From 34ddb9bd7d2031863dc911f82158e744d00e9991 Mon Sep 17 00:00:00 2001 From: Jeyong Date: Tue, 2 Dec 2025 23:09:55 +0900 Subject: [PATCH 1/2] =?UTF-8?q?refactor:=20=EC=9D=B8=EC=A6=9D=EC=84=9C=20?= =?UTF-8?q?=EB=B0=9C=EA=B8=89=20=EC=9D=91=EB=8B=B5=EA=B0=92=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20=EB=B0=8F=20=EC=84=9C=EB=B9=84=EC=8A=A4=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EB=AF=B8=EC=82=AC=EC=9A=A9=20=EC=BD=94=EB=93=9C=20?= =?UTF-8?q?=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/CertificateController.java | 1 - .../dto/CertificateIssueResponse.java | 4 +- .../service/CertificateService.java | 119 ------------------ 3 files changed, 1 insertion(+), 123 deletions(-) diff --git a/src/main/java/org/creditto/authserver/certificate/controller/CertificateController.java b/src/main/java/org/creditto/authserver/certificate/controller/CertificateController.java index 27e99db..8f1bd2d 100644 --- a/src/main/java/org/creditto/authserver/certificate/controller/CertificateController.java +++ b/src/main/java/org/creditto/authserver/certificate/controller/CertificateController.java @@ -35,7 +35,6 @@ public ResponseEntity> issueCertificate( @Valid @RequestBody CertificateIssueRequest certificateIssueRequest, HttpServletRequest request ) { - log.info("인증서 발급 요청 - 전화번호: {}", certificateIssueRequest.phoneNo()); String ipAddress = request.getRemoteAddr(); String userAgent = request.getHeader(USER_AGENT); return ApiResponseUtil.success(SuccessCode.OK, certificateService.issueCertificate(certificateIssueRequest, ipAddress, userAgent)); diff --git a/src/main/java/org/creditto/authserver/certificate/dto/CertificateIssueResponse.java b/src/main/java/org/creditto/authserver/certificate/dto/CertificateIssueResponse.java index e64e020..53ca674 100644 --- a/src/main/java/org/creditto/authserver/certificate/dto/CertificateIssueResponse.java +++ b/src/main/java/org/creditto/authserver/certificate/dto/CertificateIssueResponse.java @@ -10,15 +10,13 @@ public record CertificateIssueResponse( String serialNumber, LocalDateTime issuedAt, - LocalDateTime expiresAt, - String publicKey + LocalDateTime expiresAt ) { public static CertificateIssueResponse from(Certificate certificate) { return CertificateIssueResponse.builder() .serialNumber(certificate.getSerialNumber()) .issuedAt(certificate.getIssuedAt()) .expiresAt(certificate.getExpiresAt()) - .publicKey(certificate.getPublicKey()) .build(); } } \ No newline at end of file diff --git a/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java b/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java index 509c4bc..bd11df7 100644 --- a/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java +++ b/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java @@ -158,125 +158,6 @@ public Map getSerialNumberByUser(CertificateSerialRequest certif return Map.of(CERTIFICATE_SERIAL, certificate.getSerialNumber()); } - - public List getCertificateHistory(String serialNumber, String simplePassword) { - Certificate certificate = getCertificateBySerialNumber(serialNumber); - try { - if (verifyCertificateKeyPair(simplePassword, certificate)) { - recordUsageHistory(certificate, HistoryAction.READ, true, null, "", ""); - return certificateUsageHistoryRepository.findByCertificate(certificate); - } else { - recordUsageHistory(certificate, HistoryAction.READ, false, null, "", ""); - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } catch (GeneralSecurityException e) { - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } - - /** - * 사용자 인증서 목록 조회 - */ - public List getUserCertificates(Long userId) { - User user = userRepository.findById(userId) - .orElseThrow(() -> new EntityNotFoundException(USER_NOT_FOUND)); - - return certificateRepository.findByUser(user); - } - - /** - * 활성 인증서 목록 조회 - */ - public Certificate getActiveCertificates(Long userId) { - User user = userRepository.findById(userId) - .orElseThrow(() -> new EntityNotFoundException(USER_NOT_FOUND)); - - return certificateRepository.findByUserAndStatus(user, CertificateStatus.ACTIVE) - .orElseThrow(() -> new CertificateNotFoundException(CERTIFICATE_NOT_FOUND)); - } - - /** - * 인증서 폐기 - */ - @Transactional - public void revokeCertificate(String serialNumber, String simplePassword, String reason) { - Certificate certificate = getCertificateBySerialNumber(serialNumber); - try { - if (verifyCertificateKeyPair(simplePassword, certificate)) { - certificate.revoke(reason); - certificateRepository.save(certificate); - log.info("인증서 폐기 완료 - 일련번호: {}, 사유: {}", serialNumber, reason); - } else { - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } catch (GeneralSecurityException e) { - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } - - /** - * 인증서 상세 조회 - */ - public Certificate getCertificate(String serialNumber, String simplePassword) { - Certificate certificate = getCertificateBySerialNumber(serialNumber); - try { - if (verifyCertificateKeyPair(simplePassword, certificate)) { - return