앱로그인 api 추가

src/main/java/com/oqpo/api/config/WebMvcConfig.java

@@ -34,6 +34,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
             public void addInterceptors(InterceptorRegistry registry) {
                 registry.addInterceptor(tokenCheckInterceptor).addPathPatterns("/api/**")
                         .excludePathPatterns("/api/member/sign-in")
+                        .excludePathPatterns("/api/member/sign-in-app")
                         .excludePathPatterns("/api/member/sign-in-swagger")
                         .excludePathPatterns("/api/session/hashed")
                         .excludePathPatterns("/api/session/expire")

src/main/java/com/oqpo/api/util/CryptoUtil.java

@@ -8,7 +8,9 @@ import javax.crypto.Cipher;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
+import org.apache.commons.codec.binary.Hex;
 import org.apache.tomcat.util.codec.binary.Base64;
+import org.springframework.util.Assert;
 
 public class CryptoUtil {
 	public static String decrypt(String ciphertext, String passphrase) {
@@ -61,4 +63,51 @@ public class CryptoUtil {
         System.arraycopy(derivedBytes, keySize * 4, resultIv, 0, ivSize * 4);
         return derivedBytes;
     }
+
+
+    /**
+     * AES, CBC, PKCS5Padding, encodeHexString
+     * Key 길이가 128, 256 이냐에 따라 알고리즘은 AES-128, AES-256 이 됨
+     */
+    public static String doDecrypt(String encryptString, String strKey) {
+        Assert.notNull(encryptString, "The encryptString must not be null!");
+        Assert.notNull(strKey, "The strKey must not be null!");
+
+        if ("".equals(encryptString)) {
+            return "";
+        }
+
+        SecretKeySpec key = new SecretKeySpec(strKey.getBytes(), "AES");
+
+        try {
+            // Hash 변환
+            byte[] encryptCombineBytes = Hex.decodeHex(encryptString.toCharArray());
+
+            int encryptSize = encryptCombineBytes.length;
+            // 암호화 문자열에 iv 가 포함되어 있지 않을 경우 0.
+            int ivSize = 0;
+            byte[] ivBytes = new byte[16];
+            System.arraycopy(encryptCombineBytes, 0, ivBytes, 0, ivBytes.length);
+            encryptSize -= 16;
+            // 암호화 문자열에 iv 가 포함되어 있을 경우 IV_SIZE
+            ivSize = 16;
+
+            IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);
+
+            // encryptBytes 분리
+            byte[] encryptBytes = new byte[encryptSize];
+            System.arraycopy(encryptCombineBytes, ivSize, encryptBytes, 0, encryptSize);
+
+            // Decrypt
+            Cipher cipherDecrypt = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            cipherDecrypt.init(Cipher.DECRYPT_MODE, key, ivParameterSpec);
+            byte[] decryptBytes = cipherDecrypt.doFinal(encryptBytes);
+
+            String decryptResultString = new String(decryptBytes);
+
+            return decryptResultString;
+        } catch (Exception ex) {
+            throw new RuntimeException("Decrypt Exception!", ex);
+        }
+    }
 }

src/main/java/com/oqpo/api/web/controller/SigninController.java

@@ -54,6 +54,22 @@ public class SigninController {
         return ResponseEntity.ok(signinService.signin(userId, password));
     }
 
+    /**
+     * 설명 : APP 로그인
+     *
+     * @param signinRequest
+     * @return
+     * @throws Exception
+     */
+    @ApiOperation(value = "로그인")
+    @PostMapping("/sign-in-app")
+    public ResponseEntity<JwtResponse> signinApp(@RequestBody @Valid SigninRequest signinRequest) throws Exception {
+        hashed = StringEscapeUtils.unescapeJava(hashed);
+        String userId = CryptoUtil.doDecrypt(signinRequest.getUserId(), hashed);
+        String password = CryptoUtil.doDecrypt(signinRequest.getPassword(), hashed);
+        return ResponseEntity.ok(signinService.signin(userId, password));
+    }
+
     /**
      * 설명 : Swagger 로그인
      *