Merge pull request #16 from ddankey/report

sycuuui · web-flow · commit 50d0779a9220 · 2025-05-05T22:19:29.000+09:00
feat: Cors Security 설정
diff --git a/build.gradle b/build.gradle
@@ -81,6 +81,9 @@ dependencies {
     annotationProcessor "com.querydsl:querydsl-apt:${dependencyManagement.importedProperties['querydsl.version']}:jakarta"
     annotationProcessor "jakarta.annotation:jakarta.annotation-api"
     annotationProcessor "jakarta.persistence:jakarta.persistence-api"
+
+    // AWS
+    implementation 'com.amazonaws:aws-java-sdk-s3:1.12.661'
 }
 
 tasks.named('test') {
diff --git a/src/main/java/com/ddanguizip/server/global/config/S3Config.java b/src/main/java/com/ddanguizip/server/global/config/S3Config.java
@@ -0,0 +1,32 @@
+package com.ddanguizip.server.global.config;
+
+import com.amazonaws.auth.AWSStaticCredentialsProvider;
+import com.amazonaws.auth.BasicAWSCredentials;
+import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.AmazonS3ClientBuilder;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class S3Config {
+
+    @Value("${cloud.aws.credentials.accessKey}")
+    private String accessKey;
+
+    @Value("${cloud.aws.credentials.secretKey}")
+    private String secretKey;
+
+    @Value("${cloud.aws.region.static}")
+    private String region;
+
+    @Bean
+    public AmazonS3 amazonS3Client() {
+        return AmazonS3ClientBuilder.standard()
+                .withCredentials(
+                        new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey))
+                )
+                .withRegion(region)
+                .build();
+    }
+}
diff --git a/src/main/java/com/ddanguizip/server/global/config/SecurityConfig.java b/src/main/java/com/ddanguizip/server/global/config/SecurityConfig.java
@@ -9,6 +9,11 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.List;
 
 
 @Configuration
@@ -18,6 +23,8 @@ public class SecurityConfig {
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        // CORS 허용, CSRF 비활성화
+        // httpBasic, httpFormLogin 비활성화
         http.cors(Customizer.withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
                 .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
@@ -31,4 +38,28 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 
         return http.build();
     }
+
+    /**
+     * CORS 허용하도록 커스터마이징 진행
+     * @return - 변경된 CORS 정책 정보 반환
+     */
+    @Bean
+    CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+
+        // 인증정보 주고받도록 허용
+        config.setAllowCredentials(true);
+        // 허용할 주소
+        config.setAllowedOriginPatterns(List.of("*"));
+        // 허용할 HTTP Method
+        config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
+        // 허용할 헤더 정보
+        config.setAllowedHeaders(List.of("*"));
+        config.setExposedHeaders(List.of("*"));
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+
+        return source;
+    }
 }
diff --git a/src/main/java/com/ddanguizip/server/global/util/S3Client.java b/src/main/java/com/ddanguizip/server/global/util/S3Client.java
@@ -0,0 +1,31 @@
+package com.ddanguizip.server.global.util;
+
+import com.amazonaws.HttpMethod;
+import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+
+@Component
+@RequiredArgsConstructor
+public class S3Client {
+
+    private final AmazonS3 amazonS3;
+
+    @Value("${cloud.aws.s3.bucket}")
+    private String bucket;
+
+    public String generatePreSignedUrl(String fileName, String contentType) {
+        Date expiration = new Date(System.currentTimeMillis() + 1000 * 60 * 5); // 5분 유효
+
+        GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucket, fileName)
+                .withMethod(HttpMethod.PUT)
+                .withExpiration(expiration);
+        request.setContentType(contentType);
+
+        return amazonS3.generatePresignedUrl(request).toString();
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -81,6 +81,9 @@ dependencies {`
`81`	`81`	`annotationProcessor "com.querydsl:querydsl-apt:${dependencyManagement.importedProperties['querydsl.version']}:jakarta"`
`82`	`82`	`annotationProcessor "jakarta.annotation:jakarta.annotation-api"`
`83`	`83`	`annotationProcessor "jakarta.persistence:jakarta.persistence-api"`
	`84`	`+`
	`85`	`+ // AWS`
	`86`	`+ implementation 'com.amazonaws:aws-java-sdk-s3:1.12.661'`
`84`	`87`	`}`
`85`	`88`
`86`	`89`	`tasks.named('test') {`