server remoteaddr and ip check

2025-12-18 23:46:21 +09:00
parent ce402ef828
commit 84c3286fab
35 changed files with 6769 additions and 551 deletions
--- a/목록(관리자&부서)조회.http
+++ b/목록(관리자&부서)조회.http
@@ -1,6 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/itg/appr?page=1&row=10
 sabun: psn14020
 ###
--- a/승인목록(본인)조회.http
+++ b/승인목록(본인)조회.http
@@ -1,6 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/itg/appr/req?page=1&row=10
 sabun: 17131303
 ###
--- a/api/approval/가격조사
+++ b/api/approval/가격조사
@@ -1,16 +0,0 @@
 PUT http://localhost:8010//api/appr
 sabun: 17131304
 Content-Type: application/json
 {
  "apprNo": "APPR-0000000040",
  "apprOrd": 4,
  "sabun": "17131304",
  "apprStatCd": "0200",
  "reason": ""
 }
 ###
 #APPR-20250519017,20,17131303,김진형,0000,결재요청
 #APPR-20250519017,30,17131304,손원장,0000,결재요청
--- a/api/business/비밀번호
+++ b/api/business/비밀번호
@@ -1,12 +0,0 @@
 PUT http://localhost:8010//api/business/password
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OCIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk4IiwiaWF0IjoxNzQ2MDEyNjcyLCJleHAiOjE3NDYwMTI5NzJ9.RaT9wa3_8oPeL6nWv1_uM6QlY1mcHyCN2tC6sP_N03w
 Content-Type: application/json
 {
  "bizNo": "999-99-99998",
  "oldPwd": "kospo2025!",
  "pwd": "kospo2024!",
  "rePwd": "kospo2024!"
 }
 ###
--- a/api/business/회원가입.http
+++ b/api/business/회원가입.http
@@ -1,13 +0,0 @@
 POST http://localhost:8010//api/business
 Content-Type: application/json
 {
  "bizNo": "999-99-99998",
  "pwd": "kospo2025!",
  "rePwd": "kospo2025!",
  "compNm": "테스트2",
  "repNm": "테스트2",
  "email": "bangae1@gmail.com"
 }
 ###
--- a/api/business/회원정보
+++ b/api/business/회원정보
@@ -1,12 +0,0 @@
 PUT http://localhost:8010//api/business
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OCIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk4IiwiaWF0IjoxNzQ2MDEyNjcyLCJleHAiOjE3NDYwMTI5NzJ9.RaT9wa3_8oPeL6nWv1_uM6QlY1mcHyCN2tC6sP_N03w
 Content-Type: application/json
 {
  "bizNo": "999-99-99998",
  "compNm": "테스트3",
  "repNm": "테스트3",
  "email": "bangae3@gmail.com"
 }
 ###
--- a/api/business/회원탈퇴.http
+++ b/api/business/회원탈퇴.http
@@ -1,5 +0,0 @@
 DELETE http://localhost:8010//api/business/999-99-99998
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OCIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk4IiwiaWF0IjoxNzQ2MDEyNjcyLCJleHAiOjE3NDYwMTI5NzJ9.RaT9wa3_8oPeL6nWv1_uM6QlY1mcHyCN2tC6sP_N03w
 Content-Type: application/json
 ###
--- a/api/contract/계약관리
+++ b/api/contract/계약관리
@@ -1,4 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/cont/CONT-0000000005
 ###
--- a/api/contract/계약관리
+++ b/api/contract/계약관리
@@ -1,5 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/cont/page
    ?cateStatCd=&signSdt=&signEdt=&page=1&row=10
 ###
--- a/api/contract/계약관리수정.http
+++ b/api/contract/계약관리수정.http
--- a/api/contract/계약관리저장.http
+++ b/api/contract/계약관리저장.http
--- a/api/drm.http
+++ b/api/drm.http
--- a/api/dtlSpec/상세규격
+++ b/api/dtlSpec/상세규격
--- a/api/estimate/견적서(첨부파일)
+++ b/api/estimate/견적서(첨부파일)
@@ -1,4 +0,0 @@
 DELETE http://localhost:8010/api/bid/BID-0000000009/1
