From 8c1970d6e374da838cb13648a8ee4b270fb69031 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 11:25:46 +0900 Subject: [PATCH 01/23] feat: user login start --- .../com/quickpick/ureca/user/controller/UserController.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 5ea1b6a..6549f8b 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -1,4 +1,8 @@ package com.quickpick.ureca.user.controller; +import org.springframework.web.bind.annotation.RestController; + +@RestController public class UserController { + } From 30a0758540bd50ddca7c22f90128e88718d84586 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 11:46:26 +0900 Subject: [PATCH 02/23] =?UTF-8?q?feat:=20=EC=9C=A0=EC=A0=80=20=EB=94=94?= =?UTF-8?q?=ED=85=8C=EC=9D=BC=20=EC=83=81=EC=86=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 3 ++ .../ureca/user/controller/UserController.java | 4 ++ .../com/quickpick/ureca/user/domain/User.java | 42 ++++++++++++++++++- .../ureca/user/repository/UserRepository.java | 6 ++- 4 files changed, 52 insertions(+), 3 deletions(-) diff --git a/build.gradle b/build.gradle index d903a73..1b8e3ff 100644 --- a/build.gradle +++ b/build.gradle @@ -33,6 +33,9 @@ dependencies { annotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' + + implementation 'org.springframework.boot:spring-boot-starter-security' + testImplementation 'org.springframework.security:spring-security-test' } tasks.named('test') { diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 6549f8b..3b1d65c 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -1,8 +1,12 @@ package com.quickpick.ureca.user.controller; +import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController +@RequestMapping("/user") public class UserController { + + } diff --git a/src/main/java/com/quickpick/ureca/user/domain/User.java b/src/main/java/com/quickpick/ureca/user/domain/User.java index 86eaaca..fe1d44e 100644 --- a/src/main/java/com/quickpick/ureca/user/domain/User.java +++ b/src/main/java/com/quickpick/ureca/user/domain/User.java @@ -5,22 +5,26 @@ import jakarta.persistence.*; import lombok.Getter; import lombok.NoArgsConstructor; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; import java.util.ArrayList; +import java.util.Collection; import java.util.List; @Table @Entity @Getter @NoArgsConstructor -public class User extends BaseEntity { +public class User extends BaseEntity implements UserDetails { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "user_id") private Long userId; - @Column(nullable = false) + @Column(nullable = false, unique = true) private String id; @Column(nullable = false) @@ -38,4 +42,38 @@ public class User extends BaseEntity { @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, orphanRemoval = true) private List userTickets = new ArrayList<>(); + @Override //사용자의 권한 목록 반환 + public Collection getAuthorities() { + return List.of(new SimpleGrantedAuthority("user")); + } + + @Override //사용자 id 반환 (고유한 이름) + public String getUsername() { + return id; + } + + @Override //사용자 비밀번호 반환 + public String getPassword() { + return password; + } + + @Override //계정이 만료 되었는지 확인 + public boolean isAccountNonExpired() { + return true; + } + + @Override //계정이 잠겼는지 확인 + public boolean isAccountNonLocked() { + return true; + } + + @Override //비밀번호 만료 확인 + public boolean isCredentialsNonExpired() { + return true; + } + + @Override //계정 사용여부 확인 + public boolean isEnabled() { + return true; + } } diff --git a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java index 50abb0e..3f33e6d 100644 --- a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java +++ b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java @@ -1,4 +1,8 @@ package com.quickpick.ureca.user.repository; -public class UserRepository { +import com.quickpick.ureca.user.domain.User; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface UserRepository extends JpaRepository { + } From c1e76190cef0b9a49e597fb85e0e867d12a33af9 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 15:15:36 +0900 Subject: [PATCH 03/23] =?UTF-8?q?feat:=20user=20=ED=81=B4=EB=9E=98?= =?UTF-8?q?=EC=8A=A4=20=EB=B3=80=EA=B2=BD(age-int,=20builder=20=EC=83=9D?= =?UTF-8?q?=EC=84=B1=EC=9E=90=20=EC=B6=94=EA=B0=80=20=EB=93=B1),=20?= =?UTF-8?q?=ED=9A=8C=EC=9B=90=EA=B0=80=EC=9E=85=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ureca/config/WebSecurityConfig.java | 68 +++++++++++++++++++ .../ureca/reserve/domain/Reserve.java | 6 +- .../ureca/reserve/status/ReserveStatus.java | 6 ++ .../ureca/user/controller/UserController.java | 14 +++- .../com/quickpick/ureca/user/domain/User.java | 12 +++- .../ureca/user/dto/UserLoginRequestDto.java | 11 +++ .../ureca/user/dto/UserLoginResponseDto.java | 12 ++++ .../ureca/user/dto/UserSignUpRequestDto.java | 14 ++++ .../ureca/user/repository/UserRepository.java | 4 +- .../ureca/user/service/UserDetailService.java | 20 ++++++ .../ureca/user/service/UserService.java | 22 ++++++ 11 files changed, 184 insertions(+), 5 deletions(-) create mode 100644 src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java create mode 100644 src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java create mode 100644 src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java create mode 100644 src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java create mode 100644 src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java create mode 100644 src/main/java/com/quickpick/ureca/user/service/UserDetailService.java diff --git a/src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java new file mode 100644 index 0000000..dcddb8c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java @@ -0,0 +1,68 @@ +package com.quickpick.ureca.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.ProviderManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; + +import java.security.Provider; + +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class WebSecurityConfig { + + private final UserDetailsService userDetailsService; + + @Bean + public WebSecurityCustomizer bean() { + return (webSecurity -> { webSecurity.ignoring() + .requestMatchers(new AntPathRequestMatcher("/static/**")); + }); + } + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + return http.authorizeHttpRequests(auth->auth + .requestMatchers( + new AntPathRequestMatcher("/login") + , new AntPathRequestMatcher("/signup") + , new AntPathRequestMatcher("user") + ).permitAll().anyRequest().authenticated()) + + .formLogin(formLogin -> formLogin + .loginPage("/login") + .defaultSuccessUrl("/ticketing") + ) + .logout(logout -> logout + .logoutSuccessUrl("/login") + .invalidateHttpSession(true) + ) + .csrf(AbstractHttpConfigurer::disable) + .build(); + } + + @Bean + public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder bCryptPasswordEncoder + , UserDetailsService userDetailsService) throws Exception { + DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); + authProvider.setUserDetailsService(userDetailsService); + authProvider.setPasswordEncoder(bCryptPasswordEncoder); + return new ProviderManager(authProvider); + } + + @Bean + public BCryptPasswordEncoder bCryptPasswordEncoder() { + return new BCryptPasswordEncoder(); + } +} diff --git a/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java b/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java index b4ebcda..6e83bd0 100644 --- a/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java +++ b/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java @@ -1,6 +1,7 @@ package com.quickpick.ureca.reserve.domain; import com.quickpick.ureca.common.domain.BaseEntity; +import com.quickpick.ureca.reserve.status.ReserveStatus; import com.quickpick.ureca.user.domain.User; import jakarta.persistence.*; import lombok.Getter; @@ -21,6 +22,7 @@ public class Reserve extends BaseEntity { @JoinColumn(name = "user_id", nullable = false) private User user; + @Enumerated(EnumType.STRING) @Column(nullable = false) - private String status; -} + private ReserveStatus status; +} \ No newline at end of file diff --git a/src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java b/src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java new file mode 100644 index 0000000..b378ef0 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java @@ -0,0 +1,6 @@ +package com.quickpick.ureca.reserve.status; + +public enum ReserveStatus { + SUCCESS, + FAIL +} \ No newline at end of file diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 3b1d65c..798c32a 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -1,12 +1,24 @@ package com.quickpick.ureca.user.controller; +import com.quickpick.ureca.user.dto.UserSignUpRequestDto; +import com.quickpick.ureca.user.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController -@RequestMapping("/user") +@RequiredArgsConstructor public class UserController { + private final UserService userService; + @PostMapping("/signup") + public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto){ + userService.saveUser(dto); + return ResponseEntity.ok("회원가입 완료"); + } } diff --git a/src/main/java/com/quickpick/ureca/user/domain/User.java b/src/main/java/com/quickpick/ureca/user/domain/User.java index fe1d44e..b0078bf 100644 --- a/src/main/java/com/quickpick/ureca/user/domain/User.java +++ b/src/main/java/com/quickpick/ureca/user/domain/User.java @@ -3,6 +3,7 @@ import com.quickpick.ureca.common.domain.BaseEntity; import com.quickpick.ureca.userticket.domain.UserTicket; import jakarta.persistence.*; +import lombok.Builder; import lombok.Getter; import lombok.NoArgsConstructor; import org.springframework.security.core.GrantedAuthority; @@ -34,11 +35,20 @@ public class User extends BaseEntity implements UserDetails { private String name; @Column(nullable = false) - private String age; + private Integer age; @Column(nullable = false) private String gender; + @Builder + public User(String id, String password, String name, Integer age, String gender) { + this.id = id; + this.password = password; + this.name = name; + this.age = age; + this.gender = gender; + } + @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, orphanRemoval = true) private List userTickets = new ArrayList<>(); diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java b/src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java new file mode 100644 index 0000000..d8a5a07 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.user.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class UserLoginRequestDto { //로그인 요청 dto + private String id; // 사용자 ID + private String password; // 비밀번호 +} diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java b/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java new file mode 100644 index 0000000..ef23ef3 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java @@ -0,0 +1,12 @@ +package com.quickpick.ureca.user.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class UserLoginResponseDto { //로그인 응답 dto + private Long userId; + private String name; + //private String token; +} diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java b/src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java new file mode 100644 index 0000000..8483b50 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.user.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class UserSignUpRequestDto { //회원가입 요청 dto + private String id; // 사용자 ID + private String password; // 비밀번호 + private String name; // 이름 + private Integer age; // 나이 + private String gender; // 성별 ("M", "F") +} diff --git a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java index 3f33e6d..919da06 100644 --- a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java +++ b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java @@ -3,6 +3,8 @@ import com.quickpick.ureca.user.domain.User; import org.springframework.data.jpa.repository.JpaRepository; -public interface UserRepository extends JpaRepository { +import java.util.Optional; +public interface UserRepository extends JpaRepository { + Optional findById(String id); //id로 사용자 정보 가져오기 } diff --git a/src/main/java/com/quickpick/ureca/user/service/UserDetailService.java b/src/main/java/com/quickpick/ureca/user/service/UserDetailService.java new file mode 100644 index 0000000..b5e1d86 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/user/service/UserDetailService.java @@ -0,0 +1,20 @@ +package com.quickpick.ureca.user.service; + +import com.quickpick.ureca.user.repository.UserRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +@RequiredArgsConstructor +public class UserDetailService implements UserDetailsService { + + private final UserRepository userRepository; + + @Override + public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException { + return userRepository.findById(id).orElseThrow(() -> new UsernameNotFoundException(id)); + } +} diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 972e2b1..84f0b83 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -1,4 +1,26 @@ package com.quickpick.ureca.user.service; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.dto.UserSignUpRequestDto; +import com.quickpick.ureca.user.repository.UserRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.stereotype.Service; + +@Service +@RequiredArgsConstructor public class UserService { + + private final UserRepository userRepository; + private final BCryptPasswordEncoder bCryptPasswordEncoder; + + public void saveUser(UserSignUpRequestDto dto) { + userRepository.save(User.builder() + .id(dto.getId()) + .password(bCryptPasswordEncoder.encode(dto.getPassword())) + .name(dto.getName()) + .age(dto.getAge()) + .gender(dto.getGender()) + .build()); + } } From c20107d3737e3518753ae5c64bcd11e223bfa100 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 15:37:09 +0900 Subject: [PATCH 04/23] =?UTF-8?q?feat:=20@Transactional=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/quickpick/ureca/user/service/UserService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 84f0b83..4e8c61e 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -3,6 +3,7 @@ import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.repository.UserRepository; +import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; @@ -14,6 +15,7 @@ public class UserService { private final UserRepository userRepository; private final BCryptPasswordEncoder bCryptPasswordEncoder; + @Transactional public void saveUser(UserSignUpRequestDto dto) { userRepository.save(User.builder() .id(dto.getId()) From c63b41d6f5c09fab923ba8088db5f98663d2ebec Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 15:37:09 +0900 Subject: [PATCH 05/23] =?UTF-8?q?fix:=20@Transactional=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/quickpick/ureca/user/service/UserService.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 84f0b83..4e8c61e 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -3,6 +3,7 @@ import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.repository.UserRepository; +import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; @@ -14,6 +15,7 @@ public class UserService { private final UserRepository userRepository; private final BCryptPasswordEncoder bCryptPasswordEncoder; + @Transactional public void saveUser(UserSignUpRequestDto dto) { userRepository.save(User.builder() .id(dto.getId()) From 2d64ee8af6c21b87e5aba7aa5277ce04a15ff58d Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 1 May 2025 17:49:15 +0900 Subject: [PATCH 06/23] =?UTF-8?q?feat:=20login=20=EA=B5=AC=ED=98=84=20ing?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 8 +++++ .../com/quickpick/ureca/UrecaApplication.java | 3 ++ .../ureca/config/jwt/JwtProperties.java | 14 +++++++++ .../ureca/config/jwt/TokenProvider.java | 31 +++++++++++++++++++ .../ureca/user/controller/UserController.java | 28 ++++++++++++++--- .../ureca/user/service/UserService.java | 7 +++++ 6 files changed, 87 insertions(+), 4 deletions(-) create mode 100644 src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java create mode 100644 src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java diff --git a/build.gradle b/build.gradle index 1b8e3ff..fa14cfe 100644 --- a/build.gradle +++ b/build.gradle @@ -36,6 +36,14 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-security' testImplementation 'org.springframework.security:spring-security-test' + + //jwt + implementation 'io.jsonwebtoken:jjwt:0.12.6' + implementation 'io.jsonwebtoken:jjwt-api:0.12.6' + runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6' + runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6' + implementation 'javax.xml.bind:jaxb-api:2.4.0-b180830.0359' + } tasks.named('test') { diff --git a/src/main/java/com/quickpick/ureca/UrecaApplication.java b/src/main/java/com/quickpick/ureca/UrecaApplication.java index 8be528e..e24b3d4 100644 --- a/src/main/java/com/quickpick/ureca/UrecaApplication.java +++ b/src/main/java/com/quickpick/ureca/UrecaApplication.java @@ -1,13 +1,16 @@ package com.quickpick.ureca; +import com.quickpick.ureca.config.jwt.JwtProperties; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.data.jpa.repository.config.EnableJpaAuditing; import org.springframework.scheduling.annotation.EnableScheduling; @SpringBootApplication @EnableJpaAuditing @EnableScheduling +@EnableConfigurationProperties(JwtProperties.class) public class UrecaApplication { public static void main(String[] args) { diff --git a/src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java b/src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java new file mode 100644 index 0000000..377c767 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.config.jwt; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; + +@Getter +@Setter +@ConfigurationProperties(prefix = "jwt") +public class JwtProperties { + private String issuer; + private String secretKey; +} diff --git a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java new file mode 100644 index 0000000..57aa8a4 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java @@ -0,0 +1,31 @@ +package com.quickpick.ureca.config.jwt; + +import com.quickpick.ureca.user.domain.User; +import io.jsonwebtoken.Header; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +import java.nio.charset.StandardCharsets; +import java.util.Date; + +@RequiredArgsConstructor +@Service +public class TokenProvider { + + private final JwtProperties jwtProperties; + + + public String generateToken(User user, Date expiredAt) { + Date now = new Date(); + return Jwts.builder() + //.setHeaderParam(Header.TYPE, Header.JWT_TYPE) //deprecated, 이제 안 써도 라이브러리가 자동적으로 처리? + .issuer(jwtProperties.getIssuer()) + .expiration(expiredAt) + .subject(user.getId()) + .claim("user_id", user.getUserId()) + .signWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .compact(); + } +} diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 798c32a..8c26190 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -1,13 +1,12 @@ package com.quickpick.ureca.user.controller; +import com.quickpick.ureca.user.dto.UserLoginRequestDto; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.service.UserService; import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; @RestController @RequiredArgsConstructor @@ -21,4 +20,25 @@ public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto){ return ResponseEntity.ok("회원가입 완료"); } + @PostMapping("/login") + public ResponseEntity login(@RequestBody UserLoginRequestDto dto){ + boolean isSuccess = userService.login(dto); + + if (isSuccess) { + return ResponseEntity.ok("로그인 성공"); + } else { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); + } + } + + @GetMapping("/logout") + public ResponseEntity logout(@RequestBody UserLoginRequestDto dto){ + boolean isSuccess = userService.login(dto); + + if (isSuccess) { + return ResponseEntity.ok("로그인 성공"); + } else { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); + } + } } diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 4e8c61e..53e6010 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -1,6 +1,7 @@ package com.quickpick.ureca.user.service; import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.dto.UserLoginRequestDto; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.repository.UserRepository; import jakarta.transaction.Transactional; @@ -25,4 +26,10 @@ public void saveUser(UserSignUpRequestDto dto) { .gender(dto.getGender()) .build()); } +/* + public boolean login(UserLoginRequestDto dto) { + + } + + */ } From c95cfca469c3ef4d35c5163fe2210efb04e7c0f1 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 10:37:54 +0900 Subject: [PATCH 07/23] =?UTF-8?q?feat:=20jwt=20test=20=EC=BD=94=EB=94=A9?