fix(oauth): Apple 로그인 시 userName이 null이 되는 문제 수정

[Mindev27]

fix(oauth): Apple 로그인 시 userName이 null이 되는 문제 수정

Summary by CodeRabbit

• Improvements
  • Updated Apple sign-in to improve user display name generation by utilizing email information when available, with enhanced fallback handling.

[coderabbitai]

📝 Walkthrough

Walkthrough

The AppleMemberInfoResponse.toInfo() method now derives a nickname from the email's local-part (text before '@') instead of using null. A new private getNickName() helper method extracts the nickname, falling back to the sub field if email is unavailable or invalid.

Changes

Cohort / File(s)	Summary
Apple Member Info Response Enhancement domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/client/AppleMemberInfoResponse.java	Modified toInfo() to derive nickname from email local-part; added private getNickName() helper method that extracts the part before '@' or falls back to sub value.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• feat(oauth): Apple 로그인 구현 #285: Introduced AppleMemberInfoResponse with toInfo() method returning null nickname; this PR enhances that method to compute nickname from email via the new getNickName() helper.

Suggested reviewers

• huhdy32

Poem

🐰 A carrot of code, so small and so clean,
A nickname now born from email's domain!
No more null values in the morning light,
The Apple tree bears data more right! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly addresses the main fix: resolving null userName issue in Apple OAuth login, which matches the changeset modification to derive nickname/userName from email.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/apple-oauth

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @Mindev27, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

Apple 로그인 과정에서 사용자 이름이 올바르게 설정되지 않던 문제를 해결하기 위한 변경사항입니다. 이메일 정보를 활용하여 닉네임을 생성함으로써, userName 필드가 null이 되는 상황을 방지하고 사용자 경험을 개선합니다.

Highlights

• Apple 로그인 사용자 이름 문제 해결: Apple 로그인 시 userName이 null로 설정되는 버그를 수정했습니다. 이제 사용자의 이메일 주소에서 닉네임을 추출하여 userName으로 사용합니다.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/client/AppleMemberInfoResponse.java
  • toInfo() 메서드에서 userName을 null 대신 getNickName() 메서드의 반환값으로 설정하도록 변경되었습니다.
  • getNickName()이라는 새로운 private 메서드가 추가되어, 이메일에서 @ 기호 앞부분을 추출하여 닉네임으로 사용하거나, 이메일이 없거나 유효하지 않은 경우 sub 값을 닉네임으로 사용하도록 구현되었습니다.

Activity

• 현재까지 기록된 활동이 없습니다.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/client/AppleMemberInfoResponse.java`:
- Around line 12-17: getNickName currently returns email.substring(0,
email.indexOf("@")) even when the local-part is empty (e.g., "@domain.com"),
producing an empty nickname; update getNickName to check that email contains "@"
and that email.indexOf("@") > 0 before returning the local-part, otherwise fall
back to returning sub (preserve existing null checks), i.e., validate the
local-part length when locating the "@" in getNickName so you never return an
empty string.

[gemini-code-assist]

Code Review

This PR resolves the issue where userName was null during Apple OAuth login by modifying AppleMemberInfoResponse to extract a nickname from the email's local part, or use the sub claim if the email is unavailable. However, this change introduces a medium-severity Stored Cross-Site Scripting (XSS) vulnerability because the external email input is not sanitized before being used as a nickname, potentially allowing script injection. Furthermore, an edge case exists where the nickname could become an empty string if the email starts with '@'.