feat: API 예외 처리 및 오류 응답 형식 표준화
- Spring @ControllerAdvice를 사용하여 예외 처리 로직 중앙화 - 4xx, 5xx 오류에 대한 일관된 JSON 응답 형식 적용 - elink-online-common MessageUtil 클래스에 makeJsonErrorMessage 메소드 수정
This commit is contained in:
@@ -1,14 +1,11 @@
|
||||
package com.eactive.eai.authserver.custom;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.KeyFactory;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.Principal;
|
||||
import java.security.PublicKey;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.Signature;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.Base64;
|
||||
import java.util.HashMap;
|
||||
@@ -39,7 +36,6 @@ import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.JwtAuthException;
|
||||
import com.eactive.eai.authserver.config.IssueLimitOAuth2Exception;
|
||||
import com.eactive.eai.authserver.config.AuthorizationServerConfig;
|
||||
import com.eactive.eai.authserver.config.RequestContextData;
|
||||
import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO;
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
@@ -48,8 +44,10 @@ import com.eactive.eai.authserver.vo.ClientVO;
|
||||
import com.eactive.eai.common.dao.DAOException;
|
||||
import com.eactive.eai.common.logger.EAIDBLogControl;
|
||||
import com.eactive.eai.common.util.Logger;
|
||||
import com.eactive.eai.common.util.MessageUtil;
|
||||
import com.eactive.eai.common.util.UUID;
|
||||
import com.eactive.eai.data.entity.onl.authserver.TokenIssuanceLog;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
|
||||
@Controller
|
||||
public class KjbMGOAuth2Controller {
|
||||
@@ -63,7 +61,7 @@ public class KjbMGOAuth2Controller {
|
||||
|
||||
@RequestMapping(value = "/mapi/oauth2/token", method = RequestMethod.POST, produces = "application/json; charset=\"UTF-8\"")
|
||||
@ResponseBody
|
||||
public KjbMGOAuth2AccessTokenResponse token(@RequestBody KjbMGOAuth2AccessTokenRequest tokenRequest,
|
||||
public ResponseEntity<String> token(@RequestBody KjbMGOAuth2AccessTokenRequest tokenRequest,
|
||||
HttpServletRequest request, HttpServletResponse response) {
|
||||
if (logger.isDebug()) {
|
||||
logger.debug(tokenRequest.toString());
|
||||
@@ -96,7 +94,7 @@ public class KjbMGOAuth2Controller {
|
||||
ClientDetails clientDetails = OAuth2Manager.getInstance().getClientDeatilsStore().get(clientId);
|
||||
verifyClient(clientDetails, clientId, scopeSet);
|
||||
|
||||
String traceId = UUID.randomUUID().toString().replace("-", "");
|
||||
String traceId = UUID.randomUUID().toString().replace("-", "");
|
||||
response.setHeader(HEADER_TRACEID, traceId);
|
||||
|
||||
HashMap<String, String> authorizationParameters = new HashMap<String, String>();
|
||||
@@ -123,19 +121,22 @@ public class KjbMGOAuth2Controller {
|
||||
responseToken.setExpiresOn(System.currentTimeMillis() + (token.getExpiresIn() * 1000));
|
||||
responseToken.setScope(tokenRequest.getScope());
|
||||
responseToken.setResource(tokenRequest.getResource());
|
||||
|
||||
// 성공 시 JSON 문자열로 변환하여 반환
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
String successJson = mapper.writeValueAsString(responseToken);
|
||||
return ResponseEntity.ok(successJson);
|
||||
|
||||
} catch (JwtAuthException e) {
|
||||
response.setStatus(NumberUtils.toInt(StringUtils.left(e.getCode(), 3), HttpStatus.UNAUTHORIZED.value()));
|
||||
responseToken.setResponseCode(e.getCode());
|
||||
responseToken.setResponseMessage(e.getMessage());
|
||||
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, e.getMessage());
|
||||
int statusCode = NumberUtils.toInt(StringUtils.left(e.getCode(), 3), HttpStatus.UNAUTHORIZED.value());
|
||||
return ResponseEntity.status(statusCode).body(errorJson);
|
||||
|
||||
} catch (Exception e) {
|
||||
logger.error(e.getMessage());
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
responseToken.setResponseCode(
|
||||
String.format("%d%s%s", HttpStatus.UNAUTHORIZED.value(), SERVICE_CODE_ACCESS_TOKEN, "00"));
|
||||
responseToken.setResponseMessage("Unauthorized. [Unknown]");
|
||||
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, "Unauthorized. [Unknown]");
|
||||
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(errorJson);
|
||||
}
|
||||
|
||||
return responseToken;
|
||||
}
|
||||
|
||||
private void verifyClient(ClientDetails clientDetails, String clientId, Set<String> scopeSet)
|
||||
|
||||
Reference in New Issue
Block a user