diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java index c3458e6..569b64b 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java @@ -1,6 +1,8 @@ package com.eactive.eai.adapter.http.dynamic.filter; import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceSupport; +//import com.eactive.eai.authserver.vo.BearerTokenInfo; +//import com.eactive.eai.authserver.custom.BearerTokenService; import com.eactive.eai.authserver.service.OAuth2Manager; import com.eactive.eai.authserver.vo.ClientVO; import com.eactive.eai.common.message.EAIMessage; @@ -9,6 +11,7 @@ import com.eactive.eai.common.property.PropGroupVO; import com.eactive.eai.common.property.PropManager; import com.eactive.eai.common.stdmessage.STDMessageManager; import com.eactive.eai.common.util.Logger; +import com.eactive.eai.common.util.StringUtil; import com.eactive.eai.inbound.action.ActionFactory; import com.eactive.eai.inbound.action.RequestAction; import com.eactive.eai.inbound.processor.Processor; @@ -35,7 +38,9 @@ import java.text.ParseException; import java.util.Base64; import java.util.Date; import java.util.HashSet; +import java.util.Map; import java.util.Properties; +import java.util.concurrent.ConcurrentHashMap; public class ApiAuthFilter implements HttpAdapterFilter { static Logger logger = Logger.getLogger(Logger.LOGGER_ADAPTER); @@ -52,7 +57,10 @@ public class ApiAuthFilter implements HttpAdapterFilter { private JWSVerifier jwsVerifier; - public ApiAuthFilter() { +// // CA 토큰 저장소 +// private final Map CATokenStore = new ConcurrentHashMap<>(); + + public ApiAuthFilter() { super(); PropGroupVO vo = PropManager.getInstance().getPropGroupVO(PROP_GROUP_AUTH_SERVER); @@ -94,6 +102,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { */ StandardMessage standardMessage = STDMessageManager.getInstance().getSTDMessage(apiId); String eaiSvcCd = StandardMessageManager.getInstance().getMapper().getEaiSvcCode(standardMessage); + if(!StringUtils.equals(eaiSvcCd, prop.getProperty("API_SERVICE_CODE"))) eaiSvcCd = prop.getProperty("API_SERVICE_CODE"); EAIMessage eaiMessage = EAIMessageManager.getInstance().getEAIMessage(eaiSvcCd); if(StringUtils.isBlank(eaiMessage.getAuthType())){ @@ -106,7 +115,9 @@ public class ApiAuthFilter implements HttpAdapterFilter { String token = ApiAuthFilter.extractJWTToken(request); SignedJWT signedJWT = SignedJWT.parse(token); - if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { + if (signedJWT.getJWTClaimsSet().getExpirationTime() == null) { + logger.debug("Static Token"); + } else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); } @@ -133,6 +144,26 @@ public class ApiAuthFilter implements HttpAdapterFilter { throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } break; +// case "bearer": +// try { +// String token = ApiAuthFilter.extractJWTToken(request); +// BearerTokenInfo CATokenInfo = CATokenStore.get(token); +// +// if (CATokenInfo == null) { +// throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); +// } +// +// if (CATokenInfo.isExpired()) { +// throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); +// } +// } catch (JwtAuthException e) { +// logger.debug(e.getMessage()); +// throw e; +// } catch (Exception e) { +// logger.error(e.getMessage()); +// throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); +// } +// break; case "api_key": String apiKeyName = PropManager.getInstance().getProperty("ApiConfig", "api.key.name", "x-api-key"); String apiKey = request.getHeader(apiKeyName); @@ -158,7 +189,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { return message; } - private boolean verifyClientId(Properties prop, SignedJWT signedJWT) { + private boolean verifyClientId(Properties prop, SignedJWT signedJWT) throws JwtAuthException { try { // 이전 filter에서 셋팅한 clientId 확보 String headerClientId = prop.getProperty(HttpAdapterServiceSupport.PROPERTIES_NAME_CLIENT_ID); @@ -176,6 +207,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { } } catch (Exception