feat: set authorization header for certain api, not all

sopt-makers · Aug 5, 2024 · 9c66b91 · 9c66b91
1 parent af59ea6
commit 9c66b91
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 12 deletions.
diff --git a/src/main/java/sopt/org/homepage/common/constants/SecurityConstants.java b/src/main/java/sopt/org/homepage/common/constants/SecurityConstants.java
@@ -0,0 +1,17 @@
+package sopt.org.homepage.common.constants;
+
+import org.springframework.beans.factory.annotation.Value;
+
+public class SecurityConstants {
+    public static final String SCHEME_NAME = "Authorization";
+
+    @Value("${jwt.access}")
+    public static String JWT_KEY;
+
+    @Value("${jwt.refresh}")
+    private static String REFRESH_KEY;
+
+//    public static long EXPIRATION_TIME = 864_000_000; // 10 days
+
+    private SecurityConstants() {}
+}
diff --git a/src/main/java/sopt/org/homepage/config/AuthConfig.java b/src/main/java/sopt/org/homepage/config/AuthConfig.java
@@ -13,15 +13,8 @@ public class AuthConfig {
     @Value("${official.apikey}")
     private String apiKey;
 
-    @Value("${jwt.access}")
-    private String accessToken;
-
-    @Value("${jwt.refresh}")
-    private String refreshToken;
-
     @Value("${internal.playground.token}")
     private String playgroundToken;
 
 
-
 }
diff --git a/src/main/java/sopt/org/homepage/config/OpenApiConfig.java b/src/main/java/sopt/org/homepage/config/OpenApiConfig.java
@@ -11,6 +11,7 @@
 import io.swagger.v3.oas.models.security.SecurityScheme;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import sopt.org.homepage.common.constants.SecurityConstants;
 
 import java.util.List;
 
@@ -23,9 +24,7 @@ public OpenAPI openAPI() {
                 Info info = new Info().title("SOPT 공식홈페이지")
                         .description("Spring V2 API 문서");
 
-                String jwtSchemeName = "Authorization";
-                SecurityRequirement securityRequirement =
-                        new SecurityRequirement().addList(jwtSchemeName);
+                String jwtSchemeName = SecurityConstants.SCHEME_NAME;
 
                 Components components = new Components().addSecuritySchemes(jwtSchemeName,
                         new SecurityScheme()
@@ -36,9 +35,11 @@ public OpenAPI openAPI() {
                         .name(jwtSchemeName)
                 );
 
+                // To Add JWT Authorization Header, add this annotation to API
+                // @SecurityRequirement(name = SecurityConstants.SCHEME_NAME)
+
                 List<Server> serverV2 = List.of(new Server().url("/v2"));
 
-                return new OpenAPI().info(info).addSecurityItem(securityRequirement)
-                        .components(components).servers(serverV2);
+                return new OpenAPI().info(info).components(components).servers(serverV2);
         }
 }