Merge branch 'jenkins_with_weblogic' of ssh://git@192.168.240.178:18081/eapim/eapim-online.git into jenkins_with_weblogic

This commit is contained in:
pksup
2026-01-12 17:23:04 +09:00
25 changed files with 1315 additions and 403 deletions
@@ -60,7 +60,7 @@ public class ApiAdapterController implements HttpAdapterServiceKey {
String apiUri = servletRequest.getRequestURI();
// /api/v1/public/getUserInfo.svc
apiUri = StringUtils.removeStart(apiUri, servletRequest.getContextPath());
apiUri = StringUtils.removeEnd(apiUri, "/");
apiUri = StringUtils.removeEnd(apiUri, "/");
//** jwhong TSEAIHS04의 api full path와 비교하여 adapter를 가져온다
String methodAndUri = servletRequest.getMethod() + "|" + apiUri;
@@ -0,0 +1,85 @@
package com.eactive.eai.adapter.controller;
import java.io.BufferedReader;
import java.io.IOException;
import java.nio.charset.Charset;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
public class ApiRequestBodyFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain)
throws ServletException, IOException {
// 1. 필터 대상
if (!isTarget(request)) {
filterChain.doFilter(request, response);
return;
}
// 2. 요청 전문 읽기
String body = readBody(request);
if (body == null || body.isEmpty()) {
filterChain.doFilter(request, response);
return;
}
String modifiedBody = body;
try {
Object json = JSONValue.parse(body);
// 3. 예제: ROOTLESS ARRAY 보정
if (json instanceof JSONArray) {
JSONObject wrap = new JSONObject();
wrap.put("KJB_ROOTLESS_ARRAY", json);
modifiedBody = wrap.toJSONString();
}
} catch (Exception e) {
// 변조 실패 → 원본 유지
modifiedBody = body;
}
byte[] bytes = modifiedBody.getBytes(request.getCharacterEncoding() != null ? request.getCharacterEncoding() : Charset.defaultCharset().name() );
// 5. Wrapper로 재주입
HttpServletRequest wrapped =
new CachedBodyHttpServletRequest(request, bytes);
filterChain.doFilter(wrapped, response);
}
private boolean isTarget(HttpServletRequest request) {
String uri = request.getRequestURI();
return ("POST".equals(request.getMethod()) || "PUT".equals(request.getMethod()))
&& (uri.startsWith("/api") || uri.startsWith("/mapi") ) && !uri.startsWith("/mapi/oauth2/token");
}
private String readBody(HttpServletRequest request) throws IOException {
StringBuilder sb = new StringBuilder();
try (BufferedReader br = request.getReader()) {
String line;
while ((line = br.readLine()) != null) {
sb.append(line);
}
}
return sb.toString();
}
}
@@ -0,0 +1,52 @@
package com.eactive.eai.adapter.controller;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
@RestControllerAdvice
public class ApiResponseAdvice implements ResponseBodyAdvice<Object> {
@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
// TODO Auto-generated method stub
return true;
}
@Override
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request,
ServerHttpResponse response) {
if (body instanceof String) {
return removeRootlessArrayKeyFormResponseBody((String) body);
}
return body;
}
String removeRootlessArrayKeyFormResponseBody(String body) {
try {
Object root = JSONValue.parse(body);
if (root instanceof JSONObject && ((JSONObject) root).containsKey("KJB_ROOTLESS_ARRAY")) {
JSONArray jsonArray = (JSONArray) ((JSONObject) root).get("KJB_ROOTLESS_ARRAY");
return jsonArray.toJSONString();
} else {
return body;
}
} catch (Exception e) {
return body;
}
}
}
@@ -0,0 +1,51 @@
