diff --git a/analytics/src/main/java/com/ktds/hi/analytics/infra/config/SecurityConfig.java b/analytics/src/main/java/com/ktds/hi/analytics/infra/config/SecurityConfig.java index 632111c..b5743ae 100644 --- a/analytics/src/main/java/com/ktds/hi/analytics/infra/config/SecurityConfig.java +++ b/analytics/src/main/java/com/ktds/hi/analytics/infra/config/SecurityConfig.java @@ -1,51 +1,51 @@ -package com.ktds.hi.analytics.infra.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.web.SecurityFilterChain; -import org.springframework.web.cors.CorsConfigurationSource; - -import lombok.RequiredArgsConstructor; - -/** - * Analytics 서비스 보안 설정 클래스 - * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 - */ -@Configuration -@EnableWebSecurity -@RequiredArgsConstructor -public class SecurityConfig { - - - private final CorsConfigurationSource corsConfigurationSource; - - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http - .csrf(AbstractHttpConfigurer::disable) - .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeHttpRequests(auth -> auth - // Swagger 관련 경로 모두 허용 - .requestMatchers("/swagger-ui.html","/swagger-ui/**", "/swagger-ui.html").permitAll() - .requestMatchers("/api-docs/**", "/v3/api-docs/**").permitAll() - .requestMatchers("/swagger-resources/**", "/webjars/**").permitAll() - - // Analytics API 모두 허용 (테스트용) - .requestMatchers("/api/analytics/**").permitAll() - .requestMatchers("/api/action-plans/**").permitAll() - - // Actuator 엔드포인트 허용 - .requestMatchers("/actuator/**").permitAll() - - // 기타 모든 요청 허용 (테스트용) - .anyRequest().permitAll() - ); - - return http.build(); - } -} +package com.ktds.hi.analytics.infra.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.cors.CorsConfigurationSource; + +import lombok.RequiredArgsConstructor; + +/** + * Analytics 서비스 보안 설정 클래스 + * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 + */ +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + + + private final CorsConfigurationSource corsConfigurationSource; + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .csrf(AbstractHttpConfigurer::disable) + .cors(cors -> cors.configurationSource(corsConfigurationSource)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(auth -> auth + // Swagger 관련 경로 모두 허용 + .requestMatchers("/docs/analytics/swagger-ui.html","/docs/analytics/swagger-ui/**").permitAll() + .requestMatchers("/docs/analytics/api-docs/**").permitAll() + .requestMatchers("/docs/analytics/swagger-resources/**", "/webjars/**").permitAll() + + // Analytics API 모두 허용 (테스트용) + .requestMatchers("/api/analytics/**").permitAll() + .requestMatchers("/api/action-plans/**").permitAll() + + // Actuator 엔드포인트 허용 + .requestMatchers("/actuator/**").permitAll() + + // 기타 모든 요청 허용 (테스트용) + .anyRequest().permitAll() + ); + + return http.build(); + } +} diff --git a/analytics/src/main/resources/application.yml b/analytics/src/main/resources/application.yml index 4414724..d140f55 100644 --- a/analytics/src/main/resources/application.yml +++ b/analytics/src/main/resources/application.yml @@ -1,95 +1,97 @@ -server: - port: ${ANALYTICS_SERVICE_PORT:8084} - -logging: - level: - org.springframework.web.servlet.resource.ResourceHttpRequestHandler: ERROR - org.springframework.web.servlet.DispatcherServlet: WARN - -spring: - application: - name: analytics-service - - datasource: - url: ${ANALYTICS_DB_URL:jdbc:postgresql://20.249.162.125:5432/hiorder_analytics} - username: ${ANALYTICS_DB_USERNAME:hiorder_user} - password: ${ANALYTICS_DB_PASSWORD:hiorder_pass} - driver-class-name: org.postgresql.Driver - - jpa: - hibernate: - ddl-auto: ${JPA_DDL_AUTO:update} - show-sql: ${JPA_SHOW_SQL:false} - properties: - hibernate: - format_sql: true - dialect: org.hibernate.dialect.PostgreSQLDialect - - data: - redis: - host: ${REDIS_HOST:localhost} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - -ai-api: - openai: - api-key: ${OPENAI_API_KEY:} - base-url: https://api.openai.com/v1 - model: gpt-4o-mini - claude: - api-key: ${CLAUDE_API_KEY:} - base-url: https://api.anthropic.com - model: claude-3-sonnet-20240229 - -#external-api: -# openai: -# api-key: ${OPENAI_API_KEY:} -# base-url: https://api.openai.com -# claude: -# api-key: ${CLAUDE_API_KEY:} -# base-url: https://api.anthropic.com - -# 외부 서비스 설정 -external: - services: - review: ${EXTERNAL_SERVICES_REVIEW:http://localhost:8082} - store: ${EXTERNAL_SERVICES_STORE:http://localhost:8081} - member: ${EXTERNAL_SERVICES_MEMBER:http://localhost:8080} - -#springdoc: -# api-docs: -# path: /api-docs -# swagger-ui: -# path: /swagger-ui.html -springdoc: - swagger-ui: - enabled: true - path: /swagger-ui.html - try-it-out-enabled: true - -management: - endpoints: - web: - exposure: - include: health,info,metrics - -# AI 서비스 설정 -ai: - azure: - cognitive: - endpoint: ${AI_AZURE_COGNITIVE_ENDPOINT:https://your-cognitive-service.cognitiveservices.azure.com} - key: ${AI_AZURE_COGNITIVE_KEY:your-cognitive-service-key} - openai: - api-key: ${AI_OPENAI_API_KEY:your-openai-api-key} - -# Azure Event Hub 설정 -azure: - eventhub: - connection-string: ${AZURE_EVENTHUB_CONNECTION_STRING:Endpoint=sb://your-eventhub.