= =?UTF-8?q?=EC=A4=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 4 ++ .../ureca/config/jwt/TokenProvider.java | 54 +++++++++++++++++-- .../ureca/config/jwt/JwtFactory.java | 47 ++++++++++++++++ 3 files changed, 102 insertions(+), 3 deletions(-) create mode 100644 src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java diff --git a/build.gradle b/build.gradle index fa14cfe..a14c600 100644 --- a/build.gradle +++ b/build.gradle @@ -34,6 +34,10 @@ dependencies { testImplementation 'org.springframework.boot:spring-boot-starter-test' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' + //test + testImplementation 'org.projectlombok:lombok' + testAnnotationProcessor 'org.projectlombok:lombok' + implementation 'org.springframework.boot:spring-boot-starter-security' testImplementation 'org.springframework.security:spring-security-test' diff --git a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java index 57aa8a4..7d6c74b 100644 --- a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java @@ -1,14 +1,21 @@ package com.quickpick.ureca.config.jwt; import com.quickpick.ureca.user.domain.User; +import io.jsonwebtoken.Claims; import io.jsonwebtoken.Header; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import lombok.RequiredArgsConstructor; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.stereotype.Service; import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Collections; import java.util.Date; +import java.util.Set; @RequiredArgsConstructor @Service @@ -16,16 +23,57 @@ public class TokenProvider { private final JwtProperties jwtProperties; - - public String generateToken(User user, Date expiredAt) { + public String generateToken(User user, Duration expiredAt) { Date now = new Date(); + return makeToken(user, new Date( now.getTime() + expiredAt.toMillis())); + } // expriedAt 만큼의 유효기간을 가진 토큰 생성 + + public String makeToken(User user, Date expiry) { + return Jwts.builder() //.setHeaderParam(Header.TYPE, Header.JWT_TYPE) //deprecated, 이제 안 써도 라이브러리가 자동적으로 처리? .issuer(jwtProperties.getIssuer()) - .expiration(expiredAt) + .expiration(expiry) .subject(user.getId()) .claim("user_id", user.getUserId()) .signWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) .compact(); } + + public boolean validToken(String token) { + try{ + Jwts.parser() + .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .build() + .parseSignedClaims(token); + return true; + } catch (Exception e) { + return false; + } + } + + public Authentication getAuthentication(String token) { + Claims claims = getClaims(token); + Set authorities + = Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")); + + return new UsernamePasswordAuthenticationToken( + new org.springframework.security.core.userdetails.User( + claims.getSubject(), "", authorities) + , token + , authorities); + } + + public String getUserId(String token) { + Claims claims = getClaims(token); + return claims.get("user_id", String.class); + } + + private Claims getClaims(String token) { + return Jwts.parser() + .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .build() + .parseSignedClaims(token) + .getPayload(); //getBody()가 deprecated되어 이걸 쓸 것 + } } diff --git a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java new file mode 100644 index 0000000..9e8b59f --- /dev/null +++ b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java @@ -0,0 +1,47 @@ +package com.quickpick.ureca.config.jwt; + +import io.jsonwebtoken.Header; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; +import lombok.Builder; +import lombok.Getter; + +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Collections; +import java.util.Date; +import java.util.Map; + +@Getter +public class JwtFactory { //test용 jwt 토큰 생성 + private String subject = "test@email.com"; + private Date issuedAt = new Date(); + private Date expiration + = new Date( new Date().getTime() + Duration.ofDays(14).toMillis() ); + private Map claims = Collections.emptyMap(); + + @Builder + public JwtFactory(String subject, Date issuedAt, Date expiration + , Map claims) { + this.subject = subject != null ? subject : this.subject; + this.issuedAt = issuedAt != null ? issuedAt : this.issuedAt; + this.expiration = expiration != null ? expiration : this.expiration; + this.claims = claims != null ? claims : this.claims; + } + + public static JwtFactory withDefaultValues() { + return JwtFactory.builder().build(); + } // withDefaultValues + + public String createToken(JwtProperties jwtProperties) { + return Jwts.builder() + .subject(subject) + .setHeaderParam(Header.TYPE, Header.JWT_TYPE) // deprecated + .issuer(jwtProperties.getIssuer()) + .issuedAt(issuedAt) + .expiration(expiration) + .addClaims(claims) + .signWith( Keys.hmacShaKeyFor( jwtProperties.getSecretKey().getBytes( StandardCharsets.UTF_8 ) ) ) + .compact(); + } // makeToken +} From b605397c17fe972d938895924fc273284b1011db Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 13:11:17 +0900 Subject: [PATCH 08/23] =?UTF-8?q?feat:=20=20jwt=20token=20=EB=B0=9C?= =?UTF-8?q?=ED=96=89=20test?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ureca/config/jwt/TokenProvider.java | 4 +- .../ureca/user/controller/UserController.java | 4 +- .../ureca/config/jwt/JwtFactory.java | 30 +++-- .../ureca/config/jwt/TokenProviderTest.java | 105 ++++++++++++++++++ 4 files changed, 131 insertions(+), 12 deletions(-) create mode 100644 src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java diff --git a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java index 7d6c74b..e4dc89b 100644 --- a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java @@ -64,9 +64,9 @@ public Authentication getAuthentication(String token) { , authorities); } - public String getUserId(String token) { + public Long getUserId(String token) { Claims claims = getClaims(token); - return claims.get("user_id", String.class); + return claims.get("user_id", Long.class); } private Claims getClaims(String token) { diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 8c26190..e4296f9 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -19,7 +19,7 @@ public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto){ userService.saveUser(dto); return ResponseEntity.ok("회원가입 완료"); } - +/* @PostMapping("/login") public ResponseEntity login(@RequestBody UserLoginRequestDto dto){ boolean isSuccess = userService.login(dto); @@ -40,5 +40,5 @@ public ResponseEntity logout(@RequestBody UserLoginRequestDto dto){ } else { return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); } - } + }*/ } diff --git a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java index 9e8b59f..128f0df 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java @@ -10,6 +10,7 @@ import java.time.Duration; import java.util.Collections; import java.util.Date; +import java.util.HashMap; import java.util.Map; @Getter @@ -30,18 +31,31 @@ public JwtFactory(String subject, Date issuedAt, Date expiration } public static JwtFactory withDefaultValues() { + return JwtFactory.builder().build(); } // withDefaultValues public String createToken(JwtProperties jwtProperties) { + // 기본 클레임 설정 + Map tokenClaims = new HashMap<>(); + + // 표준 클레임 추가 + tokenClaims.put("sub", subject); // subject + tokenClaims.put("iss", jwtProperties.getIssuer()); // issuer + tokenClaims.put("iat", issuedAt); // issuedAt + tokenClaims.put("exp", expiration); // expiration + + // 사용자 정의 클레임 추가 (덮어쓰기 가능) + if (claims != null && !claims.isEmpty()) { + tokenClaims.putAll(claims); + } + return Jwts.builder() - .subject(subject) - .setHeaderParam(Header.TYPE, Header.JWT_TYPE) // deprecated - .issuer(jwtProperties.getIssuer()) - .issuedAt(issuedAt) - .expiration(expiration) - .addClaims(claims) - .signWith( Keys.hmacShaKeyFor( jwtProperties.getSecretKey().getBytes( StandardCharsets.UTF_8 ) ) ) + .claims(tokenClaims) + .signWith( + Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8)), + Jwts.SIG.HS256 // 서명 알고리즘 명시 필수 + ) .compact(); - } // makeToken + } } diff --git a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java new file mode 100644 index 0000000..09380d9 --- /dev/null +++ b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java @@ -0,0 +1,105 @@ +package com.quickpick.ureca.config.jwt; + +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.repository.UserRepository; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.userdetails.UserDetails; + +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Date; +import java.util.Map; + +import static org.assertj.core.api.Assertions.assertThat; + +@SpringBootTest +public class TokenProviderTest { + @Autowired + private TokenProvider tokenProvider; + @Autowired + private UserRepository userRepository; + @Autowired + private JwtProperties jwtProperties; + + @DisplayName("토큰 생성 테스트") + @Test + void generateToken() { + User testUser = userRepository.save(User.builder() + .id("user@gmail.com") + .password("password") + .name("testUser") + .age(12) + .gender("male") + .build()); + + String token = tokenProvider.generateToken(testUser, Duration.ofDays(14)); + + Long userId = Jwts.parser() + .verifyWith( Keys.hmacShaKeyFor( + jwtProperties.getSecretKey().getBytes( StandardCharsets.UTF_8 ) ) ) + .build() + .parseSignedClaims(token) + .getPayload().get("user_id", Long.class); + + assertThat(userId).isEqualTo(testUser.getUserId()); + } + + @DisplayName("토큰 검증 테스트-일부러 틀리도록?") + @Test + void validateToken_fail() { + String token = JwtFactory.builder() + .expiration(new Date( new Date().getTime() - Duration.ofDays(7).toMillis() )) + .build() + .createToken(jwtProperties); + + boolean result = tokenProvider.validToken(token); + + assertThat(result).isFalse(); + } + + @DisplayName("토큰 검증 테스트-성공") + @Test + void validateToken_success() { + String token = JwtFactory.withDefaultValues() + .createToken(jwtProperties); + + boolean result = tokenProvider.validToken(token); + + assertThat(result).isTrue(); + } + + @DisplayName("토큰으로 인증 정보 가져오기") + @Test + public void getAuthentication() { + String userEmail = "user@gmail.com"; + String token = JwtFactory.builder() + .subject(userEmail) + .build() + .createToken(jwtProperties); + + Authentication authentication = tokenProvider.getAuthentication(token); + + assertThat( ( (UserDetails) authentication.getPrincipal() ).getUsername() ) + .isEqualTo(userEmail); + } // getAuthentication + + @DisplayName("토큰으로 유저 ID를 가져오기 테스트") + @Test + public void getUserId() { + Long userId = 1L; + String token = JwtFactory.builder() + .claims(Map.of("user_id", userId)) + .build() + .createToken(jwtProperties); + + Long userIdByToken = tokenProvider.getUserId(token); + + assertThat(userIdByToken).isEqualTo(userId); + } // getUserId +} From 718421e6104ed4eef0319e176d9d0cd78ea1a3aa Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 14:45:33 +0900 Subject: [PATCH 09/23] =?UTF-8?q?feat:=20jwt=20access=20token,=20refresh?= =?UTF-8?q?=20token=20=EA=B5=AC=ED=98=84(=ED=86=A0=ED=81=B0=20db=20?= =?UTF-8?q?=EC=A0=80=EC=9E=A5,=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EB=AF=B8?= =?UTF-8?q?=EC=99=84)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/quickpick/ureca/UrecaApplication.java | 2 +- .../jwt => auth/config}/JwtProperties.java | 3 +- .../config/TokenAuthenticationFilter.java | 41 +++++++++++++++++++ .../jwt => auth/config}/TokenProvider.java | 3 +- .../auth/controller/TokenController.java | 27 ++++++++++++ .../ureca/auth/domain/RefreshToken.java | 32 +++++++++++++++ .../auth/dto/CreateAccessTokenRequest.java | 10 +++++ .../auth/dto/CreateAccessTokenResponse.java | 10 +++++ .../repository/RefreshTokenRepository.java | 11 +++++ .../auth/service/RefreshTokenService.java | 17 ++++++++ .../ureca/auth/service/TokenService.java | 29 +++++++++++++ .../ureca/user/repository/UserRepository.java | 3 +- .../ureca/user/service/UserService.java | 6 ++- .../ureca/config/jwt/JwtFactory.java | 2 +- .../ureca/config/jwt/TokenProviderTest.java | 2 + 15 files changed, 190 insertions(+), 8 deletions(-) rename src/main/java/com/quickpick/ureca/{config/jwt => auth/config}/JwtProperties.java (75%) create mode 100644 src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java rename src/main/java/com/quickpick/ureca/{config/jwt => auth/config}/TokenProvider.java (97%) create mode 100644 src/main/java/com/quickpick/ureca/auth/controller/TokenController.java create mode 100644 src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java create mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java create mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java create mode 100644 src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java create mode 100644 src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java create mode 100644 src/main/java/com/quickpick/ureca/auth/service/TokenService.java diff --git a/src/main/java/com/quickpick/ureca/UrecaApplication.java b/src/main/java/com/quickpick/ureca/UrecaApplication.java index e24b3d4..d5f7e7e 100644 --- a/src/main/java/com/quickpick/ureca/UrecaApplication.java +++ b/src/main/java/com/quickpick/ureca/UrecaApplication.java @@ -1,6 +1,6 @@ package com.quickpick.ureca; -import com.quickpick.ureca.config.jwt.JwtProperties; +import com.quickpick.ureca.auth.config.JwtProperties; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.context.properties.EnableConfigurationProperties; diff --git a/src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java b/src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java similarity index 75% rename from src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java rename to src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java index 377c767..1e69729 100644 --- a/src/main/java/com/quickpick/ureca/config/jwt/JwtProperties.java +++ b/src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java @@ -1,9 +1,8 @@ -package com.quickpick.ureca.config.jwt; +package com.quickpick.ureca.auth.config; import lombok.Getter; import lombok.Setter; import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; @Getter @Setter diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java new file mode 100644 index 0000000..ffa6a20 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java @@ -0,0 +1,41 @@ +package com.quickpick.ureca.auth.config; + +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +@RequiredArgsConstructor +public class TokenAuthenticationFilter extends OncePerRequestFilter { + private final TokenProvider tokenProvider; + private final static String HEADER_AUTHORIZATION = "Authorization"; + private final static String BEARER = "Bearer "; + + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + //요청 헤더의 auth 키의 값 조회 + String authHeader = request.getHeader(HEADER_AUTHORIZATION); + String token = getAccessToken(authHeader); //접두사 제거해서 토큰 가져오기 + if(tokenProvider.validToken(token)) { //토큰이 유효하면 인증 정보 설정 + Authentication auth = tokenProvider.getAuthentication(token); + SecurityContextHolder.getContext().setAuthentication(auth); + } + + filterChain.doFilter(request, response); + } + + private String getAccessToken(String authHeader) { + if (authHeader != null && authHeader.startsWith(BEARER)) { + return authHeader.substring(BEARER.length()); + } + return null; + } + +} diff --git a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java similarity index 97% rename from src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java rename to src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java index e4dc89b..926ae5a 100644 --- a/src/main/java/com/quickpick/ureca/config/jwt/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java @@ -1,8 +1,7 @@ -package com.quickpick.ureca.config.jwt; +package com.quickpick.ureca.auth.config; import com.quickpick.ureca.user.domain.User; import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Header; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import lombok.RequiredArgsConstructor; diff --git a/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java b/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java new file mode 100644 index 0000000..00a694a --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java @@ -0,0 +1,27 @@ +package com.quickpick.ureca.auth.controller; + +import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; +import com.quickpick.ureca.auth.dto.CreateAccessTokenResponse; +import com.quickpick.ureca.auth.service.TokenService; +import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequiredArgsConstructor +public class TokenController { + private final TokenService tokenService; + + @PostMapping("/api/token") + public ResponseEntity createNewAccessToken( + @RequestBody CreateAccessTokenRequest request) { + String newAccessToken + = tokenService.createNewAccessToken(request.getRefreshToken()); + + return ResponseEntity.status(HttpStatus.CREATED) + .body(new CreateAccessTokenResponse(newAccessToken)); + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java b/src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java new file mode 100644 index 0000000..0ca5c6b --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java @@ -0,0 +1,32 @@ +package com.quickpick.ureca.auth.domain; + +import jakarta.persistence.*; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@NoArgsConstructor +@Getter +@Entity +public class RefreshToken { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "refresh_id", updatable = false) + private Long refreshId; + + @Column(name = "user_id", nullable = false, unique = true) + private Long userId; + + @Column(name = "refresh_token", nullable = false) + private String refreshToken; + + public RefreshToken(Long userId, String refreshToken) { + this.userId = userId; + this.refreshToken = refreshToken; + } + + public RefreshToken update(String newRefreshToken) { + this.refreshToken = newRefreshToken; + return this; + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java new file mode 100644 index 0000000..90e32d0 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenRequest { //엑세스 토큰 생성 요청 + private String refreshToken; +} diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java new file mode 100644 index 0000000..faa5519 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.auth.dto; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +@AllArgsConstructor +@Getter +public class CreateAccessTokenResponse { //엑세스 토큰 생성 요청에 대한 응답 + private String accessToken; +} diff --git a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java new file mode 100644 index 0000000..9c3be05 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.auth.repository; + +import com.quickpick.ureca.auth.domain.RefreshToken; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface RefreshTokenRepository extends JpaRepository { + Optional findByUserId(String userId); + Optional findByRefreshToken(String refreshToken); +} diff --git a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java new file mode 100644 index 0000000..234a02d --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java @@ -0,0 +1,17 @@ +package com.quickpick.ureca.auth.service; + +import com.quickpick.ureca.auth.domain.RefreshToken; +import com.quickpick.ureca.auth.repository.RefreshTokenRepository; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +@RequiredArgsConstructor +@Service +public class RefreshTokenService { + private final RefreshTokenRepository refreshTokenRepository; + + public RefreshToken findByRefreshToken(String refreshToken) { + return refreshTokenRepository.findByRefreshToken(refreshToken) + .orElseThrow(() -> new IllegalArgumentException("Invalid refresh token")); + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/service/TokenService.java b/src/main/java/com/quickpick/ureca/auth/service/TokenService.java new file mode 100644 index 0000000..1768aaa --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/service/TokenService.java @@ -0,0 +1,29 @@ +package com.quickpick.ureca.auth.service; + +import com.quickpick.ureca.auth.config.TokenProvider; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +import java.time.Duration; + +@RequiredArgsConstructor +@Service +public class TokenService { + private final TokenProvider tokenProvider; + private final RefreshTokenService refreshTokenService; + private final UserService userService; + + public String createNewAccessToken(String refreshToken) { + //리프레시 토큰이 유효하지 않으면 에러 + if(!tokenProvider.validToken(refreshToken)) { + throw new IllegalArgumentException("Invalid refresh token"); + } + + Long userId = refreshTokenService.findByRefreshToken(refreshToken).getUserId(); + User user = userService.findByUserId(userId); + + return tokenProvider.generateToken(user, Duration.ofHours(2)); + } +} diff --git a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java index 919da06..6e9a29d 100644 --- a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java +++ b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java @@ -6,5 +6,6 @@ import java.util.Optional; public interface UserRepository extends JpaRepository { - Optional findById(String id); //id로 사용자 정보 가져오기 + Optional findById(String id); //id(아이디)로 사용자 정보 가져오기 + Optional findByUserId(Long userId); //user_id(고유번호)로 사용자 정보 가져오기 } diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 53e6010..3831c53 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -30,6 +30,10 @@ public void saveUser(UserSignUpRequestDto dto) { public boolean login(UserLoginRequestDto dto) { } - */ + //user_id(고유 번호)로 유저 검색 + public User findByUserId(Long userId) { + return userRepository.findByUserId(userId) + .orElseThrow(()-> new IllegalArgumentException("User not found")); + } } diff --git a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java index 128f0df..33880cd 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java @@ -1,6 +1,6 @@ package com.quickpick.ureca.config.jwt; -import io.jsonwebtoken.Header; +import com.quickpick.ureca.auth.config.JwtProperties; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import lombok.Builder; diff --git a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java index 09380d9..a80fa23 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java @@ -1,5 +1,7 @@ package com.quickpick.ureca.config.jwt; +import com.quickpick.ureca.auth.config.JwtProperties; +import com.quickpick.ureca.auth.config.TokenProvider; import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.repository.UserRepository; import io.jsonwebtoken.Jwts; From 8e9604dee22d7c1ee1cbbb8c55ccca5ba3d768c1 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 16:31:45 +0900 Subject: [PATCH 10/23] =?UTF-8?q?feat:=20jwt=20=EC=97=91=EC=84=B8=EC=8A=A4?= =?UTF-8?q?=20=ED=86=A0=ED=81=B0=20=EB=B0=9C=EA=B8=89=20=ED=85=8C=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=20=EC=99=84=EB=A3=8C=20(=EB=A1=9C=EA=B7=B8=EC=9D=B8,?= =?UTF-8?q?=20=EB=A1=9C=EA=B7=B8=EC=95=84=EC=9B=83=20=EB=AF=B8=EC=99=84)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../repository/RefreshTokenRepository.java | 2 +- .../ureca/controller/TokenControllerTest.java | 83 +++++++++++++++++++ 2 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java diff --git a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java index 9c3be05..a1307aa 100644 --- a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java +++ b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java @@ -6,6 +6,6 @@ import java.util.Optional; public interface RefreshTokenRepository extends JpaRepository { - Optional findByUserId(String userId); + Optional findByUserId(Long userId); Optional findByRefreshToken(String refreshToken); } diff --git a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java new file mode 100644 index 0000000..5d9326b --- /dev/null +++ b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java @@ -0,0 +1,83 @@ +package com.quickpick.ureca.controller; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.quickpick.ureca.auth.config.JwtProperties; +import com.quickpick.ureca.auth.domain.RefreshToken; +import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; +import com.quickpick.ureca.auth.repository.RefreshTokenRepository; +import com.quickpick.ureca.config.jwt.JwtFactory; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.repository.UserRepository; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.http.MediaType; +import org.springframework.test.web.servlet.MockMvc; +import org.springframework.test.web.servlet.MockMvcBuilder; +import org.springframework.test.web.servlet.ResultActions; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; +import org.springframework.web.context.WebApplicationContext; + +import java.util.Map; + +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +@SpringBootTest +@AutoConfigureMockMvc +public class TokenControllerTest { + + @Autowired + protected MockMvc mockMvc; + @Autowired + protected ObjectMapper objectMapper; + @Autowired + private WebApplicationContext context; + @Autowired + private JwtProperties jwtProperties; + @Autowired + private UserRepository userRepository; + @Autowired + private RefreshTokenRepository refreshTokenRepository; + + @BeforeEach + public void mockMvcSetUp() { + this.mockMvc = MockMvcBuilders.webAppContextSetup(context).build(); + userRepository.deleteAll(); + } // mockMvcSetUp + + @DisplayName("createNewAccessToken : 새로운 액세스 토큰을 발급한다.") + @Test + public void createNewAccessToken() throws Exception { + final String url = "/api/token"; + User testUser = userRepository.save( User.builder() + .id("user@gmail.com") + .password("test") + .name("test") + .age(123) + .gender("male") + .build() ); + String refreshToken = JwtFactory.builder() + .claims( Map.of( "user_id", testUser.getUserId() ) ) + .build() + .createToken(jwtProperties); + refreshTokenRepository.save( new RefreshToken(testUser.getUserId(), refreshToken) ); + + CreateAccessTokenRequest request = new CreateAccessTokenRequest(); + request.setRefreshToken(refreshToken); + final String requestBody = objectMapper.writeValueAsString(request); + + ResultActions resultActions = mockMvc.perform( post(url) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .content(requestBody) ); + + resultActions + .andExpect(status().isCreated()) + .andExpect( jsonPath("$.accessToken").isNotEmpty() ); + } // createNewAccessToken + +} // class From 4842a2784bfa8db1d5d815ed2da5933902546a0c Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 17:46:23 +0900 Subject: [PATCH 11/23] fix: properties fix --- .github/workflows/CI.yml | 2 ++ .../ureca/user/controller/UserController.java | 28 +++++++++++++------ 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 5e4e8f3..27af1b8 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -52,6 +52,8 @@ jobs: spring.jpa.properties.hibernate.show_sql=true spring.jpa.hibernate.ddl-auto=create-drop spring.jpa.properties.hibernate.format_sql=true + jwt.issuer=${{JWT_ISSUER}} + jwt.secret_key=${{JWT_SECRET_KEY}} EOT shell: bash diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index e4296f9..24687bb 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -15,7 +15,7 @@ public class UserController { private final UserService userService; @PostMapping("/signup") - public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto){ + public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto) { userService.saveUser(dto); return ResponseEntity.ok("회원가입 완료"); } @@ -30,15 +30,25 @@ public ResponseEntity login(@RequestBody UserLoginRequestDto dto){ return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); } } +*/ +/* + @PostMapping("/login") + public ResponseEntity login(@RequestBody UserLoginRequestDto request) { + try { + Authentication authentication = authenticationManager.authenticate( + new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword()) + ); - @GetMapping("/logout") - public ResponseEntity logout(@RequestBody UserLoginRequestDto dto){ - boolean isSuccess = userService.login(dto); + User user = userService.findByUsername(request.getUsername()); + String token = tokenProvider.generateToken(user, Duration.ofHours(2)); - if (isSuccess) { - return ResponseEntity.ok("로그인 성공"); - } else { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); + return ResponseEntity.ok(new TokenResponse(token)); + + } catch (AuthenticationException ex) { + return ResponseEntity + .status(HttpStatus.UNAUTHORIZED) + .body("아이디 또는 비밀번호가 잘못되었습니다."); } - }*/ + } + */ } From b3eb8df9d5fc59f6ee1eecf9bfebbab624e88351 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 2 May 2025 17:48:16 +0900 Subject: [PATCH 12/23] fix: properties fix --- .github/workflows/CI.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 27af1b8..9b27ac5 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -52,8 +52,8 @@ jobs: spring.jpa.properties.hibernate.show_sql=true spring.jpa.hibernate.ddl-auto=create-drop spring.jpa.properties.hibernate.format_sql=true - jwt.issuer=${{JWT_ISSUER}} - jwt.secret_key=${{JWT_SECRET_KEY}} + jwt.issuer=${{ secrets.JWT_ISSUER }} + jwt.secret_key=${{ secrets.JWT_SECRET_KEY }} EOT shell: bash From 317903740f08a042cacbaf34d0f0add72b0dabea Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Wed, 7 May 2025 13:19:40 +0900 Subject: [PATCH 13/23] =?UTF-8?q?feat:=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EA=B4=80=EB=A0=A8=20=EC=9D=BC=EB=B6=80=20=ED=81=B4=EB=9E=98?= =?UTF-8?q?=EC=8A=A4=20=EC=9C=84=EC=B9=98=20=EC=88=98=EC=A0=95=20=EB=B0=8F?= =?UTF-8?q?=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EA=B8=B0=EB=8A=A5=20=EA=B5=AC?= =?UTF-8?q?=ED=98=84(=EB=A1=9C=EA=B7=B8=EC=95=84=EC=9B=83x)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../{ => auth}/config/WebSecurityConfig.java | 33 +++++------ .../ureca/auth/controller/AuthController.java | 55 +++++++++++++++++++ .../auth/controller/TokenController.java | 27 --------- .../dto/UserLoginRequestDto.java | 2 +- .../ureca/auth/dto/UserLoginResponseDto.java | 12 ++++ .../ureca/auth/service/AuthService.java | 48 ++++++++++++++++ .../auth/service/RefreshTokenService.java | 6 ++ .../ureca/auth/service/TokenService.java | 29 ---------- .../ureca/user/controller/UserController.java | 23 +------- .../ureca/user/dto/UserLoginResponseDto.java | 12 ---- .../ureca/user/service/UserService.java | 7 ++- 11 files changed, 147 insertions(+), 107 deletions(-) rename src/main/java/com/quickpick/ureca/{ => auth}/config/WebSecurityConfig.java (63%) create mode 100644 src/main/java/com/quickpick/ureca/auth/controller/AuthController.java delete mode 100644 src/main/java/com/quickpick/ureca/auth/controller/TokenController.java rename src/main/java/com/quickpick/ureca/{user => auth}/dto/UserLoginRequestDto.java (85%) create mode 100644 src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java create mode 100644 src/main/java/com/quickpick/ureca/auth/service/AuthService.java delete mode 100644 src/main/java/com/quickpick/ureca/auth/service/TokenService.java delete mode 100644 src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java diff --git a/src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java similarity index 63% rename from src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java rename to src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index dcddb8c..c2e1558 100644 --- a/src/main/java/com/quickpick/ureca/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.config; +package com.quickpick.ureca.auth.config; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; @@ -13,33 +13,32 @@ import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import java.security.Provider; - @Configuration @EnableWebSecurity @RequiredArgsConstructor public class WebSecurityConfig { private final UserDetailsService userDetailsService; + private final TokenProvider tokenProvider; // TokenProvider 추가 + // Static 리소스는 인증 없이 접근 @Bean - public WebSecurityCustomizer bean() { - return (webSecurity -> { webSecurity.ignoring() + public WebSecurityCustomizer webSecurityCustomizer() { + return (webSecurity) -> webSecurity.ignoring() .requestMatchers(new AntPathRequestMatcher("/static/**")); - }); } + // Security Filter Chain @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { - return http.authorizeHttpRequests(auth->auth - .requestMatchers( - new AntPathRequestMatcher("/login") - , new AntPathRequestMatcher("/signup") - , new AntPathRequestMatcher("user") - ).permitAll().anyRequest().authenticated()) - + return http + .authorizeHttpRequests(auth -> auth + .requestMatchers("/auth/login", "/signup", "/user", "/auth/token").permitAll() // 로그인, 회원가입, 유저 조회, 토큰 재발급은 인증 없이 접근 + .anyRequest().authenticated() // 그 외 요청은 인증 필요 + ) .formLogin(formLogin -> formLogin .loginPage("/login") .defaultSuccessUrl("/ticketing") @@ -48,19 +47,21 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .logoutSuccessUrl("/login") .invalidateHttpSession(true) ) - .csrf(AbstractHttpConfigurer::disable) + .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 (API 서버일 경우) + .addFilterBefore(new TokenAuthenticationFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 .build(); } + // AuthenticationManager 설정 (기존 폼 로그인 방식에서 사용) @Bean - public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder bCryptPasswordEncoder - , UserDetailsService userDetailsService) throws Exception { + public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder bCryptPasswordEncoder, UserDetailsService userDetailsService) throws Exception { DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); authProvider.setUserDetailsService(userDetailsService); authProvider.setPasswordEncoder(bCryptPasswordEncoder); return new ProviderManager(authProvider); } + // BCryptPasswordEncoder 설정 @Bean public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java new file mode 100644 index 0000000..a4ae60e --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java @@ -0,0 +1,55 @@ +package com.quickpick.ureca.auth.controller; + +import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; +import com.quickpick.ureca.auth.dto.CreateAccessTokenResponse; +import com.quickpick.ureca.auth.dto.UserLoginResponseDto; +import com.quickpick.ureca.auth.service.AuthService; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.auth.dto.UserLoginRequestDto; +import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + +import java.time.Duration; + +@RestController +@RequiredArgsConstructor +public class AuthController { + private final AuthenticationManager authenticationManager; + private final AuthService authService; + + @PostMapping("/auth/login") + public ResponseEntity login(@RequestBody UserLoginRequestDto request) { + try { + UserLoginResponseDto response = authService.login(request.getId(), request.getPassword()); + return ResponseEntity.ok(response); + } catch (UsernameNotFoundException | BadCredentialsException ex) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body("Login failed: " + ex.getMessage()); + } catch (Exception ex) { + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body("An unexpected error occurred."); + } + } + + @PostMapping("/auth/token") + public ResponseEntity createNewAccessToken( + @RequestBody CreateAccessTokenRequest request) { + String newAccessToken + = authService.createNewAccessToken(request.getRefreshToken()); + + return ResponseEntity.status(HttpStatus.CREATED) + .body(new CreateAccessTokenResponse(newAccessToken)); + } + + +} diff --git a/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java b/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java deleted file mode 100644 index 00a694a..0000000 --- a/src/main/java/com/quickpick/ureca/auth/controller/TokenController.java +++ /dev/null @@ -1,27 +0,0 @@ -package com.quickpick.ureca.auth.controller; - -import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; -import com.quickpick.ureca.auth.dto.CreateAccessTokenResponse; -import com.quickpick.ureca.auth.service.TokenService; -import lombok.RequiredArgsConstructor; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; - -@RestController -@RequiredArgsConstructor -public class TokenController { - private final TokenService tokenService; - - @PostMapping("/api/token") - public ResponseEntity createNewAccessToken( - @RequestBody CreateAccessTokenRequest request) { - String newAccessToken - = tokenService.createNewAccessToken(request.getRefreshToken()); - - return ResponseEntity.status(HttpStatus.CREATED) - .body(new CreateAccessTokenResponse(newAccessToken)); - } -} diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java b/src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java similarity index 85% rename from src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java rename to src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java index d8a5a07..b51a4a8 100644 --- a/src/main/java/com/quickpick/ureca/user/dto/UserLoginRequestDto.java +++ b/src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.user.dto; +package com.quickpick.ureca.auth.dto; import lombok.Getter; import lombok.Setter; diff --git a/src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java b/src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java new file mode 100644 index 0000000..658c7b3 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java @@ -0,0 +1,12 @@ +package com.quickpick.ureca.auth.dto; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.Setter; + +@Getter +@AllArgsConstructor +public class UserLoginResponseDto { //로그인 응답 dto + private String accessToken; + private String refreshToken; +} diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java new file mode 100644 index 0000000..16bf64e --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java @@ -0,0 +1,48 @@ +package com.quickpick.ureca.auth.service; + +import com.quickpick.ureca.auth.config.TokenProvider; +import com.quickpick.ureca.auth.dto.UserLoginResponseDto; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.service.UserService; +import lombok.RequiredArgsConstructor; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.stereotype.Service; + +import java.time.Duration; + +@Service +@RequiredArgsConstructor +public class AuthService { + + private final UserService userService; + private final TokenProvider tokenProvider; + private final RefreshTokenService refreshTokenService; + + public UserLoginResponseDto login(String id, String password) { //jwt 로그인 + User user = userService.findById(id); + + if (!new BCryptPasswordEncoder().matches(password, user.getPassword())) { //비밀번호 일치 검증 + throw new BadCredentialsException("Invalid password"); + } + + String accessToken = tokenProvider.generateToken(user, Duration.ofHours(2)); + String refreshToken = tokenProvider.generateToken(user, Duration.ofDays(14)); //로그인 성공 시 토큰 발급 + + refreshTokenService.save(user.getUserId(), refreshToken); + + return new UserLoginResponseDto(accessToken, refreshToken); + } + + public String createNewAccessToken(String refreshToken) { //리프레시 토큰을 이용한 엑세스 토큰 재발급 + //리프레시 토큰이 유효하지 않으면 에러 + if(!tokenProvider.validToken(refreshToken)) { + throw new IllegalArgumentException("Invalid refresh token"); + } + + Long userId = refreshTokenService.findByRefreshToken(refreshToken).getUserId(); + User user = userService.findByUserId(userId); + + return tokenProvider.generateToken(user, Duration.ofHours(2)); + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java index 234a02d..733b62f 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java @@ -14,4 +14,10 @@ public RefreshToken findByRefreshToken(String refreshToken) { return refreshTokenRepository.findByRefreshToken(refreshToken) .orElseThrow(() -> new IllegalArgumentException("Invalid refresh token")); } + + //refresh 토큰 저장 (일단 db 저장, redis 저장도 고려 중) + public void save(Long userId, String refreshToken) { + RefreshToken token = new RefreshToken(userId, refreshToken); + refreshTokenRepository.save(token); + } } diff --git a/src/main/java/com/quickpick/ureca/auth/service/TokenService.java b/src/main/java/com/quickpick/ureca/auth/service/TokenService.java deleted file mode 100644 index 1768aaa..0000000 --- a/src/main/java/com/quickpick/ureca/auth/service/TokenService.java +++ /dev/null @@ -1,29 +0,0 @@ -package com.quickpick.ureca.auth.service; - -import com.quickpick.ureca.auth.config.TokenProvider; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.service.UserService; -import lombok.RequiredArgsConstructor; -import org.springframework.stereotype.Service; - -import java.time.Duration; - -@RequiredArgsConstructor -@Service -public class TokenService { - private final TokenProvider tokenProvider; - private final RefreshTokenService refreshTokenService; - private final UserService userService; - - public String createNewAccessToken(String refreshToken) { - //리프레시 토큰이 유효하지 않으면 에러 - if(!tokenProvider.validToken(refreshToken)) { - throw new IllegalArgumentException("Invalid refresh token"); - } - - Long userId = refreshTokenService.findByRefreshToken(refreshToken).getUserId(); - User user = userService.findByUserId(userId); - - return tokenProvider.generateToken(user, Duration.ofHours(2)); - } -} diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index 24687bb..d0c968d 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -1,11 +1,10 @@ package com.quickpick.ureca.user.controller; -import com.quickpick.ureca.user.dto.UserLoginRequestDto; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.service.UserService; import lombok.RequiredArgsConstructor; -import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AuthenticationManager; import org.springframework.web.bind.annotation.*; @RestController @@ -13,6 +12,7 @@ public class UserController { private final UserService userService; + private final AuthenticationManager authenticationManager; @PostMapping("/signup") public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto) { @@ -31,24 +31,5 @@ public ResponseEntity login(@RequestBody UserLoginRequestDto dto){ } } */ -/* - @PostMapping("/login") - public ResponseEntity login(@RequestBody UserLoginRequestDto request) { - try { - Authentication authentication = authenticationManager.authenticate( - new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword()) - ); - - User user = userService.findByUsername(request.getUsername()); - String token = tokenProvider.generateToken(user, Duration.ofHours(2)); - return ResponseEntity.ok(new TokenResponse(token)); - - } catch (AuthenticationException ex) { - return ResponseEntity - .status(HttpStatus.UNAUTHORIZED) - .body("아이디 또는 비밀번호가 잘못되었습니다."); - } - } - */ } diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java b/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java deleted file mode 100644 index ef23ef3..0000000 --- a/src/main/java/com/quickpick/ureca/user/dto/UserLoginResponseDto.java +++ /dev/null @@ -1,12 +0,0 @@ -package com.quickpick.ureca.user.dto; - -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class UserLoginResponseDto { //로그인 응답 dto - private Long userId; - private String name; - //private String token; -} diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 3831c53..305562f 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -1,7 +1,6 @@ package com.quickpick.ureca.user.service; import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.dto.UserLoginRequestDto; import com.quickpick.ureca.user.dto.UserSignUpRequestDto; import com.quickpick.ureca.user.repository.UserRepository; import jakarta.transaction.Transactional; @@ -36,4 +35,10 @@ public User findByUserId(Long userId) { return userRepository.findByUserId(userId) .orElseThrow(()-> new IllegalArgumentException("User not found")); } + + //id(아이디)로 유저 검색 + public User findById(String id) { + return userRepository.findById(id) + .orElseThrow(()-> new IllegalArgumentException("User not found")); + } } From fe7189fdfd89378f0aa211703e8bbc0090baed8a Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Wed, 7 May 2025 13:25:26 +0900 Subject: [PATCH 14/23] =?UTF-8?q?fix:=20=ED=85=8C=EC=8A=A4=ED=8A=B8=20?= =?UTF-8?q?=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/quickpick/ureca/controller/TokenControllerTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java index 5d9326b..37bc0b3 100644 --- a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java +++ b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java @@ -53,7 +53,7 @@ public void mockMvcSetUp() { @DisplayName("createNewAccessToken : 새로운 액세스 토큰을 발급한다.") @Test public void createNewAccessToken() throws Exception { - final String url = "/api/token"; + final String url = "/auth/token"; User testUser = userRepository.save( User.builder() .id("user@gmail.com") .password("test") From 9d2c8cc5ae9489f7e84734e06058eb43d7be9c89 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Wed, 7 May 2025 17:37:14 +0900 Subject: [PATCH 15/23] =?UTF-8?q?feat:=20=EB=A1=9C=EA=B7=B8=EC=95=84?= =?UTF-8?q?=EC=9B=83=20=EA=B5=AC=ED=98=84=20=EC=A4=91=20=EC=9E=84=EC=8B=9C?= =?UTF-8?q?=EC=A0=80=EC=9E=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 4 +++ .../ureca/auth/config/RedisConfig.java | 20 +++++++++++ .../config/TokenAuthenticationFilter.java | 9 ++++- .../ureca/auth/config/TokenProvider.java | 7 ++++ .../ureca/auth/config/WebSecurityConfig.java | 4 ++- .../ureca/auth/controller/AuthController.java | 13 +++++-- .../ureca/auth/service/AuthService.java | 34 ++++++++++++++++--- .../ureca/user/controller/UserController.java | 14 +++----- 8 files changed, 86 insertions(+), 19 deletions(-) create mode 100644 src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java diff --git a/build.gradle b/build.gradle index a14c600..8f0c815 100644 --- a/build.gradle +++ b/build.gradle @@ -48,6 +48,10 @@ dependencies { runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6' implementation 'javax.xml.bind:jaxb-api:2.4.0-b180830.0359' + //Redis + implementation 'org.springframework.boot:spring-boot-starter-data-redis' + implementation 'org.springframework.data:spring-data-redis' + implementation 'org.apache.commons:commons-pool2' // 커넥션 풀 } tasks.named('test') { diff --git a/src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java b/src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java new file mode 100644 index 0000000..f987fdb --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java @@ -0,0 +1,20 @@ +package com.quickpick.ureca.auth.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.connection.RedisConnectionFactory; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.data.redis.serializer.StringRedisSerializer; + +@Configuration +public class RedisConfig { + + @Bean + public RedisTemplate redisTemplate(RedisConnectionFactory connectionFactory) { + RedisTemplate template = new RedisTemplate<>(); + template.setConnectionFactory(connectionFactory); + template.setKeySerializer(new StringRedisSerializer()); + template.setValueSerializer(new StringRedisSerializer()); // 토큰은 일반 문자열이므로 String 직렬화면 충분 + return template; + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java index ffa6a20..6cf0fc8 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java @@ -5,6 +5,7 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.filter.OncePerRequestFilter; @@ -14,6 +15,7 @@ @RequiredArgsConstructor public class TokenAuthenticationFilter extends OncePerRequestFilter { private final TokenProvider tokenProvider; + private final RedisTemplate redisTemplate; private final static String HEADER_AUTHORIZATION = "Authorization"; private final static String BEARER = "Bearer "; @@ -23,7 +25,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse //요청 헤더의 auth 키의 값 조회 String authHeader = request.getHeader(HEADER_AUTHORIZATION); String token = getAccessToken(authHeader); //접두사 제거해서 토큰 가져오기 - if(tokenProvider.validToken(token)) { //토큰이 유효하면 인증 정보 설정 + if(token != null && tokenProvider.validToken(token) && !isBlacklisted(token)) { //토큰이 유효하고 블랙리스트에 없다면 인증 정보 설정 Authentication auth = tokenProvider.getAuthentication(token); SecurityContextHolder.getContext().setAuthentication(auth); } @@ -31,6 +33,11 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse filterChain.doFilter(request, response); } + private boolean isBlacklisted(String token) { + //redis 내 블랙리스트에 있는지 검사 + return redisTemplate.hasKey("blacklist:" + token); + } + private String getAccessToken(String authHeader) { if (authHeader != null && authHeader.startsWith(BEARER)) { return authHeader.substring(BEARER.length()); diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java index 926ae5a..76d2315 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java @@ -68,6 +68,7 @@ public Long getUserId(String token) { return claims.get("user_id", Long.class); } + //Claims 가져오기 private Claims getClaims(String token) { return Jwts.parser() .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) @@ -75,4 +76,10 @@ private Claims getClaims(String token) { .parseSignedClaims(token) .getPayload(); //getBody()가 deprecated되어 이걸 쓸 것 } + + //남은 토큰 유효시간 계산 + public long getRemainingValidity(String token) { + Claims claims = getClaims(token); + return claims.getExpiration().getTime() - System.currentTimeMillis(); + } } diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index c2e1558..9a1c80d 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -3,6 +3,7 @@ import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; @@ -23,6 +24,7 @@ public class WebSecurityConfig { private final UserDetailsService userDetailsService; private final TokenProvider tokenProvider; // TokenProvider 추가 + private final RedisTemplate redisTemplate; // Static 리소스는 인증 없이 접근 @Bean @@ -48,7 +50,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .invalidateHttpSession(true) ) .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 (API 서버일 경우) - .addFilterBefore(new TokenAuthenticationFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 + .addFilterBefore(new TokenAuthenticationFilter(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 .build(); } diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java index a4ae60e..0fe088f 100644 --- a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java +++ b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java @@ -6,6 +6,7 @@ import com.quickpick.ureca.auth.service.AuthService; import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.auth.dto.UserLoginRequestDto; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -41,7 +42,15 @@ public ResponseEntity login(@RequestBody UserLoginRequestDto request) { } } - @PostMapping("/auth/token") + @PostMapping("/auth/logout") + public ResponseEntity logout(HttpServletRequest request) { + String token = authService.extractToken(request); + authService.logout(token); + return ResponseEntity.ok().build(); + } + + + @PostMapping("/auth/token") //엑세스 토큰 재발급 public ResponseEntity createNewAccessToken( @RequestBody CreateAccessTokenRequest request) { String newAccessToken @@ -50,6 +59,4 @@ public ResponseEntity createNewAccessToken( return ResponseEntity.status(HttpStatus.CREATED) .body(new CreateAccessTokenResponse(newAccessToken)); } - - } diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java index 16bf64e..38ebdb4 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java @@ -4,12 +4,15 @@ import com.quickpick.ureca.auth.dto.UserLoginResponseDto; import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.service.UserService; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; import java.time.Duration; +import java.util.concurrent.TimeUnit; @Service @RequiredArgsConstructor @@ -18,11 +21,14 @@ public class AuthService { private final UserService userService; private final TokenProvider tokenProvider; private final RefreshTokenService refreshTokenService; + private final RedisTemplate redisTemplate; + private final BCryptPasswordEncoder bCryptPasswordEncoder; - public UserLoginResponseDto login(String id, String password) { //jwt 로그인 + //jwt 로그인 + public UserLoginResponseDto login(String id, String password) { User user = userService.findById(id); - - if (!new BCryptPasswordEncoder().matches(password, user.getPassword())) { //비밀번호 일치 검증 + + if (!bCryptPasswordEncoder.matches(password, user.getPassword())) { //비밀번호 일치 검증 throw new BadCredentialsException("Invalid password"); } @@ -34,7 +40,27 @@ public UserLoginResponseDto login(String id, String password) { return new UserLoginResponseDto(accessToken, refreshToken); } - public String createNewAccessToken(String refreshToken) { //리프레시 토큰을 이용한 엑세스 토큰 재발급 + // 토큰 추출 (Authorization 헤더에서 Bearer 제거) + public String extractToken(HttpServletRequest request) { + String authHeader = request.getHeader("Authorization"); //Authorization값을 가지는 헤더 가져오기 + if (authHeader != null && authHeader.startsWith("Bearer ")) { + return authHeader.substring(7); //앞에 Bearer 를 제거해 토큰 값만 가져오기 + } + throw new RuntimeException("Missing or invalid Authorization header"); + } + + //로그아웃 + public void logout(String token) { + if (!tokenProvider.validToken(token)) { + throw new IllegalArgumentException("Invalid token"); + } + + long expiration = tokenProvider.getRemainingValidity(token); //토큰의 남은 유효시간 계산 + redisTemplate.opsForValue().set("blacklist:" + token, "logout", expiration, TimeUnit.MILLISECONDS); //남은 유효시간 만큼 블랙리스트에 넣기 + } + + //리프레시 토큰을 이용한 엑세스 토큰 재발급 + public String createNewAccessToken(String refreshToken) { //리프레시 토큰이 유효하지 않으면 에러 if(!tokenProvider.validToken(refreshToken)) { throw new IllegalArgumentException("Invalid refresh token"); diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/user/controller/UserController.java index d0c968d..5255921 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/user/controller/UserController.java @@ -19,17 +19,11 @@ public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto) { userService.saveUser(dto); return ResponseEntity.ok("회원가입 완료"); } -/* - @PostMapping("/login") - public ResponseEntity login(@RequestBody UserLoginRequestDto dto){ - boolean isSuccess = userService.login(dto); - if (isSuccess) { - return ResponseEntity.ok("로그인 성공"); - } else { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("로그인 실패: 아이디 또는 비밀번호가 틀렸습니다."); - } + @GetMapping("/test") + public ResponseEntity test(){ + return ResponseEntity.ok("테스트 성공"); } -*/ + } From 3c970c53ae6a05fd9eb982ab07b5198c62e028de Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 8 May 2025 17:02:18 +0900 Subject: [PATCH 16/23] =?UTF-8?q?feat:=20=ED=86=A0=ED=81=B0=20=EC=98=88?= =?UTF-8?q?=EC=99=B8=20=EB=B0=9C=EC=83=9D=EB=A1=9C=EC=A7=81=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80,=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=95=84=EC=9B=83=20=EA=B5=AC=ED=98=84=20=EC=99=84=EC=84=B1(?= =?UTF-8?q?