Feat/#146/리프레쉬 토큰 도입

src/main/java/space/space_spring/config/WebConfig.java

@@ -22,11 +22,11 @@
 public class WebConfig implements WebMvcConfigurer {
 
     private final JwtLoginAuthInterceptor jwtLoginAuthInterceptor;
+    private final UserSpaceValidationInterceptor userSpaceValidationInterceptor;
 
     private final JwtLoginAuthHandlerArgumentResolver jwtLoginAuthHandlerArgumentResolver;
     private final UserSpaceIdHandlerArgumentResolver userSpaceIdHandlerArgumentResolver;
     private final UserSpaceAuthHandlerArgumentResolver userSpaceAuthHandlerArgumentResolver;
-    private final UserSpaceValidationInterceptor userSpaceValidationInterceptor;
 
 
     @Override
@@ -45,8 +45,6 @@ public void addInterceptors(InterceptorRegistry registry) {
         for(UserSpaceValidationInterceptorURL url:UserSpaceValidationInterceptorURL.values()) {
             userSpaceRegistration.addPathPatterns(url.getUrlPattern());
         }
-
-
     }
 
     @Override

src/main/java/space/space_spring/controller/TestController.java

@@ -1,6 +1,7 @@
 package space.space_spring.controller;
 
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
@@ -52,6 +53,4 @@ public  BaseResponse<String> LoginPassAnnotaionTest(
                 +"");
     }
 
-
-
 }

src/main/java/space/space_spring/controller/TestOAuthController.java → src/main/java/space/space_spring/controller/ViewTestController.java

@@ -1,27 +1,27 @@
 package space.space_spring.controller;
 
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
 
 @Controller
-@RequestMapping("/oauth")
 @Slf4j
-public class TestOAuthController {
+public class ViewTestController {
 
+    /**
+     * 카카오 로그인 요청 처리
+     * 카카오 인증 서버의 인증 및 동의 요청 페이지로 redirect
+     */
     @Value("${oauth.kakao.client.id}")
     private String clientId;
 
     @Value("${oauth.kakao.redirect.uri}")
     private String redirectUri;
 
-    /**
-     * 카카오 로그인 요청 처리
-     * 카카오 인증 서버의 인증 및 동의 요청 페이지로 redirect
-     */
-    @GetMapping("/kakao")
+    @GetMapping("/oauth/kakao")
     public String kakaoConnect() {
         StringBuffer url = new StringBuffer();
         url.append("https://kauth.kakao.com/oauth/authorize?");

src/main/java/space/space_spring/dao/UserSpaceDao.java

@@ -5,18 +5,15 @@
 import jakarta.persistence.TypedQuery;
 import org.springframework.stereotype.Repository;
 import org.springframework.transaction.annotation.Transactional;
-import space.space_spring.dto.user.dto.SpaceChoiceInfo;
-import space.space_spring.dto.user.dto.SpaceChoiceViewDto;
+import space.space_spring.domain.user.model.dto.SpaceChoiceInfo;
+import space.space_spring.domain.user.model.dto.SpaceChoiceViewDto;
 import space.space_spring.dto.userSpace.UserInfoInSpace;
 import space.space_spring.entity.Space;
 import space.space_spring.entity.User;
 import space.space_spring.entity.UserSpace;
 import space.space_spring.entity.enumStatus.UserSpaceAuth;
 
 import java.util.*;
-import java.util.stream.Stream;
-
-import static space.space_spring.entity.enumStatus.UserSpaceAuth.MANAGER;
 
 @Repository
 public class UserSpaceDao {

src/main/java/space/space_spring/controller/OAuthController.java → src/main/java/space/space_spring/domain/authorization/OAuth/controller/OAuthController.java

@@ -1,19 +1,16 @@
-package space.space_spring.controller;
+package space.space_spring.domain.authorization.OAuth.controller;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+import space.space_spring.domain.authorization.jwt.service.JwtService;
+import space.space_spring.domain.authorization.jwt.model.TokenPairDTO;
 import space.space_spring.dto.oAuth.KakaoInfo;
-import space.space_spring.dto.oAuth.OAuthLoginResponse;
 import space.space_spring.entity.User;
-import space.space_spring.response.BaseResponse;
-import space.space_spring.service.OAuthService;
+import space.space_spring.domain.authorization.OAuth.service.OAuthService;
 
 import java.io.IOException;
 
@@ -24,6 +21,7 @@
 public class OAuthController {
 
     private final OAuthService oAuthService;
+    private final JwtService jwtService;
 
     @Value("${oauth.kakao.client.id}")
     private String clientId;
@@ -69,18 +67,25 @@ public void kakaoCallback(@RequestParam(name = "code") String code, HttpServletR
         User userByOAuthInfo = oAuthService.findUserByOAuthInfo(kakaoInfo);
 
         // TODO 5. 카카오 로그인 유저에게 jwt 발급
-        String jwtOAuthLogin = oAuthService.provideJwtToOAuthUser(userByOAuthInfo);
-        response.setHeader("Authorization", "Bearer " + jwtOAuthLogin);
-        log.info("jwtOAuthLogin = {}", jwtOAuthLogin);
+        TokenPairDTO tokenPairDTO = jwtService.provideJwtToOAuthUser(userByOAuthInfo);
 
