Firebase Auth Filter가 선택된 URL에 대해서만 적용되도록 합니다.

pickly-service/src/main/java/org/pickly/service/common/config/SecurityConfig.java

@@ -2,11 +2,17 @@
 
 import lombok.RequiredArgsConstructor;
 import org.pickly.service.common.filter.CorsWebFilter;
+import org.pickly.service.common.filter.JwtFilter;
+import org.pickly.service.common.utils.base.AuthTokenUtil;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
 @EnableWebSecurity
@@ -15,12 +21,13 @@ public class SecurityConfig {
 
   private final CorsWebFilter corsFilter;
 
-//  private final JwtFilter jwtFilter;
+  private final UserDetailsService userDetailsService;
+  private final AuthTokenUtil authTokenUtil;
 
   private static final String[] AUTH_WHITELIST = {
       "/api/**", "/graphiql", "/graphql",
       "/swagger-ui/**", "/api-docs", "/swagger-ui-custom.html",
-      "/v3/api-docs/**", "/api-docs/**", "/swagger-ui.html"
+      "/v3/api-docs/**", "/api-docs/**",
   };
 
   @Bean
@@ -33,8 +40,11 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
                 .permitAll()
                 .anyRequest()
                 .authenticated()
-//                .and()
-//                .addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
+                .and()
+                .addFilterBefore(new JwtFilter(
+                    userDetailsService,
+                    authTokenUtil
+                ), UsernamePasswordAuthenticationFilter.class)
         )
         .httpBasic().disable()
         .formLogin().disable()
@@ -43,4 +53,8 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
         .build();
   }
 
+  @Bean
+  public WebSecurityCustomizer webSecurityCustomizer() {
+    return (web) -> web.ignoring().requestMatchers(AUTH_WHITELIST);
+  }
 }

pickly-service/src/main/java/org/pickly/service/common/config/SwaggerConfig.java

@@ -1,6 +1,8 @@
 package org.pickly.service.common.config;
 
+import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.security.SecurityScheme;
 import io.swagger.v3.oas.models.servers.Server;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -24,7 +26,14 @@ public class SwaggerConfig {
   @Bean
   public OpenAPI openApi() {
     return new OpenAPI()
+        .components(
+            new Components().addSecuritySchemes("Bearer Authentication", createAPIKeyScheme()))
         .addServersItem(new Server().url("/"));
   }
 
-}
+  private SecurityScheme createAPIKeyScheme() {
+    return new SecurityScheme().type(SecurityScheme.Type.HTTP)
+        .bearerFormat("JWT")
+        .scheme("bearer");
+  }
+}

pickly-service/src/main/java/org/pickly/service/common/filter/JwtFilter.java

@@ -1,22 +1,32 @@
 package org.pickly.service.common.filter;
 
+import com.google.firebase.auth.FirebaseToken;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.pickly.service.common.utils.base.AuthTokenUtil;
+import org.pickly.service.common.utils.base.RequestUtil;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.web.filter.OncePerRequestFilter;
 
-//@Component
-//@RequiredArgsConstructor
-//@Slf4j
-//public class JwtFilter extends OncePerRequestFilter {
-//
-//  private final UserDetailsService userDetailsService;
-//  private final AuthTokenUtil authTokenUtil;
-//
-//  @Override
-//  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
-//      FilterChain filterChain)
-//      throws IOException, ServletException {
-//    String bearerToken = RequestUtil.getAuthorizationToken(request.getHeader("Authorization"));
-//    FirebaseToken decodedToken = authTokenUtil.validateToken(bearerToken);
-//
-//    //TODO: decodedToken security context에 저장 필요
-//    filterChain.doFilter(request, response);
-//  }
-//}
+@RequiredArgsConstructor
+@Slf4j
+public class JwtFilter extends OncePerRequestFilter {
+
+  private final UserDetailsService userDetailsService;
+  private final AuthTokenUtil authTokenUtil;
+
+  @Override
+  protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
+      FilterChain filterChain) throws IOException, ServletException {
+    String bearerToken = RequestUtil.getAuthorizationToken(request.getHeader("Authorization"));
+    FirebaseToken decodedToken = authTokenUtil.validateToken(bearerToken);
+
+    //TODO: decodedToken security context에 저장 필요
+    filterChain.doFilter(request, response);
+  }
+}