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OSIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk5IiwiaWF0IjoxNzQ1NTkwNjQ3LCJleHAiOjE3NDU1OTA5NDd9.a9nwoQTDV702VbU0HnP1jS8SGhFi_3UjkjdBcjoDzCE
 ###
--- a/api/estimate/견적수정.http
+++ b/api/estimate/견적수정.http
@@ -1,24 +0,0 @@
 PUT http://localhost:8010/api/estimate
 Content-Type: application/json
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OSIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk5IiwiaWF0IjoxNzQ3MDQ4NDI5LCJleHAiOjE3NDcwNTAyMjl9.6SzI3eiNVmXOz1s1p8ab26fT80rbSJBfoDlKLQ4z5Sg
 {
  "estimates": [
    {
      "estNo": "EST-0000000003",
      "mngNm": "조진우",
      "unitPrc": 2,
      "amt": 40000
    },
    {
      "estNo": "EST-0000000004",
      "mngNm": "조진우",
      "unitPrc": 12,
      "amt": 60000
    }
  ],
  "pbAtts": []
 }
 ###
--- a/api/estimate/견적저장.http
+++ b/api/estimate/견적저장.http
--- a/api/estimate/견적조회.http
+++ b/api/estimate/견적조회.http
@@ -1,6 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/estimate
    ?prcsNo=PRCS-0000000006
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OSIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk5IiwiaWF0IjoxNzQ3MDQ4NDI5LCJleHAiOjE3NDcwNTAyMjl9.6SzI3eiNVmXOz1s1p8ab26fT80rbSJBfoDlKLQ4z5Sg
 ###
--- a/api/login/사업자로그인.http
+++ b/api/login/사업자로그인.http
@@ -1,10 +0,0 @@
 ### GET request to example server
 POST http://localhost:8010/api/login
 Content-Type: application/json
 {
  "bizNo": "111-11-11111",
  "pwd": "kospo2025!"
 }
 ###
--- a/api/price_survey/(외부)가격조사_견적관리
+++ b/api/price_survey/(외부)가격조사_견적관리
@@ -1,6 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/prcs/external/page
    ?cateCd=&stCd=&regNm=&regSdt=&regEdt=&page=1&row=10
 Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJiaXpObyI6Ijk5OS05OS05OTk5OSIsImlwIjoiMTI3LjAuMC4xIiwic3ViIjoiOTk5LTk5LTk5OTk5IiwiaWF0IjoxNzQ2MDEzMjAwLCJleHAiOjE3NDYwMTM1MDB9.2mSDvhpXtvkYHeRr_d1tiKvnSU0OGehBq0ce1AOvXnE
 ###
--- a/api/price_survey/가격조사상세조회.http
+++ b/api/price_survey/가격조사상세조회.http
@@ -1,4 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/prcs/PRCS-20250523052
 ###
--- a/api/price_survey/가격조사수정.http
+++ b/api/price_survey/가격조사수정.http
@@ -1,54 +0,0 @@
 PUT http://localhost:8010//api/prcs
 Content-Type: application/json
 {
  "prcsNo": "PRCS-20250530003",
  "cateCd": "0200",
  "title": "가격조사 결재 테스트",
  "content": "시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n시나리오테스트입니다.\n",
  "regSdat": "2025-04-01",
  "regEdat": "2025-07-30",
  "prvYn": false,
  "prvRsn": "",
  "prvPwd": "",
  "aiYn": false,
  "prcsAtts": [
  ],
  "dtlSpecs": [
  ],
  "apprReqs": [
    {
      "gubunCd": "",
      "apprNo": "APPR-0000000066",
      "sabun": "psn14020",
      "name": "조진우",
      "attendCd": ""
    },
    {
      "gubunCd": "0100",
      "apprNo": "APPR-0000000066",
      "sabun": "17131303",
      "name": "김진형",
      "attendCd": ""
    },
    {
      "gubunCd": "0200",
      "apprNo": "APPR-0000000066",
      "sabun": "17131304",
      "name": "손원장",
      "attendCd": "01"
    }
  ],
  "prcsBizs": [
    {
      "bizNo": "999-99-99999",
      "email": "bangae2@gmail.com"
    },
    {
      "bizNo": "111-11-11111",
      "email": "bangae1@gmail.com"
    }
  ]
 }
 ###
--- a/api/price_survey/가격조사수정_Test.http