-        // Construct the redirect URL with the JWT and userId as query parameters
+        // TODO 6. 카카오 로그인 유저에게 발급한 refresh token을 db에 저장
+        jwtService.updateRefreshToken(userByOAuthInfo, tokenPairDTO.getRefreshToken());
+
+        System.out.println("tokenPairDTO.getAccessToken() = " + tokenPairDTO.getAccessToken());
+        System.out.println("tokenPairDTO.getRefreshToken() = " + tokenPairDTO.getRefreshToken());
+
+        // 클라이언트로 response 전달
+        // -> 메서드 분리 ??
+        // 공백문자가 %20 으로 전달되는 듯 함 -> 프론트 분들과 협의 필요할 듯
         String redirectUrl = String.format(
-                "https://kuit-space.github.io/KUIT-Space-front/login?jwt=Bearer %s&userId=%s",
-                jwtOAuthLogin,
+                "https://kuit-space.github.io/KUIT-Space-front/login?access-token=%s&refresh-token=%s&userId=%s",
+                "Bearer " + tokenPairDTO.getAccessToken(),
+                "Bearer " + tokenPairDTO.getRefreshToken(),
                 userByOAuthInfo.getUserId()
         );
 
-        // Redirect to the specified URL
         response.sendRedirect(redirectUrl);
     }
+
 }

src/main/java/space/space_spring/service/OAuthService.java → src/main/java/space/space_spring/domain/authorization/OAuth/service/OAuthService.java

@@ -1,4 +1,4 @@
-package space.space_spring.service;
+package space.space_spring.domain.authorization.OAuth.service;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonNode;
@@ -13,9 +13,9 @@
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestTemplate;
+import space.space_spring.domain.user.repository.UserDao;
 import space.space_spring.dto.oAuth.KakaoInfo;
 import space.space_spring.entity.User;
-import space.space_spring.jwt.JwtLoginProvider;
 import space.space_spring.util.user.UserUtils;
 
 import static space.space_spring.entity.enumStatus.UserSignupType.KAKAO;
@@ -25,7 +25,8 @@
 public class OAuthService {
 
     private final UserUtils userUtils;
-    private final JwtLoginProvider jwtLoginProvider;
+    private final UserDao userDao;
+
 
     /**
      * 카카오 인증 서버가 전달해준 유저의 인가코드로 토큰 발급 요청
@@ -103,7 +104,7 @@ public User findUserByOAuthInfo(KakaoInfo kakaoInfo) {
         return userUtils.findOrCreateUserForOAuthInfo(email, nickname, KAKAO);
     }
 
-    public String provideJwtToOAuthUser(User userByOAuthInfo) {
-        return jwtLoginProvider.generateToken(userByOAuthInfo);
-    }
+
+
+
 }

src/main/java/space/space_spring/domain/authorization/auth/controller/AuthController.java

@@ -0,0 +1,45 @@
+package space.space_spring.domain.authorization.auth.controller;
+
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.validation.BindingResult;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import space.space_spring.domain.authorization.auth.service.AuthService;
+import space.space_spring.domain.user.model.PostLoginDto;
+import space.space_spring.exception.CustomException;
+import space.space_spring.response.BaseResponse;
+
+import static space.space_spring.response.status.BaseExceptionResponseStatus.INVALID_USER_LOGIN;
+import static space.space_spring.util.bindingResult.BindingResultUtils.getErrorMessage;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/user")
+public class AuthController {
+
+    private final AuthService authService;
+
+    /**
+     * 로그인
+     */
+    @PostMapping("/login")
+    public BaseResponse<PostLoginDto.Response> login(@Validated @RequestBody PostLoginDto.Request request, BindingResult bindingResult, HttpServletResponse response) {
+        if (bindingResult.hasErrors()) {
+            throw new CustomException(INVALID_USER_LOGIN, getErrorMessage(bindingResult));
+        }
+
+        PostLoginDto login = authService.login(request);
+
+        System.out.println("login.getTokenPairDTO().getRefreshToken() = " + login.getTokenPairDTO().getRefreshToken());
+        System.out.println("login.getTokenPairDTO().getAccessToken() = " + login.getTokenPairDTO().getAccessToken());
+
+        response.setHeader("Authorization-refresh", "Bearer " + login.getTokenPairDTO().getRefreshToken());
+        response.setHeader("Authorization", "Bearer " + login.getTokenPairDTO().getAccessToken());
+
+        return new BaseResponse<>(new PostLoginDto.Response(login.getUserId()));
+    }
+}

src/main/java/space/space_spring/domain/authorization/auth/service/AuthService.java

