[FEAT, REFACTOR] 소셜 토큰 재발급 기능 추가 및 기존 토큰 재발급에 사용되는 DTO명 수정

src/main/java/org/kakaoshare/backend/domain/member/controller/OAuthController.java

@@ -4,6 +4,7 @@
 import org.kakaoshare.backend.domain.member.dto.oauth.authenticate.OAuthLoginRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.authenticate.OAuthLoginResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.ReissueRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthLogoutRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthSocialLogoutRequest;
 import org.kakaoshare.backend.domain.member.service.oauth.OAuthService;
@@ -38,8 +39,14 @@ public ResponseEntity<Void> socialLogout(@RequestBody final OAuthSocialLogoutReq
     }
 
     @PostMapping("/reissue")
-    public ResponseEntity<?> reissue(@RequestBody final OAuthReissueRequest oAuthReissueRequest) {
+    public ResponseEntity<?> reissue(@RequestBody final ReissueRequest reissueRequest) {
         return ResponseEntity.ok()
-                .body(oAuthService.reissue(oAuthReissueRequest));
+                .body(oAuthService.reissue(reissueRequest));
+    }
+
+    @PostMapping("/social/reissue")
+    public ResponseEntity<?> socialReissue(@RequestBody final OAuthReissueRequest oAuthReissueRequest) {
+        return ResponseEntity.ok()
+                .body(oAuthService.socialReissue(oAuthReissueRequest));
     }
 }

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/issue/OAuthReissueRequest.java

@@ -1,4 +1,4 @@
 package org.kakaoshare.backend.domain.member.dto.oauth.issue;
 
-public record OAuthReissueRequest(String refreshToken) {
+public record OAuthReissueRequest(String provider, String refreshToken) {
 }

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/issue/OAuthReissueResponse.java

@@ -1,10 +1,10 @@
 package org.kakaoshare.backend.domain.member.dto.oauth.issue;
 
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.token.RefreshTokenDto;
-import org.kakaoshare.backend.domain.member.entity.token.RefreshToken;
 
 public record OAuthReissueResponse(String accessToken, RefreshTokenDto refreshToken) {
-    public static OAuthReissueResponse of(final String accessToken, final RefreshToken refreshToken) {
-        return new OAuthReissueResponse(accessToken, RefreshTokenDto.from(refreshToken));
+    public static OAuthReissueResponse from(final OAuthTokenResponse oAuthTokenResponse) {
+        return new OAuthReissueResponse(oAuthTokenResponse.access_token(), RefreshTokenDto.from(oAuthTokenResponse));
     }
-}
+}

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/issue/ReissueRequest.java

@@ -0,0 +1,4 @@
+package org.kakaoshare.backend.domain.member.dto.oauth.issue;
+
+public record ReissueRequest(String refreshToken) {
+}

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/issue/ReissueResponse.java

@@ -0,0 +1,10 @@
+package org.kakaoshare.backend.domain.member.dto.oauth.issue;
+
+import org.kakaoshare.backend.domain.member.dto.oauth.token.RefreshTokenDto;
+import org.kakaoshare.backend.domain.member.entity.token.RefreshToken;
+
+public record ReissueResponse(String accessToken, RefreshTokenDto refreshToken) {
+    public static ReissueResponse of(final String accessToken, final RefreshToken refreshToken) {
+        return new ReissueResponse(accessToken, RefreshTokenDto.from(refreshToken));
+    }
+}

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/token/OAuthTokenRequest.java

@@ -4,15 +4,13 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 @Builder
-public record OAuthTokenRequest(String code, String client_id, String client_secret, String grant_type, String redirect_id) {
-    public static OAuthTokenRequest of(final ClientRegistration registration,
-                                       final String code) {
+public record OAuthTokenRequest(String grant_type, String client_id, String refresh_token, String client_secret) {
+    public static OAuthTokenRequest of(final ClientRegistration registration, final String refreshToken) {
         return OAuthTokenRequest.builder()
-                .code(code)
+                .grant_type(registration.getAuthorizationGrantType().getValue())
                 .client_id(registration.getClientId())
+                .refresh_token(refreshToken)
                 .client_secret(registration.getClientSecret())
-                .grant_type(registration.getAuthorizationGrantType().getValue())
-                .redirect_id(registration.getRedirectUri())
                 .build();
     }
 }

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/token/OAuthTokenResponse.java

@@ -1,12 +1,9 @@
 package org.kakaoshare.backend.domain.member.dto.oauth.token;
 