package com.eactive.eai.adapter.controller;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.InputStreamReader;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class CachedBodyHttpServletRequest extends HttpServletRequestWrapper {
private final byte[] cachedBody;
public CachedBodyHttpServletRequest(HttpServletRequest request, byte[] body) {
super(request);
this.cachedBody = body;
}
@Override
public ServletInputStream getInputStream() {
ByteArrayInputStream bais = new ByteArrayInputStream(cachedBody);
return new ServletInputStream() {
@Override
public int read() {
return bais.read();
}
@Override
public boolean isFinished() {
return bais.available() == 0;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
@Override
public BufferedReader getReader() {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
}
@@ -51,6 +51,7 @@ import java.io.IOException;
import java.io.ObjectInputStream;
import org.springframework.security.oauth2.provider.ClientDetails;
import com.nimbusds.jwt.SignedJWT;
import com.eactive.eai.common.context.ElinkTransactionContext;
@Service
@@ -68,6 +69,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
private static final String FILE_GROUP_NAME = "image-file";
private static final String UPLOAD_ROOT_PATH = "UPLOAD_ROOT_PATH";
public static final String PAYLOAD_PARAM_NAME_CLIENT_ID = "client_id"; // jwhong
private boolean encryptResponseApply; // inbound에 대한 응답 암호화 여부 flag
public String callApi(HttpServletRequest request, HttpServletResponse response, Properties httpProp, AdapterGroupVO adapterGroupVO, AdapterVO adapterVO, Properties transactionProp) throws Exception {
int traceLevel = 0;
@@ -124,8 +126,11 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
transactionProp.put(INBOUND_TOKEN, inboundToken);
transactionProp.put(ENCRYPT_AES256_IV, httpProp.getProperty(ENCRYPT_AES256_IV, "")); //jwhong
transactionProp.put(ENCRYPT_AES256_KEY, httpProp.getProperty(ENCRYPT_AES256_KEY, "")); //jwhong
// SEED 컬럼암호하 시 Key로 사용함
String seedkey = getHeaders(request).getOrDefault("x-obp-partnercode", "").toString();
ElinkTransactionContext.setSeedKey(seedkey);
try {
traceLevel = Integer.parseInt(traceLevelTemp);
} catch (Exception e) {
@@ -317,29 +322,10 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
result = mapper.writeValueAsString(rootNode);
}
}
// KJBank는 요청에 대한 응답 (Sync응답, Aync 에 대한 Ack응답) 에 대하여 암호화 하지 않는다. 무조건 안한다. 따라서 아래부분은 구현은 했지만 사용하지 않는다.
//result = doPostEncryption(result, transactionProp); // jwhong Encrypt
// ASYNC 인 경우 광주은행은 RETURN 해 주는 값들이 수정되어야 한다. JWHONG
/*
if ("ASYN".equals(syncAsyncType) && MessageType.JSON.equals(adptMsgType) && StringUtils.isNotBlank(headerGroupName)) {
ObjectMapper mapper = new ObjectMapper();
ObjectNode rootNode = (ObjectNode) mapper.readTree(result);
JsonNode headerGroup = rootNode.get(headerGroupName);
if(headerGroup != null) {
for(Iterator<String> it = headerGroup.fieldNames(); it.hasNext();) {
String name = it.next();
String value = headerGroup.get(name).asText();
response.addHeader(name, value);
}
rootNode.remove(headerGroupName);
result = mapper.writeValueAsString(rootNode);
}
}
*/
// KJBank는 요청에 대한 응답 (Sync응답, Aync 에 대한 Ack응답) 에 대하여 암호화 하지 않는다. 무조건 안한다. 따라서 아래부분은 구현은 했지만 사용하지 않는다.
//result = doPostEncryption(result, transactionProp); // jwhong Encrypt
// KJBank는 요청에 대한 응답 (Sync응답, Aync 에 대한 Ack응답) 에 대하여 암호화 하지 않는다. 무조건 안한다. 따라서 아래부분은 구현은 했지만 사용하지 않는다.