certificate; - } else { - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } catch (GeneralSecurityException e) { - throw new InvalidSimplePasswordException(CERTIFICATE_AUTH_FAILED); - } - } - - /** - * 활성 인증서 개수 조회 - */ - public long countActiveCertificates(Long userId) { - User user = userRepository.findById(userId) - .orElseThrow(() -> new EntityNotFoundException(USER_NOT_FOUND)); - - return certificateRepository.countByUserAndStatus(user, CertificateStatus.ACTIVE); - } - - /** - * 인증서 갱신 - */ - @Transactional - public CertificateIssueResponse renewCertificate(String oldSerialNumber, String simplePassword) { - // 기존 인증서 조회 및 검증 - Certificate oldCertificate = getCertificateBySerialNumber(oldSerialNumber); - - User user = oldCertificate.getUser(); - - // 새 RSA 키 쌍 생성 - KeyPair keyPair = encryptionUtil.generateRSAKeyPair(); - - // 새 인증서별 SALT 생성 - String certificateSalt = AESUtil.generateSalt(); - - // 개인키를 간편비밀번호로 암호화 - String encryptedPrivateKey = encryptionUtil.encryptPrivateKey( - keyPair.getPrivate(), - simplePassword, - certificateSalt - ); - - Certificate newCertificate = createCertificate(keyPair, user, encryptedPrivateKey, certificateSalt); - - certificateRepository.save(newCertificate); - - // 기존 인증서 폐기 - oldCertificate.revoke("인증서 갱신"); - certificateRepository.save(oldCertificate); - - log.info("인증서 갱신 완료 - 사용자: {}, 기존: {}, 신규: {}", - user.getName(), oldSerialNumber, newCertificate.getSerialNumber()); - - return CertificateIssueResponse.from(newCertificate); - } - private Certificate createCertificate(KeyPair keyPair, User user, String encryptedPrivateKey, String certificateSalt) { String publicKey = encryptionUtil.encodePublicKey(keyPair.getPublic()); From d7457bf45b88ba6ecb1db12f9dcf206293a729e7 Mon Sep 17 00:00:00 2001 From: Jeyong Date: Tue, 2 Dec 2025 23:15:27 +0900 Subject: [PATCH 2/2] =?UTF-8?q?chore:=20=EB=AF=B8=EC=82=AC=EC=9A=A9=20?= =?UTF-8?q?=EC=BD=94=EB=93=9C=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../repository/CertificateRepository.java | 6 ------ .../CertificateUsageHistoryRepository.java | 15 --------------- .../certificate/service/CertificateService.java | 1 - 3 files changed, 22 deletions(-) diff --git a/src/main/java/org/creditto/authserver/certificate/repository/CertificateRepository.java b/src/main/java/org/creditto/authserver/certificate/repository/CertificateRepository.java index a539c4c..cd61923 100644 --- a/src/main/java/org/creditto/authserver/certificate/repository/CertificateRepository.java +++ b/src/main/java/org/creditto/authserver/certificate/repository/CertificateRepository.java @@ -8,8 +8,6 @@ import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; -import java.time.LocalDateTime; -import java.util.List; import java.util.Optional; @Repository @@ -18,11 +16,7 @@ public interface CertificateRepository extends JpaRepository @Query("SELECT ctf FROM Certificate ctf JOIN FETCH ctf.user WHERE ctf.serialNumber = :serial") Optional findBySerialNumber(@Param("serial") String serialNumber); - List findByUser(User user); - Optional findByUserAndStatus(User user, CertificateStatus status); - long countByUserAndStatus(User user, CertificateStatus status); - boolean existsCertificateByStatusAndUser(CertificateStatus status, User user); } diff --git a/src/main/java/org/creditto/authserver/certificate/repository/CertificateUsageHistoryRepository.java b/src/main/java/org/creditto/authserver/certificate/repository/CertificateUsageHistoryRepository.java index 4436ac1..6e15b57 100644 --- a/src/main/java/org/creditto/authserver/certificate/repository/CertificateUsageHistoryRepository.java +++ b/src/main/java/org/creditto/authserver/certificate/repository/CertificateUsageHistoryRepository.java @@ -1,24 +1,9 @@ package org.creditto.authserver.certificate.repository; -import org.creditto.authserver.certificate.entity.Certificate; import org.creditto.authserver.certificate.entity.CertificateUsageHistory; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.stereotype.Repository; -import java.time.LocalDateTime; -import java.util.List; - @Repository public interface CertificateUsageHistoryRepository extends JpaRepository { - - List findByCertificateIdOrderByCreatedAtDesc(Long certificateId); - - List findByCertificateIdAndSuccessFalseAndCreatedAtAfter( - Long certificateId, - LocalDateTime after - ); - - List findByCertificate_User_IdOrderByCreatedAtDesc(Long userId); - - List findByCertificate(Certificate certificate); } \ No newline at end of file diff --git a/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java b/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java index bd11df7..fc80066 100644 --- a/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java +++ b/src/main/java/org/creditto/authserver/certificate/service/CertificateService.java @@ -28,7 +28,6 @@ import java.security.PrivateKey; import java.security.PublicKey; import java.time.LocalDateTime; -import java.util.List; import java.util.Map; import java.util.UUID;