=EC=95=84=EB=A7=88=EB=8F=84=20=EC=A0=9C=EB=B0=9C=EC=9A=94)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/TokenAuthenticationFilter.java | 28 ++++++++++++--- .../ureca/auth/config/TokenProvider.java | 17 +++++---- .../ureca/auth/config/WebSecurityConfig.java | 12 +++---- .../ureca/auth/controller/AuthController.java | 29 +++++++-------- .../dto/CreateAccessTokenErrorResponse.java | 14 ++++++++ .../repository/RefreshTokenRepository.java | 1 + .../ureca/auth/service/AuthService.java | 35 ++++++++++++++----- .../auth/service/RefreshTokenService.java | 10 +++++- .../ureca/user/service/UserService.java | 4 --- .../ureca/config/jwt/TokenProviderTest.java | 17 +++++++-- 10 files changed, 117 insertions(+), 50 deletions(-) create mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java index 6cf0fc8..e064cd6 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java @@ -1,5 +1,6 @@ package com.quickpick.ureca.auth.config; +import io.jsonwebtoken.JwtException; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; @@ -25,12 +26,31 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse //요청 헤더의 auth 키의 값 조회 String authHeader = request.getHeader(HEADER_AUTHORIZATION); String token = getAccessToken(authHeader); //접두사 제거해서 토큰 가져오기 - if(token != null && tokenProvider.validToken(token) && !isBlacklisted(token)) { //토큰이 유효하고 블랙리스트에 없다면 인증 정보 설정 - Authentication auth = tokenProvider.getAuthentication(token); - SecurityContextHolder.getContext().setAuthentication(auth); + + try { + if (token != null) { + tokenProvider.validToken(token); //에러가 발생하면 catch문으로 + if (isBlacklisted(token)) { + throw new JwtException("Blacklisted token"); + } + //토큰이 유효하고 블랙리스트에 없다면 인증 정보 설정 + Authentication auth = tokenProvider.getAuthentication(token); + SecurityContextHolder.getContext().setAuthentication(auth); + } + + filterChain.doFilter(request, response); + } catch (JwtException e) { + setErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage()); } + } + //에러 메세지 설정 메서드 + private void setErrorResponse(HttpServletResponse response, int status, String message) throws IOException { + response.setStatus(status); + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); - filterChain.doFilter(request, response); + String responseBody = String.format("{\"error\": \"%s\"}", message); + response.getWriter().write(responseBody); } private boolean isBlacklisted(String token) { diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java index 76d2315..fa2dab6 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java @@ -1,8 +1,7 @@ package com.quickpick.ureca.auth.config; import com.quickpick.ureca.user.domain.User; -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; import lombok.RequiredArgsConstructor; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -39,15 +38,21 @@ public String makeToken(User user, Date expiry) { .compact(); } - public boolean validToken(String token) { + //토큰 검증 메서드 + public void validToken(String token) { try{ Jwts.parser() .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) .build() .parseSignedClaims(token); - return true; - } catch (Exception e) { - return false; + } catch (SecurityException | MalformedJwtException e) { //서명이 불일치하거나 / 구조가 손상된 경우 + throw new JwtException("Invalid JWT signature"); + } catch (ExpiredJwtException e) { //만료된 토큰인 경우 + throw new JwtException("JWT token expired"); + } catch (UnsupportedJwtException e) { //지원하지 않는 토큰인 경우 + throw new JwtException("Unsupported JWT token"); + } catch (IllegalArgumentException e) { //토큰이 아예 없거나 비정상적으로 전달된 경우? + throw new JwtException("JWT token is invalid"); } } diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index 9a1c80d..b32e85a 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -11,6 +11,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.web.SecurityFilterChain; @@ -37,18 +38,13 @@ public WebSecurityCustomizer webSecurityCustomizer() { @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { return http + .sessionManagement(session -> session + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //서버 세션 비활성화(jwt 사용하므로) .authorizeHttpRequests(auth -> auth .requestMatchers("/auth/login", "/signup", "/user", "/auth/token").permitAll() // 로그인, 회원가입, 유저 조회, 토큰 재발급은 인증 없이 접근 .anyRequest().authenticated() // 그 외 요청은 인증 필요 ) - .formLogin(formLogin -> formLogin - .loginPage("/login") - .defaultSuccessUrl("/ticketing") - ) - .logout(logout -> logout - .logoutSuccessUrl("/login") - .invalidateHttpSession(true) - ) + .formLogin(AbstractHttpConfigurer::disable) //폼로그인 비활성화 .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 (API 서버일 경우) .addFilterBefore(new TokenAuthenticationFilter(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 .build(); diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java index 0fe088f..f0c9386 100644 --- a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java +++ b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java @@ -1,26 +1,19 @@ package com.quickpick.ureca.auth.controller; -import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; -import com.quickpick.ureca.auth.dto.CreateAccessTokenResponse; -import com.quickpick.ureca.auth.dto.UserLoginResponseDto; +import com.quickpick.ureca.auth.dto.*; import com.quickpick.ureca.auth.service.AuthService; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.auth.dto.UserLoginRequestDto; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; -import java.time.Duration; + @RestController @RequiredArgsConstructor @@ -44,19 +37,23 @@ public ResponseEntity login(@RequestBody UserLoginRequestDto request) { @PostMapping("/auth/logout") public ResponseEntity logout(HttpServletRequest request) { - String token = authService.extractToken(request); - authService.logout(token); + String accessToken = authService.extractToken(request); + authService.logout(accessToken); return ResponseEntity.ok().build(); } @PostMapping("/auth/token") //엑세스 토큰 재발급 - public ResponseEntity createNewAccessToken( + public ResponseEntity createNewAccessToken( //ResponseEntity-> ResponseEntity로 수정 @RequestBody CreateAccessTokenRequest request) { - String newAccessToken - = authService.createNewAccessToken(request.getRefreshToken()); + try { + String newAccessToken + = authService.createNewAccessToken(request.getRefreshToken()); - return ResponseEntity.status(HttpStatus.CREATED) - .body(new CreateAccessTokenResponse(newAccessToken)); + return ResponseEntity.status(HttpStatus.CREATED) + .body(new CreateAccessTokenResponse(newAccessToken)); + } catch (Exception e) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new CreateAccessTokenErrorResponse(e.getMessage())); + } } } diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java new file mode 100644 index 0000000..689315d --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenErrorResponse { + private String error; + + public CreateAccessTokenErrorResponse(String error) { + this.error = error; + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java index a1307aa..bc00bd7 100644 --- a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java +++ b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java @@ -8,4 +8,5 @@ public interface RefreshTokenRepository extends JpaRepository { Optional findByUserId(Long userId); Optional findByRefreshToken(String refreshToken); + void deleteByUserId(Long userId); } diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java index 38ebdb4..931b678 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java @@ -1,10 +1,13 @@ package com.quickpick.ureca.auth.service; import com.quickpick.ureca.auth.config.TokenProvider; +import com.quickpick.ureca.auth.domain.RefreshToken; import com.quickpick.ureca.auth.dto.UserLoginResponseDto; import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.service.UserService; +import io.jsonwebtoken.JwtException; import jakarta.servlet.http.HttpServletRequest; +import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.BadCredentialsException; @@ -25,6 +28,7 @@ public class AuthService { private final BCryptPasswordEncoder bCryptPasswordEncoder; //jwt 로그인 + @Transactional public UserLoginResponseDto login(String id, String password) { User user = userService.findById(id); @@ -50,23 +54,36 @@ public String extractToken(HttpServletRequest request) { } //로그아웃 - public void logout(String token) { - if (!tokenProvider.validToken(token)) { - throw new IllegalArgumentException("Invalid token"); - } + @Transactional + public void logout(String accessToken) { + + //엑세스 토큰 블랙리스트 추가 + long expiration = tokenProvider.getRemainingValidity(accessToken); //엑세스 토큰의 남은 유효시간 계산 + redisTemplate.opsForValue().set("blacklist:" + accessToken, "logout", expiration, TimeUnit.MILLISECONDS); //남은 유효시간 만큼 블랙리스트에 넣기 - long expiration = tokenProvider.getRemainingValidity(token); //토큰의 남은 유효시간 계산 - redisTemplate.opsForValue().set("blacklist:" + token, "logout", expiration, TimeUnit.MILLISECONDS); //남은 유효시간 만큼 블랙리스트에 넣기 + //리프레시 토큰 삭제 + Long userId = tokenProvider.getUserId(accessToken); + refreshTokenService.deleteByUserId(userId); } //리프레시 토큰을 이용한 엑세스 토큰 재발급 + @Transactional public String createNewAccessToken(String refreshToken) { //리프레시 토큰이 유효하지 않으면 에러 - if(!tokenProvider.validToken(refreshToken)) { - throw new IllegalArgumentException("Invalid refresh token"); + try { + tokenProvider.validToken(refreshToken); + } catch (JwtException e) { + throw new JwtException(e.getMessage()); } - Long userId = refreshTokenService.findByRefreshToken(refreshToken).getUserId(); + //저장된 리프레시 토큰 값과 달라도 에러 (아마 위에서 다 걸리지겠지만 혹시 모르니까) + RefreshToken savedRefreshToken = refreshTokenService.findByRefreshToken(refreshToken); + if (savedRefreshToken == null) { + throw new JwtException("Invalid JWT token"); + } + + //유효성이 검증되면 유저 정보 받아와서 새 엑세스 토큰 생성 + Long userId = savedRefreshToken.getUserId(); User user = userService.findByUserId(userId); return tokenProvider.generateToken(user, Duration.ofHours(2)); diff --git a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java index 733b62f..e5c8dd1 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java @@ -2,6 +2,7 @@ import com.quickpick.ureca.auth.domain.RefreshToken; import com.quickpick.ureca.auth.repository.RefreshTokenRepository; +import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @@ -15,9 +16,16 @@ public RefreshToken findByRefreshToken(String refreshToken) { .orElseThrow(() -> new IllegalArgumentException("Invalid refresh token")); } - //refresh 토큰 저장 (일단 db 저장, redis 저장도 고려 중) + //refresh 토큰 저장 (db 저장) + @Transactional public void save(Long userId, String refreshToken) { RefreshToken token = new RefreshToken(userId, refreshToken); refreshTokenRepository.save(token); } + + //refresh 토큰 삭제 + @Transactional + public void deleteByUserId(Long userId) { + refreshTokenRepository.deleteByUserId(userId); + } } diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index 305562f..ff9fed2 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -25,11 +25,7 @@ public void saveUser(UserSignUpRequestDto dto) { .gender(dto.getGender()) .build()); } -/* - public boolean login(UserLoginRequestDto dto) { - } - */ //user_id(고유 번호)로 유저 검색 public User findByUserId(Long userId) { return userRepository.findByUserId(userId) diff --git a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java index a80fa23..49d251e 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java @@ -4,6 +4,7 @@ import com.quickpick.ureca.auth.config.TokenProvider; import com.quickpick.ureca.user.domain.User; import com.quickpick.ureca.user.repository.UserRepository; +import io.jsonwebtoken.JwtException; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import org.junit.jupiter.api.DisplayName; @@ -60,8 +61,14 @@ void validateToken_fail() { .build() .createToken(jwtProperties); - boolean result = tokenProvider.validToken(token); + boolean result; + try { + tokenProvider.validToken(token); + result = true; + } catch (JwtException e) { + result = false; + } assertThat(result).isFalse(); } @@ -71,8 +78,14 @@ void validateToken_success() { String token = JwtFactory.withDefaultValues() .createToken(jwtProperties); - boolean result = tokenProvider.validToken(token); + boolean result; + try { + tokenProvider.validToken(token); + result = true; + } catch (JwtException e) { + result = false; + } assertThat(result).isTrue(); } From 665d08a6383880599d3717db75881cc35bfa5441 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 8 May 2025 17:28:13 +0900 Subject: [PATCH 17/23] =?UTF-8?q?feat:=20=ED=86=A0=ED=81=B0=20=EC=98=88?= =?UTF-8?q?=EC=99=B8=20=EB=B0=9C=EC=83=9D=EB=A1=9C=EC=A7=81=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80,=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=95=84=EC=9B=83=20=EA=B5=AC=ED=98=84=20=EC=99=84=EC=84=B1(?= =?UTF-8?q?=EC=95=84=EB=A7=88=EB=8F=84=20=EC=A0=9C=EB=B0=9C=EC=9A=94)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ureca/auth/config/TokenAuthenticationFilter.java | 4 ++-- .../java/com/quickpick/ureca/auth/config/TokenProvider.java | 4 ++-- .../com/quickpick/ureca/auth/config/WebSecurityConfig.java | 4 ++-- .../ureca/auth/dto/CreateAccessTokenErrorResponse.java | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java index e064cd6..8b55d60 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java @@ -29,8 +29,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse try { if (token != null) { - tokenProvider.validToken(token); //에러가 발생하면 catch문으로 - if (isBlacklisted(token)) { + tokenProvider.validToken(token); //예외가 발생하면 catch문으로 + if (isBlacklisted(token)) { //블랙리스트에 있는 토큰이면 예외 발생 throw new JwtException("Blacklisted token"); } //토큰이 유효하고 블랙리스트에 없다면 인증 정보 설정 diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java index fa2dab6..5fbfe5e 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java @@ -3,6 +3,7 @@ import com.quickpick.ureca.user.domain.User; import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; +import io.jsonwebtoken.security.SecurityException; import lombok.RequiredArgsConstructor; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; @@ -29,7 +30,6 @@ public String generateToken(User user, Duration expiredAt) { public String makeToken(User user, Date expiry) { return Jwts.builder() - //.setHeaderParam(Header.TYPE, Header.JWT_TYPE) //deprecated, 이제 안 써도 라이브러리가 자동적으로 처리? .issuer(jwtProperties.getIssuer()) .expiration(expiry) .subject(user.getId()) @@ -45,7 +45,7 @@ public void validToken(String token) { .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) .build() .parseSignedClaims(token); - } catch (SecurityException | MalformedJwtException e) { //서명이 불일치하거나 / 구조가 손상된 경우 + } catch (SecurityException | MalformedJwtException e) { //서명이 불일치한 경우 / 구조가 손상된 경우 throw new JwtException("Invalid JWT signature"); } catch (ExpiredJwtException e) { //만료된 토큰인 경우 throw new JwtException("JWT token expired"); diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index b32e85a..704ba59 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -41,7 +41,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .sessionManagement(session -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //서버 세션 비활성화(jwt 사용하므로) .authorizeHttpRequests(auth -> auth - .requestMatchers("/auth/login", "/signup", "/user", "/auth/token").permitAll() // 로그인, 회원가입, 유저 조회, 토큰 재발급은 인증 없이 접근 + .requestMatchers("/auth/login", "/signup", "/auth/token").permitAll() // 로그인, 회원가입, 토큰 재발급은 인증 없이 접근 .anyRequest().authenticated() // 그 외 요청은 인증 필요 ) .formLogin(AbstractHttpConfigurer::disable) //폼로그인 비활성화 @@ -50,7 +50,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .build(); } - // AuthenticationManager 설정 (기존 폼 로그인 방식에서 사용) + // AuthenticationManager 설정 (필요한가?) @Bean public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder bCryptPasswordEncoder, UserDetailsService userDetailsService) throws Exception { DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java index 689315d..56518a0 100644 --- a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java +++ b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java @@ -5,7 +5,7 @@ @Getter @Setter -public class CreateAccessTokenErrorResponse { +public class CreateAccessTokenErrorResponse { //엑세스 토큰 생성 중 에러 발생 시 응답 dto private String error; public CreateAccessTokenErrorResponse(String error) { From 8072471f6ae5970f7bd4448dcd5d44f1ae2ab589 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Thu, 8 May 2025 17:32:32 +0900 Subject: [PATCH 18/23] =?UTF-8?q?fix:=20yml=20=ED=8C=8C=EC=9D=BC=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/CI.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9b27ac5..9c044fa 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -54,6 +54,16 @@ jobs: spring.jpa.properties.hibernate.format_sql=true jwt.issuer=${{ secrets.JWT_ISSUER }} jwt.secret_key=${{ secrets.JWT_SECRET_KEY }} + + #Redis + spring.data.redis.host=localhost + + spring.data.redis.port=6379 + + spring.data.redis.lettuce.pool.max-active=10 + spring.data.redis.lettuce.pool.max-idle=10 + spring.data.redis.lettuce.pool.min-idle=1 + spring.data.redis.lettuce.pool.max-wait=1000ms EOT shell: bash From 1b21e501f68d0d6210acb84515a0eccae5fcb08f Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 9 May 2025 10:12:48 +0900 Subject: [PATCH 19/23] =?UTF-8?q?comment:=20auth=20=EC=BB=A8=ED=8A=B8?= =?UTF-8?q?=EB=A1=A4=EB=9F=AC=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EB=A9=94?= =?UTF-8?q?=EC=84=9C=EB=93=9C=20=EC=84=A4=EB=AA=85=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/quickpick/ureca/auth/controller/AuthController.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java index f0c9386..437e32c 100644 --- a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java +++ b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java @@ -21,7 +21,7 @@ public class AuthController { private final AuthenticationManager authenticationManager; private final AuthService authService; - @PostMapping("/auth/login") + @PostMapping("/auth/login") //jwt를 이용한 자체 로그인 public ResponseEntity login(@RequestBody UserLoginRequestDto request) { try { UserLoginResponseDto response = authService.login(request.getId(), request.getPassword()); From fb99f0c556ffe0db8f46e9cd9bda26ccf9317892 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Fri, 9 May 2025 17:39:24 +0900 Subject: [PATCH 20/23] =?UTF-8?q?feat:=20OAuth=20=EA=B5=AC=EA=B8=80?= =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EA=B5=AC=ED=98=84=20=EC=A4=91=20?= =?UTF-8?q?=EC=9E=84=EC=8B=9C=20=EC=A0=80=EC=9E=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/CI.yml | 9 ++++ build.gradle | 4 ++ .../config/OAuth2LoginSuccessHandler.java | 53 +++++++++++++++++++ .../ureca/auth/config/WebSecurityConfig.java | 9 ++-- .../ureca/auth/controller/AuthController.java | 2 +- .../ureca/auth/service/AuthService.java | 3 +- .../ureca/user/service/UserService.java | 25 +++++++-- 7 files changed, 97 insertions(+), 8 deletions(-) create mode 100644 src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9c044fa..9d20d3a 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -55,6 +55,15 @@ jobs: jwt.issuer=${{ secrets.JWT_ISSUER }} jwt.secret_key=${{ secrets.JWT_SECRET_KEY }} + # OAuth + spring.security.oauth2.client.registration.google.client-id=${{ secrets.GOOGLE_CLIENT_ID }} + spring.security.oauth2.client.registration.google.client-secret=${{ secrets.GOOGLE_CLIENT_SECRET }} + spring.security.oauth2.client.registration.google.scope=email,profile + + spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/v2/auth + spring.security.oauth2.client.provider.google.token-uri=https://oauth2.googleapis.com/token + spring.security.oauth2.client.provider.google.