Merge pull request #57 from wafflestudio/feat/socialLogin

📝 added fallback filter
wafflestudio · Jan 22, 2025 · 6d0480e · 6d0480e
2 parents b9f3a95 + 3414498
commit 6d0480e
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt
@@ -7,6 +7,7 @@ import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher
 import org.springframework.stereotype.Component
@@ -67,6 +68,28 @@ class JwtAuthenticationFilter(
                 response.status = HttpServletResponse.SC_UNAUTHORIZED // Set 401 status
                 return
             }
+        } else if (SecurityContextHolder.getContext().authentication is OAuth2AuthenticationToken) {
+            // Fallback: Handle cases where OAuth2AuthenticationToken is still present
+            logger.debug("OAuth2AuthenticationToken detected; forcing JWT authentication fallback")
+
+            // Force re-authentication based on the token in the Authorization header
+            if (authHeader != null && authHeader.startsWith("Bearer ")) {
+                val token = authHeader.substring(7)
+                if (UserAccessTokenUtil.validateToken(token)) {
+                    val userId = UserAccessTokenUtil.getUserIdFromToken(token)
+                    val userDetails = userService.loadUserPrincipalById(userId)
+
+                    val authentication =
+                        UsernamePasswordAuthenticationToken(
+                            userDetails,
+                            null,
+                            userDetails.authorities,
+                        )
+                    authentication.details = WebAuthenticationDetailsSource().buildDetails(request)
+                    SecurityContextHolder.getContext().authentication = authentication
+                    logger.debug("Re-authentication completed for user: $userId")
+                }
+            }
         }
 
         // Continue the filter chain regardless of authentication