From 017ea5c5ad239d906bdb7f85f9290a01dd99e8d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EC=B2=9C=20=EC=A7=84=EA=B0=95?= <jjjjjk12@ajou.ac.kr>
Date: Sat, 29 Mar 2025 11:08:48 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=ED=94=84=EB=A1=9C=EC=A0=9D=ED=8A=B8=20?=
=?UTF-8?q?=EC=97=AD=ED=95=A0=EA=B3=BC=20=EA=B6=8C=ED=95=9C=EC=9D=B4=20?=
=?UTF-8?q?=EC=9D=BC=EC=B9=98=ED=95=98=EC=A7=80=20=EC=95=8A=EB=8D=98=20?=
=?UTF-8?q?=EB=AC=B8=EC=A0=9C=20=ED=95=B4=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../java/com/aolda/itda/config/AuthInterceptor.java | 6 +++---
.../java/com/aolda/itda/service/AuthService.java | 13 +++++--------
2 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/src/main/java/com/aolda/itda/config/AuthInterceptor.java b/src/main/java/com/aolda/itda/config/AuthInterceptor.java
index 7c9f87f..fd78fb6 100644
--- a/src/main/java/com/aolda/itda/config/AuthInterceptor.java
+++ b/src/main/java/com/aolda/itda/config/AuthInterceptor.java
@@ -43,10 +43,10 @@ public class AuthInterceptor implements HandlerInterceptor {
if (projectId != null) {
try {
- String role = authService.getBestRoleWithinProject(token, projectId).get("role");
- if (!role.equals("admin")) {
- log.error("Unauthorized Token for URI {}: {}", request.getRequestURI(), request.getRemoteAddr());
+ authService.getBestRoleWithinProject(token, projectId).get("role");
+ if (!request.getMethod().equals("GET") && !authService.getBestRoleWithinProject(token, projectId).get("role").equals("admin")) {
throw new CustomException(ErrorCode.UNAUTHORIZED_USER, request.getRequestURI());
+
}
} catch (Exception e) {
throw new CustomException(ErrorCode.UNAUTHORIZED_USER, request.getRequestURI());
diff --git a/src/main/java/com/aolda/itda/service/AuthService.java b/src/main/java/com/aolda/itda/service/AuthService.java
index a222e28..4c1740e 100644
--- a/src/main/java/com/aolda/itda/service/AuthService.java
+++ b/src/main/java/com/aolda/itda/service/AuthService.java
@@ -96,7 +96,6 @@ public class AuthService {
try {
res = restTemplate.postForEntity(url, requestEntity, Map.class);
} catch (Exception e) {
- e.printStackTrace();
throw new CustomException(ErrorCode.INVALID_USER_INFO);
}
Map<String, Object> resToken = (Map<String, Object>) res.getBody().get("token");
@@ -140,7 +139,7 @@ public class AuthService {
try {
requestEntity = new HttpEntity<>(requestBody, headers);
res = restTemplate.postForEntity(url, requestEntity, Map.class);
- } catch (RuntimeException e) {
+ } catch (Exception e) {
return null;
}
@@ -185,8 +184,7 @@ public class AuthService {
} catch (HttpClientErrorException.Forbidden e) {
return unscopedToken;
}
- catch (RuntimeException e) {
- e.printStackTrace();
+ catch (Exception e) {
throw new CustomException(ErrorCode.INVALID_TOKEN);
}
@@ -290,7 +288,7 @@ public class AuthService {
ResponseEntity<String> res;
try {
res = restTemplate.exchange(url, HttpMethod.GET, requestEntity, String.class);
- } catch (HttpClientErrorException.NotFound e) {
+ } catch (Exception e) {
throw new CustomException(ErrorCode.INVALID_TOKEN);
}
return objectMapper.readTree(res.getBody()).path("token").path("user").path("id").asText();
@@ -305,7 +303,7 @@ public class AuthService {
ResponseEntity<String> res;
try {
res = restTemplate.exchange(url, HttpMethod.GET, requestEntity, String.class);
- } catch (HttpClientErrorException.NotFound e) {
+ } catch (Exception e) {
throw new CustomException(ErrorCode.INVALID_TOKEN);
}
@@ -338,8 +336,7 @@ public class AuthService {
ResponseEntity<String> res;
try {
res = restTemplate.exchange(url, HttpMethod.GET, requestEntity, String.class);
- } catch (RuntimeException e) {
- e.printStackTrace();
+ } catch (Exception e) {
return false;
}
JsonNode node = objectMapper.readTree(res.getBody()).path("role_assignments");
--
GitLab