From 3414498f0f5757987fdded477e04279068a97e00 Mon Sep 17 00:00:00 2001
From: Junghoon Kim <jafarock@naver.com>
Date: Thu, 23 Jan 2025 03:50:19 +0900
Subject: [PATCH] :pencil: added fallback filter

---
 .../security/JwtAuthenticationFilter.kt       | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt
index 6fab6ec..bea7bf0 100644
--- a/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt
+++ b/src/main/kotlin/com/toyProject7/karrot/security/JwtAuthenticationFilter.kt
@@ -7,6 +7,7 @@ import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher
 import org.springframework.stereotype.Component
@@ -67,6 +68,28 @@ class JwtAuthenticationFilter(
                 response.status = HttpServletResponse.SC_UNAUTHORIZED // Set 401 status
                 return
             }
+        } else if (SecurityContextHolder.getContext().authentication is OAuth2AuthenticationToken) {
+            // Fallback: Handle cases where OAuth2AuthenticationToken is still present
+            logger.debug("OAuth2AuthenticationToken detected; forcing JWT authentication fallback")
+
+            // Force re-authentication based on the token in the Authorization header
+            if (authHeader != null && authHeader.startsWith("Bearer ")) {
+                val token = authHeader.substring(7)
+                if (UserAccessTokenUtil.validateToken(token)) {
+                    val userId = UserAccessTokenUtil.getUserIdFromToken(token)
+                    val userDetails = userService.loadUserPrincipalById(userId)
+
+                    val authentication =
+                        UsernamePasswordAuthenticationToken(
+                            userDetails,
+                            null,
+                            userDetails.authorities,
+                        )
+                    authentication.details = WebAuthenticationDetailsSource().buildDetails(request)
+                    SecurityContextHolder.getContext().authentication = authentication
+                    logger.debug("Re-authentication completed for user: $userId")
+                }
+            }
         }
 
         // Continue the filter chain regardless of authentication