Merge branch 'feature/security' of https://github.com/codej99/SpringRestApi into feature/security

# Conflicts:
#	src/main/java/com/rest/api/config/security/CustomAccessDeniedHandler.java
#	src/main/java/com/rest/api/config/security/SecurityConfiguration.java

Author: kimyonghwa

README.md

@@ -0,0 +1,99 @@
+# Spring Rest Api 만들기 프로젝트
+
+### 0. 개요
+- SpringBoot2 framework 기반에서 RESTful api 서비스를 Step by Step으로 만들어 나가는 프로젝트
+- daddyprogrammer.org에서 연재 및 소스 Github 등록
+    - https://daddyprogrammer.org/post/series/springboot2%EB%A1%9C-rest-api-%EB%A7%8C%EB%93%A4%EA%B8%B0/
+
+### 1. 개발환경
+- Java 8~11
+- SpringBoot 2.x
+- SpringSecurity 5.x
+- JPA, H2
+- Intellij Community
+
+### 2. 프로젝트 실행
+- H2 database 설치
+    - https://www.h2database.com/html/download.html
+- intellij lombok 플러그인 설치
+    - Preferences -> Plugins -> Browse repositories... -> search lombok -> Install "IntelliJ Lombok plugin"
+- Enable annotation processing
+    - Preferences - Annotation Procesors - Enable annotation processing 체크
+- build.gradle에 lombok 추가(Git을 받은경우 이미 추가되어있음)
+    - compileOnly 'org.projectlombok:lombok:1.16.16'
+- 실행
+    - Run -> SpringBootApiApplication
+- Swagger
+    - http://localhost:8080/swagger-ui.html
+    
+### 3. DDL
+create table user (
+       msrl bigint not null auto_increment,
+        name varchar(100) not null,
+        password varchar(100),
+        provider varchar(100),
+        uid varchar(50) not null,
+        primary key (msrl)
+    ) engine=InnoDB;
+    
+create table user_roles (
+       user_msrl bigint not null,
+        roles varchar(255)
+    ) engine=InnoDB;
+    
+    
+alter table user 
+add constraint UK_a7hlm8sj8kmijx6ucp7wfyt31 unique (uid);
+
+alter table user_roles 
+       add constraint FKel3d4qj41g0sy1mtp4sh055g7 
+       foreign key (user_msrl) 
+       references user (msrl);
+       
+### 4. 목차
+- SpringBoot2로 Rest api 만들기(1) – Intellij Community에서 프로젝트생성
+    - Document
+        - https://daddyprogrammer.org/post/19/spring-boot1-start-intellij/
+- SpringBoot2로 Rest api 만들기(2) – HelloWorld
+    - Document
+        - https://daddyprogrammer.org/post/41/spring-boot2-helloworld/
+- SpringBoot2로 Rest api 만들기(3) – H2 Database 연동
+    - Document
+        - https://daddyprogrammer.org/post/152/spring-boot2-h2-database-intergrate/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/h2
+- SpringBoot2로 Rest api 만들기(4) – Swagger API 문서 자동화
+    - Document
+        - https://daddyprogrammer.org/post/313/swagger-api-doc/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/swagger
+- SpringBoot2로 Rest api 만들기(5) – API 인터페이스 및 결과 데이터 구조 설계
+    - Document
+        - https://daddyprogrammer.org/post/404/spring-boot2-5-design-api-interface-and-data-structure/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/api-structure
+- SpringBoot2로 Rest api 만들기(6) – ControllerAdvice를 이용한 Exception처리
+    - Document 
+        - https://daddyprogrammer.org/post/446/spring-boot2-5-exception-handling/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/controller-advice
+- SpringBoot2로 Rest api 만들기(7) – MessageSource를 이용한 Exception 처리
+    - Document
+        - https://daddyprogrammer.org/post/499/springboot2-message-exception-handling-with-controlleradvice/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/messagesource
+- SpringBoot2로 Rest api 만들기(8) – SpringSecurity를 이용한 인증 및 권한부여
+    - Document
+        - https://daddyprogrammer.org/post/636/springboot2-springsecurity-authentication-authorization/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/security
+- SpringBoot2로 Rest api 만들기(9) – Unit Test
+    - Document
+        - https://daddyprogrammer.org/post/938/springboot2-restapi-unit-test/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/junit-test
+- SpringBoot2로 Rest api 만들기(10) – Social Login kakao
+    - Document
+        - https://daddyprogrammer.org/post/1012/springboot2-rest-api-social-login-kakao/
+    - Git
+        - https://github.com/codej99/SpringRestApi/tree/feature/social-kakao

build.gradle

@@ -1,6 +1,7 @@
 plugins {
     id 'org.springframework.boot' version '2.1.4.RELEASE'
     id 'java'
+    id "org.sonarqube" version "2.7"
 }
 
 apply plugin: 'io.spring.dependency-management'
@@ -28,9 +29,11 @@ dependencies {
     implementation 'io.springfox:springfox-swagger2:2.6.1'
     implementation 'io.springfox:springfox-swagger-ui:2.6.1'
     implementation 'net.rakugakibox.util:yaml-resource-bundle:1.1'
+    implementation 'com.google.code.gson:gson'
     compileOnly 'org.projectlombok:lombok'
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'mysql:mysql-connector-java'
     annotationProcessor 'org.projectlombok:lombok'
+    testImplementation 'org.springframework.security:spring-security-test'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
 }

src/main/java/com/rest/api/SpringRestApiApplication.java

@@ -5,6 +5,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.web.client.RestTemplate;
 
