fix : 보안 문제

RTUnu12 · RTUnu12 · commit f7604e6c31ad · 2025-04-19T17:18:28.000+09:00
diff --git a/README.md b/README.md
@@ -1,6 +1,2 @@
 # 전체 아키텍처 구조
-![image](https://github.com/user-attachments/assets/032dd8c8-1df3-40af-a566-02a18a67ba43)
-
-## 현재 문제점
-1. EC2의 과도한 생성과 삭제로 인해 요금 발생 -> 서버리스로 전환
-2. 낮은 보안성 -> 토큰 처리 필요
+![image](https://github.com/user-attachments/assets/032dd8c8-1df3-40af-a566-02a18a67ba43)
diff --git a/src/main/java/com/rtu/chalkac/global/config/SecurityConfig.java b/src/main/java/com/rtu/chalkac/global/config/SecurityConfig.java
@@ -1,6 +1,7 @@
 package com.rtu.chalkac.global.config;
 
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -28,6 +29,9 @@
 @Configuration
 public class SecurityConfig {
 
+    @Value("${auth.jwt.issuer}")
+    private String issuer;
+
     @Bean
     protected SecurityFilterChain configure(HttpSecurity httpSecurity) throws Exception {
         httpSecurity
@@ -65,7 +69,6 @@ public AuthenticationProvider jwtAuthenticationProvider() {
 
     @Bean
     public JwtDecoder jwtDecoder() {
-        String issuer = "https://cognito-idp.ap-northeast-2.amazonaws.com/ap-northeast-2_AbvZMxTi4";
         NimbusJwtDecoder jwtDecoder = JwtDecoders.fromOidcIssuerLocation(issuer);
         jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer));
         return jwtDecoder;
