From 5a55db26ebf7ffed8d3cc9737c3c44a3da790a45 Mon Sep 17 00:00:00 2001 From: jiminnimij <124450012+jiminnimij@users.noreply.github.com> Date: Wed, 11 Feb 2026 14:58:10 +0900 Subject: [PATCH 1/6] =?UTF-8?q?hotfix:=20API=20=EC=9A=94=EC=B2=AD=EC=97=90?= =?UTF-8?q?=EC=84=9C=20basic=20=EA=B4=80=EB=A0=A8=20=ED=97=A4=EB=8D=94=20?= =?UTF-8?q?=EB=AC=B4=EC=8B=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/config/SecurityConfig.java | 53 +++++++++---------- 1 file changed, 26 insertions(+), 27 deletions(-) diff --git a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java index b80c5e3..2b56c1f 100644 --- a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java +++ b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java @@ -6,6 +6,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -25,6 +26,8 @@ import java.util.Arrays; +import static org.springframework.security.config.Customizer.withDefaults; + @Configuration @EnableWebSecurity @RequiredArgsConstructor @@ -73,39 +76,35 @@ public PasswordEncoder passwordEncoder() { }; @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + @Order(1) + public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exception { http - .cors(c -> c.configurationSource(corsConfigurationSource())) + .securityMatcher(SwaggerPatterns) .csrf(AbstractHttpConfigurer::disable) - .httpBasic(AbstractHttpConfigurer::disable) - .formLogin(AbstractHttpConfigurer::disable); + .authorizeHttpRequests(auth -> auth.anyRequest().authenticated()) + .httpBasic(withDefaults()); - http.sessionManagement(session -> - session.sessionCreationPolicy(SessionCreationPolicy.STATELESS) - ); - - if (environmentUtil.isProdProfile()) { - http - .authorizeHttpRequests(auth -> auth - .requestMatchers(SwaggerPatterns).authenticated() - ) - .httpBasic(basic -> {}); - } - else { - http - .authorizeHttpRequests(auth -> auth - .requestMatchers(SwaggerPatterns).permitAll() - ); - } + return http.build(); + } + @Bean + @Order(2) + public SecurityFilterChain apiFilterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(auth -> auth - .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .requestMatchers(PermitAllPatterns).permitAll() - .requestMatchers(HttpMethod.GET, GetPermitPatterns).permitAll() - .anyRequest().authenticated() - ); + .csrf(AbstractHttpConfigurer::disable) + .httpBasic(AbstractHttpConfigurer::disable) + .formLogin(AbstractHttpConfigurer::disable) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .cors(c -> c.configurationSource(corsConfigurationSource())); + + http.authorizeHttpRequests(auth -> auth + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(HttpMethod.GET, GetPermitPatterns).permitAll() + .requestMatchers(PermitAllPatterns).permitAll() + .anyRequest().authenticated() + ); + // JWT 필터 추가 http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); From 07711d188035a90e8cbbb721676db0eec5b9823e Mon Sep 17 00:00:00 2001 From: jiminnimij <124450012+jiminnimij@users.noreply.github.com> Date: Wed, 11 Feb 2026 15:03:47 +0900 Subject: [PATCH 2/6] =?UTF-8?q?hotfix:=20gradle=20=ED=97=AC=EC=8A=A4?= =?UTF-8?q?=EC=B2=B4=ED=81=AC=20=ED=9A=9F=EC=88=98=20=EC=A6=9D=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a773736..d4f9757 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -231,7 +231,7 @@ jobs: key: ${{ secrets.EC2_KEY }} script: | set -e - for i in {1..10}; do + for i in {1..20}; do echo "[$i] health check..." if curl -f http://localhost:${{ env.STOPPED_PORT }}/actuator/health > /dev/null 2>&1; then echo "health check success" From 56b855e92b9f4c84d4b54b5660cf4c5352c4a762 Mon Sep 17 00:00:00 2001 From: Seoah <0325sandy@ewhain.net> Date: Thu, 12 Feb 2026 15:53:40 +0900 Subject: [PATCH 3/6] =?UTF-8?q?hotfix:=20=EA=B5=AC=EA=B8=80=20=EB=A1=9C?