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo + #Redis spring.data.redis.host=localhost diff --git a/build.gradle b/build.gradle index 8f0c815..63a6288 100644 --- a/build.gradle +++ b/build.gradle @@ -38,6 +38,7 @@ dependencies { testImplementation 'org.projectlombok:lombok' testAnnotationProcessor 'org.projectlombok:lombok' + //spring security implementation 'org.springframework.boot:spring-boot-starter-security' testImplementation 'org.springframework.security:spring-security-test' @@ -48,6 +49,9 @@ dependencies { runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6' implementation 'javax.xml.bind:jaxb-api:2.4.0-b180830.0359' + // Spring Security OAuth2 클라이언트 (구글/카카오 로그인 등) + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + //Redis implementation 'org.springframework.boot:spring-boot-starter-data-redis' implementation 'org.springframework.data:spring-data-redis' diff --git a/src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java b/src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java new file mode 100644 index 0000000..c231e63 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java @@ -0,0 +1,53 @@ +package com.quickpick.ureca.auth.config; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.quickpick.ureca.auth.dto.UserLoginResponseDto; +import com.quickpick.ureca.auth.service.RefreshTokenService; +import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.user.service.UserService; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.stereotype.Component; + +import java.io.IOException; +import java.time.Duration; + +@Component +@RequiredArgsConstructor +public class OAuth2LoginSuccessHandler implements AuthenticationSuccessHandler { //OAuth 인증 성공시 jwt 발급 및 리디렉션 + private final TokenProvider tokenProvider; + private final UserService userService; + private final RefreshTokenService refreshTokenService; + private final ObjectMapper objectMapper; + + @Override + public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, + Authentication authentication) throws IOException { + + OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal(); + String email = oAuth2User.getAttribute("email"); + + // 사용자 DB에 저장 (없으면 새로 추가) + User user = userService.findById(email) + .orElseGet(() -> userService.saveFromOAuth2(oAuth2User)); + + // JWT 발급 + String accessToken = tokenProvider.generateToken(user, Duration.ofHours(2)); // Access token + String refreshToken = tokenProvider.generateToken(user, Duration.ofDays(14)); // Refresh token (필요시 DB 저장) + + // Refresh token을 DB에 저장 + refreshTokenService.save(user.getUserId(), refreshToken); + + // 기존 로그인 응답 DTO 사용 + UserLoginResponseDto responseDto = new UserLoginResponseDto(accessToken, refreshToken); + + response.setContentType("application/json"); + response.setCharacterEncoding("utf-8"); + response.setStatus(HttpServletResponse.SC_OK); + objectMapper.writeValue(response.getWriter(), responseDto); + } +} diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index 704ba59..7b53b35 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -35,17 +35,20 @@ public WebSecurityCustomizer webSecurityCustomizer() { } // Security Filter Chain - @Bean - public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + @Bean //매게 변수로 받을 생각이 없긴했는데 순환참조 때문에 일단 임시로 + public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHandler oAuth2LoginSuccessHandler) throws Exception { return http .sessionManagement(session -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //서버 세션 비활성화(jwt 사용하므로) .authorizeHttpRequests(auth -> auth - .requestMatchers("/auth/login", "/signup", "/auth/token").permitAll() // 로그인, 회원가입, 토큰 재발급은 인증 없이 접근 + .requestMatchers("/auth/login", "/signup", "/auth/token", "/oauth2/**").permitAll() // 로그인, 회원가입, 토큰 재발급, 소셜로그인은 인증 없이 접근 .anyRequest().authenticated() // 그 외 요청은 인증 필요 ) .formLogin(AbstractHttpConfigurer::disable) //폼로그인 비활성화 .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 (API 서버일 경우) + .oauth2Login(oauth2 -> oauth2 + .successHandler(oAuth2LoginSuccessHandler) // 소셜로그인 설정 + ) .addFilterBefore(new TokenAuthenticationFilter(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 .build(); } diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java index 437e32c..351c65b 100644 --- a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java +++ b/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java @@ -43,7 +43,7 @@ public ResponseEntity logout(HttpServletRequest request) { } - @PostMapping("/auth/token") //엑세스 토큰 재발급 + @PostMapping("/auth/token") //jwt 엑세스 토큰 재발급 public ResponseEntity createNewAccessToken( //ResponseEntity-> ResponseEntity로 수정 @RequestBody CreateAccessTokenRequest request) { try { diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java index 931b678..498417f 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java @@ -30,7 +30,8 @@ public class AuthService { //jwt 로그인 @Transactional public UserLoginResponseDto login(String id, String password) { - User user = userService.findById(id); + User user = userService.findById(id) + .orElseThrow(()-> new IllegalArgumentException("User not found")); if (!bCryptPasswordEncoder.matches(password, user.getPassword())) { //비밀번호 일치 검증 throw new BadCredentialsException("Invalid password"); diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/user/service/UserService.java index ff9fed2..bbf4256 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/user/service/UserService.java @@ -6,8 +6,11 @@ import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.stereotype.Service; +import java.util.Optional; + @Service @RequiredArgsConstructor public class UserService { @@ -16,6 +19,7 @@ public class UserService { private final BCryptPasswordEncoder bCryptPasswordEncoder; @Transactional + //자체 로그인 유저 저장 public void saveUser(UserSignUpRequestDto dto) { userRepository.save(User.builder() .id(dto.getId()) @@ -26,6 +30,21 @@ public void saveUser(UserSignUpRequestDto dto) { .build()); } + @Transactional + //구글 소셜 로그인 유저 저장 + public User saveFromOAuth2(OAuth2User oAuth2User) { + String email = oAuth2User.getAttribute("email"); + String name = oAuth2User.getAttribute("name"); + + return userRepository.save(User.builder() //age와 gender는 더미로 채우기 + .id(email) + .password("SOCIAL_USER") // 비밀번호는 사용하지 않으므로 더미 + .name(name != null ? name : "소셜사용자") + .age(0) // 추후 입력 받을 수 있도록 기본값(더미값 입력) + .gender("unknown") // "male" / "female"도 가능 (더미값 입력) + .build()); + } + //user_id(고유 번호)로 유저 검색 public User findByUserId(Long userId) { return userRepository.findByUserId(userId) @@ -33,8 +52,8 @@ public User findByUserId(Long userId) { } //id(아이디)로 유저 검색 - public User findById(String id) { - return userRepository.findById(id) - .orElseThrow(()-> new IllegalArgumentException("User not found")); + public Optional findById(String id) { + return userRepository.findById(id); + //.orElseThrow(()-> new IllegalArgumentException("User not found")); -> 각 사용 위치에서 예외를 처리하도록 변경 } } From 19e4216f413ae9555b7efa682bfcd13b5ab1a65f Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Mon, 12 May 2025 14:53:08 +0900 Subject: [PATCH 21/23] =?UTF-8?q?feat:=20=EA=B5=AC=EA=B8=80=20=EC=86=8C?= =?UTF-8?q?=EC=85=9C=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20api=20=EA=B5=AC?= =?UTF-8?q?=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/quickpick/ureca/auth/config/WebSecurityConfig.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java index 7b53b35..1aec08b 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java @@ -35,7 +35,7 @@ public WebSecurityCustomizer webSecurityCustomizer() { } // Security Filter Chain - @Bean //매게 변수로 받을 생각이 없긴했는데 순환참조 때문에 일단 임시로 + @Bean public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHandler oAuth2LoginSuccessHandler) throws Exception { return http .sessionManagement(session -> session From ae22faade1e34ceac458d90553cdc6158662a832 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Mon, 12 May 2025 17:46:11 +0900 Subject: [PATCH 22/23] =?UTF-8?q?refactor:=20=ED=86=A0=ED=81=B0=20?= =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EC=A4=91=20=EC=97=90=EB=9F=AC=20=EB=A9=94?= =?UTF-8?q?=EC=84=B8=EC=A7=80=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/com/quickpick/ureca/auth/service/AuthService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java index 498417f..0bf6904 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java +++ b/src/main/java/com/quickpick/ureca/auth/service/AuthService.java @@ -80,7 +80,7 @@ public String createNewAccessToken(String refreshToken) { //저장된 리프레시 토큰 값과 달라도 에러 (아마 위에서 다 걸리지겠지만 혹시 모르니까) RefreshToken savedRefreshToken = refreshTokenService.findByRefreshToken(refreshToken); if (savedRefreshToken == null) { - throw new JwtException("Invalid JWT token"); + throw new JwtException("Invalid JWT RefreshToken"); } //유효성이 검증되면 유저 정보 받아와서 새 엑세스 토큰 생성 From c74b9403719e4ba8bc910e113583576642df59b5 Mon Sep 17 00:00:00 2001 From: etoile0626 Date: Tue, 13 May 2025 11:33:15 +0900 Subject: [PATCH 23/23] =?UTF-8?q?rename:=20oauth=EB=B2=84=EC=A0=84-=20?= =?UTF-8?q?=ED=8C=8C=EC=9D=BC=EC=9C=84=EC=B9=98=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/config/JwtPropertiesOAuth.java} | 4 +- .../OAuth2LoginSuccessHandlerOAuth.java} | 22 ++++---- .../auth/config/RedisConfigOAuth.java} | 4 +- .../TokenAuthenticationFilterOAuth.java} | 6 +-- .../auth/config/TokenProviderOAuth.java} | 12 ++--- .../auth/config/WebSecurityConfigOAuth.java} | 10 ++-- .../auth/controller/AuthControllerOAuth.java} | 20 +++---- .../auth/domain/RefreshTokenOAuth.java} | 8 +-- .../CreateAccessTokenErrorResponseOAuth.java | 14 +++++ .../dto/CreateAccessTokenRequestOAuth.java | 10 ++++ .../dto/CreateAccessTokenResponseOAuth.java | 10 ++++ .../auth/dto/UserLoginRequestOAuth.java} | 4 +- .../auth/dto/UserLoginResponseOAuth.java} | 5 +- .../RefreshTokenRepositoryOAuth.java | 12 +++++ .../auth/service/AuthServiceOAuth.java} | 30 +++++------ .../service/RefreshTokenServiceOAuth.java} | 14 ++--- .../{ => OAuth}/common/domain/BaseEntity.java | 52 +++++++++---------- .../reserve/controller/ReserveController.java | 4 ++ .../{ => OAuth}/reserve/domain/Reserve.java | 10 ++-- .../reserve/repository/ReserveRepository.java | 4 ++ .../OAuth/reserve/service/ReserveService.java | 4 ++ .../reserve/status/ReserveStatus.java | 2 +- .../{ => OAuth}/ticket/domain/Ticket.java | 6 +-- .../ticket/repository/TicketRepository.java | 4 +- .../user/controller/UserControllerOAuth.java} | 15 +++--- .../user/domain/UserOAuth.java} | 10 ++-- .../user/dto/UserSignUpRequestOAuth.java} | 4 +- .../user/repository/UserRepositoryOAuth.java | 11 ++++ .../user/service/UserDetailServiceOAuth.java} | 8 +-- .../user/service/UserServiceOAuth.java} | 24 ++++----- .../userticket/domain/UserTicket.java | 8 +-- .../com/quickpick/ureca/UrecaApplication.java | 4 +- .../dto/CreateAccessTokenErrorResponse.java | 14 ----- .../auth/dto/CreateAccessTokenRequest.java | 10 ---- .../auth/dto/CreateAccessTokenResponse.java | 10 ---- .../repository/RefreshTokenRepository.java | 12 ----- .../reserve/controller/ReserveController.java | 4 -- .../reserve/repository/ReserveRepository.java | 4 -- .../ureca/reserve/service/ReserveService.java | 4 -- .../ureca/user/repository/UserRepository.java | 11 ---- .../ureca/config/jwt/JwtFactory.java | 4 +- .../ureca/config/jwt/TokenProviderTest.java | 16 +++--- .../ureca/controller/TokenControllerTest.java | 25 +++++---- 43 files changed, 232 insertions(+), 237 deletions(-) rename src/main/java/com/quickpick/ureca/{auth/config/JwtProperties.java => OAuth/auth/config/JwtPropertiesOAuth.java} (74%) rename src/main/java/com/quickpick/ureca/{auth/config/OAuth2LoginSuccessHandler.java => OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java} (68%) rename src/main/java/com/quickpick/ureca/{auth/config/RedisConfig.java => OAuth/auth/config/RedisConfigOAuth.java} (91%) rename src/main/java/com/quickpick/ureca/{auth/config/TokenAuthenticationFilter.java => OAuth/auth/config/TokenAuthenticationFilterOAuth.java} (94%) rename src/main/java/com/quickpick/ureca/{auth/config/TokenProvider.java => OAuth/auth/config/TokenProviderOAuth.java} (91%) rename src/main/java/com/quickpick/ureca/{auth/config/WebSecurityConfig.java => OAuth/auth/config/WebSecurityConfigOAuth.java} (88%) rename src/main/java/com/quickpick/ureca/{auth/controller/AuthController.java => OAuth/auth/controller/AuthControllerOAuth.java} (78%) rename src/main/java/com/quickpick/ureca/{auth/domain/RefreshToken.java => OAuth/auth/domain/RefreshTokenOAuth.java} (74%) create mode 100644 src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java create mode 100644 src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java create mode 100644 src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java rename src/main/java/com/quickpick/ureca/{auth/dto/UserLoginRequestDto.java => OAuth/auth/dto/UserLoginRequestOAuth.java} (56%) rename src/main/java/com/quickpick/ureca/{auth/dto/UserLoginResponseDto.java => OAuth/auth/dto/UserLoginResponseOAuth.java} (53%) create mode 100644 src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java rename src/main/java/com/quickpick/ureca/{auth/service/AuthService.java => OAuth/auth/service/AuthServiceOAuth.java} (78%) rename src/main/java/com/quickpick/ureca/{auth/service/RefreshTokenService.java => OAuth/auth/service/RefreshTokenServiceOAuth.java} (59%) rename src/main/java/com/quickpick/ureca/{ => OAuth}/common/domain/BaseEntity.java (91%) create mode 100644 src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java rename src/main/java/com/quickpick/ureca/{ => OAuth}/reserve/domain/Reserve.java (65%) create mode 100644 src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java create mode 100644 src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java rename src/main/java/com/quickpick/ureca/{ => OAuth}/reserve/status/ReserveStatus.java (50%) rename src/main/java/com/quickpick/ureca/{ => OAuth}/ticket/domain/Ticket.java (82%) rename src/main/java/com/quickpick/ureca/{ => OAuth}/ticket/repository/TicketRepository.java (56%) rename src/main/java/com/quickpick/ureca/{user/controller/UserController.java => OAuth/user/controller/UserControllerOAuth.java} (56%) rename src/main/java/com/quickpick/ureca/{user/domain/User.java => OAuth/user/domain/UserOAuth.java} (86%) rename src/main/java/com/quickpick/ureca/{user/dto/UserSignUpRequestDto.java => OAuth/user/dto/UserSignUpRequestOAuth.java} (71%) create mode 100644 src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java rename src/main/java/com/quickpick/ureca/{user/service/UserDetailService.java => OAuth/user/service/UserDetailServiceOAuth.java} (69%) rename src/main/java/com/quickpick/ureca/{user/service/UserService.java => OAuth/user/service/UserServiceOAuth.java} (70%) rename src/main/java/com/quickpick/ureca/{ => OAuth}/userticket/domain/UserTicket.java (70%) delete mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java delete mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java delete mode 100644 src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java delete mode 100644 src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java delete mode 100644 src/main/java/com/quickpick/ureca/reserve/controller/ReserveController.java delete mode 100644 src/main/java/com/quickpick/ureca/reserve/repository/ReserveRepository.java delete mode 100644 src/main/java/com/quickpick/ureca/reserve/service/ReserveService.java delete mode 100644 src/main/java/com/quickpick/ureca/user/repository/UserRepository.java diff --git a/src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java similarity index 74% rename from src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java index 1e69729..e9f59fb 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/JwtProperties.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; import lombok.Getter; import lombok.Setter; @@ -7,7 +7,7 @@ @Getter @Setter @ConfigurationProperties(prefix = "jwt") -public class JwtProperties { +public class JwtPropertiesOAuth { private String issuer; private String secretKey; } diff --git a/src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java similarity index 68% rename from src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java index c231e63..c3df6c7 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/OAuth2LoginSuccessHandler.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java @@ -1,10 +1,10 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; import com.fasterxml.jackson.databind.ObjectMapper; -import com.quickpick.ureca.auth.dto.UserLoginResponseDto; -import com.quickpick.ureca.auth.service.RefreshTokenService; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.service.UserService; +import com.quickpick.ureca.OAuth.auth.dto.UserLoginResponseOAuth; +import com.quickpick.ureca.OAuth.auth.service.RefreshTokenServiceOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.RequiredArgsConstructor; @@ -18,10 +18,10 @@ @Component @RequiredArgsConstructor -public class OAuth2LoginSuccessHandler implements AuthenticationSuccessHandler { //OAuth 인증 성공시 jwt 발급 및 리디렉션 - private final TokenProvider tokenProvider; - private final UserService userService; - private final RefreshTokenService refreshTokenService; +public class OAuth2LoginSuccessHandlerOAuth implements AuthenticationSuccessHandler { //OAuth 인증 성공시 jwt 발급 및 리디렉션 + private final TokenProviderOAuth tokenProvider; + private final UserServiceOAuth userService; + private final RefreshTokenServiceOAuth refreshTokenService; private final ObjectMapper objectMapper; @Override @@ -32,7 +32,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo String email = oAuth2User.getAttribute("email"); // 사용자 DB에 저장 (없으면 새로 추가) - User user = userService.findById(email) + UserOAuth user = userService.findById(email) .orElseGet(() -> userService.saveFromOAuth2(oAuth2User)); // JWT 발급 @@ -43,7 +43,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo refreshTokenService.save(user.getUserId(), refreshToken); // 기존 로그인 응답 DTO 사용 - UserLoginResponseDto responseDto = new UserLoginResponseDto(accessToken, refreshToken); + UserLoginResponseOAuth responseDto = new UserLoginResponseOAuth(accessToken, refreshToken); response.setContentType("application/json"); response.setCharacterEncoding("utf-8"); diff --git a/src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java similarity index 91% rename from src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java index f987fdb..12681aa 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/RedisConfig.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -7,7 +7,7 @@ import org.springframework.data.redis.serializer.StringRedisSerializer; @Configuration -public class RedisConfig { +public class RedisConfigOAuth { @Bean public RedisTemplate redisTemplate(RedisConnectionFactory connectionFactory) { diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java similarity index 94% rename from src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java index 8b55d60..bb60c10 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenAuthenticationFilter.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; import io.jsonwebtoken.JwtException; import jakarta.servlet.FilterChain; @@ -14,8 +14,8 @@ import java.io.IOException; @RequiredArgsConstructor -public class TokenAuthenticationFilter extends OncePerRequestFilter { - private final TokenProvider tokenProvider; +public class TokenAuthenticationFilterOAuth extends OncePerRequestFilter { + private final TokenProviderOAuth tokenProvider; private final RedisTemplate redisTemplate; private final static String HEADER_AUTHORIZATION = "Authorization"; private final static String BEARER = "Bearer "; diff --git a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java similarity index 91% rename from src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java index 5fbfe5e..e0a2f7c 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/TokenProvider.