diff --git a/backend/apigateway/build.gradle b/backend/apigateway/build.gradle index 71acfd0..d58a9e5 100644 --- a/backend/apigateway/build.gradle +++ b/backend/apigateway/build.gradle @@ -1,5 +1,6 @@ plugins { id 'org.springframework.boot' version '2.4.5' + id "org.sonarqube" version "2.7" id 'io.spring.dependency-management' version '1.0.11.RELEASE' id 'java' } diff --git a/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/OpenApiDocConfig.java b/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/OpenApiDocConfig.java index f6dff75..593bccd 100644 --- a/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/OpenApiDocConfig.java +++ b/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/OpenApiDocConfig.java @@ -1,8 +1,10 @@ package org.egovframe.cloud.apigateway.config; import java.util.ArrayList; +import java.util.Collection; import java.util.List; - +import java.util.Optional; +import java.util.stream.Stream; import org.springdoc.core.GroupedOpenApi; import org.springdoc.core.SwaggerUiConfigParameters; import org.springframework.cloud.gateway.route.RouteDefinition; @@ -20,11 +22,16 @@ public class OpenApiDocConfig { List groups = new ArrayList<>(); List definitions = locator.getRouteDefinitions().log("OpenApiDocConfig").collectList().block(); - definitions.stream().filter(routeDefinition -> routeDefinition.getId().matches(".*-service")).forEach(routeDefinition -> { - String name = routeDefinition.getId(); - swaggerUiConfigParameters.addGroup(name); - GroupedOpenApi.builder().pathsToMatch("/" + name + "/**").group(name).build(); - }); + + Optional.ofNullable(definitions) + .map(Collection::stream) + .orElseGet(Stream::empty) + .filter(routeDefinition -> routeDefinition.getId().matches(".*-service")) + .forEach(routeDefinition -> { + String name = routeDefinition.getId(); + swaggerUiConfigParameters.addGroup(name); + GroupedOpenApi.builder().pathsToMatch("/" + name + "/**").group(name).build(); + }); return groups; } } diff --git a/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/ReactiveAuthorization.java b/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/ReactiveAuthorization.java index 56e5cbe..6406c3f 100644 --- a/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/ReactiveAuthorization.java +++ b/backend/apigateway/src/main/java/org/egovframe/cloud/apigateway/config/ReactiveAuthorization.java @@ -2,6 +2,7 @@ package org.egovframe.cloud.apigateway.config; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.Jwts; +import java.util.List; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; @@ -23,8 +24,7 @@ import reactor.core.publisher.Mono; /** * org.egovframe.cloud.apigateway.config.ReactiveAuthorization *

- * Spring Security 에 의해 요청 url에 대한 사용자 인가 서비스를 수행하는 클래스 - * 요청에 대한 사용자의 권한여부 체크하여 true/false 리턴한다 + * Spring Security 에 의해 요청 url에 대한 사용자 인가 서비스를 수행하는 클래스 요청에 대한 사용자의 권한여부 체크하여 true/false 리턴한다 * * @author 표준프레임워크센터 jaeyeolkim * @version 1.0 @@ -54,8 +54,7 @@ public class ReactiveAuthorization implements ReactiveAuthorizationManager check(Mono authentication, AuthorizationContext context) { + public Mono check(Mono authentication, + AuthorizationContext context) { ServerHttpRequest request = context.getExchange().getRequest(); RequestPath requestPath = request.getPath(); HttpMethod httpMethod = request.getMethod(); - String baseUrl = APIGATEWAY_HOST + AUTHORIZATION_URI + "?httpMethod=" + httpMethod + "&requestPath=" + requestPath; + String baseUrl = + APIGATEWAY_HOST + AUTHORIZATION_URI + "?httpMethod=" + httpMethod + "&requestPath=" + + requestPath; log.info("baseUrl={}", baseUrl); String authorizationHeader = ""; - if (request.getHeaders().containsKey(HttpHeaders.AUTHORIZATION) - && StringUtils.hasLength( - request.getHeaders().get(HttpHeaders.AUTHORIZATION).get(0)) - && !"undefined".equals(request.getHeaders().get(HttpHeaders.AUTHORIZATION).get(0)) + + List authorizations = + request.getHeaders().containsKey(HttpHeaders.AUTHORIZATION) ? + request.getHeaders().get(HttpHeaders.AUTHORIZATION) : null; + + if (authorizations != null && authorizations.size() > 0 + && StringUtils.hasLength(authorizations.get(0)) + && !"undefined".equals(authorizations.get(0)) ) { try { - authorizationHeader = request.getHeaders().get(HttpHeaders.AUTHORIZATION).get(0); + authorizationHeader = authorizations.get(0); String jwt = authorizationHeader.replace("Bearer", ""); String subject = Jwts.parser().setSigningKey(TOKEN_SECRET) - .parseClaimsJws(jwt) - .getBody() - .getSubject(); + .parseClaimsJws(jwt) + .getBody() + .getSubject(); // refresh token 요청 시 토큰 검증만 하고 인가 처리 한다. if (REFRESH_TOKEN_URI.equals(requestPath + "")) { @@ -105,16 +111,16 @@ public class ReactiveAuthorization implements ReactiveAuthorizationManager body = WebClient.create(baseUrl) - .get() - .headers(httpHeaders -> { - httpHeaders.add(HttpHeaders.AUTHORIZATION, token); - }) - .retrieve().bodyToMono(Boolean.class); - granted = body.block(); + .get() + .headers(httpHeaders -> { + httpHeaders.add(HttpHeaders.AUTHORIZATION, token); + }) + .retrieve().bodyToMono(Boolean.class); + granted = body.blockOptional().orElse(false); log.info("Security AuthorizationDecision granted={}", granted); } catch (Exception e) { log.error("인가 서버에 요청 중 오류 : {}", e.getMessage());