# 45 토큰 재발급

bitgouel-api/src/main/kotlin/team/msg/domain/auth/exception/InvalidRefreshTokenException.kt

@@ -0,0 +1,9 @@
+package team.msg.domain.auth.exception
+
+import team.msg.domain.auth.exception.constant.AuthErrorCode
+import team.msg.global.error.exception.BitgouelException
+
+class InvalidRefreshTokenException(
+    message: String
+) : BitgouelException(message, AuthErrorCode.INVALID_TOKEN.status){
+}

bitgouel-api/src/main/kotlin/team/msg/domain/auth/exception/RefreshTokenNotFoundException.kt

@@ -0,0 +1,8 @@
+package team.msg.domain.auth.exception
+
+import team.msg.domain.auth.exception.constant.AuthErrorCode
+import team.msg.global.error.exception.BitgouelException
+
+class RefreshTokenNotFoundException(
+    message: String
+) : BitgouelException(message, AuthErrorCode.REFRESH_TOKEN_NOT_FOUND.status)

bitgouel-api/src/main/kotlin/team/msg/domain/auth/exception/constant/AuthErrorCode.kt

@@ -7,5 +7,7 @@ enum class AuthErrorCode(
     ALREADY_EXIST_EMAIL("이미 가입된 이메일입니다.", 409),
     ALREADY_EXIST_PHONE_NUMBER("이미 가입된 전화번호입니다.", 409),
     MISMATCH_PASSWORD("일치하지 않는 비밀번호입니다.", 401),
-    UNAPPROVED_USER("아직 회원가입 대기 상태입니다.", 401)
+    UNAPPROVED_USER("아직 회원가입 대기 상태입니다.", 403),
+    INVALID_TOKEN("유효하지 않은 토큰입니다.", 401),
+    REFRESH_TOKEN_NOT_FOUND("존재하지 않는 리프레시 토큰입니다.", 404)
 }

bitgouel-api/src/main/kotlin/team/msg/domain/auth/presentation/AuthController.kt

@@ -3,8 +3,10 @@ package team.msg.domain.auth.presentation
 import javax.validation.Valid
 import org.springframework.http.HttpStatus
 import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.PatchMapping
 import org.springframework.web.bind.annotation.PostMapping
 import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestHeader
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
 import team.msg.domain.auth.mapper.AuthRequestMapper
@@ -53,4 +55,10 @@ class AuthController(
         val response = authService.login(authRequestMapper.loginWebRequestToDto(request))
         return ResponseEntity.ok(response)
     }
+
+    @PatchMapping
+    fun reissueToken(@RequestHeader("RefreshToken") refreshToken: String): ResponseEntity<TokenResponse> {
+        val response = authService.reissueToken(refreshToken)
+        return ResponseEntity.ok(response)
+    }
 }

bitgouel-api/src/main/kotlin/team/msg/domain/auth/service/AuthService.kt

@@ -10,4 +10,5 @@ interface AuthService {
     fun governmentSignUp(governmentSignUpRequest: GovernmentSignUpRequest)
     fun companyInstructorSignUp(companyInstructorSignUpRequest: CompanyInstructorSignUpRequest)
     fun login(request: LoginRequest): TokenResponse
+    fun reissueToken(refreshToken: String): TokenResponse
 }