= =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EC=97=B0=EB=8F=99=20=EB=AC=B8=EC=A0=9C=20?= =?UTF-8?q?=ED=95=B4=EA=B2=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../domain/auth/controller/OauthController.java | 2 +- .../studioxBe/domain/auth/service/OauthService.java | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/main/java/net/studioxai/studioxBe/domain/auth/controller/OauthController.java b/src/main/java/net/studioxai/studioxBe/domain/auth/controller/OauthController.java index bad9a52..1cf6cb7 100644 --- a/src/main/java/net/studioxai/studioxBe/domain/auth/controller/OauthController.java +++ b/src/main/java/net/studioxai/studioxBe/domain/auth/controller/OauthController.java @@ -33,7 +33,7 @@ public ResponseEntity redirectToGoogleLogin(@RequestParam String redirectU // 구글 로그인 콜백(인가 코드 수신) - @GetMapping("/oauth/google/callback") + @GetMapping("/v1/oauth/google/callback") public ResponseEntity googleCallback(@RequestParam String code, @RequestParam String state) { GoogleCallbackDto googleCallbackDto = oauthService.loginWithGoogle(code, state); diff --git a/src/main/java/net/studioxai/studioxBe/domain/auth/service/OauthService.java b/src/main/java/net/studioxai/studioxBe/domain/auth/service/OauthService.java index 9ae11a9..49f1227 100644 --- a/src/main/java/net/studioxai/studioxBe/domain/auth/service/OauthService.java +++ b/src/main/java/net/studioxai/studioxBe/domain/auth/service/OauthService.java @@ -14,7 +14,9 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.util.UriUtils; +import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Map; import java.util.UUID; @@ -38,16 +40,19 @@ public String getGoogleLoginUrl(String redirectUrl) { return googleOauth.getOauthRedirectURL(redirectUrl); } - public GoogleCallbackDto loginWithGoogle(String code, String redirectUrl) { + public GoogleCallbackDto loginWithGoogle(String code, String state) { validateCode(code); - validateRedirectUrl(redirectUrl); + + String decodedRedirectUrl = UriUtils.decode(state, StandardCharsets.UTF_8); + + validateRedirectUrl(decodedRedirectUrl); GoogleUserInfoResponse userInfo = getGoogleUserInfo(code); User user = findOrCreateGoogleUser(userInfo); Map tokens = authService.issueTokens(user.getId()); - return GoogleCallbackDto.create(redirectUrl, tokens.get("accessToken"), tokens.get("refreshToken")); + return GoogleCallbackDto.create(decodedRedirectUrl, tokens.get("accessToken"), tokens.get("refreshToken")); } private void validateCode(String code) { From 694e2c911ad25fd597c24872a75a17693230efc4 Mon Sep 17 00:00:00 2001 From: jiminnimij <124450012+jiminnimij@users.noreply.github.com> Date: Fri, 13 Feb 2026 15:27:08 +0900 Subject: [PATCH 4/6] =?UTF-8?q?hotfix:=20swagger=20403=20=EC=97=90?= =?UTF-8?q?=EB=9F=AC=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit swagger patter matcher 추가 api filter chain 에 /api 경로 추가로 basic auth가 정상 작동하도록 수정 --- .../global/config/SecurityConfig.java | 41 +++++++++++++------ 1 file changed, 28 insertions(+), 13 deletions(-) diff --git a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java index b80c5e3..0095381 100644 --- a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java +++ b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java @@ -6,6 +6,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; @@ -25,6 +26,8 @@ import java.util.Arrays; +import static org.springframework.security.config.Customizer.withDefaults; + @Configuration @EnableWebSecurity @RequiredArgsConstructor @@ -73,8 +76,10 @@ public PasswordEncoder passwordEncoder() { }; @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + @Order(1) + public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exception { http + .securityMatcher(SwaggerPatterns) .cors(c -> c.configurationSource(corsConfigurationSource())) .csrf(AbstractHttpConfigurer::disable) .httpBasic(AbstractHttpConfigurer::disable) @@ -90,21 +95,31 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .requestMatchers(SwaggerPatterns).authenticated() ) .httpBasic(basic -> {}); - } - else { + } else { http - .authorizeHttpRequests(auth -> auth - .requestMatchers(SwaggerPatterns).permitAll() - ); + .authorizeHttpRequests(auth -> auth.anyRequest().permitAll()); } + return http.build(); + } + + @Bean + @Order(2) + public SecurityFilterChain apiFilterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests(auth -> auth - .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() - .requestMatchers(PermitAllPatterns).permitAll() - .requestMatchers(HttpMethod.GET, GetPermitPatterns).permitAll() - .anyRequest().authenticated() - ); + .securityMatcher("/api/**") + .csrf(AbstractHttpConfigurer::disable) + .httpBasic(AbstractHttpConfigurer::disable) + .formLogin(AbstractHttpConfigurer::disable) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .cors(c -> c.configurationSource(corsConfigurationSource())); + + http.authorizeHttpRequests(auth -> auth + .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll() + .requestMatchers(HttpMethod.GET, GetPermitPatterns).permitAll() + .requestMatchers(PermitAllPatterns).permitAll() + .anyRequest().authenticated() + ); http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); @@ -136,4 +151,4 @@ public CorsConfigurationSource corsConfigurationSource() { } -} +} \ No newline at end of file From b678d9bbd69c7962362a3a2ed19fbef4f0b986a8 Mon Sep 17 00:00:00 2001 From: jiminnimij <124450012+jiminnimij@users.noreply.github.com> Date: Fri, 13 Feb 2026 15:44:25 +0900 Subject: [PATCH 5/6] =?UTF-8?q?hotfix:=20matcher=202=EB=B2=88=20=EC=A0=81?= =?UTF-8?q?=EC=9A=A9=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../studioxai/studioxBe/global/config/SecurityConfig.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java index 2dfe298..fe6f55d 100644 --- a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java +++ b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java @@ -91,10 +91,8 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio if (environmentUtil.isProdProfile()) { http - .authorizeHttpRequests(auth -> auth - .requestMatchers(SwaggerPatterns).authenticated() - ) - .httpBasic(basic -> {}); + .authorizeHttpRequests(auth -> auth.anyRequest().authenticated()) + .httpBasic(withDefaults()); } else { http .authorizeHttpRequests(auth -> auth.anyRequest().permitAll()); From 7f939fc817b9babac23cbe4cffc0a36622c9f6e9 Mon Sep 17 00:00:00 2001 From: jiminnimij <124450012+jiminnimij@users.noreply.github.com> Date: Fri, 13 Feb 2026 15:51:29 +0900 Subject: [PATCH 6/6] =?UTF-8?q?hotfix:=20anyRequest=202=EB=B2=88=20?= =?UTF-8?q?=EC=A0=81=EC=9A=A9=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../net/studioxai/studioxBe/global/config/SecurityConfig.java | 1 - 1 file changed, 1 deletion(-) diff --git a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java index fe6f55d..e8e0049 100644 --- a/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java +++ b/src/main/java/net/studioxai/studioxBe/global/config/SecurityConfig.java @@ -82,7 +82,6 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio .securityMatcher(SwaggerPatterns) .cors(c -> c.configurationSource(corsConfigurationSource())) .csrf(AbstractHttpConfigurer::disable) - .authorizeHttpRequests(auth -> auth.anyRequest().authenticated()) .httpBasic(withDefaults()); http.sessionManagement(session ->