 @SpringBootApplication
 public class SpringRestApiApplication {
@@ -16,4 +17,9 @@ public static void main(String[] args) {
     public PasswordEncoder passwordEncoder() {
         return PasswordEncoderFactories.createDelegatingPasswordEncoder();
     }
+
+    @Bean
+    public RestTemplate getRestTemplate() {
+        return new RestTemplate();
+    }
 }

src/main/java/com/rest/api/advice/ExceptionAdvice.java

@@ -1,8 +1,6 @@
 package com.rest.api.advice;
 
-import com.rest.api.advice.exception.CAuthenticationEntryPointException;
-import com.rest.api.advice.exception.CEmailSigninFailedException;
-import com.rest.api.advice.exception.CUserNotFoundException;
+import com.rest.api.advice.exception.*;
 import com.rest.api.model.response.CommonResult;
 import com.rest.api.service.ResponseService;
 import lombok.RequiredArgsConstructor;
@@ -51,10 +49,22 @@ public CommonResult authenticationEntryPointException(HttpServletRequest request
 
     @ExceptionHandler(AccessDeniedException.class)
     @ResponseStatus(HttpStatus.UNAUTHORIZED)
-    public CommonResult AccessDeniedException(HttpServletRequest request, AccessDeniedException e) {
+    public CommonResult accessDeniedException(HttpServletRequest request, AccessDeniedException e) {
         return responseService.getFailResult(Integer.valueOf(getMessage("accessDenied.code")), getMessage("accessDenied.msg"));
     }
 
+    @ExceptionHandler(CCommunicationException.class)
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    public CommonResult communicationException(HttpServletRequest request, CCommunicationException e) {
+        return responseService.getFailResult(Integer.valueOf(getMessage("communicationError.code")), getMessage("communicationError.msg"));
+    }
+
+    @ExceptionHandler(CUserExistException.class)
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    public CommonResult communicationException(HttpServletRequest request, CUserExistException e) {
+        return responseService.getFailResult(Integer.valueOf(getMessage("existingUser.code")), getMessage("existingUser.msg"));
+    }
+
     // code정보에 해당하는 메시지를 조회합니다.
     private String getMessage(String code) {
         return getMessage(code, null);

src/main/java/com/rest/api/advice/exception/CCommunicationException.java

@@ -0,0 +1,15 @@
+package com.rest.api.advice.exception;
+
+public class CCommunicationException extends RuntimeException {
+    public CCommunicationException(String msg, Throwable t) {
+        super(msg, t);
+    }
+
+    public CCommunicationException(String msg) {
+        super(msg);
+    }
+
+    public CCommunicationException() {
+        super();
+    }
+}

src/main/java/com/rest/api/advice/exception/CUserExistException.java

@@ -0,0 +1,15 @@
+package com.rest.api.advice.exception;
+
+public class CUserExistException extends RuntimeException {
+    public CUserExistException(String msg, Throwable t) {
+        super(msg, t);
+    }
+
+    public CUserExistException(String msg) {
+        super(msg);
+    }
+
+    public CUserExistException() {
+        super();
+    }
+}

src/main/java/com/rest/api/config/MessageConfiguration.java

@@ -1,6 +1,5 @@
 package com.rest.api.config;
 
-import lombok.extern.slf4j.Slf4j;
 import net.rakugakibox.util.YamlResourceBundle;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.MessageSource;
@@ -14,7 +13,6 @@
 import org.springframework.web.servlet.i18n.SessionLocaleResolver;
 
 import java.util.Locale;
-import java.util.MissingResourceException;
 import java.util.ResourceBundle;
 
 @Configuration
@@ -56,7 +54,7 @@ public MessageSource messageSource(
     // locale 정보에 따라 다른 yml 파일을 읽도록 처리
     private static class YamlMessageSource extends ResourceBundleMessageSource {
         @Override
-        protected ResourceBundle doGetBundle(String basename, Locale locale) throws MissingResourceException {
+        protected ResourceBundle doGetBundle(String basename, Locale locale) {
             return ResourceBundle.getBundle(basename, locale, YamlResourceBundle.Control.INSTANCE);
         }
     }

src/main/java/com/rest/api/config/security/CustomAccessDeniedHandler.java

@@ -1,14 +1,10 @@
 package com.rest.api.config.security;
 
 import lombok.extern.slf4j.Slf4j;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.stereotype.Component;
 
