From 5ed22e1bc1482b2e1bc554f14c7a35f41b6feb0e Mon Sep 17 00:00:00 2001 From: LEEYONGJAE Date: Wed, 16 Oct 2024 17:39:22 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9E=90=EB=8F=99=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=EA=B4=80=EB=A0=A8=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../qcast/biz/community/BoardService.java | 3 +- .../qcast/biz/login/LoginController.java | 60 +++++++++++++++++++ .../qcast/biz/login/dto/UserResponse.java | 1 + src/main/resources/config/application-dev.yml | 3 +- .../resources/config/application-local.yml | 2 + src/main/resources/config/application-prd.yml | 2 + 6 files changed, 69 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/interplug/qcast/biz/community/BoardService.java b/src/main/java/com/interplug/qcast/biz/community/BoardService.java index 15de191c..030e3279 100644 --- a/src/main/java/com/interplug/qcast/biz/community/BoardService.java +++ b/src/main/java/com/interplug/qcast/biz/community/BoardService.java @@ -154,7 +154,8 @@ public class BoardService { response.setContentType("application/octet-stream"); response.setHeader("Content-Disposition", "attachment;"); - InputStream inputStream = new ByteArrayInputStream(strResponse.getBytes()); + InputStream inputStream = + new ByteArrayInputStream(strResponse.getBytes(StandardCharsets.UTF_8)); StreamUtils.copy(inputStream, response.getOutputStream()); response.flushBuffer(); diff --git a/src/main/java/com/interplug/qcast/biz/login/LoginController.java b/src/main/java/com/interplug/qcast/biz/login/LoginController.java index 3aa05075..de5cd633 100644 --- a/src/main/java/com/interplug/qcast/biz/login/LoginController.java +++ b/src/main/java/com/interplug/qcast/biz/login/LoginController.java @@ -1,5 +1,14 @@ package com.interplug.qcast.biz.login; +import java.time.LocalDate; +import java.time.format.DateTimeFormatter; +import java.util.Base64; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.PatchMapping; import org.springframework.web.bind.annotation.PostMapping; @@ -12,6 +21,9 @@ import com.interplug.qcast.biz.login.dto.LoginUser; import com.interplug.qcast.biz.login.dto.UserLoginResponse; import com.interplug.qcast.biz.login.dto.UserPassword; import com.interplug.qcast.biz.login.dto.UserResponse; +import com.interplug.qcast.config.Exception.ErrorCode; +import com.interplug.qcast.config.Exception.QcastException; +import com.interplug.qcast.config.message.Messages; import com.interplug.qcast.util.DefaultResponse; import io.swagger.v3.oas.annotations.Operation; import lombok.RequiredArgsConstructor; @@ -25,6 +37,16 @@ public class LoginController { // @Autowired private LoginService loginService; private final LoginService loginService; + @Autowired + Messages message; + + @Value("${qsp.aes256.key}") + String loginPasswordAesKey; + + @Value("${qsp.auto.login.aes256.key}") + String autoLoginAesKey; + + @Operation(description = "Q.CAST III에 로그인하여 사용자 정보를 획득한다.") @PostMapping("/v1.0/login") @ResponseStatus(HttpStatus.CREATED) @@ -56,4 +78,42 @@ public class LoginController { public DefaultResponse changePassword(@RequestBody UserPassword userPassword) throws Exception { return loginService.changePassword(userPassword); } + + @Operation(description = "자동 로그인에 사용하는 아이디를 암호화한다.") + @PostMapping("/v1.0/user/login/autoLoginEncryptData") + public String getAutoLoginEncryptData(@RequestBody LoginUser loginUser) throws Exception { + + String loginEncryptId = ""; + + if ("".equals(loginUser.getLoginId()) || loginUser.getLoginId() == null) { + throw new QcastException(ErrorCode.INVALID_INPUT_VALUE, + message.getMessage("common.message.required.data", "User Id")); + } + + try { + // [0]. AES 암호화 키 : 날짜(YYYYMMDD) + autoLoginAesKey + LocalDate today = LocalDate.now(); + DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyyMMdd"); + String formattedDate = today.format(formatter); + String encryptKey = formattedDate + autoLoginAesKey; + + // [1]. 암호화 진행 + byte[] keyData = loginPasswordAesKey.getBytes(); + SecretKey secureKey = new SecretKeySpec(keyData, "AES"); + Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); + c.init(Cipher.ENCRYPT_MODE, secureKey, + new IvParameterSpec(encryptKey.substring(0, 16).getBytes())); + byte[] encrypted = c.doFinal(loginUser.getLoginId().getBytes("UTF-8")); + + // [2]. 암호화 값 셋팅 + loginEncryptId = new String(Base64.getEncoder().encode(encrypted));; + + } catch (Exception e) { + throw new QcastException(ErrorCode.INTERNAL_SERVER_ERROR, + message.getMessage("common.message.error")); + } + + return loginEncryptId; + } + } diff --git a/src/main/java/com/interplug/qcast/biz/login/dto/UserResponse.java b/src/main/java/com/interplug/qcast/biz/login/dto/UserResponse.java index 4de758be..c5a2a338 100644 --- a/src/main/java/com/interplug/qcast/biz/login/dto/UserResponse.java +++ b/src/main/java/com/interplug/qcast/biz/login/dto/UserResponse.java @@ -23,5 +23,6 @@ public class UserResponse { private String email; // E-Mail private String pwdInitYn; // Password Init Yn private String storeLvl; // Store Level + private String groupId; // groupId } diff --git a/src/main/resources/config/application-dev.yml b/src/main/resources/config/application-dev.yml index cd3de6a1..b1f99bee 100644 --- a/src/main/resources/config/application-dev.yml +++ b/src/main/resources/config/application-dev.yml @@ -27,7 +27,8 @@ spring: qsp: url: http://172.23.4.129:8120 master-store-batch-url: /api/master/storeAdditionalInfo - + aes256.key: jpqcellQ123456!! + auto.login.aes256.key: _autoL!! #File file: root.path: C:\\ diff --git a/src/main/resources/config/application-local.yml b/src/main/resources/config/application-local.yml index d5c04cbf..0bd60d36 100644 --- a/src/main/resources/config/application-local.yml +++ b/src/main/resources/config/application-local.yml @@ -27,6 +27,8 @@ spring: qsp: url: http://localhost:8120 master-store-batch-url: /api/master/storeAdditionalInfo + aes256.key: jpqcellQ123456!! + auto.login.aes256.key: _autoL!! #File file: diff --git a/src/main/resources/config/application-prd.yml b/src/main/resources/config/application-prd.yml index 58ac63b4..34dd7c02 100644 --- a/src/main/resources/config/application-prd.yml +++ b/src/main/resources/config/application-prd.yml @@ -27,6 +27,8 @@ spring: qsp: url: http://jp.qsalesplatform.com master-store-batch-url: /api/master/storeAdditionalInfo + aes256.key: jpqcellQ123456!! + auto.login.aes256.key: _autoL!! #File file: