From 5bd4c8ba3723f935cc92e25984ec02b0a5234fcd Mon Sep 17 00:00:00 2001 From: ijunho Date: Mon, 21 Jul 2025 11:08:40 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9B=B9=EC=84=9C=EB=B2=84=20=EA=B5=90?= =?UTF-8?q?=EC=B2=B4,=20=EC=84=B8=EC=85=98=EC=84=9C=EB=B2=84=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80,=20=EB=B3=B8=EC=9D=B8=EC=9D=B8=EC=A6=9D=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20=20-=20http1.1=20->=20http2.0=20=EC=9B=B9=EC=84=9C?= =?UTF-8?q?=EB=B2=84=20=EA=B5=90=EC=B2=B4=20=20-=20valkey=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=20=20-=20=EB=B3=B8=EC=9D=B8=EC=9D=B8=EC=A6=9D=20?= =?UTF-8?q?=EB=AA=A8=EB=93=88=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 53 +- .../com/cmm/session/HttpSessionConfig.java | 39 + .../cert/phone/service/CertPhoneService.java | 7 +- .../cert/phone/service/MberCertPhoneVO.java | 83 +- .../cert/phone/service/impl/CertPhoneDAO.java | 9 + .../service/impl/CertPhoneServiceImpl.java | 37 + .../phone/web/CertPhoneWebController.java | 45 ++ .../fax/addr/web/FaxAddrGroupController.java | 38 +- .../let/mjo/addr/web/AddrGroupController.java | 37 +- .../itn/let/mjo/test/web/TestController.java | 8 +- .../let/uat/uia/web/EgovLoginController.java | 146 ++-- .../let/uat/uia/web/EgovMypageController.java | 102 ++- .../itn/let/uat/uia/web/KmcCertChecker.java | 752 +++--------------- .../egovProps/globals_dev.properties | 16 +- .../egovProps/globals_local.properties | 7 +- .../egovProps/globals_prod.properties | 7 +- .../let/cert/MjonCertPhone_SQL_mysql.xml | 37 +- .../jsp/web/addr/AddrGroupListAjax.jsp | 4 +- .../jsp/web/cop/bbs/include/mberSecession.jsp | 4 +- .../jsp/web/fax/addr/FaxAddrGroupListAjax.jsp | 4 +- .../WEB-INF/jsp/web/login/findUserId.jsp | 4 +- .../web/login/humanPageAuthenticatedPage.jsp | 4 +- .../jsp/web/login/test_usrCheckTerms.jsp | 4 +- .../WEB-INF/jsp/web/login/usrCheckTerms.jsp | 33 +- .../jsp/web/login/usrCheckTerms_back2.jsp | 4 +- .../jsp/web/user/mberCompanyInfoChange.jsp | 4 +- .../WEB-INF/jsp/web/user/mberInfoChange.jsp | 4 +- .../WEB-INF/jsp/web/user/mberInfoIndex.jsp | 4 +- .../WEB-INF/jsp/web/user/mberSecession.jsp | 4 +- .../WEB-INF/jsp/web/user/mberSecureLogin.jsp | 4 +- .../jsp/web/user/sendNumberManageRegister.jsp | 4 +- .../web/user/sendNumberManage_bak220502.jsp | 4 +- src/main/webapp/WEB-INF/web.xml | 10 +- src/main/webapp/publish/js/common.js | 18 + .../publish/kmc/kmcis_web_sample_step02.jsp | 4 +- 35 files changed, 688 insertions(+), 856 deletions(-) create mode 100644 src/main/java/itn/com/cmm/session/HttpSessionConfig.java create mode 100644 src/main/java/itn/let/cert/phone/web/CertPhoneWebController.java diff --git a/pom.xml b/pom.xml index 7a7f5633..fd1e0201 100644 --- a/pom.xml +++ b/pom.xml @@ -54,28 +54,8 @@ - mvn2 - https://repo1.maven.org/maven2/ - - true - - - true - - - - egovframe - https://www.egovframe.go.kr/maven/ - - true - - - false - - - - egovframe2 - http://maven.egovframe.kr:8080/maven/ + maven-public + http://nexus.iten.co.kr:9999/repository/maven-public/ true @@ -83,12 +63,6 @@ false - - - jitpack.io - https://jitpack.io - - @@ -568,7 +542,28 @@ provided - + + + + + + org.springframework.session + spring-session + 1.3.1.RELEASE + + + redis.clients + jedis + 2.9.0 + + + + org.springframework.data + spring-data-redis + 1.8.11.RELEASE + + + diff --git a/src/main/java/itn/com/cmm/session/HttpSessionConfig.java b/src/main/java/itn/com/cmm/session/HttpSessionConfig.java new file mode 100644 index 00000000..43fbb1db --- /dev/null +++ b/src/main/java/itn/com/cmm/session/HttpSessionConfig.java @@ -0,0 +1,39 @@ +package itn.com.cmm.session; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.connection.jedis.JedisConnectionFactory; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession; + +@Configuration +@EnableRedisHttpSession(maxInactiveIntervalInSeconds = 1800) // 세션 timeout 설정 +public class HttpSessionConfig { + + @Value("#{globalSettings['Globals.valkey.ip']}") + private String ip; + + @Value("#{globalSettings['Globals.valkey.port']}") + private int port; + + @Value("#{globalSettings['Globals.valkey.password']}") + private String password; + + @Bean + public JedisConnectionFactory connectionFactory() { + JedisConnectionFactory factory = new JedisConnectionFactory(); + factory.setHostName(this.ip); + factory.setPort(this.port); + factory.setPassword(this.password); + factory.afterPropertiesSet(); + return factory; + } + + @Bean + public RedisTemplate redisTemplate() { + RedisTemplate template = new RedisTemplate<>(); + template.setConnectionFactory(connectionFactory()); + return template; + } +} diff --git a/src/main/java/itn/let/cert/phone/service/CertPhoneService.java b/src/main/java/itn/let/cert/phone/service/CertPhoneService.java index 42b80989..90ae82de 100644 --- a/src/main/java/itn/let/cert/phone/service/CertPhoneService.java +++ b/src/main/java/itn/let/cert/phone/service/CertPhoneService.java @@ -2,7 +2,10 @@ package itn.let.cert.phone.service; import java.util.List; +import javax.servlet.http.HttpServletRequest; + import itn.let.mail.service.StatusResponse; +import itn.let.uat.uia.service.AuthCertVO; import itn.let.uat.uia.web.SendLogVO; public interface CertPhoneService { @@ -34,9 +37,9 @@ public interface CertPhoneService { public StatusResponse selectSysMsgLogCheck(MberCertPhoneVO mberCertPhoneVO); + public MberCertPhoneVO selectCertUrlCode(MberCertPhoneVO mberCertPhoneVO) throws Exception; - - + public StatusResponse insertCertLog(HttpServletRequest request) throws Exception; diff --git a/src/main/java/itn/let/cert/phone/service/MberCertPhoneVO.java b/src/main/java/itn/let/cert/phone/service/MberCertPhoneVO.java index 81eb9ae2..249ef0f2 100644 --- a/src/main/java/itn/let/cert/phone/service/MberCertPhoneVO.java +++ b/src/main/java/itn/let/cert/phone/service/MberCertPhoneVO.java @@ -34,8 +34,17 @@ public class MberCertPhoneVO extends UserDefaultVO{ private String checkNo; - - + private String trUrl; + private String urlCode; + private String url; + private String host; + private String name = ""; + private String phoneNo = ""; + private String phoneCorp = ""; + private String birthDay = ""; + private String gender = ""; + private String nation = "0"; + private String plusInfo = ""; public String getMberId() { @@ -74,6 +83,76 @@ public class MberCertPhoneVO extends UserDefaultVO{ public void setCheckNo(String checkNo) { this.checkNo = checkNo; } + public String getUrlCode() { + return urlCode; + } + public void setUrlCode(String urlCode) { + this.urlCode = urlCode; + } + public String getUrl() { + return url; + } + public void setUrl(String url) { + this.url = url; + } + public String getHost() { + return host; + } + public void setHost(String host) { + this.host = host; + } + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + public String getPhoneNo() { + return phoneNo; + } + public void setPhoneNo(String phoneNo) { + this.phoneNo = phoneNo; + } + public String getPhoneCorp() { + return phoneCorp; + } + public void setPhoneCorp(String phoneCorp) { + this.phoneCorp = phoneCorp; + } + public String getBirthDay() { + return birthDay; + } + public void setBirthDay(String birthDay) { + this.birthDay = birthDay; + } + public String getGender() { + return gender; + } + public void setGender(String gender) { + this.gender = gender; + } + public String getNation() { + return nation; + } + public void setNation(String nation) { + this.nation = nation; + } + public String getPlusInfo() { + return plusInfo; + } + public void setPlusInfo(String plusInfo) { + this.plusInfo = plusInfo; + } + public String getTrUrl() { + return trUrl; + } + public void setTrUrl(String trUrl) { + this.trUrl = trUrl; + } + + + + diff --git a/src/main/java/itn/let/cert/phone/service/impl/CertPhoneDAO.java b/src/main/java/itn/let/cert/phone/service/impl/CertPhoneDAO.java index da5e107a..2c9d022c 100644 --- a/src/main/java/itn/let/cert/phone/service/impl/CertPhoneDAO.java +++ b/src/main/java/itn/let/cert/phone/service/impl/CertPhoneDAO.java @@ -6,6 +6,7 @@ import org.springframework.stereotype.Repository; import egovframework.rte.psl.dataaccess.EgovAbstractDAO; import itn.let.cert.phone.service.MberCertPhoneVO; +import itn.let.uat.uia.service.AuthCertVO; @Repository("CertPhoneDAO") public class CertPhoneDAO extends EgovAbstractDAO { @@ -38,4 +39,12 @@ public class CertPhoneDAO extends EgovAbstractDAO { public int countSysMsgLogCheck(MberCertPhoneVO mberCertPhoneVO) { return (int) select("mberCertPhoneVO.countSysMsgLogCheck", mberCertPhoneVO); } + + public MberCertPhoneVO selectCertUrlCode(MberCertPhoneVO mberCertPhoneVO) { + return (MberCertPhoneVO) select("certPhoneDAO.selectCertUrlCode", mberCertPhoneVO); + } + + public void insertCertLog(AuthCertVO authCertVO) throws Exception { + insert("certPhoneDAO.insertCertLog", authCertVO); + } } diff --git a/src/main/java/itn/let/cert/phone/service/impl/CertPhoneServiceImpl.java b/src/main/java/itn/let/cert/phone/service/impl/CertPhoneServiceImpl.java index 2fae49c5..3f32264b 100644 --- a/src/main/java/itn/let/cert/phone/service/impl/CertPhoneServiceImpl.java +++ b/src/main/java/itn/let/cert/phone/service/impl/CertPhoneServiceImpl.java @@ -1,17 +1,25 @@ package itn.let.cert.phone.service.impl; +import java.text.SimpleDateFormat; import java.time.LocalDateTime; +import java.util.Date; import java.util.List; import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; import org.springframework.http.HttpStatus; import org.springframework.stereotype.Service; import egovframework.rte.fdl.cmmn.EgovAbstractServiceImpl; +import egovframework.rte.fdl.security.userdetails.util.EgovUserDetailsHelper; +import itn.com.cmm.LoginVO; +import itn.com.cmm.util.IpUtil; +import itn.com.utl.fcc.service.EgovStringUtil; import itn.let.cert.phone.service.CertPhoneService; import itn.let.cert.phone.service.MberCertPhoneVO; import itn.let.mail.service.StatusResponse; +import itn.let.uat.uia.service.AuthCertVO; @Service("CertPhoneService") public class CertPhoneServiceImpl extends EgovAbstractServiceImpl implements CertPhoneService { @@ -99,6 +107,35 @@ public class CertPhoneServiceImpl extends EgovAbstractServiceImpl implements Cer return new StatusResponse(HttpStatus.OK, "", LocalDateTime.now()); } + @Override + public MberCertPhoneVO selectCertUrlCode(MberCertPhoneVO mberCertPhoneVO) { + return certPhoneDAO.selectCertUrlCode(mberCertPhoneVO); + } + + @Override + public StatusResponse insertCertLog(HttpServletRequest request) throws Exception { + try { + //로그인 권한정보 불러오기 + LoginVO loginVO = EgovUserDetailsHelper.isAuthenticated()? (LoginVO)EgovUserDetailsHelper.getAuthenticatedUser():null; + String userId = loginVO == null ? "" : EgovStringUtil.isNullToString(loginVO.getId()); + + //KMC 본인인증 로그 insert + AuthCertVO authCertVO = new AuthCertVO(); + authCertVO.setMberId(userId); + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); + authCertVO.setCertDate(sdf.format(new Date())); + authCertVO.setCertType("본인인증 시도"); + authCertVO.setCertIpaddr(IpUtil.getClientIP(request)); + + certPhoneDAO.insertCertLog(authCertVO); + } catch (Exception e) { + System.out.println("본인인증 시도 로그 실패"); + } + + return new StatusResponse(HttpStatus.OK, "", LocalDateTime.now()); + } + + } diff --git a/src/main/java/itn/let/cert/phone/web/CertPhoneWebController.java b/src/main/java/itn/let/cert/phone/web/CertPhoneWebController.java new file mode 100644 index 00000000..3aeccb1f --- /dev/null +++ b/src/main/java/itn/let/cert/phone/web/CertPhoneWebController.java @@ -0,0 +1,45 @@ +package itn.let.cert.phone.web; + +import java.time.LocalDateTime; +import java.util.HashMap; +import java.util.Map; + +import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.StringUtils; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.servlet.ModelAndView; + +import egovframework.rte.fdl.security.userdetails.util.EgovUserDetailsHelper; +import itn.com.cmm.LoginVO; +import itn.com.utl.fcc.service.EgovStringUtil; +import itn.let.cert.phone.service.CertPhoneService; +import itn.let.cert.phone.service.MberCertPhoneVO; +import itn.let.mail.service.StatusResponse; +import itn.let.mjo.msg.service.MjonMsgVO; +import itn.let.mjo.msgdata.service.MjonMsgDataService; +import itn.let.mjo.msgdata.service.MjonMsgReturnVO; +import itn.let.uat.uia.service.AuthCertVO; +import itn.let.uat.uia.web.SendLogVO; + +@Controller +public class CertPhoneWebController { + + @Resource(name = "CertPhoneService") + private CertPhoneService certPhoneService; + + @RequestMapping(value = {"/web/cert/log/insertCertLog.do"}) + public ResponseEntity insertCertLog(HttpServletRequest request) throws Exception { + + + + + + + return ResponseEntity.ok().body(new StatusResponse(HttpStatus.OK, certPhoneService.insertCertLog(request), LocalDateTime.now())); + } +} \ No newline at end of file diff --git a/src/main/java/itn/let/fax/addr/web/FaxAddrGroupController.java b/src/main/java/itn/let/fax/addr/web/FaxAddrGroupController.java index ae341a0d..2031477c 100644 --- a/src/main/java/itn/let/fax/addr/web/FaxAddrGroupController.java +++ b/src/main/java/itn/let/fax/addr/web/FaxAddrGroupController.java @@ -21,6 +21,7 @@ import egovframework.rte.fdl.security.userdetails.util.EgovUserDetailsHelper; import itn.com.cmm.EgovMessageSource; import itn.com.cmm.LoginVO; import itn.com.utl.fcc.service.EgovStringUtil; +import itn.let.cert.phone.service.MberCertPhoneVO; import itn.let.fax.addr.service.FaxAddrGroupService; import