+++ b/api/price_survey/가격조사수정_Test.http
@@ -1,46 +0,0 @@
 PUT https://svcm.hmsn.ink//api/prcs
 Content-Type: application/json
 {
  "prcsNo": "PRCS-20250521023",
  "cateCd": "0000",
  "title": "4층 파티션 구매123",
  "content": "싼거 찾아요123",
  "regSdat": "2025-05-01",
  "regEdat": "2025-05-03",
  "prvYn": true,
  "prvRsn": "",
  "prvPwd": "",
  "aiYn": true,
  "prcsBizs": [
    {
      "bizNo": "999-99-99999",
      "email": "aa@gmail.com"
    },
    {
      "bizNo": "111-11-11111",
      "email": "bb@gmail.com"
    }
  ],
  "prcsAtts": [],
  "apprReqs": [
    {
      "gubunCd": "0000",
      "sabun": "psn14020",
      "name": "조진우",
      "apprNo": "APPR-0000000023",
      "apprOrd": 1,
      "attendCd": null
    },
    {
      "gubunCd": "0100",
      "sabun": "15000007",
      "name": "조용식",
      "apprNo": "APPR-0000000023",
      "apprOrd": 2,
      "attendCd": null
    }
  ]
 }
 ###
--- a/api/price_survey/가격조사완료처리.http
+++ b/api/price_survey/가격조사완료처리.http
@@ -1,4 +0,0 @@
 PUT http://localhost:8010/api/prcs/survey/PRCS-20250526039
 Content-Type: application/json
 ###
--- a/api/price_survey/가격조사저장.http
+++ b/api/price_survey/가격조사저장.http
--- a/api/price_survey/가격조사조회(페이징).http
+++ b/api/price_survey/가격조사조회(페이징).http
@@ -1,5 +0,0 @@
 ### GET request to example server
 GET http://localhost:8010/api/prcs/page
    ?cateCd=&stCd=&regNm=&regSdt=&regEdt=&page=1&row=10
 ###
--- a/api/price_survey/가격조사회수.http
+++ b/api/price_survey/가격조사회수.http
@@ -1,3 +0,0 @@
 PUT http://localhost:8010/api/prcs/ret/PRCS-20250522037
 Content-Type: application/json
 ###
--- a/api/sapAppr/sap결재상태
+++ b/api/sapAppr/sap결재상태
@@ -1,10 +0,0 @@
 PUT http://localhost:8010/api/sap/appr
 sabun: 17131303
 Content-Type: application/json
 {
  "wkfid": "FI2025900017",
  "wkfsq": 2,
  "bname": "17131303",
  "wkfst": "A"
 }
--- a/api/sapAppr/sap협조
+++ b/api/sapAppr/sap협조
@@ -1,33 +0,0 @@
 POST http://localhost:8010/api/sap/appr
 sabun: 15000062
 Content-Type: application/json
 {
  "wkfid": "FI2025900017",
  "apprs": [
    {
      "label": "협조",
      "value": [
        {
          "lineclsf": "Q",
          "bname": "15000062",
          "abscd": "",
          "grpid": 2
        },
        {
          "lineclsf": "I",
          "bname": "15000057",
          "abscd": "",
          "grpid": 2
        },
        {
          "lineclsf": "A",
          "bname": "15000056",
          "abscd": "",
          "grpid": 2
        }
      ]
    }
  ]
 }
--- a/api/site.http
+++ b/api/site.http
@@ -0,0 +1,12 @@
 POST http://localhost:8010/api/token
 Content-Type: application/json
 {
  "domain": "http://dl.kospo.co.kr:7010",
  "ip": "10.130.8.55"
 }
 ###
 #APPR-20250519017,20,17131303,김진형,0000,결재요청
 #APPR-20250519017,30,17131304,손원장,0000,결재요청
--- a/api/slip/임시전표수정(결재만
+++ b/api/slip/임시전표수정(결재만
@@ -1,47 +0,0 @@
 PUT http://localhost:8010/api/slip
 Content-Type: application/json
 {
  "contNo": "CONT-20250527037",
  "zwf0011t": {
    "belnr": "0604103229",
    "wkfid": "FI2025900014",
    "apprs": [
      {
        "label": "결재",
        "value": [
          {
            "lineclsf": "Q",
            "bname": "psn14020",
            "abscd": ""
          },
          {