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=your-key} - consumer-group: ${AZURE_EVENTHUB_CONSUMER_GROUP:analytics-consumer} - event-hubs: - review-events: ${AZURE_EVENTHUB_REVIEW_EVENTS:review-events} - ai-analysis-events: ${AZURE_EVENTHUB_AI_ANALYSIS_EVENTS:ai-analysis-events} - storage: - connection-string: ${AZURE_STORAGE_CONNECTION_STRING:DefaultEndpointsProtocol=https;AccountName=yourstorageaccount;AccountKey=your-storage-key;EndpointSuffix=core.windows.net} - container-name: ${AZURE_STORAGE_CONTAINER_NAME:eventhub-checkpoints} +server: + port: ${ANALYTICS_SERVICE_PORT:8084} + +logging: + level: + org.springframework.web.servlet.resource.ResourceHttpRequestHandler: ERROR + org.springframework.web.servlet.DispatcherServlet: WARN + +spring: + application: + name: analytics-service + + datasource: + url: ${ANALYTICS_DB_URL:jdbc:postgresql://20.249.162.125:5432/hiorder_analytics} + username: ${ANALYTICS_DB_USERNAME:hiorder_user} + password: ${ANALYTICS_DB_PASSWORD:hiorder_pass} + driver-class-name: org.postgresql.Driver + + jpa: + hibernate: + ddl-auto: ${JPA_DDL_AUTO:update} + show-sql: ${JPA_SHOW_SQL:false} + properties: + hibernate: + format_sql: true + dialect: org.hibernate.dialect.PostgreSQLDialect + + data: + redis: + host: ${REDIS_HOST:localhost} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + +ai-api: + openai: + api-key: ${OPENAI_API_KEY:} + base-url: https://api.openai.com/v1 + model: gpt-4o-mini + claude: + api-key: ${CLAUDE_API_KEY:} + base-url: https://api.anthropic.com + model: claude-3-sonnet-20240229 + +#external-api: +# openai: +# api-key: ${OPENAI_API_KEY:} +# base-url: https://api.openai.com +# claude: +# api-key: ${CLAUDE_API_KEY:} +# base-url: https://api.anthropic.com + +# 외부 서비스 설정 +external: + services: + review: ${EXTERNAL_SERVICES_REVIEW:http://localhost:8082} + store: ${EXTERNAL_SERVICES_STORE:http://localhost:8081} + member: ${EXTERNAL_SERVICES_MEMBER:http://localhost:8080} + +#springdoc: +# api-docs: +# path: /api-docs +# swagger-ui: +# path: /swagger-ui.html +springdoc: + swagger-ui: + enabled: true + path: /docs/analytics/swagger-ui.html + try-it-out-enabled: true + api-docs: + path: /docs/analytics/api-docs + +management: + endpoints: + web: + exposure: + include: health,info,metrics + +# AI 서비스 설정 +ai: + azure: + cognitive: + endpoint: ${AI_AZURE_COGNITIVE_ENDPOINT:https://your-cognitive-service.cognitiveservices.azure.com} + key: ${AI_AZURE_COGNITIVE_KEY:your-cognitive-service-key} + openai: + api-key: ${AI_OPENAI_API_KEY:your-openai-api-key} + +# Azure Event Hub 설정 +azure: + eventhub: + connection-string: ${AZURE_EVENTHUB_CONNECTION_STRING:Endpoint=sb://your-eventhub.servicebus.windows.net/;SharedAccessKeyName=RootManageSharedAccessKey;SharedAccessKey=your-key} + consumer-group: ${AZURE_EVENTHUB_CONSUMER_GROUP:analytics-consumer} + event-hubs: + review-events: ${AZURE_EVENTHUB_REVIEW_EVENTS:review-events} + ai-analysis-events: ${AZURE_EVENTHUB_AI_ANALYSIS_EVENTS:ai-analysis-events} + storage: + connection-string: ${AZURE_STORAGE_CONNECTION_STRING:DefaultEndpointsProtocol=https;AccountName=yourstorageaccount;AccountKey=your-storage-key;EndpointSuffix=core.windows.net} + container-name: ${AZURE_STORAGE_CONTAINER_NAME:eventhub-checkpoints} diff --git a/member/src/main/java/com/ktds/hi/member/config/SecurityConfig.java b/member/src/main/java/com/ktds/hi/member/config/SecurityConfig.java index bc7cae7..62b032e 100644 --- a/member/src/main/java/com/ktds/hi/member/config/SecurityConfig.java +++ b/member/src/main/java/com/ktds/hi/member/config/SecurityConfig.java @@ -1,121 +1,122 @@ -package com.ktds.hi.member.config; - - -import com.fasterxml.jackson.databind.ObjectMapper; -import com.ktds.hi.common.security.JwtTokenProvider; -import com.ktds.hi.common.security.JwtAuthenticationFilter; -import lombok.RequiredArgsConstructor; - -import org.springframework.boot.actuate.autoconfigure.condition.ConditionsReportEndpoint; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.web.SecurityFilterChain; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.web.cors.CorsConfigurationSource; - -/** - * Spring Security 설정 클래스 - * JWT 기반 인증 및 권한 관리 설정 - */ -@Configuration -@EnableWebSecurity -@RequiredArgsConstructor -public class SecurityConfig { - - private final JwtTokenProvider jwtTokenProvider; - private final CorsConfigurationSource corsConfigurationSource; - - /** - * 보안 필터 체인 설정 - * JWT 인증 방식을 사용하고 세션은 무상태로 관리 - */ - @Bean - public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - http - .csrf(csrf -> csrf.disable()) - .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeHttpRequests(authz -> authz - .requestMatchers("/api/auth/**", "/api/members/register", "/api/auth/login").permitAll() - .requestMatchers("/swagger-ui.html", "/swagger-ui/**", "/v3/api-docs/**").permitAll() - .requestMatchers("/swagger-resources/**", "/webjars/**").permitAll() - .requestMatchers("/actuator/**").permitAll() - .anyRequest().authenticated() - ) - .addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); - - return http.build(); - } - - /** - * JWT 인증 필터 빈 - */ - @Bean - public JwtAuthenticationFilter jwtAuthenticationFilter() { - return new JwtAuthenticationFilter(jwtTokenProvider,new ObjectMapper()); - } - - /** - * 비밀번호 암호화 빈 - */ - @Bean - public PasswordEncoder passwordEncoder() { - return new BCryptPasswordEncoder(); - } - - /** - * 인증 매니저 빈 - */ - @Bean - public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { - return config.getAuthenticationManager(); - } - - // @Qualifier("memberJwtTokenProvider") - // private final JwtTokenProvider jwtTokenProvider; - // private final AuthService authService; - // - // /** - // * 보안 필터 체인 설정 - // * JWT 인증 방식을 사용하고 세션은 무상태로 관리 - // */ - // @Bean - // public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - // http - // .csrf(csrf -> csrf.disable()) - // .