encryptResponseApply = StringUtils.equalsIgnoreCase(httpProp.getProperty("ENCRYPT_RESPONSE_APPLY", "N"), "Y");
result = doPostEncryption(result, transactionProp, request); // jwhong Encrypt
return result;
}
@@ -382,7 +368,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
decryptedMessage = doInboundPreDecrypt(eaiBody, decryptAlgorithm,clientSecret,secretAES256Iv, secretAES256Key );
if (decryptedMessage == null) {
throw new Exception("[HttpClient5AdapterServiceRest] Decrypt Error : Invalid encrypted message");
throw new Exception("[ApiAdapterService] Decrypt Error : Invalid encrypted message");
}
@@ -393,19 +379,26 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
// jwhong encrypt
private String doPostEncryption(String eaiBody, Properties transactionProp) {
private String doPostEncryption(String eaiBody, Properties transactionProp, HttpServletRequest request) throws Exception {
if ( !encryptResponseApply) {
return eaiBody;
}
String decryptAlgorithm = transactionProp.getProperty(ENCRYPT_ALGORITHM, "");
String xElinkClientId = transactionProp.getProperty(HEADER_NAME_CLIENT_ID, ""); // 이 값이 OAuth의 client id 값이다 . http header 에 포함되어 온다. jwhong
String encryptBaseKeyType = transactionProp.getProperty(ENCRYPT_BASE_TYPE);
String inboundToken = transactionProp.getProperty(INBOUND_TOKEN, "");
String inboundToken = "";
String secretAES256Iv = transactionProp.getProperty("ENCRYPT_AES256_IV");
String secretAES256Key = transactionProp.getProperty("ENCRYPT_AES256_KEY");
if ( decryptAlgorithm == "" ) { // 복호화 대상이 아님
return eaiBody;
}
inboundToken = JwtTokenExtractor(request);
xElinkClientId = JwtClientIdExtractor(inboundToken); // token에서 client id를 추출함
// 암호화 key를 token 내용으로 할지 client secret 내용으로 할지 결정함. adapter property에 정의함
// ENCRYPT_ALGORITHM 을 설정했는데 ENCRYPT_BASE_TYPE을 설정안하면 Decrypt 수행시 Exception 발생함
@@ -421,12 +414,16 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
}
}
byte[] decryptedMessage = null;
decryptedMessage = doInboundPostEncrypt(eaiBody, decryptAlgorithm,clientSecret,secretAES256Iv, secretAES256Key );
String encryptedMessage = null;
encryptedMessage = doInboundPostEncrypt(eaiBody, decryptAlgorithm,clientSecret,secretAES256Iv, secretAES256Key );
String resultMessage = new String(decryptedMessage, StandardCharsets.UTF_8 );
return resultMessage;
//return new String(decryptedMessage, StandardCharsets.UTF_8 );
if (encryptedMessage == null) {
throw new Exception("[ApiAdapterService] Encrypt Error : Invalid PlainText message");
}
return encryptedMessage;
//String resultMessage = new String(encryptedMessage, StandardCharsets.UTF_8 );
//return resultMessage;
}
@@ -466,7 +463,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
eaiStringBody = extractBodyMsg(decryptAlgorithm, eaiStringBody);
if (eaiStringBody == null) {
throw new Exception("[HttpClient5AdapterServiceRest] Cannot decrypt Error : input is plain text");
throw new Exception("[ApiAdapterService] Cannot decrypt Error : input is plain text");
}
//test source
@@ -568,28 +565,7 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
String decryptedJsonKey = "";
String decryptedBodyMessage = "";
switch (decryptAlgorithm) {
case "AES128":
case "AES128-TOSS":
decryptedJsonKey = "preScreeningRequest";
break;
case "AES128-TOGETHER":
decryptedJsonKey = "obpTxData";
break;
case "AES256":
decryptedJsonKey = "preScreeningRequest";
break;
case "AES256-KAKAO":
decryptedJsonKey = "encrypted_data";
break;
case "AES256-TOSS":
decryptedJsonKey = "encryptedData";
break;
case "AES256GCM":
break;
default:
break;
}
decryptedJsonKey = getJsonKey(decryptAlgorithm);
try {
JSONParser parser = new JSONParser();
@@ -603,74 +579,95 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
return decryptedBodyMessage;
}
private byte[] doInboundPostEncrypt(String eaiStringBody, String encryptAlgorithm, String clientSecretKey, String secretAES256Iv, String secretAES256Key) {
