From 7511c7de2f3b30708d2943f119045f470d8749df Mon Sep 17 00:00:00 2001
From: wlgns12370 <knu12370@knu.ac.kr>
Date: Thu, 14 Aug 2025 00:29:17 +0900
Subject: [PATCH 1/4] =?UTF-8?q?MOSU=20test:=20Test=EB=A5=BC=20=EC=9C=84?=
 =?UTF-8?q?=ED=95=9C=20CORS=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../global/config/SecurityConfig.java         | 23 +++++++++----------
 .../global/config/WebMvcConfig.java           | 11 ++++-----
 2 files changed, 16 insertions(+), 18 deletions(-)

diff --git a/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java b/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
index 9ebc44a0..f06a2525 100644
--- a/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
+++ b/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
@@ -4,7 +4,15 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-
+import life.mosu.mosuserver.application.oauth.OAuthUserService;
+import life.mosu.mosuserver.global.filter.TokenExceptionFilter;
+import life.mosu.mosuserver.global.filter.TokenFilter;
+import life.mosu.mosuserver.global.handler.AuthLogoutHandler;
+import life.mosu.mosuserver.global.handler.AuthLogoutSuccessHandler;
+import life.mosu.mosuserver.global.handler.OAuth2LoginFailureHandler;
+import life.mosu.mosuserver.global.handler.OAuth2LoginSuccessHandler;
+import life.mosu.mosuserver.global.resolver.AuthorizationRequestRedirectResolver;
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -31,16 +39,6 @@
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
-import life.mosu.mosuserver.application.oauth.OAuthUserService;
-import life.mosu.mosuserver.global.filter.TokenExceptionFilter;
-import life.mosu.mosuserver.global.filter.TokenFilter;
-import life.mosu.mosuserver.global.handler.AuthLogoutHandler;
-import life.mosu.mosuserver.global.handler.AuthLogoutSuccessHandler;
-import life.mosu.mosuserver.global.handler.OAuth2LoginFailureHandler;
-import life.mosu.mosuserver.global.handler.OAuth2LoginSuccessHandler;
-import life.mosu.mosuserver.global.resolver.AuthorizationRequestRedirectResolver;
-import lombok.RequiredArgsConstructor;
-
 @Configuration
 @EnableWebSecurity
 @EnableMethodSecurity
@@ -54,7 +52,8 @@ public class SecurityConfig {
             "https://www.mosuedu.com",
             "https://partnership.mosuedu.com",
             "https://admin.mosuedu.com",
-            "http://dev.mosuedu.com:3000"
+            "http://dev.mosuedu.com:3000",
+            "http://staging.mosuedu.com"
     );
     private final OAuthUserService userService;
     private final OAuth2LoginSuccessHandler loginSuccessHandler;
diff --git a/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java b/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
index 6a4ccdb7..4af907c4 100644
--- a/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
+++ b/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
@@ -1,16 +1,14 @@
 package life.mosu.mosuserver.global.config;
 
 import java.util.List;
-
+import life.mosu.mosuserver.global.resolver.PhoneNumberArgumentResolver;
+import life.mosu.mosuserver.global.resolver.UserIdArgumentResolver;
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
-import life.mosu.mosuserver.global.resolver.PhoneNumberArgumentResolver;
-import life.mosu.mosuserver.global.resolver.UserIdArgumentResolver;
-import lombok.RequiredArgsConstructor;
-
 @Configuration
 @RequiredArgsConstructor
 public class WebMvcConfig implements WebMvcConfigurer {
@@ -36,7 +34,8 @@ public void addCorsMappings(CorsRegistry registry) {
                         "https://www.mosuedu.com",
                         "https://partnership.mosuedu.com",
                         "https://admin.mosuedu.com",
-                        "http://dev.mosuedu.com:3000"
+                        "http://dev.mosuedu.com:3000",
+                        "http://staging.mosuedu.com"
                 )
                 .allowCredentials(true)
                 .maxAge(3600);

From 3980d4fe83ba2362a72bd3a92fe37c2c41281ca6 Mon Sep 17 00:00:00 2001
From: wlgns12370 <knu12370@knu.ac.kr>
Date: Thu, 14 Aug 2025 03:06:09 +0900
Subject: [PATCH 2/4] =?UTF-8?q?MOSU=20perf:=20=EC=A4=91=EB=B3=B5=20?=
 =?UTF-8?q?=EA=B2=80=EC=A6=9D=20=EB=A1=9C=EC=A7=81=20=EC=A0=9C=EA=B1=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../mosuserver/presentation/profile/ProfileController.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/life/mosu/mosuserver/presentation/profile/ProfileController.java b/src/main/java/life/mosu/mosuserver/presentation/profile/ProfileController.java
index f2264d3c..0687a969 100644
--- a/src/main/java/life/mosu/mosuserver/presentation/profile/ProfileController.java
+++ b/src/main/java/life/mosu/mosuserver/presentation/profile/ProfileController.java
@@ -37,7 +37,7 @@ public ResponseEntity<ApiResponseWrapper<Void>> create(
     }
 