itn.let.fax.addr.service.FaxAddrGroupVO; import itn.let.fax.addr.service.FaxAddrService; @@ -52,6 +53,9 @@ public class FaxAddrGroupController { @Resource(name = "mberManageService") private EgovMberManageService mberManageService; + @Resource(name = "KmcCertChecker") + private KmcCertChecker kmcCertCheck; + /** * 팩스 주소록 그룹 리스트 @@ -544,21 +548,25 @@ public class FaxAddrGroupController { modelAndView.setViewName("jsonView"); try { - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - - // mberId null일경우 ""로 - mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); - - // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - } else { - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } - - AuthCertVO certVO = kmcCertCheck.authCertCheckEight(serverNm + "/web/cop/kmc/authRequestAddrSubmitAjax.do", - mberManageVO.getMberId()); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// // mberId null일경우 ""로 +// mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); +// +// // kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://219.240.88.15:8095"; +// } else { +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } + + + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/authRequestAddrSubmitAjax.do"); + mberCertPhoneVO.setPlusInfo(mberManageVO.getMberId()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); modelAndView.addObject("tr_cert", certVO.getTr_cert()); modelAndView.addObject("tr_url", certVO.getTr_url()); diff --git a/src/main/java/itn/let/mjo/addr/web/AddrGroupController.java b/src/main/java/itn/let/mjo/addr/web/AddrGroupController.java index d024024b..4ecb759b 100644 --- a/src/main/java/itn/let/mjo/addr/web/AddrGroupController.java +++ b/src/main/java/itn/let/mjo/addr/web/AddrGroupController.java @@ -25,6 +25,7 @@ import itn.com.cmm.EgovMessageSource; import itn.com.cmm.LoginVO; import itn.com.cmm.util.RedirectUrlMaker; import itn.com.utl.fcc.service.EgovStringUtil; +import itn.let.cert.phone.service.MberCertPhoneVO; import itn.let.mjo.addr.service.AddrGroupService; import itn.let.mjo.addr.service.AddrGroupVO; import itn.let.mjo.addr.service.AddrService; @@ -72,6 +73,9 @@ public class AddrGroupController { @Resource(name = "mberManageService") private EgovMberManageService mberManageService; + @Resource(name = "KmcCertChecker") + private KmcCertChecker kmcCertCheck; + /** * 주소록 그룹 리스트 * @param addrGroupVO @@ -933,21 +937,24 @@ public class AddrGroupController { modelAndView.setViewName("jsonView"); try { - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - - // mberId null일경우 ""로 - mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); - - // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - } else { - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } - - AuthCertVO certVO = kmcCertCheck.authCertCheckEight(serverNm + "/web/cop/kmc/authRequestAddrSubmitAjax.do", - mberManageVO.getMberId()); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// // mberId null일경우 ""로 +// mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); +// +// // kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://219.240.88.15:8095"; +// } else { +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } + + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/authRequestAddrSubmitAjax.do"); + mberCertPhoneVO.setPlusInfo(mberManageVO.getMberId()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); modelAndView.addObject("tr_cert", certVO.getTr_cert()); modelAndView.addObject("tr_url", certVO.getTr_url()); diff --git a/src/main/java/itn/let/mjo/test/web/TestController.java b/src/main/java/itn/let/mjo/test/web/TestController.java index a0c0b42e..f052cccc 100644 --- a/src/main/java/itn/let/mjo/test/web/TestController.java +++ b/src/main/java/itn/let/mjo/test/web/TestController.java @@ -894,11 +894,11 @@ public class TestController { serverNm = request.getScheme() + "://munjaon.co.kr"; } - AuthCertVO certVO = kmcCertCheck.authCertCheck(serverNm + "/web/cop/kmc/authRequestAjax.do"); +// AuthCertVO certVO = kmcCertCheck.authCertCheck(serverNm + "/web/cop/kmc/authRequestAjax.do"); - model.addAttribute("tr_cert", certVO.getTr_cert()); - model.addAttribute("tr_url", certVO.getTr_url()); - model.addAttribute("tr_add", certVO.getTr_add()); +// model.addAttribute("tr_cert", certVO.getTr_cert()); +// model.addAttribute("tr_url", certVO.getTr_url()); +// model.addAttribute("tr_add", certVO.getTr_add()); } diff --git a/src/main/java/itn/let/uat/uia/web/EgovLoginController.java b/src/main/java/itn/let/uat/uia/web/EgovLoginController.java index eed122fa..fdc173c5 100644 --- a/src/main/java/itn/let/uat/uia/web/EgovLoginController.java +++ b/src/main/java/itn/let/uat/uia/web/EgovLoginController.java @@ -252,6 +252,10 @@ public class EgovLoginController { @Resource(name = "CertIpService") private CertIpService certIpService; + @Resource(name = "KmcCertChecker") + private KmcCertChecker kmcCertCheck; + + private static final Logger logger = LoggerFactory.getLogger(MjonMsgDataController.class); /* 문자온 사용자 로그인 시작 */ @@ -319,21 +323,21 @@ public class EgovLoginController { // 핸드폰인증만 사용할 시 if (joinSettingVO.getJoinCertType().equals("M")) { - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - - // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - }else if(request.getRequestURL().toString().contains("www.")){ - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } - else { - serverNm = request.getScheme() + "://munjaon.co.kr"; - } - - AuthCertVO certVO = kmcCertCheck.authCertCheck(serverNm + "/web/cop/kmc/authRequestAjax.do"); - +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// String serverNm = request.getScheme() + "://" + request.getServerName(); +// if(request.getServerPort() != 80 +// && request.getServerPort() != 443) { +// serverNm += ":" + request.getServerPort(); +// } +// +// AuthCertVO certVO = kmcCertCheck.authCertCheck(serverNm + "/web/cop/kmc/authRequestAjax.do"); +// + + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/authRequestAjax.do"); + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); + model.addAttribute("tr_cert", certVO.getTr_cert()); model.addAttribute("tr_url", certVO.getTr_url()); model.addAttribute("tr_add", certVO.getTr_add()); @@ -363,19 +367,29 @@ public class EgovLoginController { ModelAndView modelAndView = new ModelAndView(); modelAndView.setViewName("jsonView"); - KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - } else { - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } +// String serverNm = ""; +// if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://219.240.88.15:8095"; +// } else { +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } + + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/authRequestAjax.do"); + mberCertPhoneVO.setName(mberManageVO.getMberNm()); + mberCertPhoneVO.setPhoneNo(mberManageVO.getMoblphonNo()); + mberCertPhoneVO.setGender(mberManageVO.getSexdstnCode()); + mberCertPhoneVO.setNation(mberManageVO.getNationality()); + mberCertPhoneVO.setBirthDay(mberManageVO.getBirth()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); - AuthCertVO certVO = kmcCertCheck.authCertCheckTwo(serverNm + "/web/cop/kmc/authRequestAjax.do", - mberManageVO.getMberNm(), mberManageVO.getMoblphonNo(), mberManageVO.getSexdstnCode(), - mberManageVO.getNationality(), mberManageVO.getBirth()); +// AuthCertVO certVO = kmcCertCheck.authCertCheckTwo(serverNm + "/web/cop/kmc/authRequestAjax.do", +// mberManageVO.getMberNm(), mberManageVO.getMoblphonNo(), mberManageVO.getSexdstnCode(), +// mberManageVO.getNationality(), mberManageVO.getBirth()); System.out.println("++++++++++++ 세션체크222 ::: " + (MberManageVO) session.getAttribute("mberSession")); @@ -3991,26 +4005,42 @@ public class EgovLoginController { // modelAndView.addObject("status", "fail"); try { - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - - // mberId null일경우 ""로 - mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); - - // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("119.193.215.98") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://119.193.215.98:8095"; - } else { - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } - String authRUrl = serverNm + mberManageVO.getAuthRUrl(); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// // mberId null일경우 ""로 +// mberManageVO.setMberId(EgovStringUtil.isNullToString(mberManageVO.getMberId())); +// +// // kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if (request.getServerName().contains("119.193.215.98") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://119.193.215.98:8095"; +// } else { +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } +// String authRUrl = serverNm + mberManageVO.getAuthRUrl(); +// +// AuthCertVO certVO = kmcCertCheck.authCertCheckThree(authRUrl, mberManageVO); +// +// + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/authRequestFindIdPwAjax.do"); + mberCertPhoneVO.setName(mberManageVO.getMberNm()); + mberCertPhoneVO.setPhoneNo(mberManageVO.getMoblphonNo()); + + String plusInfo = ""; + plusInfo += mberManageVO.getMberId(); + if(StringUtils.isNotEmpty(mberManageVO.getPassword())) + { + plusInfo = plusInfo + ",,," + mberManageVO.getPassword(); + } + mberCertPhoneVO.setPlusInfo(plusInfo); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); - AuthCertVO certVO = kmcCertCheck.authCertCheckThree(authRUrl, mberManageVO); - modelAndView.addObject("tr_cert", certVO.getTr_cert()); modelAndView.addObject("tr_url", certVO.getTr_url()); modelAndView.addObject("tr_add", certVO.getTr_add()); - + modelAndView.addObject("result", "success"); } catch (Exception e) { @@ -5386,28 +5416,16 @@ public class EgovLoginController { // 팝업에 넣을 이름과 핸드폰번호 조회 LoginVO KMCInfoVO = loginService.selectKMCInfo(loginVO); - // KMC 팝업 오픈 준비 - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - String mberNm = KMCInfoVO.getMberNm(); - if ("c".equals(KMCInfoVO.getDept())) { - mberNm = KMCInfoVO.getManagerNm(); - } - String birth = KMCInfoVO.getBirth(); - String moblphonNo = KMCInfoVO.getMoblphonNo(); - String sexdstnCode = KMCInfoVO.getSexdstnCode(); - String nationality = KMCInfoVO.getNationality(); - String id = loginVO.getId(); - - // kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if (request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - } else { - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } - - AuthCertVO certVO = kmcCertCheck.authCertCheckFour(serverNm + "/web/cop/kmc/insertIPAjax.do", mberNm, - moblphonNo, sexdstnCode, nationality, birth, id); + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/cop/kmc/insertIPAjax.do"); + mberCertPhoneVO.setName("c".equals(KMCInfoVO.getDept()) ? KMCInfoVO.getManagerNm() : KMCInfoVO.getMberNm()); + mberCertPhoneVO.setBirthDay(KMCInfoVO.getBirth()); + mberCertPhoneVO.setPhoneNo(KMCInfoVO.getMoblphonNo()); + mberCertPhoneVO.setGender(KMCInfoVO.getSexdstnCode()); + mberCertPhoneVO.setNation(KMCInfoVO.getNationality()); + mberCertPhoneVO.setPlusInfo(loginVO.getId()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); modelAndView.addObject("tr_cert", certVO.getTr_cert()); modelAndView.addObject("tr_url", certVO.getTr_url()); @@ -6121,7 +6139,7 @@ public class EgovLoginController { modelAndView.addObject("msg", msg); return modelAndView; - } + } diff --git a/src/main/java/itn/let/uat/uia/web/EgovMypageController.java b/src/main/java/itn/let/uat/uia/web/EgovMypageController.java index dd47e3ed..15e097a9 100644 --- a/src/main/java/itn/let/uat/uia/web/EgovMypageController.java +++ b/src/main/java/itn/let/uat/uia/web/EgovMypageController.java @@ -48,6 +48,7 @@ import itn.let.cert.ip.service.CertIpService; import itn.let.cert.ip.service.CertLoginLogService; import itn.let.cert.ip.service.MberCertIpVO; import itn.let.cert.ip.service.MberCertLoginLogVO; +import itn.let.cert.phone.service.MberCertPhoneVO; import itn.let.fax.user.service.FaxGroupDataVO; import itn.let.fax.user.service.FaxService; import itn.let.kakao.user.sent.service.KakaoSentService; @@ -181,6 +182,9 @@ public class EgovMypageController { @Resource(name = "CertIpService") private CertIpService certIpService; + @Resource(name = "KmcCertChecker") + private KmcCertChecker kmcCertCheck; + /** * 마이페이지 비밀번호 변경 탭 */ @@ -1447,17 +1451,21 @@ public class EgovMypageController { // 요청페이지가 개인정보 변경 펴이지 일경우 if(userManageVO.getUserTy().equals("userInfoCh")){ //System.out.println("휴대폰 인증 ***********************************************"); - KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// //kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if(request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://219.240.88.15:8095"; +// }else{ +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } - //kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if(request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - }else{ - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/user/selectKmcMberInfoAjax.do"); + mberCertPhoneVO.setPlusInfo(loginVO.getId()); - AuthCertVO certVO = kmcCertCheck.authCertCheckFive(serverNm + "/web/user/selectKmcMberInfoAjax.do", loginVO.getId()); + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); modelAndView.addObject("certVO", certVO); } @@ -1912,18 +1920,26 @@ public class EgovMypageController { name = loginVO.getManagerNm(); } - KmcCertChecker kmcCertCheck = new KmcCertChecker(); - - //kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if(request.getServerName().contains("119.193.215.98") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://119.193.215.98:8882"; - }else{ - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// //kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if(request.getServerName().contains("119.193.215.98") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://119.193.215.98:8882"; +// }else{ +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } //AuthCertVO certVO = kmcCertCheck.authCertCheckSix(serverNm + "/web/user/insertPhoneSendNumber.do", mjonMsgVO.getUserId(), mjonMsgVO.getCallFrom(), name); - AuthCertVO certVO = kmcCertCheck.authCertCheckSix(serverNm + "/web/user/selectPhoneNumberCertChkAjax.do", mjonMsgVO.getUserId(), mjonMsgVO.getCallFrom(), "", mjonMsgVO.getMyNameFlag()); + + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/user/selectPhoneNumberCertChkAjax.do"); + mberCertPhoneVO.setName(""); + mberCertPhoneVO.setPhoneNo(mjonMsgVO.getCallFrom()); + mberCertPhoneVO.setPlusInfo(mjonMsgVO.getUserId()+ "§" + mjonMsgVO.getMyNameFlag()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); + modelAndView.addObject("certVO", certVO); /*}else if(mjonMsgVO.getPhmAuthType().equals("02") || mjonMsgVO.getPhmAuthType() == "02") { // ARS @@ -2923,17 +2939,21 @@ public class EgovMypageController { name = userInfo.getManagerNm(); } - KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// //kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if(request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://219.240.88.15:8095"; +// }else{ +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } - //kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if(request.getServerName().contains("219.240.88.15") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://219.240.88.15:8095"; - }else{ - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/user/selectMberSecessionAjax.do"); + mberCertPhoneVO.setName(name); - AuthCertVO certVO = kmcCertCheck.authCertCheckSeven(serverNm + "/web/user/selectMberSecessionAjax.do", name); + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); model.addAttribute("certVO", certVO); return "web/user/mberSecession"; @@ -3018,18 +3038,24 @@ public class EgovMypageController { * 보안인증 본인인증 기능추가 * 20241120 원영현 과장 추가 * */ - KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// KmcCertChecker kmcCertCheck = new KmcCertChecker(); +// +// //kmc 본인인증 실/개발 서버 구분 +// String serverNm = ""; +// if(request.getServerName().contains("192.168.0.60") || request.getServerName().contains("localhost")) { +// serverNm = request.getScheme() + "://192.168.0.60:8085"; +// }else{ +// serverNm = request.getScheme() + "://www.munjaon.co.kr"; +// } +// +// System.out.println("@@@ serverNm : " + serverNm); - //kmc 본인인증 실/개발 서버 구분 - String serverNm = ""; - if(request.getServerName().contains("192.168.0.60") || request.getServerName().contains("localhost")) { - serverNm = request.getScheme() + "://192.168.0.60:8085"; - }else{ - serverNm = request.getScheme() + "://www.munjaon.co.kr"; - } + MberCertPhoneVO mberCertPhoneVO = new MberCertPhoneVO(); + mberCertPhoneVO.setTrUrl("/web/user/selectSecurityAuthn.do"); + mberCertPhoneVO.setPlusInfo(loginVO.getId()); + + AuthCertVO certVO = kmcCertCheck.authCertCheck(mberCertPhoneVO, request); - System.out.println("@@@ serverNm : " + serverNm); - AuthCertVO certVO = kmcCertCheck.authCertCheckNine(serverNm + "/web/user/selectSecurityAuthn.do", loginVO.getId()); model.addAttribute("certVO", certVO); } diff --git a/src/main/java/itn/let/uat/uia/web/KmcCertChecker.java b/src/main/java/itn/let/uat/uia/web/KmcCertChecker.java index 3fe6f758..16c2aace 100644 --- a/src/main/java/itn/let/uat/uia/web/KmcCertChecker.java +++ b/src/main/java/itn/let/uat/uia/web/KmcCertChecker.java @@ -2,663 +2,147 @@ package itn.let.uat.uia.web; import java.text.SimpleDateFormat; import java.util.Calendar; +import java.util.Map; import java.util.Random; +import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; + import org.apache.commons.lang3.StringUtils; +import org.springframework.stereotype.Component; +import org.springframework.ui.ModelMap; import com.icert.comm.secu.IcertSecuManager; +import itn.let.cert.phone.service.CertPhoneService; +import itn.let.cert.phone.service.MberCertPhoneVO; import itn.let.uat.uia.service.AuthCertVO; import itn.let.uss.umt.service.MberManageVO; +@Component("KmcCertChecker") public class KmcCertChecker { + + @Resource(name = "CertPhoneService") + private CertPhoneService certPhoneService; //회원가입 시 인증수단을 휴대폰 본인인증만 했을 경우 사용 - public AuthCertVO authCertCheck(String trUrl) { - - AuthCertVO certVO = new AuthCertVO(); + public AuthCertVO authCertCheck( + MberCertPhoneVO mberCertPhoneVO + , HttpServletRequest request + ) { + //url 세팅 + mberCertPhoneVO = setMberCertPhoneVO(request, mberCertPhoneVO); //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); + //reqNum은 최대 40byte 까지 사용 가능 + String reqNum = getDay() + getRanNum(); //요청번호 + + String tr_cert = ""; + String cpId = "MJOM1001"; // 회원사ID + String urlCode = mberCertPhoneVO.getUrlCode(); // URL코드 + String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) + String date = getDay(); // 요청일시 + String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 + + +// String name = ""; // 성명 + String name = mberCertPhoneVO.getName(); // 성명 + String phoneNo = mberCertPhoneVO.getPhoneNo(); // 휴대폰번호 + String phoneCorp = mberCertPhoneVO.getPhoneCorp(); // 이동통신사 + if(phoneCorp == null) phoneCorp = ""; + String birthDay = mberCertPhoneVO.getBirthDay(); // 생년월일 + String gender = mberCertPhoneVO.getGender(); // 성별 + if(gender == null) gender = ""; + String nation = mberCertPhoneVO.getNation(); // 내외국인 구분 - 0:내국인, 1:외국인 + String plusInfo = mberCertPhoneVO.getPlusInfo(); // 추가DATA정보 + + + String extendVar = "0000000000000000"; // 확장변수 + //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; + String tr_url = getDomain(request) + mberCertPhoneVO.getTrUrl();// // 본인인증서비스 결과수신 POPUP URL + String tr_add = "N"; // IFrame사용여부 + + //01. 