            "lineclsf": "I",
            "bname": "17131303",
            "abscd": ""
          },
          {
            "lineclsf": "I",
            "bname": "15000004",
            "abscd": "A"
          },
          {
            "lineclsf": "E",
            "bname": "15000037",
            "abscd": ""
          },
          {
            "lineclsf": "E",
            "bname": "15000062",
            "abscd": ""
          },
          {
            "lineclsf": "A",
            "bname": "15000005",
            "abscd": ""
          }
        ]
      }
    ]
  }
 }
--- a/api/slip/임시전표저장.http
+++ b/api/slip/임시전표저장.http
@@ -1,71 +0,0 @@
 POST http://localhost:8010/api/slip
 Content-Type: application/json
 {
  "contNo": "CONT-20250527037",
  "bldat": "20250501",
  "budat": "20250502",
  "waers": "KRW",
  "bktxt": "전표 생성 테스트1",
  "lifnr": "999-99-99999",
  "wrbtr": "1203",
  "mwskz": "V4",
  "gsber": "1000",
  "bupla": "1000",
  "zterm": "PF00",
  "banks": "KR",
  "bankl": "012",
  "bankn": "3510876657453",
  "hkont": "5366010",
  "wrbtrS": "1102",
  "kostl": "12330",
  "projk": "",
  "trtGubun": "11",
  "txBillSeq": "202503231",
  "slipAtts": [
    {
      "logiFnm": "sapApprTest.pdf",
      "data": "4paR4paS4paT4paI4pa6IFdpbmRvd3MgWC1MaXRlIOKXhOKWiOKWk+KWkuKWkQ0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0K4oCiIEN1c3RvbSBXaW5kb3dzIEJ1aWxkcyBkZXNpZ25lZCB0byBCcmVhdGhlIE5ldyBMaWZlIGludG8geW91ciBQQyENCuKAoiBTbWFsbGVyLCBMaWdodGVyLCBGYXN0ZXIgYW5kIE1vcmUgUmVzcG9uc2l2ZS4NCuKAoiBFbmhhbmNlZCBQcml2YWN5LCBBY2Nlc3NpYmlsaXR5IGFuZCBDb250cm9sLg0K4oCiIDEwMCUgQ2xlYW4uIDEwMCUgU2FmZS4gMTAwJSBPcHRpbWl6ZWQuDQrigKIgQXJlIFlvdSBSZWFkeSBUbyBUYWtlIFlvdXIgV2luZG93cyBleHBlcmllbmNlIHRvIHRoZSBOZXh0IExldmVsIT8NCg0KICDimJEgQ09NRSBWSVNJVCBVUyEg4piRDQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCuKeoe+4jyBodHRwczovL3dpbmRvd3N4bGl0ZS5jb20NCuKeoe+4jyBodHRwczovL3d3dy55b3V0dWJlLmNvbS9AV2luZG93c1gtTGl0ZQ0K4p6h77iPIGh0dHBzOi8va28tZmkuY29tL3dpbmRvd3N4bGl0ZQ0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQrinaTvuI8gWW91IGNhbiBIZWxwIFN1cHBvcnQgVGhpcyBQcm9qZWN0IGJ5IERvbmF0aW5nIQ0K4p6h77iPIGh0dHBzOi8va28tZmkuY29tL3dpbmRvd3N4bGl0ZQ0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQrinaTvuI8gWW91IENhbiBIZWxwIFN1cHBvcnQgVGhpcyBQcm9qZWN0IGJ5IERpc2FibGluZyBBZCBCbG9ja2Vycw0KYW5kIGNsaWNraW5nIGFkcyB0aGF0IGludGVyZXN0IHlvdSB3aGlsZSB2aXNpdGluZyBvdXIgV2Vic2l0ZSBhbmQgb3VyIFlvdVR1YmUgQ2hhbm5lbCENCi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0K4p6h77iPIFRoYW5rIHlvdSBmb3IgeW91ciBzdXBwb3J0LCBhbmQgZm9yIGJlaW5nIGEgcGFydCBvZiBvdXIgY29tbXVuaXR5IQ0K4p6h77iPIFlvdXJzIFRydWx5IC0gRkJDb25hbiAmIFRoZSBXaW5kb3dzIFgtTGl0ZSBUZWFtDQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg=="
    }
  ],
  "zwf0011t": {
    "wkftx": "결재 테스트 11",
    "apprs": [
      {
        "label": "결재",
        "value": [
          {
            "lineclsf": "Q",
            "bname": "psn14020",
            "abscd": ""
          },
          {
            "lineclsf": "I",
            "bname": "17131303",
            "abscd": ""
          },
          {
            "lineclsf": "I",
            "bname": "15000004",
            "abscd": "A"
          },
