From 9155ad51ff978bbc6dfd942d93f4b1cd63cf789f Mon Sep 17 00:00:00 2001 From: "Yunsam.Eo" Date: Fri, 9 Jan 2026 14:41:24 +0900 Subject: [PATCH 1/4] =?UTF-8?q?Body=EA=B0=92=EC=9D=B4=20"",=20Null,=20"{}"?= =?UTF-8?q?=20=EC=9D=BC=20=EA=B2=BD=EC=9A=B0=EC=99=80=20Method=EA=B0=80=20?= =?UTF-8?q?GET/DELETE=EC=9D=BC=20=EA=B2=BD=EC=9A=B0=20signature-body=20?= =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EC=A0=9C=EC=99=B8(by=20=EC=9D=B4=EC=83=81?= =?UTF-8?q?=EC=9A=B1D)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../filter/HmacSha256VerifyFilterKjb.java | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/HmacSha256VerifyFilterKjb.java b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/HmacSha256VerifyFilterKjb.java index 4cd3bcf..4d73b4e 100644 --- a/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/HmacSha256VerifyFilterKjb.java +++ b/src/main/java/com/eactive/eai/adapter/http/dynamic/filter/HmacSha256VerifyFilterKjb.java @@ -15,6 +15,7 @@ import javax.servlet.http.HttpServletResponse; import org.springframework.http.HttpStatus; import org.apache.commons.lang3.StringUtils; +import com.eactive.eai.adapter.http.HttpMethodType; import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey; import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceSupport; import com.eactive.eai.authserver.service.OAuth2Manager; @@ -43,8 +44,7 @@ public class HmacSha256VerifyFilterKjb implements HttpAdapterFilter { String xObpSignatureUrl = request.getHeader("x-obp-signature-url"); String xObpSignatureBody = request.getHeader("x-obp-signature-body"); if (StringUtils.isBlank(xObpPartnercode) - || StringUtils.isBlank(xObpSignatureUrl) - || StringUtils.isBlank(xObpSignatureBody)) { + || StringUtils.isBlank(xObpSignatureUrl)) { throw new JwtAuthException( String.valueOf(HttpStatus.UNAUTHORIZED.value()), "Can not find mandatory Http Header"); @@ -67,10 +67,19 @@ public class HmacSha256VerifyFilterKjb implements HttpAdapterFilter { "Signature verifying failed : x-obp-signature-url"); } - if (!StringUtils.equals(xObpSignatureBody, macBody)) { - throw new JwtAuthException( - String.valueOf(HttpStatus.UNAUTHORIZED.value()), - "Signature verifying failed : x-obp-signature-body"); + switch (HttpMethodType.getValue(request.getMethod())) { + case GET: + case DELETE: + break; + default: + if (StringUtils.isNotBlank(inboundBody) && !StringUtils.equals("{}", inboundBody)) { + if (!StringUtils.equals(xObpSignatureBody, macBody)) { + throw new JwtAuthException( + String.valueOf(HttpStatus.UNAUTHORIZED.value()), + "Signature verifying failed : x-obp-signature-body"); + } + break; + } } } catch (JwtAuthException e) { From acfe440310b72278edce55f688ae0f5d7e09529d Mon Sep 17 00:00:00 2001 From: jaewohong Date: Fri, 9 Jan 2026 15:44:14 +0900 Subject: [PATCH 2/4] =?UTF-8?q?http=20status=20=EC=97=90=EB=9F=AC=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=A0=95=EC=83=81=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../impl/HttpClient5AdapterServiceRest.java | 35 ++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java index 4ee9b4c..f3e34ea 100644 --- a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java +++ b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java @@ -164,6 +164,9 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp //Outbound 요청에 대한 응답 메시지의 복호화 여부 결정위해 jwhong encryptResponseApply = StringUtils.equalsIgnoreCase(prop.getProperty("ENCRYPT_RESPONSE_APPLY", "N"), "Y"); + + //업체 300응답시 특정 http status code 경우 에러 아닌걸로 처리. 광주은행 + String errIgnore = prop.getProperty("ERROR_IGNORE_CODE", ""); /** * @formatter:off @@ -496,7 +499,10 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp map.put(HttpAdapterServiceKey.OUTBOUND_RESPONSE_MESSAGE, responseString); map.put(HttpAdapterServiceKey.OUTBOUND_RESPONSE_STATUS, status); - if (status >= 200 && status <= 207) { + + if (isStatusInIgnore(status,errIgnore )) { + // 이경우 정상임 + } else if (status >= 200 && status <= 207) { if (useAdapterToken && StringUtils.equals(tokenErrorHttpStatusCode, "200")) { needReissue = checkTokenRetry(responseMessage, tokenErrorCodeKey, tokenErrorCodeValues, vo.getEncode()); @@ -1563,4 +1569,31 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp logger.debug("HttpClientAdapterServiceRest] after concatenate url=[" + targetUrl + "] "); return targetUrl; } + + + private boolean isStatusInIgnore(int status, String errIgnore) { + if (errIgnore == null || errIgnore.isEmpty()) return false; + + String[] tokens = errIgnore.split(","); + for (String token : tokens) { + token = token.trim(); + if (token.contains("-")) { + // 범위 처리 + String[] range = token.split("-"); + int start = Integer.parseInt(range[0].trim()); + int end = Integer.parseInt(range[1].trim()); + if (status >= start && status <= end) { + return true; + } + } else { + // 단일 숫자 처리 + int code = Integer.parseInt(token); + if (status == code) { + return true; + } + } + } + return false; + } + } From 1a6fd332a7442994a95f24e57e74e49bdd188bef Mon Sep 17 00:00:00 2001 From: jaewohong Date: Fri, 9 Jan 2026 15:48:43 +0900 Subject: [PATCH 3/4] http status code check --- .../adapter/http/client/impl/HttpClient5AdapterServiceRest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java index f3e34ea..17e3579 100644 --- a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java +++ b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java @@ -93,7 +93,7 @@ import java.util.Date; * 기능을 제공한다.
* 2. 처리 개요 :
* * - 2020-09-25: Http Header 받아서 처리할 수 있게 기능 추가
- * 3. 주의사항
+ * 3. 주의사항
* * @author : * @version : v 1.0.0 From 27ebdb86730efbb9a55bc015e805832670640be1 Mon Sep 17 00:00:00 2001 From: jaewohong Date: Fri, 9 Jan 2026 16:33:05 +0900 Subject: [PATCH 4/4] =?UTF-8?q?http=20status=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../adapter/http/client/impl/HttpClient5AdapterServiceRest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java index 17e3579..b826016 100644 --- a/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java +++ b/src/main/java/com/eactive/eai/adapter/http/client/impl/HttpClient5AdapterServiceRest.java @@ -501,7 +501,7 @@ public class HttpClient5AdapterServiceRest extends HttpClient5AdapterServiceSupp if (isStatusInIgnore(status,errIgnore )) { - // 이경우 정상임 + // 이경우 정상으로 처리함 } else if (status >= 200 && status <= 207) { if (useAdapterToken && StringUtils.equals(tokenErrorHttpStatusCode, "200")) { needReissue = checkTokenRetry(responseMessage, tokenErrorCodeKey, tokenErrorCodeValues,