한국모바일인증(주) 암호화 모듈 선언 + IcertSecuManager seed = new IcertSecuManager(); - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } + //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) + String enc_tr_cert = ""; + tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; + enc_tr_cert = seed.getEnc(tr_cert, ""); - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001003"; // URL코드 - - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005001"; - } - - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = ""; // 성명 - String phoneNo = ""; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = "0"; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = ""; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- + //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) + String hmacMsg = ""; + hmacMsg = seed.getMsg(enc_tr_cert); - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; + //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) + tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); + + AuthCertVO authCertVO = new AuthCertVO(); + + authCertVO.setTr_cert(tr_cert); + authCertVO.setTr_url(tr_url); + authCertVO.setTr_add(tr_add); + + return authCertVO; } - //회원가입 시 인증수단을 ARS, 휴대폰 본인인증 했을 경우 사용 - public AuthCertVO authCertCheckTwo(String trUrl, String mberNm, String moblphonNo, String sexdstnCode, String nationality, String birth) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001003"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "004001"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = mberNm; // 성명 - String phoneNo = moblphonNo; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = birth; // 생년월일 - String gender = sexdstnCode; // 성별 - if(gender == null) gender = ""; - String nation = nationality; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = ""; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - //아이디 패스워드 찾기 본인인증 - public AuthCertVO authCertCheckThree(String trUrl, MberManageVO mberManageVO) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = mberManageVO.getAuthRUrlCode(); // URL 인증 코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005002"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = mberManageVO.getMberNm(); // 성명 - String phoneNo = mberManageVO.getMoblphonNo(); // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = "0"; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = mberManageVO.getMberId(); // 추가DATA정보 - if(StringUtils.isNotEmpty(mberManageVO.getPassword())) - { - plusInfo = plusInfo + ",,," + mberManageVO.getPassword(); - } - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - - //IP 체크해주기 - public AuthCertVO authCertCheckFour(String trUrl, String mberNm, String moblphonNo, String sexdstnCode, String nationality, String birth, String id) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001006"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005003"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = mberNm; // 성명 - String phoneNo = moblphonNo; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = birth; // 생년월일 - String gender = sexdstnCode; // 성별 - if(gender == null) gender = ""; - String nation = nationality; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = id; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - - //마이페이지 휴대폰 변경 기능 본인인증에 사용 - public AuthCertVO authCertCheckFive(String trUrl, String id) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001009"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005005"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = ""; // 성명 - String phoneNo = ""; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = ""; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = id; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - - // 마이페이지 발신번호 관리 > 발신번호 등록 시 사용 - public AuthCertVO authCertCheckSix(String trUrl, String id, String moblphonNo, String mberNm, String myNameFlag) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001007"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "006005"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = mberNm; // 성명 - String phoneNo = moblphonNo; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = ""; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = id + "§" + myNameFlag; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - - //마이패이지 회원탈퇴 > 본인인증으로 회원탈퇴에 사용 - public AuthCertVO authCertCheckSeven(String trUrl, String mberNm) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001010"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005006"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = mberNm; // 성명 - String phoneNo = ""; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = ""; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = ""; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; - } - - //아이디 패스워드 찾기 본인인증 - public AuthCertVO authCertCheckEight(String trUrl, String idParam) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001012"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - if(trUrl.contains("119.193.215.98") || trUrl.contains("localhost")) { - urlCode = "005008"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = ""; // 성명 - String phoneNo = ""; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = "0"; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = idParam; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; + private String getDomain(HttpServletRequest request) { + String serverNm = request.getScheme() + "://" + request.getServerName(); + if(request.getServerPort() != 80 + && request.getServerPort() != 443) { + serverNm += ":" + request.getServerPort(); } - - - // 마이페이지 보안인증 - public AuthCertVO authCertCheckNine(String trUrl, String id) { - - AuthCertVO certVO = new AuthCertVO(); - - //kmc step 01 데이터 - //날짜 생성 - Calendar today = Calendar.getInstance(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); - String day = sdf.format(today.getTime()); - - Random ran = new Random(); - //랜덤 문자 길이 - int numLength = 6; - String randomStr = ""; - - for (int i = 0; i < numLength; i++) { - //0 ~ 9 랜덤 숫자 생성 - randomStr += ran.nextInt(10); - } - - //reqNum은 최대 40byte 까지 사용 가능 - String reqNum = day + randomStr; //요청번호 - - String tr_cert = ""; - String cpId = "MJOM1001"; // 회원사ID - String urlCode = "001014"; // URL코드 - //kmc 본인인증 실/개발 서버 구분 - - System.out.println("@@@@@ trUrl : " + trUrl); - if(trUrl.contains("192.168.0.60") || trUrl.contains("localhost")) { - urlCode = "010001"; - } - String certNum = reqNum; // 요청번호 ( 본인인증 요청시 중복되지 않게 생성해야함. (예-시퀀스번호) ) - String date = day; // 요청일시 - String certMet = "M"; // 본인인증방법 - M:휴대폰 본인인증, C:신용카드인증, P:공인인증서 인증 - String name = ""; // 성명 - String phoneNo = ""; // 휴대폰번호 - String phoneCorp = ""; // 이동통신사 - if(phoneCorp == null) phoneCorp = ""; - String birthDay = ""; // 생년월일 - String gender = ""; // 성별 - if(gender == null) gender = ""; - String nation = ""; // 내외국인 구분 - 0:내국인, 1:외국인 - String plusInfo = id; // 추가DATA정보 - String extendVar = "0000000000000000"; // 확장변수 - //End-tr_cert 데이터 변수 선언 --------------------------------------------------------------- - - String tr_url = trUrl;//"http://www.munjaon.co.kr/web/cop/kmc/authRequestAjax.do"; // 본인인증서비스 결과수신 POPUP URL - String tr_add = "N"; // IFrame사용여부 - - //01. 한국모바일인증(주) 암호화 모듈 선언 - IcertSecuManager seed = new IcertSecuManager(); - - //02. 