e) { logger.error(e.getMessage()); + throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } return true; @@ -227,8 +259,16 @@ public class ApiAuthFilter implements HttpAdapterFilter { if (scopeArr == null || scopeArr.length == 0) { return false; } + + String passScope = "oob,public"; + String[] passScopeArr = org.springframework.util.StringUtils.tokenizeToStringArray(passScope, ","); for (String scope : scopeArr) { + for (String pScope : passScopeArr) { + if ( StringUtils.equalsAny(scope, pScope)) { + return true; + } + } if (scopeSet.contains(scope)) { return true; } diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java index 1de5a38..306f651 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java @@ -88,7 +88,9 @@ public class JwtAuthFilter implements HttpAdapterFilter { String token = JwtAuthFilter.extractJWTToken(request); SignedJWT signedJWT = SignedJWT.parse(token); - if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { + if (signedJWT.getJWTClaimsSet().getExpirationTime() == null) { + logger.debug("Static Token"); + } else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); } @@ -118,7 +120,7 @@ public class JwtAuthFilter implements HttpAdapterFilter { return message; } - private boolean verifyClientId(Properties prop, SignedJWT signedJWT) { + private boolean verifyClientId(Properties prop, SignedJWT signedJWT) throws JwtAuthException { try { // 이전 filter에서 셋팅한 clientId 확보 String headerClientId = prop.getProperty(HttpAdapterServiceSupport.PROPERTIES_NAME_CLIENT_ID); @@ -136,6 +138,7 @@ public class JwtAuthFilter implements HttpAdapterFilter { } } catch (Exception e) { logger.error(e.getMessage()); + throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } return true; diff --git a/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java b/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java new file mode 100644 index 0000000..c808571 --- /dev/null +++ b/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java @@ -0,0 +1,70 @@ +package com.eactive.eai.inbound.action; + +import com.eactive.eai.adapter.http.dynamic.impl.HttpAdapterServiceRest; +import com.eactive.eai.common.exception.ExceptionUtil; +import com.eactive.eai.common.util.MessageKeyExtractor; + +/** +* 1. 기능 : Inbound Adapter를 통해 전달받은 비표준메시지에서 EAI메시지를 생성하기 위한 키값을 추출 +* 2. 처리 개요 : +* - 어뎁터의 업무그룹명을 키값앞에 추가한다. +* - MessageKeyExtractor를 통해 Adapter별 추출 Rule에 따라 메시지를 구분할 수 있는 키값을 추출한다. +* 3. 주의사항 +* +* @author : +* @version : v 1.0.0 +* @see : +* @since : +*/ +public class AdapterGroupNameMethodRequestAction extends RequestActionSupport +{ + public static final String STEMSG_METHOD_DELIMITER = ":"; + public static final String STEMSG_SERVICE_HEADER_DELIMITER = "^"; + + /** + * 1. 기능 : Inbound Adapter를 통해 전달받은 비표준메시지에서 EAI메시지를 생성하기 위한 키값을 추출 + * 2. 처리 개요 : + * - MessageKeyExtractor를 통해 Adapter별 추출 Rule에 따라 메시지를 구분할 수 있는 키값을 추출한다. + * 3. 주의사항 + * + * @param message Object 타입의 요청메시지 + * @return String 비표준메시지의 메시지키값 + * @exception + **/ + public String[] perform(Object message) throws ActionException + { + byte[] tmp = null; + String key[] = null; + + String adptGrpName = adapterGroupName; + String requestMethod = prop.getProperty(HttpAdapterServiceRest.PROPERTIES_NAME_HTTP_REQUEST_METHOD); + + if(message instanceof byte[]) { + try { + key = MessageKeyExtractor.getMessageKeyValue(this.adapterGroupName, message); + } catch(Exception e) { + throw new ActionException(ExceptionUtil.getErrorCode(e, "RECEAIIRA001")); + } + tmp = (byte[])message; + if (logger.isInfo()) logger.info(adapterName+"] received data >> "+ new String(tmp)); + } else { + try { + key = MessageKeyExtractor.getMessageKeyValue(this.adapterGroupName, message); + } catch(Exception e) { + throw new ActionException(ExceptionUtil.getErrorCode(e, "RECEAIIRA001")); + } + if (logger.isInfo()) logger.info(adapterName+"] received data >> "+ message); + } + + String baseMessageKey = adptGrpName.trim() + STEMSG_METHOD_DELIMITER + requestMethod + STEMSG_SERVICE_HEADER_DELIMITER; + for(int i=0; i