-import lombok.Builder;
-
-@Builder
-public record OAuthTokenResponse(String access_token, String refresh_token, Long expires_in) {
-    public static OAuthTokenResponse of(final String accessToken) {
-        return OAuthTokenResponse.builder()
-                .access_token(accessToken)
-                .build();
-    }
+/**
+ * @author kim-minwoo
+ * @param refresh_token 요청 시 사용된 리프레시 토큰의 만료 시간이 1개월 미만으로 남았을 때만 갱신되어 전달. 아닌 경우 null
+ * @param refresh_token_expires_in 요청 시 사용된 리프레시 토큰의 만료 시간이 1개월 미만으로 남았을 때만 갱신되어 전달. 아닌 경우 null
+ */
+public record OAuthTokenResponse(String token_type, String access_token, String refresh_token, Long expires_in, Long refresh_token_expires_in) {
 }

src/main/java/org/kakaoshare/backend/domain/member/dto/oauth/token/RefreshTokenDto.java

@@ -6,4 +6,8 @@ public record RefreshTokenDto(String value, Long expiration) {
     public static RefreshTokenDto from(final RefreshToken refreshToken) {
         return new RefreshTokenDto(refreshToken.getValue(), refreshToken.getExpiration());
     }
+
+    public static RefreshTokenDto from(final OAuthTokenResponse oAuthTokenResponse) {
+        return new RefreshTokenDto(oAuthTokenResponse.refresh_token(), oAuthTokenResponse.refresh_token_expires_in());
+    }
 }

src/main/java/org/kakaoshare/backend/domain/member/service/oauth/OAuthService.java

@@ -5,10 +5,13 @@
 import org.kakaoshare.backend.domain.member.dto.oauth.authenticate.OAuthLoginResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueResponse;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.ReissueRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.ReissueResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthLogoutRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthSocialLogoutRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.profile.OAuthProfile;
 import org.kakaoshare.backend.domain.member.dto.oauth.profile.OAuthProfileFactory;
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenResponse;
 import org.kakaoshare.backend.domain.member.entity.Member;
 import org.kakaoshare.backend.domain.member.entity.MemberDetails;
 import org.kakaoshare.backend.domain.member.entity.token.RefreshToken;
@@ -65,8 +68,8 @@ public void socialLogout(final OAuthSocialLogoutRequest oAuthSocialLogoutRequest
     }
 
     @Transactional
-    public OAuthReissueResponse reissue(final OAuthReissueRequest oAuthReissueRequest) {
-        final String refreshTokenValue = oAuthReissueRequest.refreshToken();
+    public ReissueResponse reissue(final ReissueRequest reissueRequest) {
+        final String refreshTokenValue = reissueRequest.refreshToken();
         final RefreshToken refreshToken = findRefreshTokenByValue(refreshTokenValue);
         final String providerId = refreshToken.getProviderId();
         final UserDetails userDetails = findUserDetailsByProviderId(providerId);
@@ -75,7 +78,14 @@ public OAuthReissueResponse reissue(final OAuthReissueRequest oAuthReissueReques
         refreshTokenRepository.delete(refreshToken);
         refreshTokenRepository.save(newRefreshToken);
 
-        return OAuthReissueResponse.of(accessToken, newRefreshToken);
+        return ReissueResponse.of(accessToken, newRefreshToken);
+    }
+
+    public OAuthReissueResponse socialReissue(final OAuthReissueRequest oAuthReissueRequest) {
+        final String provider = oAuthReissueRequest.provider();
+        final ClientRegistration registration = clientRegistrationRepository.findByRegistrationId(provider);
+        final OAuthTokenResponse oAuthTokenResponse = webClientService.issueToken(registration, oAuthReissueRequest);
+        return OAuthReissueResponse.from(oAuthTokenResponse);   // TODO: 5/27/24 응답 중 refresh_token 값은 요청 시 사용된 리프레시 토큰의 만료 시간이 1개월 미만으로 남았을 때만 갱신되어 전달
     }
 
     private OAuthProfile getProfile(final OAuthLoginRequest request, final ClientRegistration registration) {

src/main/java/org/kakaoshare/backend/domain/member/service/oauth/OAuthWebClientService.java

@@ -1,12 +1,14 @@
 package org.kakaoshare.backend.domain.member.service.oauth;
 
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthSocialLogoutRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenResponse;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import java.util.Map;
 
 public interface OAuthWebClientService {
     Map<String, Object> getSocialProfile(final ClientRegistration registration, final String socialToken);
-
+    OAuthTokenResponse issueToken(final ClientRegistration registration, final OAuthReissueRequest oAuthReissueRequest);
     void expireToken(final ClientRegistration registration, final OAuthSocialLogoutRequest oAuthSocialLogoutRequest);
 }

src/main/java/org/kakaoshare/backend/domain/member/service/oauth/detail/kakao/KakaoOAuthService.java