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java @@ -1,6 +1,6 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; -import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; import io.jsonwebtoken.*; import io.jsonwebtoken.security.Keys; import io.jsonwebtoken.security.SecurityException; @@ -18,16 +18,16 @@ @RequiredArgsConstructor @Service -public class TokenProvider { +public class TokenProviderOAuth { - private final JwtProperties jwtProperties; + private final JwtPropertiesOAuth jwtProperties; - public String generateToken(User user, Duration expiredAt) { + public String generateToken(UserOAuth user, Duration expiredAt) { Date now = new Date(); return makeToken(user, new Date( now.getTime() + expiredAt.toMillis())); } // expriedAt 만큼의 유효기간을 가진 토큰 생성 - public String makeToken(User user, Date expiry) { + public String makeToken(UserOAuth user, Date expiry) { return Jwts.builder() .issuer(jwtProperties.getIssuer()) diff --git a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java similarity index 88% rename from src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java index 1aec08b..47c3309 100644 --- a/src/main/java/com/quickpick/ureca/auth/config/WebSecurityConfig.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.auth.config; +package com.quickpick.ureca.OAuth.auth.config; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; @@ -21,10 +21,10 @@ @Configuration @EnableWebSecurity @RequiredArgsConstructor -public class WebSecurityConfig { +public class WebSecurityConfigOAuth { private final UserDetailsService userDetailsService; - private final TokenProvider tokenProvider; // TokenProvider 추가 + private final TokenProviderOAuth tokenProvider; // TokenProvider 추가 private final RedisTemplate redisTemplate; // Static 리소스는 인증 없이 접근 @@ -36,7 +36,7 @@ public WebSecurityCustomizer webSecurityCustomizer() { // Security Filter Chain @Bean - public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHandler oAuth2LoginSuccessHandler) throws Exception { + public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHandlerOAuth oAuth2LoginSuccessHandler) throws Exception { return http .sessionManagement(session -> session .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //서버 세션 비활성화(jwt 사용하므로) @@ -49,7 +49,7 @@ public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHand .oauth2Login(oauth2 -> oauth2 .successHandler(oAuth2LoginSuccessHandler) // 소셜로그인 설정 ) - .addFilterBefore(new TokenAuthenticationFilter(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 + .addFilterBefore(new TokenAuthenticationFilterOAuth(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 .build(); } diff --git a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java b/src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java similarity index 78% rename from src/main/java/com/quickpick/ureca/auth/controller/AuthController.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java index 351c65b..5a34553 100644 --- a/src/main/java/com/quickpick/ureca/auth/controller/AuthController.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java @@ -1,7 +1,7 @@ -package com.quickpick.ureca.auth.controller; +package com.quickpick.ureca.OAuth.auth.controller; -import com.quickpick.ureca.auth.dto.*; -import com.quickpick.ureca.auth.service.AuthService; +import com.quickpick.ureca.OAuth.auth.dto.*; +import com.quickpick.ureca.OAuth.auth.service.AuthServiceOAuth; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpStatus; @@ -17,14 +17,14 @@ @RestController @RequiredArgsConstructor -public class AuthController { +public class AuthControllerOAuth { private final AuthenticationManager authenticationManager; - private final AuthService authService; + private final AuthServiceOAuth authService; @PostMapping("/auth/login") //jwt를 이용한 자체 로그인 - public ResponseEntity login(@RequestBody UserLoginRequestDto request) { + public ResponseEntity login(@RequestBody UserLoginRequestOAuth request) { try { - UserLoginResponseDto response = authService.login(request.getId(), request.getPassword()); + UserLoginResponseOAuth response = authService.login(request.getId(), request.getPassword()); return ResponseEntity.ok(response); } catch (UsernameNotFoundException | BadCredentialsException ex) { return ResponseEntity.status(HttpStatus.UNAUTHORIZED) @@ -45,15 +45,15 @@ public ResponseEntity logout(HttpServletRequest request) { @PostMapping("/auth/token") //jwt 엑세스 토큰 재발급 public ResponseEntity createNewAccessToken( //ResponseEntity-> ResponseEntity로 수정 - @RequestBody CreateAccessTokenRequest request) { + @RequestBody CreateAccessTokenRequestOAuth request) { try { String newAccessToken = authService.createNewAccessToken(request.getRefreshToken()); return ResponseEntity.status(HttpStatus.CREATED) - .body(new CreateAccessTokenResponse(newAccessToken)); + .body(new CreateAccessTokenResponseOAuth(newAccessToken)); } catch (Exception e) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new CreateAccessTokenErrorResponse(e.getMessage())); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new CreateAccessTokenErrorResponseOAuth(e.getMessage())); } } } diff --git a/src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java b/src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java similarity index 74% rename from src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java index 0ca5c6b..b898b19 100644 --- a/src/main/java/com/quickpick/ureca/auth/domain/RefreshToken.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.auth.domain; +package com.quickpick.ureca.OAuth.auth.domain; import jakarta.persistence.*; import lombok.Getter; @@ -7,7 +7,7 @@ @NoArgsConstructor @Getter @Entity -public class RefreshToken { +public class RefreshTokenOAuth { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @@ -20,12 +20,12 @@ public class RefreshToken { @Column(name = "refresh_token", nullable = false) private String refreshToken; - public RefreshToken(Long userId, String refreshToken) { + public RefreshTokenOAuth(Long userId, String refreshToken) { this.userId = userId; this.refreshToken = refreshToken; } - public RefreshToken update(String newRefreshToken) { + public RefreshTokenOAuth update(String newRefreshToken) { this.refreshToken = newRefreshToken; return this; } diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java new file mode 100644 index 0000000..9760e8b --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenErrorResponseOAuth { //엑세스 토큰 생성 중 에러 발생 시 응답 dto + private String error; + + public CreateAccessTokenErrorResponseOAuth(String error) { + this.error = error; + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java new file mode 100644 index 0000000..20278c4 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenRequestOAuth { //엑세스 토큰 생성 요청 + private String refreshToken; +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java new file mode 100644 index 0000000..4605e51 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +@AllArgsConstructor +@Getter +public class CreateAccessTokenResponseOAuth { //엑세스 토큰 생성 요청에 대한 응답 + private String accessToken; +} diff --git a/src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java similarity index 56% rename from src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java index b51a4a8..ff2c88c 100644 --- a/src/main/java/com/quickpick/ureca/auth/dto/UserLoginRequestDto.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java @@ -1,11 +1,11 @@ -package com.quickpick.ureca.auth.dto; +package com.quickpick.ureca.OAuth.auth.dto; import lombok.Getter; import lombok.Setter; @Getter @Setter -public class UserLoginRequestDto { //로그인 요청 dto +public class UserLoginRequestOAuth { //로그인 요청 dto private String id; // 사용자 ID private String password; // 비밀번호 } diff --git a/src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java similarity index 53% rename from src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java index 658c7b3..6708fda 100644 --- a/src/main/java/com/quickpick/ureca/auth/dto/UserLoginResponseDto.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java @@ -1,12 +1,11 @@ -package com.quickpick.ureca.auth.dto; +package com.quickpick.ureca.OAuth.auth.dto; import lombok.AllArgsConstructor; import lombok.Getter; -import lombok.Setter; @Getter @AllArgsConstructor -public class UserLoginResponseDto { //로그인 응답 dto +public class UserLoginResponseOAuth { //로그인 응답 dto private String accessToken; private String refreshToken; } diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java new file mode 100644 index 0000000..849ef76 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java @@ -0,0 +1,12 @@ +package com.quickpick.ureca.OAuth.auth.repository; + +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface RefreshTokenRepositoryOAuth extends JpaRepository { + Optional findByUserId(Long userId); + Optional findByRefreshToken(String refreshToken); + void deleteByUserId(Long userId); +} diff --git a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java b/src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java similarity index 78% rename from src/main/java/com/quickpick/ureca/auth/service/AuthService.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java index 0bf6904..c31f1f9 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/AuthService.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java @@ -1,10 +1,10 @@ -package com.quickpick.ureca.auth.service; +package com.quickpick.ureca.OAuth.auth.service; -import com.quickpick.ureca.auth.config.TokenProvider; -import com.quickpick.ureca.auth.domain.RefreshToken; -import com.quickpick.ureca.auth.dto.UserLoginResponseDto; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.service.UserService; +import com.quickpick.ureca.OAuth.auth.config.TokenProviderOAuth; +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.dto.UserLoginResponseOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; import io.jsonwebtoken.JwtException; import jakarta.servlet.http.HttpServletRequest; import jakarta.transaction.Transactional; @@ -19,18 +19,18 @@ @Service @RequiredArgsConstructor -public class AuthService { +public class AuthServiceOAuth { - private final UserService userService; - private final TokenProvider tokenProvider; - private final RefreshTokenService refreshTokenService; + private final UserServiceOAuth userService; + private final TokenProviderOAuth tokenProvider; + private final RefreshTokenServiceOAuth refreshTokenService; private final RedisTemplate redisTemplate; private final BCryptPasswordEncoder bCryptPasswordEncoder; //jwt 로그인 @Transactional - public UserLoginResponseDto login(String id, String password) { - User user = userService.findById(id) + public UserLoginResponseOAuth login(String id, String password) { + UserOAuth user = userService.findById(id) .orElseThrow(()-> new IllegalArgumentException("User not found")); if (!bCryptPasswordEncoder.matches(password, user.getPassword())) { //비밀번호 일치 검증 @@ -42,7 +42,7 @@ public UserLoginResponseDto login(String id, String password) { refreshTokenService.save(user.getUserId(), refreshToken); - return new UserLoginResponseDto(accessToken, refreshToken); + return new UserLoginResponseOAuth(accessToken, refreshToken); } // 토큰 추출 (Authorization 헤더에서 Bearer 제거) @@ -78,14 +78,14 @@ public String createNewAccessToken(String refreshToken) { } //저장된 리프레시 토큰 값과 달라도 에러 (아마 위에서 다 걸리지겠지만 혹시 모르니까) - RefreshToken savedRefreshToken = refreshTokenService.findByRefreshToken(refreshToken); + RefreshTokenOAuth savedRefreshToken = refreshTokenService.findByRefreshToken(refreshToken); if (savedRefreshToken == null) { throw new JwtException("Invalid JWT RefreshToken"); } //유효성이 검증되면 유저 정보 받아와서 새 엑세스 토큰 생성 Long userId = savedRefreshToken.getUserId(); - User user = userService.findByUserId(userId); + UserOAuth user = userService.findByUserId(userId); return tokenProvider.generateToken(user, Duration.ofHours(2)); } diff --git a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java b/src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java similarity index 59% rename from src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java rename to src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java index e5c8dd1..07da1e1 100644 --- a/src/main/java/com/quickpick/ureca/auth/service/RefreshTokenService.java +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java @@ -1,17 +1,17 @@ -package com.quickpick.ureca.auth.service; +package com.quickpick.ureca.OAuth.auth.service; -import com.quickpick.ureca.auth.domain.RefreshToken; -import com.quickpick.ureca.auth.repository.RefreshTokenRepository; +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.repository.RefreshTokenRepositoryOAuth; import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; @RequiredArgsConstructor @Service -public class RefreshTokenService { - private final RefreshTokenRepository refreshTokenRepository; +public class RefreshTokenServiceOAuth { + private final RefreshTokenRepositoryOAuth refreshTokenRepository; - public RefreshToken findByRefreshToken(String refreshToken) { + public RefreshTokenOAuth findByRefreshToken(String refreshToken) { return refreshTokenRepository.findByRefreshToken(refreshToken) .orElseThrow(() -> new IllegalArgumentException("Invalid refresh token")); } @@ -19,7 +19,7 @@ public RefreshToken findByRefreshToken(String refreshToken) { //refresh 토큰 저장 (db 저장) @Transactional public void save(Long userId, String refreshToken) { - RefreshToken token = new RefreshToken(userId, refreshToken); + RefreshTokenOAuth token = new RefreshTokenOAuth(userId, refreshToken); refreshTokenRepository.save(token); } diff --git a/src/main/java/com/quickpick/ureca/common/domain/BaseEntity.java b/src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java similarity index 91% rename from src/main/java/com/quickpick/ureca/common/domain/BaseEntity.java rename to src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java index e4ac893..fcf4813 100644 --- a/src/main/java/com/quickpick/ureca/common/domain/BaseEntity.java +++ b/src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java @@ -1,26 +1,26 @@ -package com.quickpick.ureca.common.domain; - -import jakarta.persistence.Column; -import jakarta.persistence.EntityListeners; -import jakarta.persistence.MappedSuperclass; -import lombok.Getter; -import org.springframework.data.annotation.CreatedDate; -import org.springframework.data.annotation.LastModifiedDate; -import org.springframework.data.jpa.domain.support.AuditingEntityListener; - -import java.time.LocalDateTime; - -@Getter -@MappedSuperclass -@EntityListeners(AuditingEntityListener.class) -public abstract class BaseEntity { - @CreatedDate - @Column(length = 6, name = "created_at", updatable = false) - private LocalDateTime createdAt; - - @LastModifiedDate - @Column(length = 6, name = "updated_at") - private LocalDateTime updatedAt; - -} - +package com.quickpick.ureca.OAuth.common.domain; + +import jakarta.persistence.Column; +import jakarta.persistence.EntityListeners; +import jakarta.persistence.MappedSuperclass; +import lombok.Getter; +import org.springframework.data.annotation.CreatedDate; +import org.springframework.data.annotation.LastModifiedDate; +import org.springframework.data.jpa.domain.support.AuditingEntityListener; + +import java.time.LocalDateTime; + +@Getter +@MappedSuperclass +@EntityListeners(AuditingEntityListener.class) +public abstract class BaseEntity { + @CreatedDate + @Column(length = 6, name = "created_at", updatable = false) + private LocalDateTime createdAt; + + @LastModifiedDate + @Column(length = 6, name = "updated_at") + private LocalDateTime updatedAt; + +} + diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java new file mode 100644 index 0000000..830b59a --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.controller; + +public class ReserveController { +} diff --git a/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java similarity index 65% rename from src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java rename to src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java index 6e83bd0..2e84f4f 100644 --- a/src/main/java/com/quickpick/ureca/reserve/domain/Reserve.java +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java @@ -1,8 +1,8 @@ -package com.quickpick.ureca.reserve.domain; +package com.quickpick.ureca.OAuth.reserve.domain; -import com.quickpick.ureca.common.domain.BaseEntity; -import com.quickpick.ureca.reserve.status.ReserveStatus; -import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.reserve.status.ReserveStatus; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; import jakarta.persistence.*; import lombok.Getter; import lombok.NoArgsConstructor; @@ -20,7 +20,7 @@ public class Reserve extends BaseEntity { @ManyToOne(fetch = FetchType.LAZY) @JoinColumn(name = "user_id", nullable = false) - private User user; + private UserOAuth user; @Enumerated(EnumType.STRING) @Column(nullable = false) diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java new file mode 100644 index 0000000..7e75899 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.repository; + +public class ReserveRepository { +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java new file mode 100644 index 0000000..ac7035c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.service; + +public class ReserveService { +} diff --git a/src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java similarity index 50% rename from src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java rename to src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java index b378ef0..e4c4fff 100644 --- a/src/main/java/com/quickpick/ureca/reserve/status/ReserveStatus.java +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java @@ -1,4 +1,4 @@ -package com.quickpick.ureca.reserve.status; +package com.quickpick.ureca.OAuth.reserve.status; public enum ReserveStatus { SUCCESS, diff --git a/src/main/java/com/quickpick/ureca/ticket/domain/Ticket.java b/src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java similarity index 82% rename from src/main/java/com/quickpick/ureca/ticket/domain/Ticket.java rename to src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java index 2a0e3e9..c02041c 100644 --- a/src/main/java/com/quickpick/ureca/ticket/domain/Ticket.java +++ b/src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java @@ -1,7 +1,7 @@ -package com.quickpick.ureca.ticket.domain; +package com.quickpick.ureca.OAuth.ticket.domain; -import com.quickpick.ureca.common.domain.BaseEntity; -import com.quickpick.ureca.userticket.domain.UserTicket; +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.userticket.domain.UserTicket; import jakarta.persistence.