          {
            "lineclsf": "E",
            "bname": "15000037",
            "abscd": ""
          },
          {
            "lineclsf": "E",
            "bname": "15000062",
            "abscd": ""
          },
          {
            "lineclsf": "A",
            "bname": "15000005",
            "abscd": ""
          }
        ]
      }
    ]
  }
 }
--- a/log.config.path_IS_UNDEFINED/err_log.log
+++ b/log.config.path_IS_UNDEFINED/err_log.log
@@ -0,0 +1,3 @@
 ERROR 25-12-18 23:43:01[http-nio-0.0.0.0-8010-exec-1] [CustomExceptionHandler:111] - [33m[EVENT_TIME: Thu Dec 18 23:43:01 KST 2025 | CONTROLLER_NAME : BasicErrorController | METHOD_NAME : error | EXCEPTION_LINE : 320 | EXCEPTION_NAME : AsyncRequestNotUsableException | DETAIL : ServletOutputStream failed to write: java.nio.channels.ClosedChannelException | REQUEST_URI : /error][0m
 ERROR 25-12-18 23:44:45[http-nio-0.0.0.0-8010-exec-1] [CustomExceptionHandler:111] - [33m[EVENT_TIME: Thu Dec 18 23:44:45 KST 2025 | CONTROLLER_NAME : DrmController | METHOD_NAME : decrypt | EXCEPTION_LINE : 48 | EXCEPTION_NAME : RuntimeException | DETAIL : java.nio.file.NoSuchFileException: C:/appl/drm/attach/enc/468a337e-6b8f-486a-9713-35d38632db0a | REQUEST_URI : /api/drm/decrypt][0m
 ERROR 25-12-18 23:45:11[http-nio-0.0.0.0-8010-exec-2] [CustomExceptionHandler:111] - [33m[EVENT_TIME: Thu Dec 18 23:45:11 KST 2025 | CONTROLLER_NAME : BasicErrorController | METHOD_NAME : error | EXCEPTION_LINE : 320 | EXCEPTION_NAME : AsyncRequestNotUsableException | DETAIL : ServletOutputStream failed to write: java.nio.channels.ClosedChannelException | REQUEST_URI : /error][0m
--- a/log.config.path_IS_UNDEFINED/log.config.filename_IS_UNDEFINED.log
+++ b/log.config.path_IS_UNDEFINED/log.config.filename_IS_UNDEFINED.log
--- a/src/main/java/com/kospo/drm/config/filter/CustomBasicAuthenticationFilter.java
+++ b/src/main/java/com/kospo/drm/config/filter/CustomBasicAuthenticationFilter.java
@@ -57,6 +57,12 @@ public class CustomBasicAuthenticationFilter extends BasicAuthenticationFilter {
        try {
            domain = jwtUtil.extractDomain(jwtToken);
            ip = jwtUtil.extractIp(jwtToken);
            String remoteIp = request.getRemoteAddr();
            String referer = request.getHeader("Referer");
            if(!domain.equals(referer)) throw new CustomNoMatchTokenException("sdf");
            if(!ip.equals(remoteIp)) throw new CustomNoMatchTokenException("sdf");
        } catch(ExpiredJwtException e) {
            System.out.println(e.getMessage());
            throw new CustomExpireTokenException(e.getMessage());
--- a/src/main/java/com/kospo/drm/config/jwt/JwtRequestFilter.java
+++ b/src/main/java/com/kospo/drm/config/jwt/JwtRequestFilter.java
@@ -26,6 +26,7 @@ public class JwtRequestFilter extends OncePerRequestFilter {
        final String requestTokenHeader = request.getHeader("Authorization");
        boolean isAnonymous = false;
        String domain = null;
        String ip = null;
        String jwtToken = null;
        if(requestTokenHeader != null && requestTokenHeader.startsWith("Bearer")) {
            jwtToken = requestTokenHeader.substring(7);