byte[] encryptedMessage = null;
//String eaiStringBody = new String(eaiBody, StandardCharsets.UTF_8);
//test source
logger.debug("Base64 문자열: " + eaiStringBody);
logger.debug("Base64 문자열 길이: " + eaiStringBody.length());
logger.debug("Base64 문자열 끝: " + eaiStringBody.substring(eaiStringBody.length() - 10));
private String getJsonKey(String Algorithm) {
// Base64 디코딩 테스트
try {
byte[] decoded = Base64.getDecoder().decode(eaiStringBody);
logger.debug("디코딩 성공, 길이: " + decoded.length);
} catch (IllegalArgumentException e) {
logger.debug("Base64 디코딩 실패: " + e.getMessage());
}
// end test source
String jsonKey = "";
switch (Algorithm) {
case "AES128":
case "AES128-TOSS":
jsonKey = "preScreeningRequest";
break;
case "AES128-TOGETHER":
jsonKey = "obpTxData";
break;
case "AES256":
jsonKey = "preScreeningRequest";
break;
case "AES256-KAKAO":
jsonKey = "encrypted_data";
break;
case "AES256-TOSS":
jsonKey = "encryptedData";
break;
case "AES256-NICEON":
jsonKey = "enc_data";
break;
case "AES256GCM":
break;
default:
break;
}
return jsonKey;
}
private String doInboundPostEncrypt(String eaiStringBody, String encryptAlgorithm, String clientSecretKey, String secretAES256Iv, String secretAES256Key) {
//byte[] encryptedMessage = null;
String encryptedStrMessage = null;
String encryptedJsonKey = "";
encryptedJsonKey = getJsonKey(encryptAlgorithm);
switch (encryptAlgorithm) {
case "AES128":
case "AES128-TOSS":
try {
String key128 = clientSecretKey.substring(22,38); //togetherEncoder 경우는 substring(44,60) 이네??
String decryptedStrMessage = AESCipher.encrypt(eaiStringBody, key128);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = AESCipher.encrypt(eaiStringBody, key128);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] AES128 Decryption error=" + e.getMessage());
logger.error("HttpClientAdapterServiceRest] AES128 Encryption error=" + e.getMessage());
}
break;
case "AES128-TOGETHER":
try {
String key128 = clientSecretKey.substring(44,60); //togetherEncoder 경우는 substring(44,60) 이네??
String decryptedStrMessage = AESCipher.encrypt(eaiStringBody, key128);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = AESCipher.encrypt(eaiStringBody, key128);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] AES128 Decryption error=" + e.getMessage());
logger.error("HttpClientAdapterServiceRest] AES128 Encryption error=" + e.getMessage());
}
break;
case "AES256":
try {
String key = clientSecretKey.substring(10,42);
String decryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, key);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, key);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
}
break;
case "AES256-KAKAO":
try {
String decryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, secretAES256Iv, secretAES256Key);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, secretAES256Iv, secretAES256Key);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
}
break;
case "AES256-TOSS":
try {
String decryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, secretAES256Iv, secretAES256Key);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = AES256Cipher.encrypt(eaiStringBody, secretAES256Iv, secretAES256Key);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] AES256 Decryption error=" + e.getMessage());
logger.error("HttpClientAdapterServiceRest] AES256 Encryption error=" + e.getMessage());
}
break;
@@ -680,8 +677,8 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
AES256GCMCipher cipher = new AES256GCMCipher(key);
byte[] aad = "metadata".getBytes();
String decryptedStrMessage = cipher.encrypt(eaiStringBody , aad);
encryptedMessage = decryptedStrMessage.getBytes(StandardCharsets.UTF_8);
encryptedStrMessage = cipher.encrypt(eaiStringBody , aad);
//encryptedMessage = encryptedStrMessage.getBytes(StandardCharsets.UTF_8);
} catch (Exception e) {
e.printStackTrace();
@@ -690,7 +687,8 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
break;
default:
try {
encryptedMessage = eaiStringBody.getBytes();
encryptedStrMessage = eaiStringBody;
//encryptedMessage = eaiStringBody.getBytes();
} catch (Exception e) {
e.printStackTrace();
logger.error("HttpClientAdapterServiceRest] doOutboundPostFilter Array copy error=" + e.getMessage());
@@ -698,7 +696,12 @@ public class ApiAdapterService extends HttpAdapterServiceSupport {
break;
}
return encryptedMessage;
Map<String, Object> map = new HashMap<>();
map.put(encryptedJsonKey, encryptedStrMessage);
JSONObject json = new JSONObject();
json.putAll(map);
return json.toJSONString();
//return encryptedMessage;
}
@@ -19,6 +19,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.eactive.eai.adapter.http.dynamic.filter.JwtAuthException;
import com.eactive.eai.authserver.service.BearerTokenService;
import com.eactive.eai.authserver.service.OAuth2Manager;
import com.eactive.eai.common.util.Logger;
import com.eactive.eai.common.util.MessageUtil;
@@ -85,22 +86,6 @@ public class BearerTokenContoller {
}
}
// // 서비스용 Bearer Token 발급
// @PostMapping("/service")
// public ResponseEntity<?> issueFileToken(@RequestBody Map<String, String> req) {
// String fileId = req.get("fileid");
//
// String token = tokenService.generateFileToken(fileId);
//
// Map<String, String> tokenMap = new HashMap<>();
// tokenMap.put("token_type", "Bearer");
// tokenMap.put("file_token", token);
// tokenMap.put("expires_in", "599");
// tokenMap.put("expires_on", "1575593514");
// tokenMap.put("resource", fileId);
//
// return ResponseEntity.ok(tokenMap);
// }
private void veryfyClient(ClientDetails clientDetails, String clientSecret, Set<String> scopeSet) throws JwtAuthException {
if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) {
throw new JwtAuthException("invalid_client", "Bad client credentials(client_secret is empty or not match)");
@@ -1,77 +0,0 @@
package com.eactive.eai.authserver.custom;
import java.io.IOException;
import java.util.Arrays;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.simple.JSONObject;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import com.eactive.eai.adapter.http.dynamic.filter.JwtAuthException;
import com.eactive.eai.common.util.Logger;
import com.eactive.eai.common.util.MessageUtil;
@Component
public class BearerTokenFilter extends OncePerRequestFilter{
public static Logger logger = Logger.getLogger(Logger.LOGGER_DEFAULT);
private final BearerTokenService tokenService;
public static final String ERROR_AUTHENTICATION_FAIL = "E.AUTHENTICATION_FAIL";
public static final String ERROR_AUTHORIZATION_FAIL = "E.AUTHORIZATION_FAIL";
public static final String ERROR_TOKEN_EXPIRED = "E.TOKEN_EXPIRED";
public BearerTokenFilter(BearerTokenService tokenService) {
this.tokenService = tokenService;
}
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
try {
String auth = request.getHeader("Authorization");
if (auth != null && auth.startsWith("Bearer ")) {
String token = auth.substring(7);
String clientId = null;
String fileId = null;
if (tokenService.validateCA(token)) {
clientId = tokenService.getClientIdFromCA(token);
} else {
throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Access token is invalid or expired");
}
// if (fileId != null) {
// UsernamePasswordAuthenticationToken authentication =
// new UsernamePasswordAuthenticationToken(fileId, null, Arrays.asList());
// SecurityContextHolder.getContext().setAuthentication(authentication);
// }
}
filterChain.doFilter(request, response);
} catch (JwtAuthException jae) {
logger.debug(jae.getMessage());
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AUTH_FAIL, jae.getMessage());
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(errorJson);
} catch (Exception e) {