@@ -0,0 +1,72 @@
+package space.space_spring.domain.authorization.auth.service;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import space.space_spring.domain.authorization.jwt.model.TokenPairDTO;
+import space.space_spring.domain.authorization.jwt.model.TokenType;
+import space.space_spring.domain.authorization.jwt.repository.JwtRepository;
+import space.space_spring.domain.user.model.PostLoginDto;
+import space.space_spring.entity.TokenStorage;
+import space.space_spring.entity.User;
+import space.space_spring.exception.CustomException;
+import space.space_spring.jwt.JwtLoginProvider;
+import space.space_spring.util.user.UserUtils;
+
+import static space.space_spring.entity.enumStatus.UserSignupType.LOCAL;
+import static space.space_spring.response.status.BaseExceptionResponseStatus.PASSWORD_NO_MATCH;
+
+@Service
+@RequiredArgsConstructor
+@Transactional(readOnly = true)
+@Slf4j
+public class AuthService {
+
+    private final JwtLoginProvider jwtLoginProvider;
+    private final JwtRepository jwtRepository;
+    private final PasswordEncoder passwordEncoder;
+    private final UserUtils userUtils;
+
+
+    @Transactional
+    public PostLoginDto login(PostLoginDto.Request request) {
+        // TODO 1. 이메일 존재 여부 확인(아이디 존재 여부 확인)
+        User userByEmail = userUtils.findUserByEmail(request.getEmail(), LOCAL);
+        log.info("userByEmail.getUserId: {}", userByEmail.getUserId());
+
+        // TODO 2. 비밀번호 일치 여부 확인
+        validatePassword(userByEmail, request.getPassword());
+
+        // TODO 3. JWT 발급 -> access token, refresh token 2개 발급
+        String accessToken = jwtLoginProvider.generateToken(userByEmail, TokenType.ACCESS);
+        String refreshToken = jwtLoginProvider.generateToken(userByEmail, TokenType.REFRESH);
+
+        // TODO 4. refresh token db에 저장
+        TokenStorage tokenStorage = TokenStorage.builder()
+                .user(userByEmail)
+                .tokenValue(refreshToken)
+                .build();
+        jwtRepository.save(tokenStorage);
+
+        // TODO 5. return
+        TokenPairDTO tokenPairDTO = TokenPairDTO.builder()
+                .refreshToken(refreshToken)
+                .accessToken(accessToken)
+                .build();
+
+        return PostLoginDto.builder()
+                .TokenPairDTO(tokenPairDTO)
+                .userId(userByEmail.getUserId())
+                .build();
+    }
+
+    private void validatePassword(User userByEmail, String password) {
+        String encodePassword = userByEmail.getPassword();
+        if(!passwordEncoder.matches(password,encodePassword)){
+            throw new CustomException(PASSWORD_NO_MATCH);
+        }
+
+    }
+}

src/main/java/space/space_spring/domain/authorization/jwt/controller/JwtController.java

@@ -0,0 +1,51 @@
+package space.space_spring.domain.authorization.jwt.controller;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import space.space_spring.domain.authorization.jwt.service.JwtService;
+import space.space_spring.domain.authorization.jwt.model.TokenPairDTO;
+import space.space_spring.entity.User;
+import space.space_spring.response.BaseResponse;
+
+import java.io.IOException;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/jwt")
+public class JwtController {
+
+    private final JwtService jwtService;
+
+    /**
+     * 엑세스 토큰 갱신 요청 처리
+     * -> 엑세스 토큰, 리프레시 토큰 갱신 (RTR 패턴)
+     */
+    @PostMapping("/new-token")
+    public BaseResponse<String> updateAccessToken(HttpServletRequest request, HttpServletResponse response) throws IOException {
+        // access token, refresh token 파싱
+        TokenPairDTO tokenPairDTO  = jwtService.resolveTokenPair(request);
+
+        // access token 로부터 user find
+        User userByAccessToken = jwtService.getUserByAccessToken(tokenPairDTO.getAccessToken());
+
+        // refresh token 유효성 검사
+        jwtService.validateRefreshToken(userByAccessToken, tokenPairDTO.getRefreshToken());
+
+        // access token, refresh token 새로 발급
+        TokenPairDTO newTokenPairDTO = jwtService.updateTokenPair(userByAccessToken);
+
+        // response header에 새로 발급한 token pair set
+        response.setHeader("Authorization-refresh", "Bearer " + newTokenPairDTO.getRefreshToken());
+        response.setHeader("Authorization", "Bearer " + newTokenPairDTO.getAccessToken());
+
+        System.out.println("tokenPairDTO.getAccessToken() = " + newTokenPairDTO.getAccessToken());
+        System.out.println("tokenPairDTO.getRefreshToken() = " + newTokenPairDTO.getRefreshToken());
+
+        // return
+        return new BaseResponse<>("토큰 갱신 요청 성공");
+    }
+}

src/main/java/space/space_spring/domain/authorization/jwt/model/TokenPairDTO.java

@@ -0,0 +1,16 @@
+package space.space_spring.domain.authorization.jwt.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class TokenPairDTO {
+
+    private String refreshToken;
+    private String accessToken;
+}

src/main/java/space/space_spring/domain/authorization/jwt/model/TokenType.java

@@ -0,0 +1,6 @@
+package space.space_spring.domain.authorization.jwt.model;
+
+public enum TokenType {
+    REFRESH,
+    ACCESS
+}