From f2f60cc71f44f5d54a7c7a59873d385449201b36 Mon Sep 17 00:00:00 2001
From: Jihun Kim <zh1229@naver.com>
Date: Tue, 1 Jul 2025 15:48:41 +0900
Subject: [PATCH] =?UTF-8?q?refactor:=20jwt=20=EA=B4=80=EB=A0=A8=20?=
 =?UTF-8?q?=EC=84=A4=EC=A0=95=20=EB=B3=B5=EA=B5=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/jwt/JwtAuthorizationFilter.java      | 67 ----------------
 .../frontsecurity/auth/jwt/JwtUtil.java       | 76 -------------------
 2 files changed, 143 deletions(-)
 delete mode 100644 security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtAuthorizationFilter.java
 delete mode 100644 security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtUtil.java

diff --git a/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtAuthorizationFilter.java b/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtAuthorizationFilter.java
deleted file mode 100644
index 3969108e..00000000
--- a/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtAuthorizationFilter.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package com.nowait.frontsecurity.auth.jwt;
-
-import java.io.IOException;
-
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.filter.OncePerRequestFilter;
-import com.nowait.externaloauth.service.CustomUserDetailService;
-
-import jakarta.servlet.FilterChain;
-import jakarta.servlet.ServletException;
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
-import lombok.RequiredArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-
-@RequiredArgsConstructor
-@Slf4j
-public class JwtAuthorizationFilter extends OncePerRequestFilter {
-	private final JwtUtil jwtUtil;
-	private final CustomUserDetailService userDetailsService;
-
-	@Override
-	protected void doFilterInternal(
-		HttpServletRequest request,
-		HttpServletResponse response,
-		FilterChain filterChain
-	) throws ServletException, IOException {
-		try {
-			String token = extractTokenFromRequest(request);
-			if (token != null) {
-				// 만료 체크
-				if (jwtUtil.isExpired(token)) {
-					response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-					response.getWriter().print("access token expired");
-					return;
-				}
-				// 토큰 category 체크(불필요하면 생략)
-				String tokenCategory = jwtUtil.getTokenCategory(token);
-				if (!"accessToken".equals(tokenCategory)) {
-					response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-					response.getWriter().print("invalid access token");
-					return;
-				}
-				// userId 추출 → UserDetails 조회
-				Long userId = jwtUtil.getUserId(token);
-				var userDetails = userDetailsService.loadUserById(userId);
-				// 인증 객체 생성 및 컨텍스트에 설정
-				UsernamePasswordAuthenticationToken authenticationToken =
-					new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-				SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-			}
-		} catch (Exception ex) {
-			log.error("JWT filter error: {}", ex.getMessage());
-		} finally {
-			filterChain.doFilter(request, response);
-		}
-	}
-
-	private String extractTokenFromRequest(HttpServletRequest request) {
-		String header = request.getHeader("Authorization");
-		if (header != null && header.startsWith("Bearer ")) {
-			return header.substring(7);
-		}
-		return null;
-	}
-}
diff --git a/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtUtil.java b/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtUtil.java
deleted file mode 100644
index 9c41194e..00000000
--- a/security-front/src/main/java/com/nowait/frontsecurity/auth/jwt/JwtUtil.java
+++ /dev/null
@@ -1,76 +0,0 @@
-package com.nowait.frontsecurity.auth.jwt;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Date;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
-
-import io.jsonwebtoken.Jwts;
-
-@Component
-public class JwtUtil {
-	private final SecretKey secretKey;
-
-	// 시크릿 키를 암호화하여, 키 생성
-	public JwtUtil(@Value("${jwt.secret}") String secret) {
-		this.secretKey = new SecretKeySpec(
-			secret.getBytes(StandardCharsets.UTF_8),
-			Jwts.SIG.HS256.key().build().getAlgorithm()
-		);
-	}
-
-	public String createAccessToken(String tokenCategory, Long userId, String role, Long expiredMs) {
-		return Jwts.builder()
-			.claim("tokenCategory", tokenCategory) // accessToken
-			.claim("userId", userId)
-			.claim("role", role)
-			.issuedAt(new Date(System.currentTimeMillis()))
-			.expiration(new Date(System.currentTimeMillis() + expiredMs))
-			.signWith(secretKey)
-			.compact();
-	}
-
-	public String createRefreshToken(String tokenCategory, Long userId, Long expiredMs) {
-		return Jwts.builder()
-			.claim("tokenCategory", tokenCategory) // refreshToken
-			.claim("userId", userId)
-			.issuedAt(new Date(System.currentTimeMillis()))
-			.expiration(new Date(System.currentTimeMillis() + expiredMs))
-			.signWith(secretKey)
-			.compact();
-	}
-
-	public String getTokenCategory(String token) {
-		return Jwts.parser().verifyWith(secretKey).build()
-			.parseClaimsJws(token)
-			.getBody()
-			.get("tokenCategory", String.class);
-	}
-
-	public String getRole(String token) {
-		return Jwts.parser().verifyWith(secretKey).build()
-			.parseClaimsJws(token)
-			.getBody()
-			.get("role", String.class);
-	}
-
-	public Long getUserId(String token) {
-		return Jwts.parser().verifyWith(secretKey).build()
-			.parseClaimsJws(token)
-			.getBody()
-			.get("userId", Long.class);
-	}
-
-	public Boolean isExpired(String token) {
-		return Jwts.parser().verifyWith(secretKey).build()
-			.parseSignedClaims(token)
-			.getPayload()
-			.getExpiration()
-			.before(new Date());
-	}
-
-}