From b6ba433fc92fc6fa8296129e2db68c970e6de152 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Wed, 10 Dec 2025 23:07:09 +0900 Subject: [PATCH 1/4] =?UTF-8?q?API=20SvcCD=20Setting=EB=B3=80=EA=B2=BD,=20?= =?UTF-8?q?=EA=B3=A0=EC=A0=95=ED=86=A0=ED=81=B0=20=EC=B2=98=EB=A6=AC=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../http/dynamic/filter/ApiAuthFilter.java | 46 +++++++++++++++++-- .../http/dynamic/filter/JwtAuthFilter.java | 7 ++- 2 files changed, 48 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java index c3458e6..569b64b 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/ApiAuthFilter.java @@ -1,6 +1,8 @@ package com.eactive.eai.adapter.http.dynamic.filter; import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceSupport; +//import com.eactive.eai.authserver.vo.BearerTokenInfo; +//import com.eactive.eai.authserver.custom.BearerTokenService; import com.eactive.eai.authserver.service.OAuth2Manager; import com.eactive.eai.authserver.vo.ClientVO; import com.eactive.eai.common.message.EAIMessage; @@ -9,6 +11,7 @@ import com.eactive.eai.common.property.PropGroupVO; import com.eactive.eai.common.property.PropManager; import com.eactive.eai.common.stdmessage.STDMessageManager; import com.eactive.eai.common.util.Logger; +import com.eactive.eai.common.util.StringUtil; import com.eactive.eai.inbound.action.ActionFactory; import com.eactive.eai.inbound.action.RequestAction; import com.eactive.eai.inbound.processor.Processor; @@ -35,7 +38,9 @@ import java.text.ParseException; import java.util.Base64; import java.util.Date; import java.util.HashSet; +import java.util.Map; import java.util.Properties; +import java.util.concurrent.ConcurrentHashMap; public class ApiAuthFilter implements HttpAdapterFilter { static Logger logger = Logger.getLogger(Logger.LOGGER_ADAPTER); @@ -52,7 +57,10 @@ public class ApiAuthFilter implements HttpAdapterFilter { private JWSVerifier jwsVerifier; - public ApiAuthFilter() { +// // CA 토큰 저장소 +// private final Map CATokenStore = new ConcurrentHashMap<>(); + + public ApiAuthFilter() { super(); PropGroupVO vo = PropManager.getInstance().getPropGroupVO(PROP_GROUP_AUTH_SERVER); @@ -94,6 +102,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { */ StandardMessage standardMessage = STDMessageManager.getInstance().getSTDMessage(apiId); String eaiSvcCd = StandardMessageManager.getInstance().getMapper().getEaiSvcCode(standardMessage); + if(!StringUtils.equals(eaiSvcCd, prop.getProperty("API_SERVICE_CODE"))) eaiSvcCd = prop.getProperty("API_SERVICE_CODE"); EAIMessage eaiMessage = EAIMessageManager.getInstance().getEAIMessage(eaiSvcCd); if(StringUtils.isBlank(eaiMessage.getAuthType())){ @@ -106,7 +115,9 @@ public class ApiAuthFilter implements HttpAdapterFilter { String token = ApiAuthFilter.extractJWTToken(request); SignedJWT signedJWT = SignedJWT.parse(token); - if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { + if (signedJWT.getJWTClaimsSet().getExpirationTime() == null) { + logger.debug("Static Token"); + } else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); } @@ -133,6 +144,26 @@ public class ApiAuthFilter implements HttpAdapterFilter { throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } break; +// case "bearer": +// try { +// String token = ApiAuthFilter.extractJWTToken(request); +// BearerTokenInfo CATokenInfo = CATokenStore.get(token); +// +// if (CATokenInfo == null) { +// throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); +// } +// +// if (CATokenInfo.isExpired()) { +// throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); +// } +// } catch (JwtAuthException e) { +// logger.debug(e.getMessage()); +// throw e; +// } catch (Exception e) { +// logger.error(e.getMessage()); +// throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); +// } +// break; case "api_key": String apiKeyName = PropManager.getInstance().getProperty("ApiConfig", "api.key.name", "x-api-key"); String apiKey = request.getHeader(apiKeyName); @@ -158,7 +189,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { return message; } - private boolean verifyClientId(Properties prop, SignedJWT signedJWT) { + private boolean verifyClientId(Properties prop, SignedJWT signedJWT) throws JwtAuthException { try { // 이전 filter에서 셋팅한 clientId 확보 String headerClientId = prop.getProperty(HttpAdapterServiceSupport.PROPERTIES_NAME_CLIENT_ID); @@ -176,6 +207,7 @@ public class ApiAuthFilter implements HttpAdapterFilter { } } catch (Exception e) { logger.error(e.getMessage()); + throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } return true; @@ -227,8 +259,16 @@ public class ApiAuthFilter implements HttpAdapterFilter { if (scopeArr == null || scopeArr.length == 0) { return false; } + + String passScope = "oob,public"; + String[] passScopeArr = org.springframework.util.StringUtils.tokenizeToStringArray(passScope, ","); for (String scope : scopeArr) { + for (String pScope : passScopeArr) { + if ( StringUtils.equalsAny(scope, pScope)) { + return true; + } + } if (scopeSet.contains(scope)) { return true; } diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java index 1de5a38..306f651 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/JwtAuthFilter.java @@ -88,7 +88,9 @@ public class JwtAuthFilter implements HttpAdapterFilter { String token = JwtAuthFilter.extractJWTToken(request); SignedJWT signedJWT = SignedJWT.parse(token); - if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { + if (signedJWT.getJWTClaimsSet().getExpirationTime() == null) { + logger.debug("Static Token"); + } else if (new Date().after(signedJWT.getJWTClaimsSet().getExpirationTime())) { throw new JwtAuthException(ERROR_TOKEN_EXPIRED, "Access token expired"); } @@ -118,7 +120,7 @@ public class JwtAuthFilter implements HttpAdapterFilter { return message; } - private boolean verifyClientId(Properties prop, SignedJWT signedJWT) { + private boolean verifyClientId(Properties prop, SignedJWT signedJWT) throws JwtAuthException { try { // 이전 filter에서 셋팅한 clientId 확보 String headerClientId = prop.getProperty(HttpAdapterServiceSupport.PROPERTIES_NAME_CLIENT_ID); @@ -136,6 +138,7 @@ public class JwtAuthFilter implements HttpAdapterFilter { } } catch (Exception e) { logger.error(e.getMessage()); + throw new JwtAuthException(ERROR_AUTHENTICATION_FAIL, "Token invalid"); } return true; From 85048d74528a5657d9107ab657711c677a9a9e25 Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Wed, 10 Dec 2025 23:08:20 +0900 Subject: [PATCH 2/4] =?UTF-8?q?messageKey=20=EC=B6=94=EC=B6=9C=20Request?= =?UTF-8?q?=20Action=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../AdapterGroupNameMethodRequestAction.java | 70 +++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java diff --git a/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java b/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java new file mode 100644 index 0000000..c808571 --- /dev/null +++ b/src/main/java/com/eactive/eai/inbound/action/AdapterGroupNameMethodRequestAction.java @@ -0,0 +1,70 @@ +package com.eactive.eai.inbound.action; + +import com.eactive.eai.adapter.http.dynamic.impl.HttpAdapterServiceRest; +import com.eactive.eai.common.exception.ExceptionUtil; +import com.eactive.eai.common.util.MessageKeyExtractor; + +/** +* 1. 기능 : Inbound Adapter를 통해 전달받은 비표준메시지에서 EAI메시지를 생성하기 위한 키값을 추출 +* 2. 처리 개요 : +* - 어뎁터의 업무그룹명을 키값앞에 추가한다. +* - MessageKeyExtractor를 통해 Adapter별 추출 Rule에 따라 메시지를 구분할 수 있는 키값을 추출한다. +* 3. 주의사항 +* +* @author : +* @version : v 1.0.0 +* @see : +* @since : +*/ +public class AdapterGroupNameMethodRequestAction extends RequestActionSupport +{ + public static final String STEMSG_METHOD_DELIMITER = ":"; + public static final String STEMSG_SERVICE_HEADER_DELIMITER = "^"; + + /** + * 1. 