logger.error(e.getMessage());
String errorJson = MessageUtil.makeJsonErrorMessage(MessageUtil.ERROR_CODE_AP_ERROR, e.getMessage());
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(errorJson);
}
}
}
@@ -1,49 +0,0 @@
package com.eactive.eai.authserver.custom;
import java.util.Set;
import com.fasterxml.jackson.annotation.JsonProperty;
public class BearerTokenInfo {
@JsonProperty("client_id")
private String clientId;
private Long expiresIn;
private Long expiresAt;
private Set<String> scopeSet;
public String getClientId() {
return clientId;
}
public void setClientId(String clientId) {
this.clientId = clientId;
}
public Long getExpiresIn() {
return expiresIn;
}
public void setExpiresIn(Long expiresIn) {
this.expiresIn = expiresIn;
}
public Long getExpiresAt() {
return expiresAt;
}
public void setExpiresAt(Long expiresIn) {
this.expiresAt = System.currentTimeMillis() + (expiresIn * 1000);
}
public Set<String> getScopeSet() {
return scopeSet;
}
public void setScopeSet(Set<String> scopeSet) {
this.scopeSet = scopeSet;
}
public boolean isExpired() {
return System.currentTimeMillis() > expiresAt;
}
}
@@ -1,97 +0,0 @@
package com.eactive.eai.authserver.custom;
import java.security.SecureRandom;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import org.springframework.stereotype.Service;
@Service
public class BearerTokenService {
// CA 토큰 저장소
private final Map<String, BearerTokenInfo> CATokenStore = new ConcurrentHashMap<>();
// File 토큰 저장소
private final Map<String, String> fileTokenStore = new ConcurrentHashMap<>();
// // FileTransfer 토큰 저장소
// private final Map<String, String> fileTransferTokenStore = new ConcurrentHashMap<>();
public String generateCAToken(String clientId, Long expiresIn, Set<String> scopeSet) {
String token = UUID.randomUUID().toString();
BearerTokenInfo CATokenInfo = new BearerTokenInfo();
CATokenInfo.setClientId(clientId);
CATokenInfo.setExpiresIn(expiresIn);
CATokenInfo.setExpiresAt(expiresIn);
CATokenInfo.setScopeSet(scopeSet);
CATokenStore.put(token, CATokenInfo);
return token;
}
public String generateFileToken(String fileId) {
//String token = UUID.randomUUID().toString().replace("-", "");
String token = generateTokenString(987);
fileTokenStore.put(token, fileId);
return token;
}
// public String generateFileTransferToken(String fileId) {
// //String token = UUID.randomUUID().toString().replace("-", "");
// String token = generateTokenString(654);
// fileTransferTokenStore.put(token, fileId);
// return token;
// }
public boolean validateCA(String token) {
BearerTokenInfo CATokenInfo = CATokenStore.get(token);
if (CATokenInfo == null) return false;
if (CATokenInfo.isExpired()) {
CATokenStore.remove(token);
return false;
}
return CATokenStore.containsKey(token);
}
public boolean validateFile(String token) {
return fileTokenStore.containsKey(token);
}
// public boolean validateFileTransfer(String token) {
// return fileTransferTokenStore.containsKey(token);
// }
public String getClientIdFromCA(String token) {
BearerTokenInfo CATokenInfo = CATokenStore.get(token);
return CATokenInfo.getClientId();
}
public String getFileIdFromFile(String token) {
return fileTokenStore.get(token);
}
// public String getFileIdFromFileTransfer(String token) {
// return fileTransferTokenStore.get(token);
// }
private static final String CHARACTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static final SecureRandom secureRandom = new SecureRandom();
public static String generateTokenString(int length) {
// Java 8의 IntStream과 Collectors.joining을 사용한 효율적인 방법
return IntStream.range(0, length)
.map(i -> secureRandom.nextInt(CHARACTERS.length()))
.mapToObj(CHARACTERS::charAt)
.map(String::valueOf)
.collect(Collectors.joining());
}
}
@@ -1,58 +0,0 @@
package com.eactive.eai.authserver.custom;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
//