bitgouel-api/src/main/kotlin/team/msg/domain/auth/service/AuthServiceImpl.kt

@@ -1,15 +1,19 @@
 package team.msg.domain.auth.service
 
+import org.springframework.data.repository.findByIdOrNull
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 import team.msg.common.enum.ApproveStatus
 import team.msg.common.util.SecurityUtil
 import team.msg.domain.auth.exception.AlreadyExistEmailException
 import team.msg.domain.auth.exception.AlreadyExistPhoneNumberException
+import team.msg.domain.auth.exception.InvalidRefreshTokenException
 import team.msg.domain.auth.exception.MisMatchPasswordException
+import team.msg.domain.auth.exception.RefreshTokenNotFoundException
 import team.msg.domain.auth.exception.UnApprovedUserException
 import team.msg.domain.auth.presentation.data.request.*
 import team.msg.domain.auth.presentation.data.response.TokenResponse
+import team.msg.domain.auth.repository.RefreshTokenRepository
 import team.msg.domain.club.exception.ClubNotFoundException
 import team.msg.domain.club.model.Club
 import team.msg.domain.club.repository.ClubRepository
@@ -32,6 +36,7 @@ import team.msg.domain.user.exception.UserNotFoundException
 import team.msg.domain.user.model.User
 import team.msg.domain.user.repository.UserRepository
 import team.msg.global.security.jwt.JwtTokenGenerator
+import team.msg.global.security.jwt.JwtTokenParser
 import java.util.*
 
 @Service
@@ -45,7 +50,9 @@ class AuthServiceImpl(
     private val professorRepository: ProfessorRepository,
     private val governmentRepository: GovernmentRepository,
     private val companyInstructorRepository: CompanyInstructorRepository,
-    private val jwtTokenGenerator: JwtTokenGenerator
+    private val jwtTokenGenerator: JwtTokenGenerator,
+    private val jwtTokenParser: JwtTokenParser,
+    private val refreshTokenRepository: RefreshTokenRepository
 ) : AuthService {
 
     /**
@@ -189,6 +196,23 @@ class AuthServiceImpl(
         return jwtTokenGenerator.generateToken(user.id, user.authority)
     }
 
+    /**
+     * 토큰 재발급을 처리하는 메서드입니다.
+     * @param refreshToken
+     */
+    override fun reissueToken(refreshToken: String): TokenResponse {
+        val refreshToken = jwtTokenParser.parseRefreshToken(refreshToken)
+            ?: throw InvalidRefreshTokenException("유효하지 않은 리프레시 토큰입니다. info : [ refreshToken = $refreshToken ]")
+
+        val token = refreshTokenRepository.findByIdOrNull(refreshToken)
+            ?: throw RefreshTokenNotFoundException("존재하지 않는 리프레시 토큰입니다. info : [ refreshToken = $refreshToken ]")
+
+        val user = userRepository.findByIdOrNull(token.userId)
+            ?: throw UserNotFoundException("존재하지 않는 유저입니다. info : [ userId = ${token.userId} ]")
+
+        return jwtTokenGenerator.generateToken(user.id, user.authority)
+    }
+
     /**
      * 유저 생성과 검증을 처리하는 private 메서드입니다.
      * @param email, name, phoneNumber, password, authority

bitgouel-api/src/main/kotlin/team/msg/global/security/SecurityConfig.kt

@@ -40,6 +40,7 @@ class SecurityConfig(
             .mvcMatchers(HttpMethod.POST, "/auth/government").permitAll()
             .mvcMatchers(HttpMethod.POST, "/auth/company-instructor").permitAll()
             .mvcMatchers(HttpMethod.POST, "/auth/login").permitAll()
+            .mvcMatchers(HttpMethod.PATCH, "/auth").permitAll()
 
             .anyRequest().authenticated()
             .and()

bitgouel-domain/src/main/kotlin/team/msg/domain/auth/model/RefreshToken.kt

@@ -5,16 +5,17 @@ import org.springframework.data.redis.core.RedisHash
 import org.springframework.data.redis.core.TimeToLive
 import team.msg.domain.user.enums.Authority
 import java.util.UUID
+import java.util.concurrent.TimeUnit
 
 @RedisHash("refresh_token")
-class RefreshToken(
+data class RefreshToken(
     @Id
     val token: String,
 
     val userId: UUID,
 
     val authority: Authority,
 
-    @TimeToLive
+    @TimeToLive(unit = TimeUnit.SECONDS)
     val expiredAt: Int
 )

bitgouel-domain/src/main/kotlin/team/msg/domain/auth/repository/RefreshTokenRepository.kt

@@ -4,4 +4,5 @@ import org.springframework.data.repository.CrudRepository
 import team.msg.domain.auth.model.RefreshToken
 
 interface RefreshTokenRepository : CrudRepository<RefreshToken, String> {
+
 }