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - // .authorizeHttpRequests(authz -> authz - // .requestMatchers("/api/auth/**", "/api/members/register").permitAll() - // .requestMatchers("/swagger-ui/**", "/api-docs/**").permitAll() - // .requestMatchers("/actuator/**").permitAll() - // .anyRequest().authenticated() - // ) - // .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider, authService), - // UsernamePasswordAuthenticationFilter.class); - // - // return http.build(); - // } - // - // /** - // * 비밀번호 암호화 빈 - // */ - // @Bean - // public PasswordEncoder passwordEncoder() { - // return new BCryptPasswordEncoder(); - // } - // - // /** - // * 인증 매니저 빈 - // */ - // @Bean - // public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { - // return config.getAuthenticationManager(); - // } -} +package com.ktds.hi.member.config; + + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.ktds.hi.common.security.JwtTokenProvider; +import com.ktds.hi.common.security.JwtAuthenticationFilter; +import lombok.RequiredArgsConstructor; + +import org.springframework.boot.actuate.autoconfigure.condition.ConditionsReportEndpoint; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.cors.CorsConfigurationSource; + +/** + * Spring Security 설정 클래스 + * JWT 기반 인증 및 권한 관리 설정 + */ +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + + private final JwtTokenProvider jwtTokenProvider; + private final CorsConfigurationSource corsConfigurationSource; + + /** + * 보안 필터 체인 설정 + * JWT 인증 방식을 사용하고 세션은 무상태로 관리 + */ + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + .csrf(csrf -> csrf.disable()) + .cors(cors -> cors.configurationSource(corsConfigurationSource)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(authz -> authz + .requestMatchers("/api/auth/find-username","/api/auth/find-password", "/api/auth/sms/send", "/api/auth/sms/verify").permitAll() + .requestMatchers("/api/members/register", "/api/auth/login").permitAll() + .requestMatchers("/docs/member/swagger-ui.html", "/docs/member/swagger-ui/**", "/docs/member/api-docs/**").permitAll() + .requestMatchers("/docs/member/swagger-resources/**", "/webjars/**").permitAll() + .requestMatchers("/actuator/**").permitAll() + .anyRequest().authenticated() + ) + .addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); + + return http.build(); + } + + /** + * JWT 인증 필터 빈 + */ + @Bean + public JwtAuthenticationFilter jwtAuthenticationFilter() { + return new JwtAuthenticationFilter(jwtTokenProvider,new ObjectMapper()); + } + + /** + * 비밀번호 암호화 빈 + */ + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } + + /** + * 인증 매니저 빈 + */ + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { + return config.getAuthenticationManager(); + } + + // @Qualifier("memberJwtTokenProvider") + // private final JwtTokenProvider jwtTokenProvider; + // private final AuthService authService; + // + // /** + // * 보안 필터 체인 설정 + // * JWT 인증 방식을 사용하고 세션은 무상태로 관리 + // */ + // @Bean + // public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + // http + // .csrf(csrf -> csrf.disable()) + // .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + // .authorizeHttpRequests(authz -> authz + // .requestMatchers("/api/auth/**", "/api/members/register").permitAll() + // .requestMatchers("/swagger-ui/**", "/api-docs/**").permitAll() + // .requestMatchers("/actuator/**").permitAll() + // .anyRequest().authenticated() + // ) + // .addFilterBefore(new JwtAuthenticationFilter(jwtTokenProvider, authService), + // UsernamePasswordAuthenticationFilter.class); + // + // return http.build(); + // } + // + // /** + // * 비밀번호 암호화 빈 + // */ + // @Bean + // public PasswordEncoder passwordEncoder() { + // return new BCryptPasswordEncoder(); + // } + // + // /** + // * 인증 매니저 빈 + // */ + // @Bean + // public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception { + // return config.getAuthenticationManager(); + // } +} diff --git a/member/src/main/resources/application.yml b/member/src/main/resources/application.yml index aea9b1f..52fa298 100644 --- a/member/src/main/resources/application.yml +++ b/member/src/main/resources/application.yml @@ -1,56 +1,58 @@ -server: - port: ${MEMBER_SERVICE_PORT:8081} - -spring: - application: - name: member-service - - datasource: - url: ${MEMBER_DB_URL:jdbc:postgresql://20.249.152.184:5432/hiorder_member} - username: ${MEMBER_DB_USERNAME:hiorder_user} - password: ${MEMBER_DB_PASSWORD:hiorder_pass} - driver-class-name: org.postgresql.Driver - - jpa: - hibernate: - ddl-auto: ${JPA_DDL_AUTO:update} - show-sql: ${JPA_SHOW_SQL:false} - properties: - hibernate: - format_sql: true - dialect: org.hibernate.dialect.PostgreSQLDialect - - data: - redis: - host: ${REDIS_HOST:localhost} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - timeout: 2000ms - lettuce: - pool: - max-active: 8 - max-wait: -1ms - max-idle: 8 - min-idle: 0 - -jwt: - secret: ${JWT_SECRET:hiorder-secret-key-for-jwt-token-generation-must-be-long-enough} - access-token-expiration: ${JWT_ACCESS_EXPIRATION:3600000} # 1시간 - refresh-token-expiration: ${JWT_REFRESH_EXPIRATION:604800000} # 7일 - -sms: - api-key: ${SMS_API_KEY:} - api-secret: ${SMS_API_SECRET:} - from-number: ${SMS_FROM_NUMBER:} - -springdoc: - swagger-ui: - enabled: true - path: /swagger-ui.html - try-it-out-enabled: true - -management: - endpoints: - web: - exposure: - include: health,info,metrics +server: + port: ${MEMBER_SERVICE_PORT:8081} + +spring: + application: + name: member-service + + datasource: + url: ${MEMBER_DB_URL:jdbc:postgresql://20.249.152.184:5432/hiorder_member} + username: ${MEMBER_DB_USERNAME:hiorder_user} + password: ${MEMBER_DB_PASSWORD:hiorder_pass} + driver-class-name: org.postgresql.Driver + + jpa: + hibernate: + ddl-auto: ${JPA_DDL_AUTO:update} + show-sql: ${JPA_SHOW_SQL:false} + properties: + hibernate: + format_sql: true + dialect: org.hibernate.dialect.PostgreSQLDialect + + data: + redis: + host: ${REDIS_HOST:localhost} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + timeout: 2000ms + lettuce: + pool: + max-active: 8 + max-wait: -1ms + max-idle: 8 + min-idle: 0 + +jwt: + secret: ${JWT_SECRET:hiorder-secret-key-for-jwt-token-generation-must-be-long-enough} + access-token-expiration: ${JWT_ACCESS_EXPIRATION:3600000} # 1시간 + refresh-token-expiration: ${JWT_REFRESH_EXPIRATION:604800000} # 7일 + +sms: + api-key: ${SMS_API_KEY:} + api-secret: ${SMS_API_SECRET:} + from-number: ${SMS_FROM_NUMBER:} + +springdoc: + swagger-ui: + enabled: true + path: /docs/member/swagger-ui.html + try-it-out-enabled: true + api-docs: + path: /docs/member/api-docs + +management: + endpoints: + web: + exposure: + include: health,info,metrics diff --git a/recommend/src/main/java/com/ktds/hi/recommend/infra/config/SecurityConfig.java b/recommend/src/main/java/com/ktds/hi/recommend/infra/config/SecurityConfig.java index 2fa86a9..ff7ac6a 100644 --- a/recommend/src/main/java/com/ktds/hi/recommend/infra/config/SecurityConfig.java +++ b/recommend/src/main/java/com/ktds/hi/recommend/infra/config/SecurityConfig.java @@ -1,52 +1,52 @@ -package com.ktds.hi.recommend.infra.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.web.SecurityFilterChain; -import org.springframework.web.cors.CorsConfigurationSource; - -import lombok.RequiredArgsConstructor; - -/** - * Analytics 서비스 보안 설정 클래스 - * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 - */ -@Configuration -@EnableWebSecurity -@RequiredArgsConstructor -public class SecurityConfig { - - private final CorsConfigurationSource corsConfigurationSource; - - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - - - http - .csrf(AbstractHttpConfigurer::disable) - .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeHttpRequests(auth -> auth - // Swagger 관련 경로 모두 허용 - .requestMatchers("/swagger-ui.html","/swagger-ui/**", "/swagger-ui.html").permitAll() - .requestMatchers("/api-docs/**", "/v3/api-docs/**").permitAll() - .requestMatchers("/swagger-resources/**", "/webjars/**").permitAll() - - // Analytics API 모두 허용 (테스트용) - .requestMatchers("/api/analytics/**").permitAll() - .requestMatchers("/api/action-plans/**").permitAll() - - // Actuator 엔드포인트 허용 - .requestMatchers("/actuator/**").permitAll() - - // 기타 모든 요청 허용 (테스트용) - .anyRequest().permitAll() - ); - - return http.build(); - } -} +package com.ktds.hi.recommend.infra.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.cors.CorsConfigurationSource; + +import lombok.RequiredArgsConstructor; + +/** + * Analytics 서비스 보안 설정 클래스 + * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 + */ +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + + private final CorsConfigurationSource corsConfigurationSource; + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + + + http + .csrf(AbstractHttpConfigurer::disable) + .cors(cors -> cors.configurationSource(corsConfigurationSource)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(auth -> auth + // Swagger 관련 경로 모두 허용 + .requestMatchers("/docs/recommend/swagger-ui.html","/docs/recommend/swagger-ui/**").permitAll() + .requestMatchers("/docs/recommend/api-docs/**").permitAll() + .requestMatchers("/docs/recommend/swagger-resources/**", "/webjars/**").permitAll() + + // Recommend API 모두 허용 (테스트용) + .requestMatchers("/api/recommend/**").permitAll() + + + // Actuator 엔드포인트 허용 + .requestMatchers("/actuator/**").permitAll() + + // 기타 모든 요청 허용 (테스트용) + .anyRequest().permitAll() + ); + + return http.build(); + } +} diff --git a/recommend/src/main/resources/application.yml b/recommend/src/main/resources/application.yml index 191d819..9571824 100644 --- a/recommend/src/main/resources/application.yml +++ b/recommend/src/main/resources/application.yml @@ -1,228 +1,226 @@ -# recommend/src/main/resources/application.yml -server: - port: ${RECOMMEND_SERVICE_PORT:8085} - -spring: - cloud: - compatibility-verifier: - enabled: false - application: - name: recommend-service - - # 프로필 설정 - profiles: - active: ${SPRING_PROFILES_ACTIVE:local} - - # 데이터베이스 설정 - datasource: - url: ${RECOMMEND_DB_URL:jdbc:postgresql://20.249.162.245:5432/hiorder_recommend} - username: ${RECOMMEND_DB_USERNAME:hiorder_user} - password: ${RECOMMEND_DB_PASSWORD:hiorder_pass} - driver-class-name: org.postgresql.Driver - hikari: - maximum-pool-size: ${DB_POOL_SIZE:20} - minimum-idle: ${DB_POOL_MIN_IDLE:5} - connection-timeout: ${DB_CONNECTION_TIMEOUT:30000} - idle-timeout: ${DB_IDLE_TIMEOUT:600000} - max-lifetime: ${DB_MAX_LIFETIME:1800000} - pool-name: RecommendHikariCP - - # JPA 설정 - jpa: - hibernate: - ddl-auto: ${JPA_DDL_AUTO:update} - show-sql: ${JPA_SHOW_SQL:false} - properties: - hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect - format_sql: ${JPA_FORMAT_SQL:true} - show_sql: ${JPA_SHOW_SQL:false} - use_sql_comments: ${JPA_USE_SQL_COMMENTS:true} - jdbc: - batch_size: 20 - order_inserts: true - order_updates: true - open-in-view: false - - - - # Redis 설정 (올바른 구조) - data: - redis: - host: ${REDIS_HOST:localhost} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - timeout: 2000ms - database: ${REDIS_DATABASE:0} - lettuce: - pool: - max-active: ${REDIS_POOL_MAX_ACTIVE:8} - max-idle: ${REDIS_POOL_MAX_IDLE:8} - min-idle: ${REDIS_POOL_MIN_IDLE:2} - max-wait: -1ms - shutdown-timeout: 100ms - -# 외부 서비스 URL 설정 -services: - store: - url: ${STORE_SERVICE_URL:http://store-service:8082} - review: - url: ${REVIEW_SERVICE_URL:http://review-service:8083} - member: - url: ${MEMBER_SERVICE_URL:http://member-service:8081} - -# Feign 설정 -feign: - client: - config: - default: - connectTimeout: 5000 - readTimeout: 10000 - loggerLevel: basic - store-service: - connectTimeout: 3000 - readTimeout: 8000 - review-service: - connectTimeout: 3000 - readTimeout: 8000 - circuitbreaker: - enabled: true - compression: - request: - enabled: true - response: - enabled: true - -# Circuit Breaker 설정 -resilience4j: - circuitbreaker: - instances: - store-service: - failure-rate-threshold: 50 - wait-duration-in-open-state: 30000 - sliding-window-size: 10 - minimum-number-of-calls: 5 - review-service: - failure-rate-threshold: 50 - wait-duration-in-open-state: 30000 - sliding-window-size: 10 - minimum-number-of-calls: 5 - retry: - instances: - store-service: - max-attempts: 3 - wait-duration: 1000 - review-service: - max-attempts: 3 - wait-duration: 1000 - - -# Actuator 설정 -management: - endpoints: - web: - exposure: - include: health,info,metrics,prometheus - endpoint: - health: - show-details: always - metrics: - export: - prometheus: - -# Swagger/OpenAPI 설정 -springdoc: - api-docs: - path: /api-docs - swagger-ui: - path: /swagger-ui.html - tags-sorter: alpha - operations-sorter: alpha - display-request-duration: true - display-operation-id: true - show-actuator: false - -# 로깅 설정 -logging: - level: - root: ${LOG_LEVEL_ROOT:INFO} - com.ktds.hi.recommend: ${LOG_LEVEL:INFO} - org.springframework.cloud.openfeign: ${LOG_LEVEL_FEIGN:DEBUG} - org.springframework.web: ${LOG_LEVEL_WEB:INFO} - org.springframework.data.redis: ${LOG_LEVEL_REDIS:INFO} - org.hibernate.SQL: ${LOG_LEVEL_SQL:INFO} - org.hibernate.type.descriptor.sql.BasicBinder: ${LOG_LEVEL_SQL_PARAM:INFO} - pattern: - console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{traceId},%X{spanId}] %logger{36} - %msg%n" - file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{traceId},%X{spanId}] %logger{36} - %msg%n" - file: - name: ${LOG_FILE_PATH:./logs/recommend-service.log} - max-size: 100MB - max-history: 30 - -# Security 설정 -security: - jwt: - secret: ${JWT_SECRET:hiorder-recommend-secret-key-2024} - expiration: ${JWT_EXPIRATION:86400000} # 24시간 - cors: - allowed-origins: ${CORS_ALLOWED_ORIGINS:http://localhost:3000,http://localhost:8080} - allowed-methods: GET,POST,PUT,DELETE,OPTIONS - allowed-headers: "*" - allow-credentials: true - -recommend: - cache: - recommendation-ttl: ${RECOMMENDATION_CACHE_TTL:1800} - user-preference-ttl: ${USER_PREFERENCE_CACHE_TTL:3600} - algorithm: - max-recommendations: ${MAX_RECOMMENDATIONS:20} - default-radius: ${DEFAULT_SEARCH_RADIUS:5000} - max-radius: ${MAX_SEARCH_RADIUS:10000} ---- -# Local 환경 설정 -spring: - config: - activate: - on-profile: local - jpa: - show-sql: true - hibernate: - ddl-auto: create-drop - -logging: - level: - com.ktds.hi.recommend: DEBUG - org.springframework.web: DEBUG - ---- -# Development 환경 설정 -spring: - config: - activate: - on-profile: dev - jpa: - show-sql: true - hibernate: - ddl-auto: update - -logging: - level: - com.ktds.hi.recommend: DEBUG - ---- -# Production 환경 설정 -spring: - config: - activate: - on-profile: prod - jpa: - show-sql: false - hibernate: - ddl-auto: validate - -logging: - level: - root: WARN - com.ktds.hi.recommend: INFO +# recommend/src/main/resources/application.yml +server: + port: ${RECOMMEND_SERVICE_PORT:8085} + +spring: + cloud: + compatibility-verifier: + enabled: false + application: + name: recommend-service + + # 프로필 설정 + profiles: + active: ${SPRING_PROFILES_ACTIVE:local} + + # 데이터베이스 설정 + datasource: + url: ${RECOMMEND_DB_URL:jdbc:postgresql://20.249.162.245:5432/hiorder_recommend} + username: ${RECOMMEND_DB_USERNAME:hiorder_user} + password: ${RECOMMEND_DB_PASSWORD:hiorder_pass} + driver-class-name: org.postgresql.Driver + hikari: + maximum-pool-size: ${DB_POOL_SIZE:20} + minimum-idle: ${DB_POOL_MIN_IDLE:5} + connection-timeout: ${DB_CONNECTION_TIMEOUT:30000} + idle-timeout: ${DB_IDLE_TIMEOUT:600000} + max-lifetime: ${DB_MAX_LIFETIME:1800000} + pool-name: RecommendHikariCP + + # JPA 설정 + jpa: + hibernate: + ddl-auto: ${JPA_DDL_AUTO:update} + show-sql: ${JPA_SHOW_SQL:false} + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQLDialect + format_sql: ${JPA_FORMAT_SQL:true} + show_sql: ${JPA_SHOW_SQL:false} + use_sql_comments: ${JPA_USE_SQL_COMMENTS:true} + jdbc: + batch_size: 20 + order_inserts: true + order_updates: true + open-in-view: false + + # Redis 설정 (올바른 구조) + data: + redis: + host: ${REDIS_HOST:localhost} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + timeout: 2000ms + database: ${REDIS_DATABASE:0} + lettuce: + pool: + max-active: ${REDIS_POOL_MAX_ACTIVE:8} + max-idle: ${REDIS_POOL_MAX_IDLE:8} + min-idle: ${REDIS_POOL_MIN_IDLE:2} + max-wait: -1ms + shutdown-timeout: 100ms + +# 외부 서비스 URL 설정 +services: + store: + url: ${STORE_SERVICE_URL:http://store-service:8082} + review: + url: ${REVIEW_SERVICE_URL:http://review-service:8083} + member: + url: ${MEMBER_SERVICE_URL:http://member-service:8081} + +# Feign 설정 +feign: + client: + config: + default: + connectTimeout: 5000 + readTimeout: 10000 + loggerLevel: basic + store-service: + connectTimeout: 3000 + readTimeout: 8000 + review-service: + connectTimeout: 3000 + readTimeout: 8000 + circuitbreaker: + enabled: true + compression: + request: + enabled: true + response: + enabled: true + +# Circuit Breaker 설정 +resilience4j: + circuitbreaker: + instances: + store-service: + failure-rate-threshold: 50 + wait-duration-in-open-state: 30000 + sliding-window-size: 10 + minimum-number-of-calls: 5 + review-service: + failure-rate-threshold: 50 + wait-duration-in-open-state: 30000 + sliding-window-size: 10 + minimum-number-of-calls: 5 + retry: + instances: + store-service: + max-attempts: 3 + wait-duration: 1000 + review-service: + max-attempts: 3 + wait-duration: 1000 + + +# Actuator 설정 +management: + endpoints: + web: + exposure: + include: health,info,metrics,prometheus + endpoint: + health: + show-details: always + metrics: + export: + prometheus: + +# Swagger/OpenAPI 설정 +springdoc: + api-docs: + path: /docs/recommend/api-docs + swagger-ui: + path: /docs/recommend/swagger-ui.html + tags-sorter: alpha + operations-sorter: alpha + display-request-duration: true + display-operation-id: true + show-actuator: false + +# 로깅 설정 +logging: + level: + root: ${LOG_LEVEL_ROOT:INFO} + com.ktds.hi.recommend: ${LOG_LEVEL:INFO} + org.springframework.cloud.openfeign: ${LOG_LEVEL_FEIGN:DEBUG} + org.springframework.web: ${LOG_LEVEL_WEB:INFO} + org.springframework.data.redis: ${LOG_LEVEL_REDIS:INFO} + org.hibernate.SQL: ${LOG_LEVEL_SQL:INFO} + org.hibernate.type.descriptor.sql.BasicBinder: ${LOG_LEVEL_SQL_PARAM:INFO} + pattern: + console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{traceId},%X{spanId}] %logger{36} - %msg%n" + file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level [%X{traceId},%X{spanId}] %logger{36} - %msg%n" + file: + name: ${LOG_FILE_PATH:./logs/recommend-service.log} + max-size: 100MB + max-history: 30 + +# Security 설정 +security: + jwt: + secret: ${JWT_SECRET:hiorder-recommend-secret-key-2024} + expiration: ${JWT_EXPIRATION:86400000} # 24시간 + cors: + allowed-origins: ${CORS_ALLOWED_ORIGINS:http://localhost:3000,http://localhost:8080} + allowed-methods: GET,POST,PUT,DELETE,OPTIONS + allowed-headers: "*" + allow-credentials: true + +recommend: + cache: + recommendation-ttl: ${RECOMMENDATION_CACHE_TTL:1800} + user-preference-ttl: ${USER_PREFERENCE_CACHE_TTL:3600} + algorithm: + max-recommendations: ${MAX_RECOMMENDATIONS:20} + default-radius: ${DEFAULT_SEARCH_RADIUS:5000} + max-radius: ${MAX_SEARCH_RADIUS:10000} +--- +# Local 환경 설정 +spring: + config: + activate: + on-profile: local + jpa: + show-sql: true + hibernate: + ddl-auto: create-drop + +logging: + level: + com.ktds.hi.recommend: DEBUG + org.springframework.web: DEBUG + +--- +# Development 환경 설정 +spring: + config: + activate: + on-profile: dev + jpa: + show-sql: true + hibernate: + ddl-auto: update + +logging: + level: + com.ktds.hi.recommend: DEBUG + +--- +# Production 환경 설정 +spring: + config: + activate: + on-profile: prod + jpa: + show-sql: false + hibernate: + ddl-auto: validate + +logging: + level: + root: WARN + com.ktds.hi.recommend: INFO org.springframework.cloud.openfeign: INFO \ No newline at end of file diff --git a/review/src/main/java/com/ktds/hi/review/infra/config/SecurityConfig.java b/review/src/main/java/com/ktds/hi/review/infra/config/SecurityConfig.java index 8c975ca..2554d12 100644 --- a/review/src/main/java/com/ktds/hi/review/infra/config/SecurityConfig.java +++ b/review/src/main/java/com/ktds/hi/review/infra/config/SecurityConfig.java @@ -1,50 +1,49 @@ -package com.ktds.hi.review.infra.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.web.SecurityFilterChain; -import org.springframework.web.cors.CorsConfigurationSource; - -import lombok.RequiredArgsConstructor; - -/** - * Analytics 서비스 보안 설정 클래스 - * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 - */ -@Configuration -@EnableWebSecurity -@RequiredArgsConstructor -public class SecurityConfig { - - private final CorsConfigurationSource corsConfigurationSource; - - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http - .csrf(AbstractHttpConfigurer::disable) - .