receivedTimeStr); transactionProp.put(API_SERVICE_CODE, apiSvcCode); + if (pathVariables != null) { + transactionProp.put(INBOUND_PATH_VARIABLES, pathVariables); + } try { String responseData = service.callApi(servletRequest, servletResponse, httpProp, adapterGroupVO, adapterVO, transactionProp); @@ -206,7 +217,6 @@ public class ApiAdapterController implements HttpAdapterServiceKey { // - for (int i = 0; i < 10; i++) { HttpDynamicInAdapterUri adptUri = manager.getAdptUri(apiUri); if (adptUri != null) { From 1057adf4ef98d6f78d8f6d35c7053c1b275337b9 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Fri, 2 Jan 2026 13:49:28 +0900 Subject: [PATCH 7/8] =?UTF-8?q?=ED=86=A0=ED=81=B0=EB=B0=9C=EA=B8=89=20?= =?UTF-8?q?=EC=98=A4=ED=83=80=EC=88=98=EC=A0=95.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../eactive/eai/authserver/custom/KjbMGOAuth2Controller.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java index 9f376ea..b151ac3 100644 --- a/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java +++ b/src/main/java/com/eactive/eai/authserver/custom/KjbMGOAuth2Controller.java @@ -160,7 +160,7 @@ public class KjbMGOAuth2Controller { "Invalid Mandatory Field {client_secret}"); } - if (StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { + if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { throw new JwtAuthException( String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_ACCESS_TOKEN, "00"), "Unauthorized. [Bad client credentials(Client Secret is not match)]"); From d9d30bfb44a2e55aa88fa40c99b0ff307c96c7b3 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Mon, 5 Jan 2026 08:55:14 +0900 Subject: [PATCH 8/8] =?UTF-8?q?properties=20=EC=B2=98=EB=A6=AC=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../client/filter/AsyncReponseFilter.java | 41 ++++++++++++++----- 1 file changed, 30 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/eactive/eai/custom/kjb/adapter/http/client/filter/AsyncReponseFilter.java b/src/main/java/com/eactive/eai/custom/kjb/adapter/http/client/filter/AsyncReponseFilter.java index a381f31..01eeb53 100644 --- a/src/main/java/com/eactive/eai/custom/kjb/adapter/http/client/filter/AsyncReponseFilter.java +++ b/src/main/java/com/eactive/eai/custom/kjb/adapter/http/client/filter/AsyncReponseFilter.java @@ -6,8 +6,6 @@ import java.util.TreeMap; import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey; import com.eactive.eai.common.TransactionContextKeys; -import com.eactive.eai.common.property.PropGroupVO; -import com.eactive.eai.common.property.PropManager; import com.eactive.eai.common.util.Logger; @@ -22,7 +20,6 @@ public class AsyncReponseFilter implements HttpClientAdapterFilter, HttpAdapterS throws Exception { logger.debug("AsyncReponseFilter] PreFilter Processing Start!!"); - Object returnMessage = message; String traceId = tempProp.getProperty(TransactionContextKeys.TRANSACTION_UUID, ""); Properties filterHeaders = (Properties) tempProp.get("FILTERHEADER"); @@ -31,13 +28,7 @@ public class AsyncReponseFilter implements HttpClientAdapterFilter, HttpAdapterS tempProp.put("FILTERHEADER", filterHeaders); } try { - Properties inboundHeader = (Properties)tempProp.get(INBOUND_HEADER); - Map inboundHeaderMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER); - - // Properties 내용을 모두 복사 - for (String name : inboundHeader.stringPropertyNames()) { - inboundHeaderMap.put(name, inboundHeader.getProperty(name)); - } + Map inboundHeaderMap = getInboundHeaderProp(tempProp); if (!inboundHeaderMap.isEmpty()) { if (inboundHeaderMap.containsKey(X_TRACE_ID)) { @@ -52,7 +43,35 @@ public class AsyncReponseFilter implements HttpClientAdapterFilter, HttpAdapterS logger.error(e.getMessage()); } - return returnMessage; + return message; + } + + public Map getInboundHeaderProp(Properties prop) { + Properties header = new Properties(); + Map inboundHeaderMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER); + try { + Object headerObj = prop.get(HttpAdapterServiceKey.INBOUND_HEADER); + if (headerObj instanceof Properties) { //tomcat + header = (Properties) headerObj; + for (String name : header.stringPropertyNames()) { + inboundHeaderMap.put(name, header.getProperty(name)); + } + } else if (headerObj instanceof String) { //weblogic + String str = (String) headerObj; + str = str.substring(1, str.length() - 1); + // key=value 쌍 분리 + String[] entries = str.split(","); + for (String entry : entries) { + String[] kv = entry.split("=", 2); + if (kv.length == 2) { + inboundHeaderMap.put(kv[0].trim(), kv[1].trim()); + } + } + } + } catch (Exception e) { + e.printStackTrace(); + } + return inboundHeaderMap; } @Override