기능 : Inbound Adapter를 통해 전달받은 비표준메시지에서 EAI메시지를 생성하기 위한 키값을 추출 + * 2. 처리 개요 : + * - MessageKeyExtractor를 통해 Adapter별 추출 Rule에 따라 메시지를 구분할 수 있는 키값을 추출한다. + * 3. 주의사항 + * + * @param message Object 타입의 요청메시지 + * @return String 비표준메시지의 메시지키값 + * @exception + **/ + public String[] perform(Object message) throws ActionException + { + byte[] tmp = null; + String key[] = null; + + String adptGrpName = adapterGroupName; + String requestMethod = prop.getProperty(HttpAdapterServiceRest.PROPERTIES_NAME_HTTP_REQUEST_METHOD); + + if(message instanceof byte[]) { + try { + key = MessageKeyExtractor.getMessageKeyValue(this.adapterGroupName, message); + } catch(Exception e) { + throw new ActionException(ExceptionUtil.getErrorCode(e, "RECEAIIRA001")); + } + tmp = (byte[])message; + if (logger.isInfo()) logger.info(adapterName+"] received data >> "+ new String(tmp)); + } else { + try { + key = MessageKeyExtractor.getMessageKeyValue(this.adapterGroupName, message); + } catch(Exception e) { + throw new ActionException(ExceptionUtil.getErrorCode(e, "RECEAIIRA001")); + } + if (logger.isInfo()) logger.info(adapterName+"] received data >> "+ message); + } + + String baseMessageKey = adptGrpName.trim() + STEMSG_METHOD_DELIMITER + requestMethod + STEMSG_SERVICE_HEADER_DELIMITER; + for(int i=0; i Date: Wed, 10 Dec 2025 23:10:09 +0900 Subject: [PATCH 3/4] =?UTF-8?q?HTT=20=EC=96=B4=EB=8C=91=ED=84=B0=EB=A1=9C?= =?UTF-8?q?=20=EB=93=A4=EC=96=B4=EC=98=A4=EB=8A=94=EA=B1=B0=EB=9E=98?= =?UTF-8?q?=EB=8A=94=20Prop=EC=97=90=20=EC=84=9C=EB=B9=84=EC=8A=A4?= =?UTF-8?q?=EC=BD=94=EB=93=9C=EA=B0=80=20=EC=97=86=EC=9D=8C.=20->=20?= =?UTF-8?q?=EA=B8=B0=EC=A1=B4=EB=A1=9C=EC=A7=81=20=ED=83=80=EB=8F=84?= =?UTF-8?q?=EB=A1=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/eactive/eai/inbound/processor/RequestProcessor.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java b/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java index 54b1a12..d52a5c4 100644 --- a/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java +++ b/src/main/java/com/eactive/eai/inbound/processor/RequestProcessor.java @@ -345,6 +345,7 @@ public class RequestProcessor extends RequestProcessorSupport { //String eaiSvcCd = mapper.getEaiSvcCode(standardMessage); // commnet by jwhong String eaiSvcCd = prop.getProperty("API_SERVICE_CODE"); System.out.println("***** eaiSvcCd is"+ eaiSvcCd); + if (StringUtils.isEmpty(eaiSvcCd)) eaiSvcCd = mapper.getEaiSvcCode(standardMessage); // HTT 어댑터로 들어오는거래는 Prop에 서비스코드가 없음. String guid = mapper.getGuid(standardMessage); String guidSeq = mapper.getGuidSeq(standardMessage); String returnType = mapper.getSendRecvDivision(standardMessage); // S|R From 408f492492899887e328151635cf5f0f0360f29b Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Wed, 10 Dec 2025 23:11:08 +0900 Subject: [PATCH 4/4] =?UTF-8?q?Bypass=20=EC=96=B4=EB=8C=91=ED=84=B0?= =?UTF-8?q?=EC=9D=98=20Simulator=20=EC=84=A4=EC=A0=95=EC=B2=98=EB=A6=AC=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/eactive/eai/outbound/RESTProcess.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/com/eactive/eai/outbound/RESTProcess.java b/src/main/java/com/eactive/eai/outbound/RESTProcess.java index 77e1d9d..bc4f0cf 100644 --- a/src/main/java/com/eactive/eai/outbound/RESTProcess.java +++ b/src/main/java/com/eactive/eai/outbound/RESTProcess.java @@ -501,6 +501,7 @@ public class RESTProcess extends HTTPProcess { String url = StringUtils.removeEnd(simAddr, "/") + "/mockapi/" + this.reqEaiMsg.getEAISvcCd(); this.outboundProp.put(HttpClientAdapterServiceKey.URL, url); + this.tempProp.remove(HttpAdapterServiceKey.INBOUND_REWRITE_PATH); logger.debug("simUrl=" + url); } } catch (Exception e) {