@@ -1,12 +1,19 @@
 package org.kakaoshare.backend.domain.member.service.oauth.detail.kakao;
 
+import org.kakaoshare.backend.common.util.MultiValueMapConverter;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthSocialLogoutRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.detail.kakao.request.KakaoLogoutRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenResponse;
 import org.kakaoshare.backend.domain.member.service.oauth.OAuthWebClientService;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.ParameterizedTypeReference;
+import org.springframework.http.MediaType;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.stereotype.Service;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.reactive.function.BodyInserters;
 import org.springframework.web.reactive.function.client.WebClient;
 
 import java.util.Map;
@@ -36,6 +43,21 @@ public Map<String, Object> getSocialProfile(final ClientRegistration registratio
                 .block();
     }
 
+    @Override
+    public OAuthTokenResponse issueToken(final ClientRegistration registration,
+                                         final OAuthReissueRequest oAuthReissueRequest) {
+        final String socialRefreshToken = oAuthReissueRequest.refreshToken();
+        final OAuthTokenRequest oAuthTokenRequest = OAuthTokenRequest.of(registration, socialRefreshToken);
+        final MultiValueMap<String, String> params = MultiValueMapConverter.convert(oAuthTokenRequest);
+        return webClient.post()
+                .uri(getTokenRequestUri(registration))
+                .headers(header -> header.setContentType(MediaType.APPLICATION_FORM_URLENCODED))
+                .body(BodyInserters.fromFormData(params))
+                .retrieve()
+                .bodyToMono(OAuthTokenResponse.class)
+                .block();
+    }
+
     @Override
     public void expireToken(final ClientRegistration registration,
                             final OAuthSocialLogoutRequest oAuthSocialLogoutRequest) {
@@ -56,4 +78,9 @@ private String getProfileRequestUri(final ClientRegistration registration) {
                 .getUserInfoEndpoint()
                 .getUri();
     }
+
+    private String getTokenRequestUri(final ClientRegistration registration) {
+        return registration.getProviderDetails()
+                .getTokenUri();
+    }
 }

src/main/resources/application-dev.yml

@@ -31,8 +31,7 @@ spring:
             client-secret: QH0n8i9qoDE4TkeVl9p9aFPRQVcIgXHC
             client-authentication-method: POST
             client-name: kakao
-            redirect-uri: http://localhost:3000/oauth/kakao
-            authorization-grant-type: authorization_code
+            authorization-grant-type: refresh_token
             scope:
               - profile_nickname
               - profile_image

src/test/java/org/kakaoshare/backend/domain/member/service/OAuthServiceTest.java

@@ -8,9 +8,12 @@
 import org.kakaoshare.backend.domain.member.dto.oauth.authenticate.OAuthLoginResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.issue.OAuthReissueResponse;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.ReissueRequest;
+import org.kakaoshare.backend.domain.member.dto.oauth.issue.ReissueResponse;
 import org.kakaoshare.backend.domain.member.dto.oauth.logout.OAuthSocialLogoutRequest;
 import org.kakaoshare.backend.domain.member.dto.oauth.profile.OAuthProfile;
 import org.kakaoshare.backend.domain.member.dto.oauth.profile.OAuthProfileFactory;
+import org.kakaoshare.backend.domain.member.dto.oauth.token.OAuthTokenResponse;
 import org.kakaoshare.backend.domain.member.entity.Member;
 import org.kakaoshare.backend.domain.member.entity.MemberDetails;
 import org.kakaoshare.backend.domain.member.entity.token.RefreshToken;
@@ -88,7 +91,7 @@ public void authenticateWhenNewMember() throws Exception {
         final OAuthProfile oAuthProfile = OAuthProfileFactory.of(attributes, registrationId);
         final OAuthLoginRequest request = new OAuthLoginRequest(registrationId, socialAccessToken);
 
-        doReturn(registration).when(clientRegistrationRepository).findByRegistrationId(registrationId);
+        mockingRegistration(registrationId, registration);
         doReturn(attributes).when(webClientService).getSocialProfile(registration, socialAccessToken);
         doReturn(member).when(memberRepository).save(any());
         doReturn(accessToken).when(jwtProvider).createAccessToken(userDetails);
@@ -109,7 +112,7 @@ public void authenticateWhenExistingMember() throws Exception {
         final OAuthProfile oAuthProfile = OAuthProfileFactory.of(attributes, registrationId);
         final OAuthLoginRequest request = new OAuthLoginRequest(registrationId, socialAccessToken);
 
