Skip to content

Commit

Permalink
Feature/mdc #452
Browse files Browse the repository at this point in the history
  • Loading branch information
@hocaron
hocaron authored Jul 27, 2024
2 parents a8456c8 + 93f3046 commit bd0647a
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 15 deletions.
21 changes: 10 additions & 11 deletions mashup-domain/src/main/java/kr/mashup/branding/aop/cipher/ApiCipherAspect.java
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
package kr.mashup.branding.aop.cipher;

import kr.mashup.branding.domain.ResultCode;
import kr.mashup.branding.domain.exception.BadRequestException;
import kr.mashup.branding.util.CipherUtil;
import kr.mashup.branding.util.DateUtil;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Value;
Expand All @@ -29,32 +29,31 @@ public class ApiCipherAspect {
private String cipherTime;

@Before(value = "@annotation(checkApiCipherTime)")
public void checkApiCipherTime(CheckApiCipherTime checkApiCipherTime){
public void checkApiCipherTime(CheckApiCipherTime checkApiCipherTime) {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String encryptedKey = request.getHeader("cipher");

if(checkApiCipherTime.alwaysRequired()){
if(!StringUtils.hasText(encryptedKey)){
throw new BadRequestException();
if (checkApiCipherTime.alwaysRequired()) {
if (!StringUtils.hasText(encryptedKey)) {
throw new BadRequestException(ResultCode.BAD_REQUEST);
}
checkClientTimeDifference(encryptedKey);
}else{
if(StringUtils.hasText(encryptedKey)){
} else {
if (StringUtils.hasText(encryptedKey)) {
checkClientTimeDifference(encryptedKey);
}
}
}

private void checkClientTimeDifference(String auth){
private void checkClientTimeDifference(String auth) {

final String clientEpochTime = CipherUtil.decryptAES128(auth, cipherKey);
final LocalDateTime clientTime = DateUtil.fromEpochString(clientEpochTime);
final LocalDateTime serverTime = LocalDateTime.now();
final Long timeDifference = ChronoUnit.SECONDS.between(clientTime, serverTime);
log.info(timeDifference.toString());
if(timeDifference > Long.parseLong(cipherTime)) {
throw new BadRequestException();
if (timeDifference > Long.parseLong(cipherTime)) {
throw new BadRequestException(ResultCode.BAD_REQUEST, String.format("클라이언트 시간 차이가 허용된 범위를 초과했습니다. (%d초)", timeDifference));
}
}

}
25 changes: 25 additions & 0 deletions mashup-member/src/main/java/kr/mashup/branding/config/filter/MDCLoggingFilter.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
package kr.mashup.branding.config.filter;

import org.slf4j.MDC;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import java.io.IOException;

import static kr.mashup.branding.config.web.MemberAuthArgumentResolver.MDC_MEMBER_ID;

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class MDCLoggingFilter implements Filter {

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
try {
chain.doFilter(request, response);
} finally {
MDC.remove(MDC_MEMBER_ID);
}
}
}
6 changes: 6 additions & 0 deletions mashup-member/src/main/java/kr/mashup/branding/config/web/MemberAuthArgumentResolver.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
import kr.mashup.branding.security.JwtService;
import kr.mashup.branding.security.MemberAuth;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.MDC;
import org.springframework.core.MethodParameter;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.support.WebDataBinderFactory;
Expand All @@ -15,9 +17,11 @@

@Component
@RequiredArgsConstructor
@Slf4j
public class MemberAuthArgumentResolver implements HandlerMethodArgumentResolver {

private final JwtService jwtService;
public static final String MDC_MEMBER_ID = "memberId";

@Override
public boolean supportsParameter(MethodParameter parameter) {
Expand All @@ -38,6 +42,8 @@ public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer m
if (memberId == null || memberGenerationId == null) {
throw new UnauthorizedException();
}

MDC.put(MDC_MEMBER_ID, String.valueOf(memberId));
return MemberAuth.of(memberId, memberGenerationId);
}
}
8 changes: 4 additions & 4 deletions mashup-member/src/main/resources/logback/logback-spring.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,13 @@

<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<layout class="ch.qos.logback.classic.PatternLayout">
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line]- %msg%n</pattern>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line] [memberId: %X{memberId}] - %msg%n</pattern>
</layout>
</appender>

<appender name="cloud_watch_aws_log_dev" class="ca.pjer.logback.AwsLogsAppender">
<layout>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line]- %msg%n</pattern>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line] [memberId: %X{memberId}] - %msg%n</pattern>
</layout>
<logGroupName>MashUp-Server-Dev</logGroupName>
<logStreamName>member</logStreamName>
Expand All @@ -27,7 +27,7 @@

<appender name="cloud_watch_aws_log_real" class="ca.pjer.logback.AwsLogsAppender">
<layout>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line]- %msg%n</pattern>
<pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%file:%line] [memberId: %X{memberId}] - %msg%n</pattern>
</layout>
<logGroupName>MashUp-Server-Real</logGroupName>
<logStreamName>member</logStreamName>
Expand Down Expand Up @@ -63,4 +63,4 @@
</root>
</springProfile>

</configuration>
</configuration>

0 comments on commit bd0647a

Please sign in to comment.