     @PutMapping
-    @PreAuthorize("isAuthenticated() and hasRole('USER')")
+    @PreAuthorize("hasRole('USER')")
     public ResponseEntity<ApiResponseWrapper<Void>> update(
             @UserId Long userId,
             @Valid @RequestBody EditProfileRequest request
@@ -47,7 +47,7 @@ public ResponseEntity<ApiResponseWrapper<Void>> update(
     }
 
     @GetMapping
-    @PreAuthorize("isAuthenticated() and hasRole('USER')")
+    @PreAuthorize("hasRole('USER')")
     public ResponseEntity<ApiResponseWrapper<ProfileDetailResponse>> getProfile(
             @UserId Long userId
     ) {

From 665d964c6ca6534369d33c5468e33fc665444fb6 Mon Sep 17 00:00:00 2001
From: wlgns12370 <knu12370@knu.ac.kr>
Date: Fri, 15 Aug 2025 15:14:33 +0900
Subject: [PATCH 3/4] =?UTF-8?q?MOSU=20feat:=20kakao=20INVALID=5FTOKEN=20?=
 =?UTF-8?q?=EC=97=90=EB=9F=AC=20=EC=B2=98=EB=A6=AC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../life/mosu/mosuserver/global/handler/OAuthErrorType.java  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/main/java/life/mosu/mosuserver/global/handler/OAuthErrorType.java b/src/main/java/life/mosu/mosuserver/global/handler/OAuthErrorType.java
index 9ae0e07a..7dac694c 100644
--- a/src/main/java/life/mosu/mosuserver/global/handler/OAuthErrorType.java
+++ b/src/main/java/life/mosu/mosuserver/global/handler/OAuthErrorType.java
@@ -6,7 +6,8 @@
 public enum OAuthErrorType {
     CANCELED("CANCELED"),
     DUPLICATE("DUPLICATE"),
-    UNKNOWN("UNKNOWN");
+    UNKNOWN("UNKNOWN"),
+    INVALID_TOKEN("INVALID_TOKEN");
 
     private final String message;
 
@@ -21,6 +22,8 @@ public static OAuthErrorType from(String text) {
         return switch (text) {
             case "DUPLICATE" -> DUPLICATE;
             case "[access_denied] User denied access" -> CANCELED;
+            case "[invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: 401 : [no body]" ->
+                    INVALID_TOKEN;
             default -> UNKNOWN;
         };
     }

From dce1869a2678b61dc0ec633eb9a6ee95f29524ba Mon Sep 17 00:00:00 2001
From: wlgns12370 <knu12370@knu.ac.kr>
Date: Fri, 15 Aug 2025 15:25:08 +0900
Subject: [PATCH 4/4] MOSU chore: Remove staging URL from CORS configuration

---
 .../life/mosu/mosuserver/global/config/SecurityConfig.java     | 3 +--
 .../java/life/mosu/mosuserver/global/config/WebMvcConfig.java  | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java b/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
index f06a2525..033dda09 100644
--- a/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
+++ b/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
@@ -52,8 +52,7 @@ public class SecurityConfig {
             "https://www.mosuedu.com",
             "https://partnership.mosuedu.com",
             "https://admin.mosuedu.com",
-            "http://dev.mosuedu.com:3000",
-            "http://staging.mosuedu.com"
+            "http://dev.mosuedu.com:3000"
     );
     private final OAuthUserService userService;
     private final OAuth2LoginSuccessHandler loginSuccessHandler;
diff --git a/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java b/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
index 4af907c4..e861aa3f 100644
--- a/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
+++ b/src/main/java/life/mosu/mosuserver/global/config/WebMvcConfig.java
@@ -34,8 +34,7 @@ public void addCorsMappings(CorsRegistry registry) {
                         "https://www.mosuedu.com",
                         "https://partnership.mosuedu.com",
                         "https://admin.mosuedu.com",
-                        "http://dev.mosuedu.com:3000",
-                        "http://staging.mosuedu.com"
+                        "http://dev.mosuedu.com:3000"
                 )
                 .allowCredentials(true)
                 .maxAge(3600);