Merged
Conversation
There was a problem hiding this comment.
Pull request overview
배포/운영을 위한 헬스체크 엔드포인트를 추가하고, 인증/외부연동 설정 및 API 스펙(Validation/Swagger)을 정리한 PR입니다.
Changes:
/및/health헬스체크 엔드포인트 추가 및 보안 예외(Public) 경로에 반영- Apple OAuth 토큰 요청을 위한
appleRestClientBean 추가 및 Apple 어댑터 주입 대상 수정 - 요청 DTO Validation 메시지 및 응답 DTO Swagger 스키마 주석 보강, 불필요한 빈 설정 파일 제거
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/main/java/com/loopon/global/security/filter/JwtAuthenticationFilter.java | JWT 필터 제외 경로에 /health, /api/auth/logout 추가 |
| src/main/java/com/loopon/global/health/HealthCheckController.java | /, /health 헬스체크 컨트롤러 신규 추가 |
| src/main/java/com/loopon/global/config/SecurityConfig.java | Public URL에 /health 포함 및 배열 구문 정리 |
| src/main/java/com/loopon/global/config/RestClientConfig.java | appleRestClient Bean 추가 |
| src/main/java/com/loopon/global/config/HttpInterfaceConfig.java | 비어있는 설정 클래스 제거 |
| src/main/java/com/loopon/auth/infrastructure/apple/AppleAuthClientAdapter.java | Apple용 RestClient로 교체 |
| src/main/java/com/loopon/auth/application/dto/response/AuthResult.java | Swagger @Schema로 토큰 필드 문서화 |
| src/main/java/com/loopon/auth/application/dto/request/VerificationVerifyRequest.java | Validation 메시지 구체화 |
| src/main/java/com/loopon/auth/application/dto/request/VerificationRequest.java | Validation 메시지 구체화 |
| src/main/java/com/loopon/auth/application/dto/request/SocialLoginRequest.java | Validation 메시지 구체화 |
| src/main/java/com/loopon/auth/application/dto/request/PasswordResetRequest.java | Validation 메시지 구체화 |
| src/main/java/com/loopon/auth/application/dto/request/LoginRequest.java | 필드 구분을 위한 공백 라인 추가 |
Comment on lines
+19
to
+29
| @Value("${spring.profiles.active:default}") | ||
| private String activeProfile; | ||
|
|
||
| @GetMapping("/") | ||
| public ResponseEntity<CommonResponse<Map<String, String>>> systemStatus() { | ||
| Map<String, String> status = Map.of( | ||
| "status", "UP", | ||
| "profile", activeProfile, | ||
| "serverTime", LocalDateTime.now().toString(), | ||
| "message", "LoopOn API Server is running!" | ||
| ); |
There was a problem hiding this comment.
GET / 응답에 spring.profiles.active(profile)와 서버 시간(serverTime)을 포함해 외부에 환경 정보를 노출합니다. 운영 환경에서도 퍼블릭 엔드포인트로 열려 있으니, 보안/운영 관점에서 필드 제거(예: status만 반환) 또는 비공개 경로로 분리/권한 제한(예: actuator로 이동, 내부망만 허용 등)을 검토해주세요.
| try { | ||
| return kakaoRestClient.post() | ||
| return appleRestClient.post() | ||
| .uri("https://appleid.apple.com/auth/token") |
There was a problem hiding this comment.
RestClient에 이미 baseUrl("https://appleid.apple.com")을 설정했는데, 요청에서 다시 절대 URL("https://appleid.apple.com/auth/token")을 사용하고 있습니다. baseUrl과 URI가 분리되면 향후 호스트 변경/환경 분기 시 한쪽만 수정되어 오류가 날 수 있으니, 상대 경로(예: "/auth/token")로 호출해 baseUrl 설정을 일관되게 활용하는 편이 안전합니다.
Suggested change
| .uri("https://appleid.apple.com/auth/token") | |
| .uri("/auth/token") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.