refactor: 토큰 claims 수정

Team-B1ND · Jun 2, 2024 · 6980f95 · 6980f95
1 parent bb448df
commit 6980f95
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 17 deletions.
diff --git a/src/main/kotlin/b1nd/tokenserver/domain/auth/core/Token.kt b/src/main/kotlin/b1nd/tokenserver/domain/auth/core/Token.kt
@@ -1,15 +1,32 @@
 package b1nd.tokenserver.domain.auth.core
 
 data class Token(
-    val subject: String,
-    val role: Int,
-    val type: JWTType
+    val memberId: String,
+    val accessLevel: Int,
+    val subject: JWTType
 ) {
 
     fun isNotRefreshToken(): Boolean {
-        return JWTType.REFRESH != type
+        return JWTType.REFRESH != subject
     }
 
 }
 
-enum class JWTType { ACCESS, REFRESH }
+enum class JWTType {
+
+    ACCESS, REFRESH;
+
+    companion object {
+        fun of(value: String): JWTType {
+            if("token" == value) {
+                return ACCESS
+            }
+            if("refreshToken" == value) {
+                return REFRESH
+            }
+
+            return JWTType.valueOf(value)
+        }
+    }
+
+}
diff --git a/src/main/kotlin/b1nd/tokenserver/domain/auth/outport/TokenPort.kt b/src/main/kotlin/b1nd/tokenserver/domain/auth/outport/TokenPort.kt
@@ -5,7 +5,7 @@ import b1nd.tokenserver.domain.auth.core.Token
 
 interface TokenPort {
 
-    fun issue(subject: String, role: Int, type: JWTType): String
+    fun issue(memberId: String, accessLevel: Int, type: JWTType): String
 
     fun parse(token: String, type: JWTType): Token
 

diff --git a/src/main/kotlin/b1nd/tokenserver/domain/auth/usecase/AuthUseCase.kt b/src/main/kotlin/b1nd/tokenserver/domain/auth/usecase/AuthUseCase.kt
@@ -20,7 +20,7 @@ class AuthUseCase(val tokenPort: TokenPort) {
         if(token.isNotRefreshToken()) {
             throw WrongTokenTypeException
         }
-        return issueToken(IssueTokenRequest(token.subject, token.role), JWTType.ACCESS)
+        return issueToken(IssueTokenRequest(token.memberId, token.accessLevel), JWTType.ACCESS)
     }
 
     //todo Redis 저장
@@ -36,7 +36,7 @@ class AuthUseCase(val tokenPort: TokenPort) {
 
     fun verifyToken(req: VerifyTokenRequest): VerifyTokenResponse {
         val token: Token = tokenPort.parse(req.token, JWTType.ACCESS)
-        return VerifyTokenResponse(token.subject, token.role, 0)
+        return VerifyTokenResponse(token.memberId, token.accessLevel, 0)
     }
 
 }
diff --git a/src/main/kotlin/b1nd/tokenserver/infrastructure/adapter/driven/jwt/JWTAdapter.kt b/src/main/kotlin/b1nd/tokenserver/infrastructure/adapter/driven/jwt/JWTAdapter.kt
@@ -6,7 +6,6 @@ import b1nd.tokenserver.domain.auth.core.exception.ExpiredTokenException
 import b1nd.tokenserver.domain.auth.core.exception.InvalidTokenException
 import b1nd.tokenserver.domain.auth.core.JWTType
 import b1nd.tokenserver.domain.auth.core.Token
-import b1nd.tokenserver.domain.common.core.InternalServerException
 import io.jsonwebtoken.*
 import io.jsonwebtoken.security.Keys
 import org.springframework.stereotype.Component
@@ -17,7 +16,7 @@ import java.util.*
 @Component
 class JWTAdapter(val jwtProperties: JWTProperties): TokenPort {
 
-    override fun issue(subject: String, role: Int, type: JWTType): String {
+    override fun issue(memberId: String, accessLevel: Int, type: JWTType): String {
         val secret: String
         val expiryDate: Long
         when (type) {
@@ -33,9 +32,9 @@ class JWTAdapter(val jwtProperties: JWTProperties): TokenPort {
         }
         return Jwts.builder()
             .signWith(Keys.hmacShaKeyFor(secret.toByteArray(StandardCharsets.UTF_8)), SignatureAlgorithm.HS256)
-            .setHeaderParam(Header.JWT_TYPE, type.name)
-            .setSubject(subject)
-            .claim("role", role)
+            .setSubject(type.name)
+            .claim("memberId", memberId)
+            .claim("accessLevel", accessLevel)
             .setIssuedAt(Date())
             .setExpiration(Date(System.currentTimeMillis() + expiryDate))
             .compact()
@@ -49,16 +48,16 @@ class JWTAdapter(val jwtProperties: JWTProperties): TokenPort {
             }
             val claims: Jws<Claims> = Jwts.parserBuilder().setSigningKey(Keys.hmacShaKeyFor(secret.toByteArray())).build().parseClaimsJws(token)
             Token(
-                claims.body.subject,
-                claims.body["role"] as Int,
-                JWTType.valueOf(claims.header[Header.JWT_TYPE] as String)
+                claims.body["memberId"] as String,
+                claims.body["accessLevel"] as Int,
+                JWTType.of(claims.body.subject)
             )
         } catch (e: Exception) {
             when (e) {
                 is ExpiredJwtException -> throw ExpiredTokenException
                 is JwtException -> throw InvalidTokenException
                 is IllegalArgumentException -> throw EmptyTokenException
-                else -> throw InternalServerException
+                else -> throw InvalidTokenException
             }
         }
     }