Spring Boot Profile Server for Authorization Server

By | 2021년 7월 31일
1 Comment
Table of Contents

Spring Boot Profile Server for Authorization Server

목표

요청된 사용자 정보를 제공하는 프로파일 서버를 생성합니다.

소스코드

여기 에 전체 소스코드가 올라가 있습니다.

build.gradle 수정

dependencies {
    implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
    implementation 'org.springframework.boot:spring-boot-starter-web'
    implementation 'org.springframework.security:spring-security-jwt'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    implementation 'commons-io:commons-io:2.6'

    // 버전을 명시적으로 지정해야 한다(?)
    implementation 'org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.5.2'

    runtimeOnly 'mysql:mysql-connector-java'
    compileOnly 'org.projectlombok:lombok'
    developmentOnly 'org.springframework.boot:spring-boot-devtools'
    annotationProcessor 'org.projectlombok:lombok'
    testImplementation 'org.springframework.boot:spring-boot-starter-test'
}

application.yml 수정

spring:
  datasource:
    url: jdbc:mysql://${MYSQL_HOST:localhost}:3306/db_oauth2
    username: root
    password: abcd1234
    driver-class-name: com.mysql.cj.jdbc.Driver

security:
  oauth2:
    resource:
      jwt:
        key-uri: http://auth.localhost:9000/oauth/token_key

server:
  port: 9001

logging:
  level:
    org:
      springframework:
        web: INFO
        security: INFO

파일 추가

User.java

@Getter
@Entity
@Table(name = "tbl_user")
public class User {

    @Id
    @Column
    private String uid;

    @Column
    private String name;

    @Column
    private String email;
}

UserRepository.java

public interface UserRepository extends JpaRepository<User, Long> {

    Optional<User> findByUid(String email);
}

UserProfile.java

@Setter
@Getter
public class UserProfile {

    private String name;
    private String email;

    public UserProfile(String name) {
        this.name = name;
    }
}

UserInfoController.java

@RequiredArgsConstructor
@RestController
@RequestMapping("/api")
public class UserInfoController {

    private final UserRepository userRepository;

    @GetMapping("/userinfo")
    public ResponseEntity<?> userInfo() {

        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

        String name = authentication.getName();
        UserProfile profile = new UserProfile(name);

        OAuth2Authentication oAuth2Authentication;
        if (authentication instanceof OAuth2Authentication) {
            oAuth2Authentication = (OAuth2Authentication) authentication;
            Set<String> scopes = oAuth2Authentication.getOAuth2Request().getScope();

            Optional<User> user = userRepository.findByUid(name);
            if (user.isEmpty()) {
                return ResponseEntity.ok(profile);
            }

            if (scopes.contains("email")) {
                profile.setEmail(user.get().getEmail());
            }
        }

        return ResponseEntity.ok(profile);
    }
}

Profile Server 에 회원가입 API 추가

Profile Server 에 회원가입 API 추가

비밀번호 규칙 강화

비밀번호 규칙 강화

Post Views: 795

One thought on “Spring Boot Profile Server for Authorization Server

  1. Pingback: Spring Boot OAuth2 Authorization Server 구축 – 상구리의 기술 블로그

답글 남기기