HomeAboutMeBlogGuest
© 2025 Sejin Cha. All rights reserved.
Built with Next.js, deployed on Vercel
♥️
2기 최종 프로젝트 팀별 공간/
🌳
[팀 05] Forest/
🪐
BE WorkSpace/
JwtAuthentication에서 UserId를 바로 가져오는 방법

JwtAuthentication에서 UserId를 바로 가져오는 방법

분류
JWT
담당자
packagecom.prgrms.rg.jwt;

importorg.slf4j.Logger;
importorg.slf4j.LoggerFactory;
importorg.springframework.security.core.GrantedAuthority;
importorg.springframework.security.core.authority.SimpleGrantedAuthority;
importorg.springframework.security.core.context.SecurityContextHolder;
importorg.springframework.security.web.authentication.WebAuthenticationDetailsSource;
importorg.springframework.web.filter.GenericFilterBean;

importjavax.servlet.FilterChain;
importjavax.servlet.ServletException;
importjavax.servlet.ServletRequest;
importjavax.servlet.ServletResponse;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importjava.io.IOException;
importjava.io.UnsupportedEncodingException;
importjava.net.URLDecoder;
importjava.util.Arrays;
importjava.util.List;

import staticjava.util.Collections.emptyList;
import staticjava.util.stream.Collectors.toList;
import staticorg.apache.commons.lang3.StringUtils.isNotEmpty;

public classJwtAuthenticationFilterextendsGenericFilterBean {

private finalLoggerlog = LoggerFactory.getLogger(getClass());

private finalString headerKey;

private finalJwt jwt;

publicJwtAuthenticationFilter(String headerKey, Jwt jwt) {
this.headerKey = headerKey;
this.jwt = jwt;
  }

  @Override
public voiddoFilter(ServletRequestreq,ServletResponseres,FilterChainchain)
throwsIOException, ServletException {
HttpServletRequestrequest = (HttpServletRequest) req;
HttpServletResponseresponse = (HttpServletResponse) res;

if(SecurityContextHolder.getContext().getAuthentication() ==null) {
      String token = getToken(request);
if(token !=null) {
try{
          Jwt.Claims claims = verify(token);
          log.debug("Jwt parse result: {}", claims);

          String username = claims.username;
List<GrantedAuthority> authorities = getAuthorities(claims);

if(isNotEmpty(username) && authorities.size() > 0) {
            JwtAuthenticationToken authentication =
newJwtAuthenticationToken(newJwtAuthentication(token, username),null, authorities);
            authentication.setDetails(newWebAuthenticationDetailsSource().buildDetails(request));
            SecurityContextHolder.getContext().setAuthentication(authentication);
          }
        }catch(Exception e) {
          log.warn("Jwt processing failed: {}", e.getMessage());
        }
      }
    }else{
      log.debug("SecurityContextHolder not populated with security token, as it already contained: '{}'",
        SecurityContextHolder.getContext().getAuthentication());
    }

    chain.doFilter(request, response);
  }

privateString getToken(HttpServletRequestrequest) {
    String token = request.getHeader(headerKey);
if(isNotEmpty(token)) {
      log.debug("Jwt authorization api detected: {}", token);
try{
returnURLDecoder.decode(token, "UTF-8");
      }catch(UnsupportedEncodingException e) {
        log.error(e.getMessage(), e);
      }
    }
return null;
  }

privateJwt.Claims verify(String token) {
returnjwt.verify(token);
  }

privateList<GrantedAuthority> getAuthorities(Jwt.Claims claims) {
    String[] roles = claims.roles;
returnroles ==null|| roles.length == 0 ?
emptyList() :
      Arrays.stream(roles).map(SimpleGrantedAuthority::new).collect(toList());
  }

}