-        doReturn(registration).when(clientRegistrationRepository).findByRegistrationId(registrationId);
+        mockingRegistration(registrationId, registration);
         doReturn(attributes).when(webClientService).getSocialProfile(registration, socialAccessToken);
         doReturn(member).when(memberRepository).save(any());
         doReturn(accessToken).when(jwtProvider).createAccessToken(userDetails);
@@ -133,9 +136,9 @@ public void reissue() throws Exception {
         doReturn(newRefreshToken).when(refreshTokenProvider).createToken(providerId);
         doReturn(newRefreshToken).when(refreshTokenRepository).save(newRefreshToken);
 
-        final OAuthReissueRequest oAuthReissueRequest = new OAuthReissueRequest(refreshTokenValue);
-        final OAuthReissueResponse actual = oAuthService.reissue(oAuthReissueRequest);
-        final OAuthReissueResponse expect = OAuthReissueResponse.of(accessToken, newRefreshToken);
+        final ReissueRequest reissueRequest = new ReissueRequest(refreshTokenValue);
+        final ReissueResponse actual = oAuthService.reissue(reissueRequest);
+        final ReissueResponse expect = ReissueResponse.of(accessToken, newRefreshToken);
 
         assertThat(actual).isEqualTo(expect);
     }
@@ -147,7 +150,7 @@ public void socialLogout() throws Exception {
         final ClientRegistration registration = getClientRegistration(provider);
         final OAuthSocialLogoutRequest oAuthSocialLogoutRequest = new OAuthSocialLogoutRequest(provider, providerId, socialAccessToken);
 
-        doReturn(registration).when(clientRegistrationRepository).findByRegistrationId(provider);
+        mockingRegistration(provider, registration);
         doNothing().when(webClientService).expireToken(registration, oAuthSocialLogoutRequest);
         assertThatCode(() -> oAuthService.socialLogout(oAuthSocialLogoutRequest))
                 .doesNotThrowAnyException();
@@ -160,12 +163,29 @@ public void socialLogoutWhenIvalidProviderId() throws Exception {
         final ClientRegistration registration = getClientRegistration(provider);
         final OAuthSocialLogoutRequest oAuthSocialLogoutRequest = new OAuthSocialLogoutRequest(provider, providerId, socialAccessToken);
 
-        doReturn(registration).when(clientRegistrationRepository).findByRegistrationId(provider);
+        mockingRegistration(provider, registration);
         doThrow(WebClientResponseException.class).when(webClientService).expireToken(registration, oAuthSocialLogoutRequest);
         assertThatThrownBy(() -> oAuthService.socialLogout(oAuthSocialLogoutRequest))
                 .isInstanceOf(WebClientResponseException.class);
     }
 
+    @Test
+    @DisplayName("카카오 소셜 토큰 재발급")
+    public void kakaoTokenReissue() throws Exception {
+        final String provider = "kakao";
+        final ClientRegistration registration = getClientRegistration(provider);
+        final OAuthReissueRequest oAuthReissueRequest = new OAuthReissueRequest(provider, refreshToken.getValue());
+        final OAuthTokenResponse oAuthTokenResponse = getOAuthTokenResponse(accessToken, refreshToken.getValue());
+
+        mockingRegistration(provider, registration);
+        doReturn(oAuthTokenResponse).when(webClientService).issueToken(registration, oAuthReissueRequest);
+
+        final OAuthReissueResponse actual = oAuthService.socialReissue(oAuthReissueRequest);
+        final OAuthReissueResponse expect = OAuthReissueResponse.from(oAuthTokenResponse);
+
+        assertThat(actual).isEqualTo(expect);
+    }
+
     private ClientRegistration getClientRegistration(final String registrationId) {
         return ClientRegistration.withRegistrationId(registrationId)
                 .clientId("client-id")
@@ -179,6 +199,10 @@ private ClientRegistration getClientRegistration(final String registrationId) {
                 .build();
     }
 
+    private void mockingRegistration(final String provider, final ClientRegistration registration) {
+        doReturn(registration).when(clientRegistrationRepository).findByRegistrationId(provider);
+    }
+
     private RefreshToken getRefreshToken() {
         return RefreshToken.from(providerId, "refreshToken", 100L);
     }
@@ -197,4 +221,14 @@ private Map<String, Object> kakaoAttributes() {
 
         return attributes;
     }
+
+    private OAuthTokenResponse getOAuthTokenResponse(final String accessToken, final String refreshToken) {
+        return new OAuthTokenResponse(
+                "refresh_token",
+                accessToken,
+                refreshToken,
+                1000L,
+                10000L
+        );
+    }
 }