[fix] GGBE-212 access token 재발급 수정

42organization · Aug 2, 2023 · f024f2c · f024f2c
1 parent dae8ef3
commit f024f2c
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 72 deletions.
diff --git a/src/main/java/com/gg/server/domain/user/controller/UserController.java b/src/main/java/com/gg/server/domain/user/controller/UserController.java
@@ -36,15 +36,12 @@
 public class UserController {
     private final UserService userService;
     private final UserAuthenticationService userAuthenticationService;
-    private final AppProperties appProperties;
     private final CookieUtil cookieUtil;
 
     @PostMapping("/accesstoken")
-    public ResponseEntity<UserAccessTokenDto> generateAccessToken(@RequestParam String refreshToken, HttpServletResponse response) {
-        UserJwtTokenDto result = userAuthenticationService.regenerate(refreshToken);
-        cookieUtil.addCookie(response, TokenHeaders.REFRESH_TOKEN, result.getRefreshToken(),
-                (int)(appProperties.getAuth().getRefreshTokenExpiry() / 1000));
-        return new ResponseEntity<>(new UserAccessTokenDto(result.getAccessToken()), HttpStatus.CREATED);
+    public ResponseEntity<UserAccessTokenDto> generateAccessToken(@RequestParam String refreshToken) {
+        String accessToken = userAuthenticationService.regenerate(refreshToken);
+        return new ResponseEntity<>(new UserAccessTokenDto(accessToken), HttpStatus.CREATED);
     }
 
     @GetMapping

diff --git a/src/main/java/com/gg/server/domain/user/dto/UserJwtTokenDto.java b/src/main/java/com/gg/server/domain/user/dto/UserJwtTokenDto.java
diff --git a/src/main/java/com/gg/server/domain/user/service/UserAuthenticationService.java b/src/main/java/com/gg/server/domain/user/service/UserAuthenticationService.java
@@ -1,9 +1,6 @@
 package com.gg.server.domain.user.service;
 
-import com.gg.server.domain.rank.redis.RedisKeyManager;
-import com.gg.server.domain.user.dto.UserJwtTokenDto;
 import com.gg.server.domain.user.exception.TokenNotValidException;
-import com.gg.server.global.security.config.properties.AppProperties;
 import com.gg.server.global.security.jwt.repository.JwtRedisRepository;
 import com.gg.server.global.security.jwt.utils.AuthTokenProvider;
 import lombok.RequiredArgsConstructor;
@@ -12,30 +9,13 @@
 @Service
 @RequiredArgsConstructor
 public class UserAuthenticationService {
-    private final AppProperties appProperties;
     private final JwtRedisRepository jwtRedisRepository;
     private final AuthTokenProvider tokenProvider;
 
-    public UserJwtTokenDto regenerate(String refreshToken) {
-        Long userId = tokenProvider.getUserIdFormRefreshToken(refreshToken);
+    public String regenerate(String refreshToken) {
+        Long userId = jwtRedisRepository.getUserIdFromRefToken(refreshToken);
         if (userId == null)
             throw new TokenNotValidException();
-        String refTokenKey = RedisKeyManager.getRefKey(userId);
-        String redisRefToken = jwtRedisRepository.getRefToken(refTokenKey);
-        if (redisRefToken == null)
-            throw new TokenNotValidException();
-        if (!redisRefToken.equals(refreshToken)){
-            jwtRedisRepository.deleteRefToken(refTokenKey);
-            throw new TokenNotValidException();
-        }
-        return authenticationSuccess(userId, refTokenKey);
-    }
-
-    private UserJwtTokenDto authenticationSuccess(Long userId, String refTokenKey) {
-        String newRefToken = tokenProvider.refreshToken(userId);
-        long refreshTokenExpiry = appProperties.getAuth().getRefreshTokenExpiry();
-        jwtRedisRepository.addRefToken(refTokenKey, newRefToken, refreshTokenExpiry);
-        String newAccessToken = tokenProvider.createToken(userId);
-        return new UserJwtTokenDto(newAccessToken, newRefToken);
+        return tokenProvider.createToken(userId);
     }
 }
diff --git a/src/main/java/com/gg/server/global/security/handler/OAuthAuthenticationSuccessHandler.java b/src/main/java/com/gg/server/global/security/handler/OAuthAuthenticationSuccessHandler.java
@@ -55,8 +55,9 @@ protected String determineTargetUrl(HttpServletRequest request, HttpServletRespo
         Cookie[] cookies = request.getCookies();
         for (Cookie cookie :cookies) {
             if (cookie.getName().equals(TokenHeaders.REFRESH_TOKEN) ) {
-                Long existUserId = tokenProvider.getUserIdFormRefreshToken(cookie.getValue());
+                Long existUserId = jwtRedisRepository.getUserIdFromRefToken(cookie.getValue());
                 if (existUserId != null && !existUserId.equals(principal.getId())) {
+                    jwtRedisRepository.deleteRefToken(cookie.getValue());
                     return deleteKakaoUser(existUserId, response, authentication);
                 }
             }
@@ -67,14 +68,12 @@ protected String determineTargetUrl(HttpServletRequest request, HttpServletRespo
 