1차 암호화 (tr_cert 데이터변수 조합 후 암호화) - String enc_tr_cert = ""; - tr_cert = cpId +"/"+ urlCode +"/"+ certNum +"/"+ date +"/"+ certMet +"/"+ birthDay +"/"+ gender +"/"+ name +"/"+ phoneNo +"/"+ phoneCorp +"/"+ nation +"/"+ plusInfo +"/"+ extendVar; - enc_tr_cert = seed.getEnc(tr_cert, ""); - - //03. 1차 암호화 데이터에 대한 위변조 검증값 생성 (HMAC) - String hmacMsg = ""; - hmacMsg = seed.getMsg(enc_tr_cert); - - //04. 2차 암호화 (1차 암호화 데이터, HMAC 데이터, extendVar 조합 후 암호화) - tr_cert = seed.getEnc(enc_tr_cert + "/" + hmacMsg + "/" + extendVar, ""); - - certVO.setTr_cert(tr_cert); - certVO.setTr_url(tr_url); - certVO.setTr_add(tr_add); - - return certVO; + return serverNm; } + + private String getDay() { + Calendar today = Calendar.getInstance(); + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss"); + String day = sdf.format(today.getTime()); + + return day; + } + + private String getRanNum() { + Random ran = new Random(); + //랜덤 문자 길이 + int numLength = 6; + String randomStr = ""; + + for (int i = 0; i < numLength; i++) { + //0 ~ 9 랜덤 숫자 생성 + randomStr += ran.nextInt(10); + } + + return randomStr; + } + + private MberCertPhoneVO setMberCertPhoneVO( + HttpServletRequest request + , MberCertPhoneVO mberCertPhoneVO + ) { + mberCertPhoneVO.setUrl(mberCertPhoneVO.getTrUrl()); + mberCertPhoneVO.setHost(getDomain(request)); + + MberCertPhoneVO tmpMberCertPhoneVO = new MberCertPhoneVO(); + try { + tmpMberCertPhoneVO = certPhoneService.selectCertUrlCode(mberCertPhoneVO); + } catch (Exception e) { + System.out.println(e.getMessage()); + } + + if(tmpMberCertPhoneVO != null) { + mberCertPhoneVO.setUrl(tmpMberCertPhoneVO.getUrl()); + mberCertPhoneVO.setHost(tmpMberCertPhoneVO.getHost()); + mberCertPhoneVO.setUrlCode(tmpMberCertPhoneVO.getUrlCode()); + } + + return mberCertPhoneVO; + } + + } diff --git a/src/main/resources/egovframework/egovProps/globals_dev.properties b/src/main/resources/egovframework/egovProps/globals_dev.properties index 621c1f23..c062cbaf 100644 --- a/src/main/resources/egovframework/egovProps/globals_dev.properties +++ b/src/main/resources/egovframework/egovProps/globals_dev.properties @@ -27,14 +27,11 @@ Globals.Env = dev # mysql -Globals.DriverClassName=com.mysql.jdbc.Driver -Globals.Url=jdbc:mysql://192.168.0.60:3308/mjon -Globals.UserName= mjonUr -Globals.Password= itntest123 -#Globals.Url=jdbc:mysql://192.168.0.125:3306/mjon +Globals.DriverClassName=org.mariadb.jdbc.Driver +Globals.Url=jdbc:mariadb://192.168.0.60:3396/mjon_advc #Globals.Url=jdbc:mysql://139.150.73.12:3306/mjon -#Globals.UserName= mjonUr -#Globals.Password= mjon!@#$ +Globals.UserName= mjonUr +Globals.Password= mjon!@#$ # mysql-prod #Globals.DriverClassName=com.mysql.jdbc.Driver @@ -121,3 +118,8 @@ Globals.pay.kgm.mobile.payMode=00 #Slack Globals.slack.hooks.url=https://hooks.slack.com/services/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 Globals.slack.channel.name=\ud14c\uc2a4\ud2b8_mjon\uba54\uc2dc\uc9c0 + +#valkey +Globals.valkey.ip=192.168.0.60 +Globals.valkey.port=6379 +Globals.valkey.password=itntest123 \ No newline at end of file diff --git a/src/main/resources/egovframework/egovProps/globals_local.properties b/src/main/resources/egovframework/egovProps/globals_local.properties index 370b98c5..1e164a84 100644 --- a/src/main/resources/egovframework/egovProps/globals_local.properties +++ b/src/main/resources/egovframework/egovProps/globals_local.properties @@ -28,7 +28,7 @@ Globals.Env = local # mysql Globals.DriverClassName=com.mysql.jdbc.Driver -Globals.Url=jdbc:mysql://192.168.0.125:3306/mjon +Globals.Url=jdbc:mysql://192.168.0.125:3306/mjon_advc #Globals.Url=jdbc:mysql://192.168.0.60:3308/mjon Globals.UserName= mjonUr Globals.Password= mjon!@#$ @@ -124,3 +124,8 @@ Globals.pay.kgm.mobile.payMode=00 #Slack Globals.slack.hooks.url=https://hooks.slack.com/services/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 Globals.slack.channel.name=\ud14c\uc2a4\ud2b8_mjon\uba54\uc2dc\uc9c0 + +#valkey +Globals.valkey.ip=192.168.0.60 +Globals.valkey.port=6379 +Globals.valkey.password=itntest123 diff --git a/src/main/resources/egovframework/egovProps/globals_prod.properties b/src/main/resources/egovframework/egovProps/globals_prod.properties index 185aadd6..68ca97df 100644 --- a/src/main/resources/egovframework/egovProps/globals_prod.properties +++ b/src/main/resources/egovframework/egovProps/globals_prod.properties @@ -105,4 +105,9 @@ Globals.pay.kgm.mobile.payMode=10 #Slack Globals.slack.hooks.url=https://hooks.slack.com/services/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 -Globals.slack.channel.name=mjon\uba54\uc2dc\uc9c0 \ No newline at end of file +Globals.slack.channel.name=mjon\uba54\uc2dc\uc9c0 + +#valkey +Globals.valkey.ip=10.12.107.9 +Globals.valkey.port=6379 +Globals.valkey.password=itntest123 \ No newline at end of file diff --git a/src/main/resources/egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml b/src/main/resources/egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml index a5e5ed0c..ff0a37cd 100644 --- a/src/main/resources/egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml +++ b/src/main/resources/egovframework/sqlmap/let/cert/MjonCertPhone_SQL_mysql.xml @@ -6,7 +6,7 @@ - + + + + + + + insert into mj_cert_log + ( + MBER_ID + , CERT_DATE + , CERT_TYPE + , CERT_IPADDR + , REGDATE + ) + values ( + #mberId# + , #certDate# + , #certType# + , #certIpaddr# + , now() + ); + + + + + \ No newline at end of file diff --git a/src/main/webapp/WEB-INF/jsp/web/addr/AddrGroupListAjax.jsp b/src/main/webapp/WEB-INF/jsp/web/addr/AddrGroupListAjax.jsp index c78cfbb3..90887669 100644 --- a/src/main/webapp/WEB-INF/jsp/web/addr/AddrGroupListAjax.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/addr/AddrGroupListAjax.jsp @@ -633,7 +633,9 @@ function listAddrTransHistAjax(pageNo) { var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ diff --git a/src/main/webapp/WEB-INF/jsp/web/cop/bbs/include/mberSecession.jsp b/src/main/webapp/WEB-INF/jsp/web/cop/bbs/include/mberSecession.jsp index ca464047..9072a7b0 100644 --- a/src/main/webapp/WEB-INF/jsp/web/cop/bbs/include/mberSecession.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/cop/bbs/include/mberSecession.jsp @@ -12,7 +12,9 @@ window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/fax/addr/FaxAddrGroupListAjax.jsp b/src/main/webapp/WEB-INF/jsp/web/fax/addr/FaxAddrGroupListAjax.jsp index 09a4c63c..d0de8555 100644 --- a/src/main/webapp/WEB-INF/jsp/web/fax/addr/FaxAddrGroupListAjax.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/fax/addr/FaxAddrGroupListAjax.jsp @@ -548,7 +548,9 @@ function listAddrTransHistAjax(pageNo) { var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ diff --git a/src/main/webapp/WEB-INF/jsp/web/login/findUserId.jsp b/src/main/webapp/WEB-INF/jsp/web/login/findUserId.jsp index 128427bf..f4e2265e 100644 --- a/src/main/webapp/WEB-INF/jsp/web/login/findUserId.