File name
Commit message
Commit date
2023-07-03
File name
Commit message
Commit date
2023-07-03
File name
Commit message
Commit date
File name
Commit message
Commit date
2023-07-03
2023-07-03
File name
Commit message
Commit date
2023-07-03
File name
Commit message
Commit date
2023-07-03
File name
Commit message
Commit date
2023-07-03
/*
* Copyright 2008-2009 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package itn.com.cmm.util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.multipart.MultipartHttpServletRequest;
import egovframework.rte.fdl.idgnr.impl.Base64;
public class TokenUtil {
private static final String TOKEN_KEY = "TOKEN_KEY";
private static final Logger logger = Logger.getLogger(TokenUtil.class.getName());
/**
* 로직처리를 위해 세션과 request에 Token 생성
*
* @param request
*/
public static void saveToken(HttpServletRequest request) {
HttpSession session = request.getSession(true);
long systemTime = System.currentTimeMillis();
byte[] time = new Long(systemTime).toString().getBytes();
byte[] id = session.getId().getBytes();
try {
MessageDigest SHA = MessageDigest.getInstance("SHA-256");
SHA.update(id);
SHA.update(time);
String token = Base64.encode(SHA.digest());
request.setAttribute(TOKEN_KEY, token);
session.setAttribute(TOKEN_KEY, token);
logger.error("#########################################################################");
logger.error("# Generate Token Key Value = " + token + " #");
logger.error("#########################################################################");
} catch (NoSuchAlgorithmException e) {
System.out.println("토큰에러");
}
}
/**
* 로직처리 이후 중복방지를 위해 세션의 Token 초기화
*
* @param request
*/
public static void resetToken(HttpServletRequest request) {
HttpSession session = request.getSession(true);
try {
session.removeAttribute(TOKEN_KEY);
} catch (Exception e) {
System.out.println("토큰에러");
}
}
/**
* 세션과 request의 Token이 동일한지 비교
*
* @param request
* @return
*/
public static boolean isTokenValid(HttpServletRequest request) {
HttpSession session = request.getSession(true);
String requestToken = request.getParameter(TOKEN_KEY);
String sessionToken = (String) session.getAttribute(TOKEN_KEY);
if (requestToken == null || sessionToken == null) {
logger.error("# null #");
return false;
} else {
logger.error("# notnull #");
return requestToken.equals(sessionToken);
}
}
}