초기 PM 소스 전체 업로드

2026-06-12 17:14:03 +09:00
commit 4e33c9a02a
1769 changed files with 377797 additions and 0 deletions
--- a/oauth/oauthService.js
+++ b/oauth/oauthService.js
@@ -0,0 +1,90 @@
+const crypto = require('crypto');
+const axios = require('axios');
+const jwt = require('jsonwebtoken');
+
+exports.exchangeToken = async (code, state, hostname) => {
+    let client_id = '';
+    if (process.env.CLIENT_ID.includes('PM_LOCAL')) client_id = process.env.CLIENT_ID;
+    else if (process.env.SERVICE_NAME === 'PM_ver4_ONPREMISE') client_id = 'PM_ONPREMISE';
+    else if (process.env.SERVICE_NAME === 'PM_ver4_CLOUD_OVERSEAS') {
+        if (hostname.toLowerCase().includes('gtb.')) client_id = 'PM_GTB';
+        if (hostname.toLowerCase().includes('bim.')) client_id = 'PM_BIM';
+        if (hostname.toLowerCase().includes('overseas.')) client_id = 'PM_OVERSEAS';
+        if (hostname.toLowerCase().includes('jangheon.')) client_id = 'PM_JANGHEON';
+        if (hostname.toLowerCase().includes('jangheonindustry.')) client_id = 'PM_JANGHEONINDUSTRY';
+        //test용 - sentinel에 등록되어있어야함
+        if (hostname.toLowerCase().includes('172') || hostname.toLowerCase().includes('localhost')) {
+            client_id = process.env.CLIENT_ID;
+        }
+    }
+
+    let secret = '';
+    if (process.env.CLIENT_ID.includes('PM_LOCAL')) secret = process.env.CLIENT_SECRET_LOCAL;
+    else if (process.env.SERVICE_NAME === 'PM_ver4_ONPREMISE') secret = process.env.CLIENT_SECRET_ONPREMISE;
+    else if (process.env.SERVICE_NAME === 'PM_ver4_CLOUD_OVERSEAS') {
+        if (hostname.toLowerCase().includes('gtb.')) secret = process.env.CLIENT_SECRET_GTB;
+        if (hostname.toLowerCase().includes('bim.')) secret = process.env.CLIENT_SECRET_BIM;
+        if (hostname.toLowerCase().includes('overseas.')) secret = process.env.CLIENT_SECRET_OVERSEAS;
+        if (hostname.toLowerCase().includes('jangheon.')) secret = process.env.CLIENT_SECRET_JANGHEON;
+        if (hostname.toLowerCase().includes('jangheonindustry.')) secret = process.env.CLIENT_SECRET_JANGHEONINDUSTRY;
+        //test용 - sentinel에 등록되어있어야함
+        if (hostname.toLowerCase().includes('172') || hostname.toLowerCase().includes('localhost')) {
+            secret = process.env.CLIENT_SECRET_LOCAL;
+        }
+    }
+
+
+    const { encrypted, iv } = _encrypt(secret);
+    console.log("encrypted ", encrypted);
+    const tokenResp = await axios.post(`${process.env.SENTINEL_BASE}/oauth/token`, {
+        code,
+        client_id: client_id,
+        client_secret_enc: encrypted,
+        iv,
+        state // state 추가
+    });
+
+    const { access_token, next } = tokenResp.data;
+    // return jwt.verify(access_token, process.env.JWT_SECRET);
+
+    const verifyOptions = {
+        issuer: process.env.JWT_ISSUER,
+        audience: client_id,
+        algorithms: ["HS256"],
+        clockTolerance: 30
+    };
+
+    const user = jwt.verify(access_token, process.env.JWT_SECRET, verifyOptions);
+
+    return {
+        user,
+        next: next || null,
+    };
+};
+
+exports.isLoggedIn = async (req, res, next) => {
+    // 로컬 테스트 시 강제로 세션 주입하고 통과시킴
+    req.session.user = {
+        userId: 'test_user',
+        user_nm: '테스트사용자',
+        group: 'dev'
+    };
+    next();
+}
+
+//const AES_KEY = Buffer.from(process.env.AES_KEY_32BYTE, "utf8");
+const AES_KEY_32BYTE = "abcdefghijklmnopqrstuvwxyz123456";
+
+
+function _encrypt(text) {
+    const iv = crypto.randomBytes(16);
+    const cipher = crypto.createCipheriv("aes-256-cbc", AES_KEY, iv);
+
+    let enc = cipher.update(text, "utf8", "base64");
+    enc += cipher.final("base64");
+
+    return {
+        encrypted: enc,
+        iv: iv.toString("base64")
+    };
+}