         // token 설정
         String accessToken = tokenProvider.createToken(principal.getId());
-        String refreshToken = tokenProvider.refreshToken(principal.getId());
+        String refreshToken = tokenProvider.refreshToken();
 
         cookieUtil.addCookie(response, TokenHeaders.REFRESH_TOKEN, refreshToken,
                         (int)(refreshTokenExpiry / 1000));
 
-        String refTokenKey = RedisKeyManager.getRefKey(principal.getId());
-        jwtRedisRepository.deleteRefToken(refTokenKey);
-        jwtRedisRepository.addRefToken(refTokenKey, refreshToken, refreshTokenExpiry);
+        jwtRedisRepository.addRefToken(refreshToken, refreshTokenExpiry, principal.getId());
         return UriComponentsBuilder.fromUriString(applicationYmlRead.getFrontUrl())
                 .queryParam("token", accessToken)
                 .build().toUriString();
@@ -107,18 +106,12 @@ private String saveAndGetUserAccessToken(HttpServletResponse response,
         remainedUser.updateKakaoId(deletedUser.getKakaoId());
         // 쿠키 시간 설정
         long refreshTokenExpiry = appProperties.getAuth().getRefreshTokenExpiry();
-
-        String remainTokenKey = RedisKeyManager.getRefKey(remainedUser.getId());
-        String deleteTokenKey = RedisKeyManager.getRefKey(deletedUser.getId());
-        jwtRedisRepository.deleteRefToken(deleteTokenKey);
-        jwtRedisRepository.deleteRefToken(remainTokenKey);
-
         userRepository.delete(deletedUser);
 
         // token 설정
         String accessToken = tokenProvider.createToken(remainedUser.getId());
-        String refreshToken = tokenProvider.refreshToken(remainedUser.getId());
-        jwtRedisRepository.addRefToken(remainTokenKey, refreshToken, refreshTokenExpiry);
+        String refreshToken = tokenProvider.refreshToken();
+        jwtRedisRepository.addRefToken(refreshToken, refreshTokenExpiry, remainedUser.getId());
 
         cookieUtil.addCookie(response, TokenHeaders.REFRESH_TOKEN, refreshToken,
                 (int)(refreshTokenExpiry / 1000));

diff --git a/src/main/java/com/gg/server/global/security/jwt/repository/JwtRedisRepository.java b/src/main/java/com/gg/server/global/security/jwt/repository/JwtRedisRepository.java
@@ -1,27 +1,28 @@
 package com.gg.server.global.security.jwt.repository;
 
-import com.gg.server.domain.user.exception.TokenNotValidException;
-import com.gg.server.global.exception.ErrorCode;
-import lombok.AllArgsConstructor;
+import lombok.RequiredArgsConstructor;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Repository;
 
 import java.util.concurrent.TimeUnit;
 
 @Repository
-@AllArgsConstructor
+@RequiredArgsConstructor
 public class JwtRedisRepository {
     private final RedisTemplate<String, String> redisTemplate;
 
-    public void addRefToken(String refTokenKey, String refreshToken, long timeOut) {
-        redisTemplate.opsForValue().set(refTokenKey, refreshToken, timeOut, TimeUnit.MILLISECONDS);
+    public void addRefToken(String refreshToken, long timeOut, Long userId) {
+        redisTemplate.opsForValue().set(refreshToken, userId.toString(), timeOut, TimeUnit.MILLISECONDS);
     }
 
-    public String getRefToken(String refTokenKey){
-        return redisTemplate.opsForValue().get(refTokenKey);
+    public Long getUserIdFromRefToken(String refToken){
+        String userId = redisTemplate.opsForValue().get(refToken);
+        if (userId == null)
+            return null;
+        return Long.valueOf(userId);
     }
 
-    public void deleteRefToken(String refTokenKey) {
-        redisTemplate.delete(refTokenKey);
+    public void deleteRefToken(String refToken) {
+        redisTemplate.delete(refToken);
     }
 }
diff --git a/src/main/java/com/gg/server/global/security/jwt/utils/AuthTokenProvider.java b/src/main/java/com/gg/server/global/security/jwt/utils/AuthTokenProvider.java
@@ -25,12 +25,11 @@ public AuthTokenProvider(AppProperties appProperties) {
         refreshKey = Keys.hmacShaKeyFor(appProperties.getAuth().getRefreshTokenSecret().getBytes());
         log.info(key.getAlgorithm());
     }
-    public String refreshToken(Long userId) {
+    public String refreshToken() {
         Date now = new Date();
         Date expiryDate = new Date(now.getTime() +
                 appProperties.getAuth().getRefreshTokenExpiry());
         return Jwts.builder()
-                .setSubject(Long.toString(userId))
                 .setIssuedAt(new Date())
                 .setExpiration(expiryDate)
                 .signWith(refreshKey)
@@ -77,10 +76,4 @@ public Long getUserIdFromAccessToken(String accessToken) {
         return Long.valueOf(claims.getSubject());
     }
 
-    public Long getUserIdFormRefreshToken(String refreshToken) {
-        Claims claims = getClaims(refreshToken, refreshKey);
-        if (claims == null)
-            return null;
-        return Long.valueOf(claims.getSubject());
-    }
 }