feature/#64 rtr 기반 refresh token 발행 기능 구현 #65
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| package sorisoop.soridam.api.auth.application; | ||
|
|
||
| import org.springframework.stereotype.Service; | ||
| import org.springframework.transaction.annotation.Transactional; | ||
|
|
||
| import lombok.RequiredArgsConstructor; | ||
| import sorisoop.soridam.api.auth.presentation.request.jwt.JwtLoginRequest; | ||
| import sorisoop.soridam.api.auth.presentation.request.jwt.RefreshTokenRequest; | ||
| import sorisoop.soridam.api.auth.presentation.request.oauth.OidcLoginRequest; | ||
| import sorisoop.soridam.auth.jwt.application.JwtService; | ||
| import sorisoop.soridam.auth.jwt.response.JwtResponse; | ||
| import sorisoop.soridam.auth.oauth.google.GoogleOidcService; | ||
| import sorisoop.soridam.auth.oauth.kakao.KakaoOidcService; | ||
| import sorisoop.soridam.domain.user.domain.User; | ||
|
|
||
| @Service | ||
| @RequiredArgsConstructor | ||
| public class AuthFacade { | ||
| private final KakaoOidcService kakaoOidcService; | ||
| private final GoogleOidcService googleOidcService; | ||
| private final JwtService jwtService; | ||
|
|
||
| public JwtResponse jwtLogin(JwtLoginRequest request) { | ||
| return jwtService.jwtLogin(request.email(), request.password()); | ||
| } | ||
|
|
||
| @Transactional | ||
| public JwtResponse kakaoLogin(OidcLoginRequest idToken) { | ||
| User user = kakaoOidcService.processLogin(idToken.idToken()); | ||
| user.updateLastLoginTime(); | ||
| return jwtService.getToken(user); | ||
| } | ||
|
|
||
| @Transactional | ||
| public JwtResponse googleLogin(OidcLoginRequest idToken) { | ||
| User user = googleOidcService.processLogin(idToken.idToken()); | ||
| user.updateLastLoginTime(); | ||
| return jwtService.getToken(user); | ||
| } | ||
|
|
||
| public JwtResponse reissue(RefreshTokenRequest request) { | ||
| return jwtService.reissue(request.refreshToken()); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,15 @@ | ||||||||||||||
| package sorisoop.soridam.api.auth.presentation.request.jwt; | ||||||||||||||
|
|
||||||||||||||
| import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED; | ||||||||||||||
|
|
||||||||||||||
| import io.swagger.v3.oas.annotations.media.Schema; | ||||||||||||||
| import jakarta.validation.constraints.NotNull; | ||||||||||||||
|
|
||||||||||||||
| public record RefreshTokenRequest( | ||||||||||||||
| @Schema(description = "refresh token", | ||||||||||||||
| example = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsILJdhDYTYzNzQwNjQwMH0.7J", | ||||||||||||||
| requiredMode = REQUIRED) | ||||||||||||||
|
Comment on lines
+9
to
+11
There was a problem hiding this comment. 🛠️ Refactor suggestion API 문서의 예제 토큰 값 수정 필요 API 문서의 예제 값으로 실제 JWT 형식의 토큰을 사용하는 것은 보안상 좋지 않습니다. 대신 @Schema(description = "refresh token",
- example = "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsILJdhDYTYzNzQwNjQwMH0.7J",
+ example = "example-refresh-token",
requiredMode = REQUIRED)📝 Committable suggestion
Suggested change
|
||||||||||||||
| @NotNull | ||||||||||||||
| String refreshToken | ||||||||||||||
| ) { | ||||||||||||||
| } | ||||||||||||||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| package sorisoop.soridam.auth.jwt.application; | ||
|
|
||
| import org.springframework.stereotype.Service; | ||
|
|
||
| import lombok.RequiredArgsConstructor; | ||
| import sorisoop.soridam.auth.jwt.response.JwtResponse; | ||
| import sorisoop.soridam.domain.refresh.RefreshToken; | ||
| import sorisoop.soridam.domain.refresh.application.RefreshTokenService; | ||
| import sorisoop.soridam.domain.user.application.UserCommandService; | ||
| import sorisoop.soridam.domain.user.application.UserQueryService; | ||
| import sorisoop.soridam.domain.user.domain.User; | ||
|
|
||
| @Service | ||
| @RequiredArgsConstructor | ||
| public class JwtService { | ||
| private final UserQueryService userQueryService; | ||
| private final UserCommandService userCommandService; | ||
| private final RefreshTokenService refreshTokenService; | ||
| private final JwtProvider jwtProvider; | ||
|
|
||
| public JwtResponse jwtLogin(String email, String password) { | ||
| User user = userCommandService.login(email, password); | ||
| JwtResponse response = getToken(user); | ||
| refreshTokenService.save(user.getId(), response.refreshToken()); | ||
| return response; | ||
| } | ||
|
|
||
| public JwtResponse reissue(String token) { | ||
| RefreshToken refreshToken = refreshTokenService.getToken(token); | ||
| String userId = refreshToken.getUserId(); | ||
| User user = userQueryService.getById(userId); | ||
| JwtResponse response = getToken(user); | ||
|
|
||
| refreshTokenService.delete(refreshToken); | ||
| refreshTokenService.save(userId, response.refreshToken()); | ||
|
|
||
| return response; | ||
| } | ||
|
There was a problem hiding this comment. 리프레시 토큰 재발행 시 동시성 문제 가능성이 있습니다. 현재 구현에서는 이전 토큰 삭제와 새 토큰 저장이 원자적으로 실행되지 않습니다. 동시에 여러 요청이 들어올 경우 문제가 발생할 수 있습니다. 다음과 같은 개선을 제안드립니다: public JwtResponse reissue(String token) {
RefreshToken refreshToken = refreshTokenService.getToken(token);
String userId = refreshToken.getUserId();
User user = userQueryService.getById(userId);
JwtResponse response = getToken(user);
- refreshTokenService.delete(refreshToken);
- refreshTokenService.save(userId, response.refreshToken());
+ refreshTokenService.replaceToken(refreshToken, userId, response.refreshToken());
return response;
}
|
||
|
|
||
| public JwtResponse getToken(User user) { | ||
| String refreshToken = jwtProvider.generateRefreshToken(user.extractUuid(), user.getRole()); | ||
| String accessToken = jwtProvider.generateAccessToken(user.extractUuid(), user.getRole()); | ||
|
|
||
| return JwtResponse.of(accessToken, refreshToken); | ||
| } | ||
|
|
||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| package sorisoop.soridam.auth.jwt.response; | ||
|
|
||
| import lombok.Builder; | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🛠️ Refactor suggestion
리프레시 토큰 재발행 API에 대한 문서화가 필요합니다.
다른 엔드포인트들과 같이
@Operation과@ApiResponse어노테이션을 추가하여 API 문서화를 해주세요.다음과 같이 추가하는 것을 제안드립니다:
📝 Committable suggestion