🐛 Bug - Token이 있는 경우에 Authentication 객체를 반환하지 않는 문제를 해결한다

oOccasio · web-flow · commit 4a75a9cdd66a · 2026-01-20T02:49:26.000+09:00
diff --git a/src/main/java/sopt/comfit/company/controller/CompanyController.java b/src/main/java/sopt/comfit/company/controller/CompanyController.java
@@ -1,13 +1,12 @@
 package sopt.comfit.company.controller;
 
-import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import lombok.RequiredArgsConstructor;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
-import org.springframework.web.bind.annotation.*;
-
-import java.util.List;
-
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
 import sopt.comfit.company.domain.EScale;
 import sopt.comfit.company.dto.response.*;
 import sopt.comfit.company.service.CompanyService;
@@ -16,6 +15,7 @@
 import sopt.comfit.global.enums.EIndustry;
 import sopt.comfit.global.enums.ESort;
 
+import java.util.List;
 @RestController
 @RequestMapping("/api/v1/companies")
 @RequiredArgsConstructor
diff --git a/src/main/java/sopt/comfit/global/config/WebConfig.java b/src/main/java/sopt/comfit/global/config/WebConfig.java
@@ -29,6 +29,6 @@ public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers)
     public void addInterceptors(InterceptorRegistry registry) {
         registry.addInterceptor(new UserInterceptor())
                 .addPathPatterns("/**")
-                .excludePathPatterns(Constants.NO_NEED_AUTH);
+                .excludePathPatterns(Constants.NO_NEED_AUTH_INTERCEPTOR);
     }
 }
diff --git a/src/main/java/sopt/comfit/global/constants/Constants.java b/src/main/java/sopt/comfit/global/constants/Constants.java
@@ -30,4 +30,21 @@ public class Constants {
             "/.well-known/**",
             "/api/v1/companies/**"
     );
+
+    public static List<String> NO_NEED_AUTH_INTERCEPTOR = List.of(
+            "/swagger",
+            "/swagger-ui.html",
+            "/swagger-ui/**",
+            "/api-docs",
+            "/api-docs/**",
+            "/v3/api-docs/**",
+            "/api/health",
+            "/api/health-check",
+            "/api/v1/login",
+            "/api/v1/re-issued",
+            "/actuator/**",
+            "/api/v1/oauth/kakao/callback",
+            "/favicon.ico",
+            "/.well-known/**"
+    );
 }
diff --git a/src/main/java/sopt/comfit/global/interceptor/pre/UserInterceptor.java b/src/main/java/sopt/comfit/global/interceptor/pre/UserInterceptor.java
@@ -12,6 +12,7 @@ public class UserInterceptor implements HandlerInterceptor {
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        log.info("authentication:{}",authentication.getName());
         request.setAttribute("USER_ID", Long.valueOf(authentication.getName()));
         return HandlerInterceptor.super.preHandle(request, response, handler);
     }
diff --git a/src/main/java/sopt/comfit/global/security/filter/JwtAuthenticationFilter.java b/src/main/java/sopt/comfit/global/security/filter/JwtAuthenticationFilter.java
@@ -33,7 +33,15 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request,
                                     HttpServletResponse response,
                                     FilterChain filterChain) throws ServletException, IOException {
-        log.info(request.getHeader(Constants.PREFIX_AUTH));
+
+
+        String header = request.getHeader(Constants.PREFIX_AUTH);
+        log.info("header:{}",header);
+
+        if (header == null || !header.startsWith("Bearer ")) {
+            filterChain.doFilter(request, response);
+            return;
+        }
         String token = HeaderUtil.refineHeader(request, Constants.PREFIX_AUTH, Constants.BEARER);
         Claims claim = jwtUtil.validateToken(token);
         log.info("claim: getUserId() = {}", claim.get(Constants.CLAIM_USER_ID, Long.class));
@@ -54,10 +62,4 @@ protected void doFilterInternal(HttpServletRequest request,
         filterChain.doFilter(request, response);
     }
 
-    @Override
-    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
-        return Constants.NO_NEED_AUTH.stream()
-                .anyMatch(patter -> Constants.PATH_MATCHER.match(patter, request.getRequestURI()));
-
-    }
 }

Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,6 @@ public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers)`
`29`	`29`	`public void addInterceptors(InterceptorRegistry registry) {`
`30`	`30`	`registry.addInterceptor(new UserInterceptor())`
`31`	`31`	`.addPathPatterns("/**")`
`32`		`- .excludePathPatterns(Constants.NO_NEED_AUTH);`
	`32`	`+ .excludePathPatterns(Constants.NO_NEED_AUTH_INTERCEPTOR);`
`33`	`33`	`}`
`34`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,7 @@ public class UserInterceptor implements HandlerInterceptor {`
`12`	`12`	`@Override`
`13`	`13`	`public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {`
`14`	`14`	`final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();`
	`15`	`+ log.info("authentication:{}",authentication.getName());`
`15`	`16`	`request.setAttribute("USER_ID", Long.valueOf(authentication.getName()));`
`16`	`17`	`return HandlerInterceptor.super.preHandle(request, response, handler);`
`17`	`18`	`}`