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeHttpRequests(auth -> auth - // Swagger 관련 경로 모두 허용 - .requestMatchers("/swagger-ui.html","/swagger-ui/**", "/swagger-ui.html").permitAll() - .requestMatchers("/api-docs/**", "/v3/api-docs/**").permitAll() - .requestMatchers("/swagger-resources/**", "/webjars/**").permitAll() - - // Analytics API 모두 허용 (테스트용) - .requestMatchers("/api/analytics/**").permitAll() - .requestMatchers("/api/action-plans/**").permitAll() - - // Actuator 엔드포인트 허용 - .requestMatchers("/actuator/**").permitAll() - - // 기타 모든 요청 허용 (테스트용) - .anyRequest().permitAll() - ); - - return http.build(); - } -} +package com.ktds.hi.review.infra.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.cors.CorsConfigurationSource; + +import lombok.RequiredArgsConstructor; + +/** + * Analytics 서비스 보안 설정 클래스 + * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 + */ +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + + private final CorsConfigurationSource corsConfigurationSource; + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .csrf(AbstractHttpConfigurer::disable) + .cors(cors -> cors.configurationSource(corsConfigurationSource)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(auth -> auth + // Swagger 관련 경로 모두 허용 + .requestMatchers("/docs/review/swagger-ui.html","/docs/review/swagger-ui/**").permitAll() + .requestMatchers("/docs/review/api-docs/**").permitAll() + .requestMatchers("/docs/review/swagger-resources/**", "/webjars/**").permitAll() + + // review API 모두 허용 (테스트용) + .requestMatchers("/api/reviews/**").permitAll() + + // Actuator 엔드포인트 허용 + .requestMatchers("/actuator/**").permitAll() + + // 기타 모든 요청 허용 (테스트용) + .anyRequest().permitAll() + ); + + return http.build(); + } +} diff --git a/review/src/main/resources/application.yml b/review/src/main/resources/application.yml index b07473c..148f935 100644 --- a/review/src/main/resources/application.yml +++ b/review/src/main/resources/application.yml @@ -1,42 +1,43 @@ -server: - port: ${REVIEW_SERVICE_PORT:8083} - -spring: - application: - name: review-service - - datasource: - url: ${REVIEW_DB_URL:jdbc:postgresql://20.214.91.15:5432/hiorder_review} - username: ${REVIEW_DB_USERNAME:hiorder_user} - password: ${REVIEW_DB_PASSWORD:hiorder_pass} - driver-class-name: org.postgresql.Driver - - jpa: - hibernate: - ddl-auto: ${JPA_DDL_AUTO:update} - show-sql: ${JPA_SHOW_SQL:false} - properties: - hibernate: - format_sql: true - dialect: org.hibernate.dialect.PostgreSQLDialect - data: - redis: - host: ${REDIS_HOST:localhost} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - - servlet: - multipart: - max-file-size: ${MAX_FILE_SIZE:10MB} - max-request-size: ${MAX_REQUEST_SIZE:50MB} - -file-storage: - base-path: ${FILE_STORAGE_PATH:/var/hiorder/uploads} - allowed-extensions: jpg,jpeg,png,gif,webp - max-file-size: 10485760 # 10MB - -springdoc: - api-docs: - path: /api-docs - swagger-ui: - path: /swagger-ui.html +server: + port: ${REVIEW_SERVICE_PORT:8083} + +spring: + application: + name: review-service + + datasource: + url: ${REVIEW_DB_URL:jdbc:postgresql://20.214.91.15:5432/hiorder_review} + username: ${REVIEW_DB_USERNAME:hiorder_user} + password: ${REVIEW_DB_PASSWORD:hiorder_pass} + driver-class-name: org.postgresql.Driver + + jpa: + hibernate: + ddl-auto: ${JPA_DDL_AUTO:update} + show-sql: ${JPA_SHOW_SQL:false} + properties: + hibernate: + format_sql: true + dialect: org.hibernate.dialect.PostgreSQLDialect + data: + redis: + host: ${REDIS_HOST:localhost} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + + servlet: + multipart: + max-file-size: ${MAX_FILE_SIZE:10MB} + max-request-size: ${MAX_REQUEST_SIZE:50MB} + +file-storage: + base-path: ${FILE_STORAGE_PATH:/var/hiorder/uploads} + allowed-extensions: jpg,jpeg,png,gif,webp + max-file-size: 10485760 # 10MB + +springdoc: + api-docs: + path: /docs/review/api-docs + swagger-ui: + enabled: true + path: /docs/review/swagger-ui.html diff --git a/store/src/main/java/com/ktds/hi/store/config/SecurityConfig.java b/store/src/main/java/com/ktds/hi/store/config/SecurityConfig.java index 74dba58..8e5efbb 100644 --- a/store/src/main/java/com/ktds/hi/store/config/SecurityConfig.java +++ b/store/src/main/java/com/ktds/hi/store/config/SecurityConfig.java @@ -1,50 +1,49 @@ -package com.ktds.hi.store.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; -import org.springframework.security.web.SecurityFilterChain; -import org.springframework.web.cors.CorsConfigurationSource; - -import lombok.RequiredArgsConstructor; - -/** - * Analytics 서비스 보안 설정 클래스 - * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 - */ -@Configuration -@EnableWebSecurity -@RequiredArgsConstructor -public class SecurityConfig { - - private final CorsConfigurationSource corsConfigurationSource; - - @Bean - public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { - http - .csrf(AbstractHttpConfigurer::disable) - .cors(cors -> cors.configurationSource(corsConfigurationSource)) - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) - .authorizeHttpRequests(auth -> auth - // Swagger 관련 경로 모두 허용 - .requestMatchers("/swagger-ui.html","/swagger-ui/**", "/swagger-ui.html").permitAll() - .requestMatchers("/api-docs/**", "/v3/api-docs/**").permitAll() - .requestMatchers("/swagger-resources/**", "/webjars/**").permitAll() - - // Analytics API 모두 허용 (테스트용) - .requestMatchers("/api/analytics/**").permitAll() - .requestMatchers("/api/action-plans/**").permitAll() - - // Actuator 엔드포인트 허용 - .requestMatchers("/actuator/**").permitAll() - - // 기타 모든 요청 허용 (테스트용) - .anyRequest().permitAll() - ); - - return http.build(); - } -} +package com.ktds.hi.store.