학원 수업 64일차 221121

• 9-10

프로젝트명 : springWebSecurity04
https://www.thymeleaf.org/ecosystem.html#thymeleaf-spring-security
https://github.com/thymeleaf/thymeleaf-extras-springsecurity#namespace

<html xmlns:sec="http://www.thymeleaf.org/extras/spring-security">

 

 

Thymeleaf-based equivalent to the Spring Security JSP tag library.
Adds new expression utility objects like #authentication and #authorization for integrating Spring Security capabilities into Thymeleaf expressions.
Adds new attributes like sec:authentication and sec:authorized for easier configuration of security.

https://www.thymeleaf.org/doc/articles/springsecurity.html

<div sec:authorize="isAuthenticated()">
  This content is only shown to authenticated users.
</div>
<div sec:authorize="hasRole('ROLE_ADMIN')">
  This content is only shown to administrators.
</div>
<div sec:authorize="hasRole('ROLE_USER')">
  This content is only shown to users.
</div>

Common Built-In Expressions
https://docs.spring.io/spring-security/reference/servlet/authorization/expression-based.html#el-common-built-in
isAnonymous()

th:if="${#authorization.expr('isAuthenticated()')}" 
동일한 표현 sec:authorize="isAuthenticated()"

오늘은 소셜로그인 데이~
OAuth2 Client

 

 

• 10-11

CommonOAuth2Provider
gcp
https://console.cloud.google.com/
API 및 서비스 > OAuth 동의화면

 

 

• 11-12

Setting the redirect URI
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html#oauth2login-sample-redirect-uri
In the "Set a redirect URI" sub-section, 
ensure that the Authorized redirect URIs field is set to localhost:8080/login/oauth2/code/google.
프로젝트 > API 및 서비스 > 사용자 인증정보 > 승인된 리디렉션 URI
https://console.cloud.google.com/apis/credentials/oauthclient/364292294896-1dg19pnjf9sva5170oeju4nvh0bcju69.apps.googleusercontent.com?project=ultra-zenith-369301&supportedpurview=project 

 

 

• 12-1

(/springWebSecurity04/src/main/java/com/green/nowon/domain/entity/MemberEntity.java)
private boolean social; //true(1) or false(0)
추가

@Service?

 

 

• 2-3

프로젝트명 : springWebSecurity05OAuth2
HttpSecurity
https://docs.spring.io/spring-security/reference/servlet/configuration/java.html#jc-httpsecurity

gcp 구글 클라우드 플랫폼
https://console.cloud.google.com/welcome
프로젝트 생성 > API 및 서비스 > 사용자 인증 정보 > 사용자 인증 정보 만들기 > 
OAuth 클라이언트 ID 만들기 > 동의 화면 구성 > 범위(userinfo.email, userinfo.profile, openid)

사용자 인증 정보 > 사용자 인증 정보 만들기 > 애플리케이션 유형 (웹 애플리케이션)
> 승인된 리디렉션 URI - http://localhost:8080/login/oauth2/code/google 넣기
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html#oauth2login-sample-redirect-uri

 

 

• 3-4

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html#servlet-csrf-configure

@EnableWebSecurity
public class WebSecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
        .csrf(csrf -> csrf
        .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
        );

        return http.build();
    }
}

Include the CSRF Token
https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html#servlet-csrf-include

DaoAuthenticationProvider
https://docs.spring.io/spring-security/reference/servlet/authentication/passwords/dao-authentication-provider.html

UserDetailsService
https://docs.spring.io/spring-security/reference/servlet/authentication/passwords/user-details-service.html#servlet-authentication-userdetailsservice

 

 

• 4-5

https://docs.spring.io/spring-security/reference/servlet/exploits/csrf.html#servlet-csrf-include-form-attr
CsrfToken Request Attribute

<input type="hidden" th:name="${_csrf.parameterName}"
th:value="${_csrf.token}"/>

th넣어줘야함

Spring Security > Servlet Applications > OAuth2 > OAuth2 Log In > Core Configuration
Core Configuration
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/core.html
Advanced Configuration > OAuth 2.0 Login Page
https://docs.spring.io/spring-security/reference/servlet/oauth2/login/advanced.html#oauth2login-advanced-login-page
<a href="/oauth2/authorization/google">Google</a>

구글 소셜 로그인
(/springWebSecurity05OAuth2/src/main/java/com/green/nowon/security/SecurityConfig.java)
(/springWebSecurity05OAuth2/src/main/java/com/green/nowon/security/MyOAuth2UserService.java)

 

 

• 5-6

Thymeleaf + Spring Security
https://www.thymeleaf.org/ecosystem.html#thymeleaf-spring-security

https://github.com/thymeleaf/thymeleaf-extras-springsecurity#namespace

(com.green.nowon.security)

로그인 정보 표시