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/login/findUserId.jsp @@ -622,7 +622,9 @@ function fnAddUserView() { var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ diff --git a/src/main/webapp/WEB-INF/jsp/web/login/humanPageAuthenticatedPage.jsp b/src/main/webapp/WEB-INF/jsp/web/login/humanPageAuthenticatedPage.jsp index 3acf61e6..020d8983 100644 --- a/src/main/webapp/WEB-INF/jsp/web/login/humanPageAuthenticatedPage.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/login/humanPageAuthenticatedPage.jsp @@ -60,7 +60,9 @@ function humanAuthenticated(){ }); } -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/login/test_usrCheckTerms.jsp b/src/main/webapp/WEB-INF/jsp/web/login/test_usrCheckTerms.jsp index ceafd805..5e8c9229 100644 --- a/src/main/webapp/WEB-INF/jsp/web/login/test_usrCheckTerms.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/login/test_usrCheckTerms.jsp @@ -373,7 +373,9 @@ var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ diff --git a/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms.jsp b/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms.jsp index 83c79e43..0e17e4ed 100644 --- a/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms.jsp @@ -310,30 +310,7 @@ return false; } - //KMC팝업에 정보 미리 삽입 - var kmcPopUpForm = $("form[name=kmcPopUpForm]").serialize() ; - $.ajax({ - url : "", - type : 'POST', - data : kmcPopUpForm, - dataType:'json', - success : function(returnData, status){ - if(status == "success") { - $("#tr_cert").val(returnData.tr_cert); - $("#tr_url").val(returnData.tr_url); - $("#tr_add").val(returnData.tr_add); - - openKMCISWindow(); - - - }else{ alert("실패");return;} - }, - - error : function(request , status, error){ - alert("code:"+request.status+"\n"+"message:"+request.responseText+"\n"+"error:"+error); - } - }); - + openKMCISWindow(); } @@ -384,7 +361,9 @@ var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ @@ -419,7 +398,6 @@ } -
@@ -652,7 +630,7 @@
-
+< @@ -773,4 +751,5 @@
+ diff --git a/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms_back2.jsp b/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms_back2.jsp index db1aa50f..4fde2d3c 100644 --- a/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms_back2.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/login/usrCheckTerms_back2.jsp @@ -476,7 +476,9 @@ var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ diff --git a/src/main/webapp/WEB-INF/jsp/web/user/mberCompanyInfoChange.jsp b/src/main/webapp/WEB-INF/jsp/web/user/mberCompanyInfoChange.jsp index a560cbd1..bed33f22 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/mberCompanyInfoChange.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/mberCompanyInfoChange.jsp @@ -194,7 +194,9 @@ window.name = "kmcis_web_sample"; var KMCIS_window; -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/mberInfoChange.jsp b/src/main/webapp/WEB-INF/jsp/web/user/mberInfoChange.jsp index 6e1ac69d..1a9a69e9 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/mberInfoChange.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/mberInfoChange.jsp @@ -102,7 +102,9 @@ window.name = "kmcis_web_sample"; var KMCIS_window; -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/mberInfoIndex.jsp b/src/main/webapp/WEB-INF/jsp/web/user/mberInfoIndex.jsp index 4db78d99..dcebcd6c 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/mberInfoIndex.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/mberInfoIndex.jsp @@ -267,7 +267,9 @@ function getMberGrdChk() { window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/mberSecession.jsp b/src/main/webapp/WEB-INF/jsp/web/user/mberSecession.jsp index e023f648..532579b6 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/mberSecession.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/mberSecession.jsp @@ -9,7 +9,9 @@ window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp b/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp index 4b8943b4..b39f8cd7 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/mberSecureLogin.jsp @@ -626,7 +626,9 @@ function deleteRow(p_ip){ window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManageRegister.jsp b/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManageRegister.jsp index f3569e8d..6483f195 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManageRegister.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManageRegister.jsp @@ -394,7 +394,9 @@ function kmcCertCheck(){ window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManage_bak220502.jsp b/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManage_bak220502.jsp index d3ebebe8..95439b24 100644 --- a/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManage_bak220502.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/user/sendNumberManage_bak220502.jsp @@ -122,7 +122,9 @@ function selectSendNumberAjax(phmAuthType){ window.name = "kmcis_web_sample"; var KMCIS_window; //휴대폰 인증팝업 열기 -function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/ // 모바일일 경우 (변동사항 있을경우 추가 필요) diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml index 802ac6f4..7d863572 100644 --- a/src/main/webapp/WEB-INF/web.xml +++ b/src/main/webapp/WEB-INF/web.xml @@ -69,7 +69,15 @@ /* - + + + springSessionRepositoryFilter + org.springframework.web.filter.DelegatingFilterProxy + + + springSessionRepositoryFilter + /* + diff --git a/src/main/webapp/publish/js/common.js b/src/main/webapp/publish/js/common.js index c27d4537..e21312c0 100644 --- a/src/main/webapp/publish/js/common.js +++ b/src/main/webapp/publish/js/common.js @@ -133,3 +133,21 @@ var isInternetExplorer = false; if( navigator.appName == 'Netscape' && navigator.userAgent.search('Trident') != -1 || (cCommonUserAgent.indexOf("msie") != -1)) { isInternetExplorer = true; } + + + +function certAccessLog(){ + $.ajax({ + url : '/web/cert/log/insertCertLog.do', + type : 'POST', + /* data : arsForm, */ + dataType:'json', + success : function(returnData, status){ + if(status == "success") { + }else{ console.log('본인인증 시도로그 실패');} + }, + error : function(request , status, error){ + console.log("code:"+request.status+"\n"+"message:"+request.responseText+"\n"+"error:"+error); + } + }); +} \ No newline at end of file diff --git a/src/main/webapp/publish/kmc/kmcis_web_sample_step02.jsp b/src/main/webapp/publish/kmc/kmcis_web_sample_step02.jsp index f0105988..bfb40e06 100644 --- a/src/main/webapp/publish/kmc/kmcis_web_sample_step02.jsp +++ b/src/main/webapp/publish/kmc/kmcis_web_sample_step02.jsp @@ -232,7 +232,9 @@ var KMCIS_window; - function openKMCISWindow(){ + function openKMCISWindow(){ + //본인인증시도 로그 + certAccessLog(); var UserAgent = navigator.userAgent; /* 모바일 접근 체크*/