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig {
//
// private final BearerTokenFilter tokenFilter;
//
// public SecurityConfig(BearerTokenFilter tokenFilter) {
// this.tokenFilter = tokenFilter;
// }
//
// @Bean
// public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//
// http
// .csrf().disable()
// .authorizeRequests()
// .antMatchers("/auth/token/**").permitAll()
// .anyRequest().authenticated()
// .and()
// .addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);
//
// return http.build();
// }
//}
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final BearerTokenFilter tokenFilter;
@Autowired
public SecurityConfig(BearerTokenFilter tokenFilter) {
this.tokenFilter = tokenFilter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/auth/token/**").permitAll()
.anyRequest().authenticated()
.and()
.addFilterBefore(tokenFilter, UsernamePasswordAuthenticationFilter.class);
}
}
@@ -16,6 +16,7 @@ import com.eactive.eai.adapter.AdapterManager;
import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey;
import com.eactive.eai.common.property.PropGroupVO;
import com.eactive.eai.common.property.PropManager;
import com.eactive.eai.common.server.EAIServerManager;
import com.eactive.eai.common.util.Logger;
@@ -28,6 +29,12 @@ public class KFTCFaceFilter implements HttpClientAdapterFilter, HttpAdapterServi
public static final String B_ORG_CODE = "org_code";
public static final String B_TRANSACTION_ID = "transaction_id";
public static final String B_REQUEST_DATETIME = "request_datetime";
public static String instId = null;
static {
EAIServerManager eaiServerManager = EAIServerManager.getInstance();
instId = eaiServerManager.getInstId();
}
@SuppressWarnings({ "unchecked" })
@Override
@@ -47,7 +54,12 @@ public class KFTCFaceFilter implements HttpClientAdapterFilter, HttpAdapterServi
}
String request_datetime = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
String transaction_id = orgCode + request_datetime + "1" + RandomStringUtils.random(4, true, true).toUpperCase();
String reqDate = new SimpleDateFormat("yyMMdd").format(new Date());
String reqTime = new SimpleDateFormat("HHmmss").format(new Date());
// 기관코드(3) + 요청일자(6) -- 금결원 표준화 항목, 고정 9자리.
// 요청시간(6) + 인스턴스ID(2) + RandomString(3) -- 기관별 생성 거래고유번호(11자리)
// 기관코드(3) + 요청일자(6) + 요청시간(6) + 인스턴스ID(2) + RandomString(3) -- 20자리.
String transaction_id = orgCode + reqDate + reqTime + instId + RandomStringUtils.random(3, true, true).toUpperCase();
Properties filterHeaders = (Properties) tempProp.get("FILTERHEADER");
if (filterHeaders == null) {
@@ -11,6 +11,7 @@ import org.apache.commons.lang3.RandomStringUtils;
import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey;
import com.eactive.eai.common.property.PropGroupVO;
import com.eactive.eai.common.property.PropManager;
import com.eactive.eai.common.server.EAIServerManager;
import com.eactive.eai.common.util.Logger;
@@ -22,21 +23,29 @@ public class KFTCP2PFilter implements HttpClientAdapterFilter, HttpAdapterServic
public static final String H_ORG_CODE = "org_code";
public static final String H_TRX_NO = "api_trx_no";
public static final String H_TRX_DTM = "api_trx_dtm";
public static String instId = null;
static {
EAIServerManager eaiServerManager = EAIServerManager.getInstance();
instId = eaiServerManager.getInstId();
}
@Override
public Object doPreFilter(String adptGrpName, String adptName, Properties prop, Object message, Properties tempProp)
throws Exception {
logger.debug("KFTCP2PFilter] PreFilter Processing Start!!");
String orgCode = "034"; // 광주은행 행코드
String orgCode = "D210400012"; // 광주은행 개발 기관코드(운영: K210800020)
PropGroupVO propGroupVo = PropManager.getInstance().getPropGroupVO(KJB_HEADER);
if (propGroupVo != null) {
orgCode = propGroupVo.getProperty(PROP_PREFIX + "." + H_ORG_CODE);
}
String apiTrxDtm = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