*; import lombok.Getter; import lombok.NoArgsConstructor; diff --git a/src/main/java/com/quickpick/ureca/ticket/repository/TicketRepository.java b/src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java similarity index 56% rename from src/main/java/com/quickpick/ureca/ticket/repository/TicketRepository.java rename to src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java index 34b9f66..f18450e 100644 --- a/src/main/java/com/quickpick/ureca/ticket/repository/TicketRepository.java +++ b/src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java @@ -1,6 +1,6 @@ -package com.quickpick.ureca.ticket.repository; +package com.quickpick.ureca.OAuth.ticket.repository; -import com.quickpick.ureca.ticket.domain.Ticket; +import com.quickpick.ureca.OAuth.ticket.domain.Ticket; import org.springframework.data.jpa.repository.JpaRepository; public interface TicketRepository extends JpaRepository { diff --git a/src/main/java/com/quickpick/ureca/user/controller/UserController.java b/src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java similarity index 56% rename from src/main/java/com/quickpick/ureca/user/controller/UserController.java rename to src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java index 5255921..80012e9 100644 --- a/src/main/java/com/quickpick/ureca/user/controller/UserController.java +++ b/src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java @@ -1,21 +1,19 @@ -package com.quickpick.ureca.user.controller; +package com.quickpick.ureca.OAuth.user.controller; -import com.quickpick.ureca.user.dto.UserSignUpRequestDto; -import com.quickpick.ureca.user.service.UserService; +import com.quickpick.ureca.OAuth.user.dto.UserSignUpRequestOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; -import org.springframework.security.authentication.AuthenticationManager; import org.springframework.web.bind.annotation.*; @RestController @RequiredArgsConstructor -public class UserController { +public class UserControllerOAuth { - private final UserService userService; - private final AuthenticationManager authenticationManager; + private final UserServiceOAuth userService; @PostMapping("/signup") - public ResponseEntity signup(@RequestBody UserSignUpRequestDto dto) { + public ResponseEntity signup(@RequestBody UserSignUpRequestOAuth dto) { userService.saveUser(dto); return ResponseEntity.ok("회원가입 완료"); } @@ -25,5 +23,4 @@ public ResponseEntity test(){ return ResponseEntity.ok("테스트 성공"); } - } diff --git a/src/main/java/com/quickpick/ureca/user/domain/User.java b/src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java similarity index 86% rename from src/main/java/com/quickpick/ureca/user/domain/User.java rename to src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java index b0078bf..cb10251 100644 --- a/src/main/java/com/quickpick/ureca/user/domain/User.java +++ b/src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java @@ -1,7 +1,7 @@ -package com.quickpick.ureca.user.domain; +package com.quickpick.ureca.OAuth.user.domain; -import com.quickpick.ureca.common.domain.BaseEntity; -import com.quickpick.ureca.userticket.domain.UserTicket; +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.userticket.domain.UserTicket; import jakarta.persistence.*; import lombok.Builder; import lombok.Getter; @@ -18,7 +18,7 @@ @Entity @Getter @NoArgsConstructor -public class User extends BaseEntity implements UserDetails { +public class UserOAuth extends BaseEntity implements UserDetails { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @@ -41,7 +41,7 @@ public class User extends BaseEntity implements UserDetails { private String gender; @Builder - public User(String id, String password, String name, Integer age, String gender) { + public UserOAuth(String id, String password, String name, Integer age, String gender) { this.id = id; this.password = password; this.name = name; diff --git a/src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java b/src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java similarity index 71% rename from src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java rename to src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java index 8483b50..1c4ac5b 100644 --- a/src/main/java/com/quickpick/ureca/user/dto/UserSignUpRequestDto.java +++ b/src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java @@ -1,11 +1,11 @@ -package com.quickpick.ureca.user.dto; +package com.quickpick.ureca.OAuth.user.dto; import lombok.Getter; import lombok.Setter; @Getter @Setter -public class UserSignUpRequestDto { //회원가입 요청 dto +public class UserSignUpRequestOAuth { //회원가입 요청 dto private String id; // 사용자 ID private String password; // 비밀번호 private String name; // 이름 diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java new file mode 100644 index 0000000..c3e3352 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.OAuth.user.repository; + +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface UserRepositoryOAuth extends JpaRepository { + Optional findById(String id); //id(아이디)로 사용자 정보 가져오기 + Optional findByUserId(Long userId); //user_id(고유번호)로 사용자 정보 가져오기 +} diff --git a/src/main/java/com/quickpick/ureca/user/service/UserDetailService.java b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java similarity index 69% rename from src/main/java/com/quickpick/ureca/user/service/UserDetailService.java rename to src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java index b5e1d86..8159173 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserDetailService.java +++ b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java @@ -1,6 +1,6 @@ -package com.quickpick.ureca.user.service; +package com.quickpick.ureca.OAuth.user.service; -import com.quickpick.ureca.user.repository.UserRepository; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; import lombok.RequiredArgsConstructor; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -9,9 +9,9 @@ @Service @RequiredArgsConstructor -public class UserDetailService implements UserDetailsService { +public class UserDetailServiceOAuth implements UserDetailsService { - private final UserRepository userRepository; + private final UserRepositoryOAuth userRepository; @Override public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException { diff --git a/src/main/java/com/quickpick/ureca/user/service/UserService.java b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java similarity index 70% rename from src/main/java/com/quickpick/ureca/user/service/UserService.java rename to src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java index bbf4256..7e14f2f 100644 --- a/src/main/java/com/quickpick/ureca/user/service/UserService.java +++ b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java @@ -1,8 +1,8 @@ -package com.quickpick.ureca.user.service; +package com.quickpick.ureca.OAuth.user.service; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.dto.UserSignUpRequestDto; -import com.quickpick.ureca.user.repository.UserRepository; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.dto.UserSignUpRequestOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; import jakarta.transaction.Transactional; import lombok.RequiredArgsConstructor; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; @@ -13,15 +13,15 @@ @Service @RequiredArgsConstructor -public class UserService { +public class UserServiceOAuth { - private final UserRepository userRepository; + private final UserRepositoryOAuth userRepository; private final BCryptPasswordEncoder bCryptPasswordEncoder; @Transactional //자체 로그인 유저 저장 - public void saveUser(UserSignUpRequestDto dto) { - userRepository.save(User.builder() + public void saveUser(UserSignUpRequestOAuth dto) { + userRepository.save(UserOAuth.builder() .id(dto.getId()) .password(bCryptPasswordEncoder.encode(dto.getPassword())) .name(dto.getName()) @@ -32,11 +32,11 @@ public void saveUser(UserSignUpRequestDto dto) { @Transactional //구글 소셜 로그인 유저 저장 - public User saveFromOAuth2(OAuth2User oAuth2User) { + public UserOAuth saveFromOAuth2(OAuth2User oAuth2User) { String email = oAuth2User.getAttribute("email"); String name = oAuth2User.getAttribute("name"); - return userRepository.save(User.builder() //age와 gender는 더미로 채우기 + return userRepository.save(UserOAuth.builder() //age와 gender는 더미로 채우기 .id(email) .password("SOCIAL_USER") // 비밀번호는 사용하지 않으므로 더미 .name(name != null ? name : "소셜사용자") @@ -46,13 +46,13 @@ public User saveFromOAuth2(OAuth2User oAuth2User) { } //user_id(고유 번호)로 유저 검색 - public User findByUserId(Long userId) { + public UserOAuth findByUserId(Long userId) { return userRepository.findByUserId(userId) .orElseThrow(()-> new IllegalArgumentException("User not found")); } //id(아이디)로 유저 검색 - public Optional findById(String id) { + public Optional findById(String id) { return userRepository.findById(id); //.orElseThrow(()-> new IllegalArgumentException("User not found")); -> 각 사용 위치에서 예외를 처리하도록 변경 } diff --git a/src/main/java/com/quickpick/ureca/userticket/domain/UserTicket.java b/src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java similarity index 70% rename from src/main/java/com/quickpick/ureca/userticket/domain/UserTicket.java rename to src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java index 8825698..69e6d50 100644 --- a/src/main/java/com/quickpick/ureca/userticket/domain/UserTicket.java +++ b/src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java @@ -1,7 +1,7 @@ -package com.quickpick.ureca.userticket.domain; +package com.quickpick.ureca.OAuth.userticket.domain; -import com.quickpick.ureca.ticket.domain.Ticket; -import com.quickpick.ureca.user.domain.User; +import com.quickpick.ureca.OAuth.ticket.domain.Ticket; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; import jakarta.persistence.*; import lombok.Getter; import lombok.NoArgsConstructor; @@ -19,7 +19,7 @@ public class UserTicket { @ManyToOne(fetch = FetchType.LAZY) @JoinColumn(name = "user_id") - private User user; + private UserOAuth user; @ManyToOne(fetch = FetchType.LAZY) @JoinColumn(name = "ticket_id") diff --git a/src/main/java/com/quickpick/ureca/UrecaApplication.java b/src/main/java/com/quickpick/ureca/UrecaApplication.java index d5f7e7e..d094861 100644 --- a/src/main/java/com/quickpick/ureca/UrecaApplication.java +++ b/src/main/java/com/quickpick/ureca/UrecaApplication.java @@ -1,6 +1,6 @@ package com.quickpick.ureca; -import com.quickpick.ureca.auth.config.JwtProperties; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.context.properties.EnableConfigurationProperties; @@ -10,7 +10,7 @@ @SpringBootApplication @EnableJpaAuditing @EnableScheduling -@EnableConfigurationProperties(JwtProperties.class) +@EnableConfigurationProperties(JwtPropertiesOAuth.class) public class UrecaApplication { public static void main(String[] args) { diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java deleted file mode 100644 index 56518a0..0000000 --- a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenErrorResponse.java +++ /dev/null @@ -1,14 +0,0 @@ -package com.quickpick.ureca.auth.dto; - -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class CreateAccessTokenErrorResponse { //엑세스 토큰 생성 중 에러 발생 시 응답 dto - private String error; - - public CreateAccessTokenErrorResponse(String error) { - this.error = error; - } -} diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java deleted file mode 100644 index 90e32d0..0000000 --- a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenRequest.java +++ /dev/null @@ -1,10 +0,0 @@ -package com.quickpick.ureca.auth.dto; - -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class CreateAccessTokenRequest { //엑세스 토큰 생성 요청 - private String refreshToken; -} diff --git a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java b/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java deleted file mode 100644 index faa5519..0000000 --- a/src/main/java/com/quickpick/ureca/auth/dto/CreateAccessTokenResponse.java +++ /dev/null @@ -1,10 +0,0 @@ -package com.quickpick.ureca.auth.dto; - -import lombok.AllArgsConstructor; -import lombok.Getter; - -@AllArgsConstructor -@Getter -public class CreateAccessTokenResponse { //엑세스 토큰 생성 요청에 대한 응답 - private String accessToken; -} diff --git a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java b/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java deleted file mode 100644 index bc00bd7..0000000 --- a/src/main/java/com/quickpick/ureca/auth/repository/RefreshTokenRepository.java +++ /dev/null @@ -1,12 +0,0 @@ -package com.quickpick.ureca.auth.repository; - -import com.quickpick.ureca.auth.domain.RefreshToken; -import org.springframework.data.jpa.repository.JpaRepository; - -import java.util.Optional; - -public interface RefreshTokenRepository extends JpaRepository { - Optional findByUserId(Long userId); - Optional findByRefreshToken(String refreshToken); - void deleteByUserId(Long userId); -} diff --git a/src/main/java/com/quickpick/ureca/reserve/controller/ReserveController.java b/src/main/java/com/quickpick/ureca/reserve/controller/ReserveController.java deleted file mode 100644 index 7b3818a..0000000 --- a/src/main/java/com/quickpick/ureca/reserve/controller/ReserveController.java +++ /dev/null @@ -1,4 +0,0 @@ -package com.quickpick.ureca.reserve.controller; - -public class ReserveController { -} diff --git a/src/main/java/com/quickpick/ureca/reserve/repository/ReserveRepository.java b/src/main/java/com/quickpick/ureca/reserve/repository/ReserveRepository.java deleted file mode 100644 index d9dfba9..0000000 --- a/src/main/java/com/quickpick/ureca/reserve/repository/ReserveRepository.java +++ /dev/null @@ -1,4 +0,0 @@ -package com.quickpick.ureca.reserve.repository; - -public class ReserveRepository { -} diff --git a/src/main/java/com/quickpick/ureca/reserve/service/ReserveService.java b/src/main/java/com/quickpick/ureca/reserve/service/ReserveService.java deleted file mode 100644 index 28c25c2..0000000 --- a/src/main/java/com/quickpick/ureca/reserve/service/ReserveService.java +++ /dev/null @@ -1,4 +0,0 @@ -package com.quickpick.ureca.reserve.service; - -public class ReserveService { -} diff --git a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java b/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java deleted file mode 100644 index 6e9a29d..0000000 --- a/src/main/java/com/quickpick/ureca/user/repository/UserRepository.java +++ /dev/null @@ -1,11 +0,0 @@ -package com.quickpick.ureca.user.repository; - -import com.quickpick.ureca.user.domain.User; -import org.springframework.data.jpa.repository.JpaRepository; - -import java.util.Optional; - -public interface UserRepository extends JpaRepository { - Optional findById(String id); //id(아이디)로 사용자 정보 가져오기 - Optional findByUserId(Long userId); //user_id(고유번호)로 사용자 정보 가져오기 -} diff --git a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java index 33880cd..ad0087d 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java @@ -1,6 +1,6 @@ package com.quickpick.ureca.config.jwt; -import com.quickpick.ureca.auth.config.JwtProperties; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import lombok.Builder; @@ -35,7 +35,7 @@ public static JwtFactory withDefaultValues() { return JwtFactory.builder().build(); } // withDefaultValues - public String createToken(JwtProperties jwtProperties) { + public String createToken(JwtPropertiesOAuth jwtProperties) { // 기본 클레임 설정 Map tokenClaims = new HashMap<>(); diff --git a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java index 49d251e..ff61375 100644 --- a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java +++ b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java @@ -1,9 +1,9 @@ package com.quickpick.ureca.config.jwt; -import com.quickpick.ureca.auth.config.JwtProperties; -import com.quickpick.ureca.auth.config.TokenProvider; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.repository.UserRepository; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; +import com.quickpick.ureca.OAuth.auth.config.TokenProviderOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; import io.jsonwebtoken.JwtException; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; @@ -24,16 +24,16 @@ @SpringBootTest public class TokenProviderTest { @Autowired - private TokenProvider tokenProvider; + private TokenProviderOAuth tokenProvider; @Autowired - private UserRepository userRepository; + private UserRepositoryOAuth userRepository; @Autowired - private JwtProperties jwtProperties; + private JwtPropertiesOAuth jwtProperties; @DisplayName("토큰 생성 테스트") @Test void generateToken() { - User testUser = userRepository.save(User.builder() + UserOAuth testUser = userRepository.save(UserOAuth.builder() .id("user@gmail.com") .password("password") .name("testUser") diff --git a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java index 37bc0b3..9c32c09 100644 --- a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java +++ b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java @@ -1,13 +1,13 @@ package com.quickpick.ureca.controller; import com.fasterxml.jackson.databind.ObjectMapper; -import com.quickpick.ureca.auth.config.JwtProperties; -import com.quickpick.ureca.auth.domain.RefreshToken; -import com.quickpick.ureca.auth.dto.CreateAccessTokenRequest; -import com.quickpick.ureca.auth.repository.RefreshTokenRepository; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.dto.CreateAccessTokenRequestOAuth; +import com.quickpick.ureca.OAuth.auth.repository.RefreshTokenRepositoryOAuth; import com.quickpick.ureca.config.jwt.JwtFactory; -import com.quickpick.ureca.user.domain.User; -import com.quickpick.ureca.user.repository.UserRepository; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Test; @@ -16,7 +16,6 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.http.MediaType; import org.springframework.test.web.servlet.MockMvc; -import org.springframework.test.web.servlet.MockMvcBuilder; import org.springframework.test.web.servlet.ResultActions; import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; @@ -38,11 +37,11 @@ public class TokenControllerTest { @Autowired private WebApplicationContext context; @Autowired - private JwtProperties jwtProperties; + private JwtPropertiesOAuth jwtProperties; @Autowired - private UserRepository userRepository; + private UserRepositoryOAuth userRepository; @Autowired - private RefreshTokenRepository refreshTokenRepository; + private RefreshTokenRepositoryOAuth refreshTokenRepository; @BeforeEach public void mockMvcSetUp() { @@ -54,7 +53,7 @@ public void mockMvcSetUp() { @Test public void createNewAccessToken() throws Exception { final String url = "/auth/token"; - User testUser = userRepository.save( User.builder() + UserOAuth testUser = userRepository.save( UserOAuth.builder() .id("user@gmail.com") .password("test") .name("test") @@ -65,9 +64,9 @@ public void createNewAccessToken() throws Exception { .claims( Map.of( "user_id", testUser.getUserId() ) ) .build() .createToken(jwtProperties); - refreshTokenRepository.save( new RefreshToken(testUser.getUserId(), refreshToken) ); + refreshTokenRepository.save( new RefreshTokenOAuth(testUser.getUserId(), refreshToken) ); - CreateAccessTokenRequest request = new CreateAccessTokenRequest(); + CreateAccessTokenRequestOAuth request = new CreateAccessTokenRequestOAuth(); request.setRefreshToken(refreshToken); final String requestBody = objectMapper.writeValueAsString(request);