[feat] /ws-stomp/** 경로를 허용하지 않는 것 테스트

src/main/java/com/SafeNet/Backend/global/config/SecurityConfig.java

@@ -56,7 +56,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .exceptionHandling(exception -> exception
                         .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED)))  // 인증 실패시 HTTP 401 반환
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/", "/api/auth/**", "/swagger-ui/**", "/v3/api-docs/**", "/s3/test", "/ws-stomp/**").permitAll()  // 특정 경로에 대한 접근 허용
+                        .requestMatchers("/", "/api/auth/**", "/swagger-ui/**", "/v3/api-docs/**", "/s3/test").permitAll()  // 특정 경로에 대한 접근 허용
 //                        .requestMatchers(HttpMethod.GET,"/api/v2/posts/{postId}").permitAll()  // GET 요청 허용
                         .anyRequest().authenticated())  // 나머지 요청은 인증 필요
                 //.formLogin(form -> form

src/main/java/com/SafeNet/Backend/global/config/WebSockConfig.java

@@ -1,15 +1,31 @@
 package com.SafeNet.Backend.global.config;
 
+import com.SafeNet.Backend.global.auth.JwtTokenProvider;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.ServerHttpRequest;
+import org.springframework.http.server.ServerHttpResponse;
 import org.springframework.messaging.simp.config.MessageBrokerRegistry;
+import org.springframework.web.socket.WebSocketHandler;
 import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
 import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
 import org.springframework.web.socket.config.annotation.WebSocketMessageBrokerConfigurer;
+import org.springframework.web.socket.server.HandshakeInterceptor;
+
+import java.util.Map;
 
 @Configuration
 @EnableWebSocketMessageBroker
 public class WebSockConfig implements WebSocketMessageBrokerConfigurer {
 
+    private final JwtTokenProvider jwtTokenProvider;
+
+    public WebSockConfig(JwtTokenProvider jwtTokenProvider) {
+        this.jwtTokenProvider = jwtTokenProvider;
+    }
+
+
     @Override
     public void configureMessageBroker(MessageBrokerRegistry config) {
         config.enableSimpleBroker("/sub"); // 구독 요청은 /sub로 시작
@@ -19,6 +35,30 @@ public void configureMessageBroker(MessageBrokerRegistry config) {
     @Override
     public void registerStompEndpoints(StompEndpointRegistry registry) {
         registry.addEndpoint("/ws-stomp").setAllowedOriginPatterns("*") // stomp websocket 연결
+                .addInterceptors(new HandshakeInterceptor() {
+                    @Override
+                    public boolean beforeHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Map<String, Object> attributes) throws Exception {
+                        HttpHeaders headers = request.getHeaders();
+                        String token = headers.getFirst("ACCESS_TOKEN");
+                        if (token != null && token.startsWith("Bearer ")) {
+                            token = token.substring(7);
+                        } else {
+                            token = null;
+                        }
+                        if (jwtTokenProvider.validateToken(token)) {
+                            return true;
+                        } else {
+                            response.setStatusCode(HttpStatus.UNAUTHORIZED);
+                            return false;
+                        }
+                    }
+
+                    @Override
+                    public void afterHandshake(ServerHttpRequest request, ServerHttpResponse response, WebSocketHandler wsHandler, Exception exception) {
+                    }
+                })
                 .withSockJS();
+
     }
+
 }