diff --git a/src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginFailureHandler.java b/src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginFailureHandler.java index 2964bc52..f2c26ea3 100644 --- a/src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginFailureHandler.java +++ b/src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginFailureHandler.java @@ -1,29 +1,56 @@ package life.mosu.mosuserver.global.handler; +import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; +import life.mosu.mosuserver.global.exception.ErrorResponse; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; import org.springframework.security.core.AuthenticationException; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.OAuth2Error; -import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.stereotype.Component; @Slf4j @Component -public class OAuth2LoginFailureHandler extends SimpleUrlAuthenticationFailureHandler { +@RequiredArgsConstructor +public class OAuth2LoginFailureHandler implements + AuthenticationFailureHandler { + + private final ObjectMapper objectMapper; @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException { - if (exception instanceof OAuth2AuthenticationException) { - OAuth2Error error = ((OAuth2AuthenticationException) exception).getError(); - log.info("OAuth2 Error " + error.getErrorCode()); - log.info("OAuth2 Description " + error.getDescription()); - log.info(error.toString()); + + String errorCode = "UNKNOWN_ERROR"; + String errorMessage = "로그인에 실패했습니다. 관리자에게 문의하세요."; + + if (exception instanceof OAuth2AuthenticationException oAuth2Ex) { + OAuth2Error error = oAuth2Ex.getError(); + errorCode = error.getErrorCode(); + errorMessage = error.getDescription() != null ? error.getDescription() : errorCode; + + log.info("OAuth2 Error: {}, Description: {}", error.getErrorCode(), + error.getDescription()); } - super.onAuthenticationFailure(request, response, exception); + + ErrorResponse errorResponse = ErrorResponse.builder() + .status(HttpStatus.UNAUTHORIZED.value()) + .message("인증에 실패했습니다") + .errors(errorMessage) + .code(errorCode) + .build(); + + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setContentType("application/json;charset=UTF-8"); + response.setContentType(MediaType.APPLICATION_JSON_VALUE); + + objectMapper.writeValue(response.getWriter(), errorResponse); } } diff --git a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java index 3949908e..7f5ea9aa 100644 --- a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java +++ b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java @@ -81,7 +81,7 @@ public static ResponseCookie createDevelopResponseCookie(String name, String val */ public static Cookie createDevelopCookie(String name, String value, Long maxAge) { Cookie cookie = createBaseServletCookie(name, value, maxAge); - cookie.setSecure(false); + cookie.setSecure(true); cookie.setDomain(".mosuedu.com"); return cookie; }