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -17,11 +13,8 @@
 @Component
 public class CustomAccessDeniedHandler implements AccessDeniedHandler {
 
-	private static final Logger logger = LoggerFactory.getLogger(CustomAccessDeniedHandler.class);
-
-	@Override
-	public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException,
-            ServletException {
-		response.sendRedirect("/exception/accessdenied");
-	}
+    @Override
+    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException exception) throws IOException {
+        response.sendRedirect("/exception/accessdenied");
+    }
 }

src/main/java/com/rest/api/config/security/JwtTokenProvider.java

@@ -22,7 +22,7 @@
 @Component
 public class JwtTokenProvider { // JWT 토큰을 생성 및 검증 모듈
 
-    @Value("spring.jwt.secret")
+    @Value("${spring.jwt.secret}")
     private String secretKey;
 
     private long tokenValidMilisecond = 1000L * 60 * 60; // 1시간만 토큰 유효

src/main/java/com/rest/api/config/security/SecurityConfiguration.java

@@ -31,7 +31,7 @@ protected void configure(HttpSecurity http) throws Exception {
             .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) // jwt token으로 인증할것이므로 세션필요없으므로 생성안함.
             .and()
                 .authorizeRequests() // 다음 리퀘스트에 대한 사용권한 체크
-                    .antMatchers("/*/signin", "/*/signup").permitAll() // 가입 및 인증 주소는 누구나 접근가능
+                    .antMatchers("/*/signin", "/*/signin/**", "/*/signup", "/*/signup/**", "/social/**").permitAll() // 가입 및 인증 주소는 누구나 접근가능
                     .antMatchers(HttpMethod.GET, "/exception/**","/helloworld/**").permitAll() // hellowworld로 시작하는 GET요청 리소스는 누구나 접근가능
                 .antMatchers("/*/users").hasRole("ADMIN")
                 .anyRequest().hasRole("USER") // 그외 나머지 요청은 모두 인증된 회원만 접근 가능

src/main/java/com/rest/api/controller/HelloController.java

@@ -2,13 +2,17 @@
 
 import lombok.Getter;
 import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 
+@Slf4j
 @Controller
 public class HelloController {
 
+    private static final String HELLO = "helloworld";
+
     @Setter
     @Getter
     public static class Hello {
@@ -18,19 +22,21 @@ public static class Hello {
     @GetMapping(value = "/helloworld/string")
     @ResponseBody
     public String helloworldString() {
-        return "helloworld";
+        log.debug("Helloworld");
+        log.info("Helloworld");
+        return HELLO;
     }
 
     @GetMapping(value = "/helloworld/json")
     @ResponseBody
     public Hello helloworldJson() {
         Hello hello = new Hello();
-        hello.message = "helloworld";
+        hello.message = HELLO;
         return hello;
     }
 
     @GetMapping(value = "/helloworld/page")
     public String helloworld() {
-        return "helloworld";
+        return HELLO;
     }
 }

src/main/java/com/rest/api/controller/common/SocialController.java

@@ -0,0 +1,60 @@
+package com.rest.api.controller.common;
+
+import com.google.gson.Gson;
+import com.rest.api.service.social.KakaoService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.servlet.ModelAndView;
+
+@RequiredArgsConstructor
+@Controller
+@RequestMapping("/social/login")
+public class SocialController {
+
+    private final Environment env;
+    private final RestTemplate restTemplate;
+    private final Gson gson;
+    private final KakaoService kakaoService;
+
+    @Value("${spring.url.base}")
+    private String baseUrl;
+
+    @Value("${spring.social.kakao.client_id}")
+    private String kakaoClientId;
+
+    @Value("${spring.social.kakao.redirect}")
+    private String kakaoRedirect;
+
+    /**
+     * 카카오 로그인 페이지
+     */
+    @GetMapping
+    public ModelAndView socialLogin(ModelAndView mav) {
+
+        StringBuilder loginUrl = new StringBuilder()
+                .append(env.getProperty("spring.social.kakao.url.login"))
+                .append("?client_id=").append(kakaoClientId)
+                .append("&response_type=code")
+                .append("&redirect_uri=").append(baseUrl).append(kakaoRedirect);
+
+        mav.addObject("loginUrl", loginUrl);
+        mav.setViewName("social/login");
+        return mav;
+    }
+
+    /**
+     * 카카오 인증 완료 후 리다이렉트 화면
+     */
+    @GetMapping(value = "/kakao")
+    public ModelAndView redirectKakao(ModelAndView mav, @RequestParam String code) {
+        mav.addObject("authInfo", kakaoService.getKakaoTokenInfo(code));
+        mav.setViewName("social/redirectKakao");
+        return mav;
+    }
+}