String apiTrxNo = orgCode + apiTrxDtm + "1" + RandomStringUtils.random(5, true, true).toUpperCase();
String apiTrxDtm = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date());
String apiTrxTm = new SimpleDateFormat("HHmmss").format(new Date());
// 기관코드(10) + 인스턴스ID(2) + 일시(6) + RandomString(2) -- 총 20자리
String apiTrxNo = orgCode + instId + apiTrxTm + RandomStringUtils.random(2, true, true).toUpperCase();
Properties filterHeaders = (Properties) tempProp.get("FILTERHEADER");
if (filterHeaders == null) {
@@ -87,7 +87,7 @@ public class StandardMessageCoordinatorKJB extends DefaultStandardMessageCoordin
//전문요청일자
standardMessage.setData("Common.BizProc_Info.MESG_DMAN_DT", DatetimeUtil.getCurrentDate());
//전문요청시간
standardMessage.setData("Common.BizProc_Info.MESG_DMAN_TKTM", DatetimeUtil.getTime8());
standardMessage.setData("Common.BizProc_Info.MESG_DMAN_TKTM", DatetimeUtil.getFormattedDate("HHmmssSSS"));
//2012-07-24 임의 로 영업일자에 system시간 설정
@@ -0,0 +1,74 @@
package com.eactive.eai.custom.transformer.function.userdefined;
import com.eactive.eai.common.context.ElinkTransactionContext;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.jayway.jsonpath.Configuration;
import com.jayway.jsonpath.JsonPath;
import com.jayway.jsonpath.spi.json.JacksonJsonNodeJsonProvider;
import com.jayway.jsonpath.spi.json.JacksonJsonProvider;
import org.nfunk.jep.ParseException;
import org.nfunk.jep.function.PostfixMathCommand;
import java.util.Stack;
public class JsonPathExtractRequestMessage extends PostfixMathCommand {
private static final ObjectMapper objectMapper = new ObjectMapper();
public JsonPathExtractRequestMessage() {
numberOfParameters = -1;
}
public void run(Stack inStack) throws ParseException {
checkStack(inStack);
String bizData = ElinkTransactionContext.getRequestBizData();
Object p1 = inStack.pop();
String path = String.valueOf(p1);
inStack.clear();
try {
// Jackson을 JsonPath의 JSON 프로바이더로 설정
Configuration config = Configuration.builder()
.jsonProvider(new JacksonJsonNodeJsonProvider())
.build();
JsonNode resultNode = JsonPath.using(config).parse(bizData).read(path);
if (resultNode == null) {
inStack.push(null);
} else if (resultNode.isValueNode()) {
// 단순 값(문자열, 숫자, boolean 등)은 텍스트로 반환
inStack.push(resultNode.asText());
} else {
// 객체/배열은 JsonNode 그대로 반환
inStack.push(resultNode);
}
} catch (Exception e) {
throw new ParseException("JsonPath extract error: " + e.getMessage());
}
}
private JsonNode getNodeAtPath(JsonNode rootNode, String path) {
String[] tokens = path.split("/");
JsonNode currentNode = rootNode;
for (String token : tokens) {
if (token.isEmpty()) continue;
if (token.matches("\\d+")) {
currentNode = currentNode.get(Integer.parseInt(token));
} else {
currentNode = currentNode.get(token);
}
if (currentNode == null) {
return null;
}
}
return currentNode;
}
}
@@ -0,0 +1,41 @@
package com.eactive.eai.custom.transformer.function.userdefined;
import com.eactive.eai.common.context.ElinkTransactionContext;
import org.apache.commons.lang.StringUtils;
import org.nfunk.jep.ParseException;
import org.nfunk.jep.function.PostfixMathCommand;
import java.util.Stack;
public class SubStringRequestMessage extends PostfixMathCommand {
public SubStringRequestMessage() {
numberOfParameters = -1;
}
public void run(Stack inStack) throws ParseException {
checkStack(inStack);
String bizData = ElinkTransactionContext.getRequestBizData();
Object p1 = inStack.pop();
Object p2 = inStack.pop();
int start = toInt(p2);
int end = toInt(p1);
String resultStr = bizData.substring(start, end);
inStack.clear();
inStack.push(resultStr);
}
public static int toInt(Object obj) {
if (obj instanceof Number) {
return ((Number) obj).intValue();
}
if (obj instanceof String) {
return Integer.parseInt(((String) obj).trim());
}
throw new IllegalArgumentException("Cannot convert to int: " + obj);
}
}