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.web.cors.CorsConfigurationSource; + +import lombok.RequiredArgsConstructor; + +/** + * Analytics 서비스 보안 설정 클래스 + * 테스트를 위해 모든 엔드포인트를 인증 없이 접근 가능하도록 설정 + */ +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class SecurityConfig { + + private final CorsConfigurationSource corsConfigurationSource; + + @Bean + public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { + http + .csrf(AbstractHttpConfigurer::disable) + .cors(cors -> cors.configurationSource(corsConfigurationSource)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(auth -> auth + // Swagger 관련 경로 모두 허용 + .requestMatchers("/docs/store/swagger-ui.html","/docs/store/swagger-ui/**").permitAll() + .requestMatchers("/docs/store/api-docs/**").permitAll() + .requestMatchers("/docs/store/swagger-resources/**", "/webjars/**").permitAll() + + // Analytics API 모두 허용 (테스트용) + .requestMatchers("/api/external/**").permitAll() + + // Actuator 엔드포인트 허용 + .requestMatchers("/actuator/**").permitAll() + + // 기타 모든 요청 허용 (테스트용) + .anyRequest().permitAll() + ); + + return http.build(); + } +} diff --git a/store/src/main/java/com/ktds/hi/store/config/SwaggerConfig.java b/store/src/main/java/com/ktds/hi/store/config/SwaggerConfig.java new file mode 100644 index 0000000..ff88936 --- /dev/null +++ b/store/src/main/java/com/ktds/hi/store/config/SwaggerConfig.java @@ -0,0 +1,35 @@ +package com.ktds.hi.store.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import io.swagger.v3.oas.models.Components; +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.info.Info; +import io.swagger.v3.oas.models.security.SecurityRequirement; +import io.swagger.v3.oas.models.security.SecurityScheme; +import io.swagger.v3.oas.models.servers.Server; + +@Configuration +public class SwaggerConfig { + + @Bean + public OpenAPI openAPI() { + final String securitySchemeName = "Bearer Authentication"; + + return new OpenAPI() + .addServersItem(new Server().url("/")) + .info(new Info() + .title("하이오더 매장 관리 서비스 API") + .description("매장, 외부연동관련 API") + .version("1.0.0")) + .addSecurityItem(new SecurityRequirement() + .addList(securitySchemeName)) + .components(new Components() + .addSecuritySchemes(securitySchemeName, new SecurityScheme() + .name(securitySchemeName) + .type(SecurityScheme.Type.HTTP) + .scheme("bearer") + .bearerFormat("JWT"))); + } +} \ No newline at end of file diff --git a/store/src/main/resources/application.yml b/store/src/main/resources/application.yml index 1d20a51..fa9b7bb 100644 --- a/store/src/main/resources/application.yml +++ b/store/src/main/resources/application.yml @@ -1,48 +1,48 @@ -server: - port: ${STORE_SERVICE_PORT:8082} - -spring: - application: - name: store-service - - datasource: - url: ${STORE_DB_URL:jdbc:postgresql://20.249.154.116:5432/hiorder_store} - username: ${STORE_DB_USERNAME:hiorder_user} - password: ${STORE_DB_PASSWORD:hiorder_pass} - driver-class-name: org.postgresql.Driver - - jpa: - hibernate: - ddl-auto: ${JPA_DDL_AUTO:update} - show-sql: ${JPA_SHOW_SQL:false} - properties: - hibernate: - format_sql: true - dialect: org.hibernate.dialect.PostgreSQLDialect - - data: - redis: - host: ${REDIS_HOST:localhost} - port: ${REDIS_PORT:6379} - password: ${REDIS_PASSWORD:} - -external-api: - naver: - client-id: ${NAVER_CLIENT_ID:} - client-secret: ${NAVER_CLIENT_SECRET:} - base-url: https://openapi.naver.com - kakao: - api-key: ${KAKAO_API_KEY:} - base-url: https://dapi.kakao.com - google: - api-key: ${GOOGLE_API_KEY:} - base-url: https://maps.googleapis.com - hiorder: - api-key: ${HIORDER_API_KEY:} - base-url: ${HIORDER_BASE_URL:https://api.hiorder.com} - -springdoc: - api-docs: - path: /api-docs - swagger-ui: - path: /swagger-ui.html +server: + port: ${STORE_SERVICE_PORT:8082} + +spring: + application: + name: store-service + + datasource: + url: ${STORE_DB_URL:jdbc:postgresql://20.249.154.116:5432/hiorder_store} + username: ${STORE_DB_USERNAME:hiorder_user} + password: ${STORE_DB_PASSWORD:hiorder_pass} + driver-class-name: org.postgresql.Driver + + jpa: + hibernate: + ddl-auto: ${JPA_DDL_AUTO:update} + show-sql: ${JPA_SHOW_SQL:false} + properties: + hibernate: + format_sql: true + dialect: org.hibernate.dialect.PostgreSQLDialect + + data: + redis: + host: ${REDIS_HOST:localhost} + port: ${REDIS_PORT:6379} + password: ${REDIS_PASSWORD:} + +external-api: + naver: + client-id: ${NAVER_CLIENT_ID:} + client-secret: ${NAVER_CLIENT_SECRET:} + base-url: https://openapi.naver.com + kakao: + api-key: ${KAKAO_API_KEY:} + base-url: https://dapi.kakao.com + google: + api-key: ${GOOGLE_API_KEY:} + base-url: https://maps.googleapis.com + hiorder: + api-key: ${HIORDER_API_KEY:} + base-url: ${HIORDER_BASE_URL:https://api.hiorder.com} + +springdoc: + api-docs: + path: /docs/store/api-docs + swagger-ui: + path: /docs/store/swagger-ui.html