From 9acbab2bea0f9674a52946f47b2aed1a3ed058e4 Mon Sep 17 00:00:00 2001 From: wlgns12370 Date: Mon, 11 Aug 2025 08:02:50 +0900 Subject: [PATCH 1/2] refactor: update cookie creation methods to use development cookies with secure flag set to false --- .../life/mosu/mosuserver/global/util/CookieBuilderUtil.java | 4 ++-- .../mosu/mosuserver/presentation/auth/AuthController.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java index 7f5ea9aa..b34fc5e9 100644 --- a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java +++ b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java @@ -65,7 +65,7 @@ public static String createLocalCookieString(String name, String value, Long max public static ResponseCookie createDevelopResponseCookie(String name, String value, Long maxAge) { return createBaseResponseCookieBuilder(name, value, maxAge) - .secure(true) + .secure(false) .domain(".mosuedu.com") .sameSite("Strict") .build(); @@ -81,7 +81,7 @@ public static ResponseCookie createDevelopResponseCookie(String name, String val */ public static Cookie createDevelopCookie(String name, String value, Long maxAge) { Cookie cookie = createBaseServletCookie(name, value, maxAge); - cookie.setSecure(true); + cookie.setSecure(false); cookie.setDomain(".mosuedu.com"); return cookie; } diff --git a/src/main/java/life/mosu/mosuserver/presentation/auth/AuthController.java b/src/main/java/life/mosu/mosuserver/presentation/auth/AuthController.java index e517ecb5..b99090b5 100644 --- a/src/main/java/life/mosu/mosuserver/presentation/auth/AuthController.java +++ b/src/main/java/life/mosu/mosuserver/presentation/auth/AuthController.java @@ -53,12 +53,12 @@ public ResponseEntity checkToken() { private HttpHeaders applyTokenHeader(Token token) { HttpHeaders headers = new HttpHeaders(); - headers.add(HttpHeaders.SET_COOKIE, CookieBuilderUtil.createLocalCookieString( + headers.add(HttpHeaders.SET_COOKIE, CookieBuilderUtil.createDevelopCookieString( CookieBuilderUtil.ACCESS_TOKEN_COOKIE_NAME, token.accessToken(), token.accessTokenExpireTime() )); - headers.add(HttpHeaders.SET_COOKIE, CookieBuilderUtil.createLocalCookieString( + headers.add(HttpHeaders.SET_COOKIE, CookieBuilderUtil.createDevelopCookieString( CookieBuilderUtil.REFRESH_TOKEN_COOKIE_NAME, token.refreshToken(), token.refreshTokenExpireTime() From 28cf726f336758fd569492bd79d696f7bc7752be Mon Sep 17 00:00:00 2001 From: wlgns12370 Date: Mon, 11 Aug 2025 08:05:30 +0900 Subject: [PATCH 2/2] refactor: set secure flag to true for development cookies --- .../life/mosu/mosuserver/global/util/CookieBuilderUtil.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java index b34fc5e9..7f5ea9aa 100644 --- a/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java +++ b/src/main/java/life/mosu/mosuserver/global/util/CookieBuilderUtil.java @@ -65,7 +65,7 @@ public static String createLocalCookieString(String name, String value, Long max public static ResponseCookie createDevelopResponseCookie(String name, String value, Long maxAge) { return createBaseResponseCookieBuilder(name, value, maxAge) - .secure(false) + .secure(true) .domain(".mosuedu.com") .sameSite("Strict") .build(); @@ -81,7 +81,7 @@ public static ResponseCookie createDevelopResponseCookie(String name, String val */ public static Cookie createDevelopCookie(String name, String value, Long maxAge) { Cookie cookie = createBaseServletCookie(name, value, maxAge); - cookie.setSecure(false); + cookie.setSecure(true); cookie.setDomain(".mosuedu.com"); return cookie; }