Skip to content

Commit

Permalink
fix: 애플 설정값 변수들 수정 및 카카오 설정값 변수 추가
Browse files Browse the repository at this point in the history
  • Loading branch information
wu-seong committed Jan 29, 2024
1 parent a379ce0 commit 68d2d59
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 28 deletions.
32 changes: 16 additions & 16 deletions src/main/java/com/onnoff/onnoff/auth/service/AppleLoginService.java
Original file line number Diff line number Diff line change
Expand Up @@ -36,25 +36,25 @@
public class AppleLoginService implements LoginService{
private final AppleAuthClient appleAuthClient;
private final SocialTokenValidator validator;
@Value("${apple.key.id")
private static String kid;
@Value("${apple.key.path")
private static String keyPath;
@Value("${apple.aud")
private static String aud;
@Value("${apple.iss")
private static String iss;
@Value("${apple.team-id")
private static String teamId;
@Value("${apple.redirect-uri")
private static String redirectUri;
@Value("${apple.key.id}")
private String kid;
@Value("${apple.key.path}")
private String keyPath;
@Value("${apple.client-id}")
private String clientId;
@Value("${apple.iss}")
private String iss;
@Value("${apple.team-id}")
private String teamId;
@Value("${apple.redirect-uri}")
private String redirectUri;
@Override
public TokenResponse getAccessTokenByCode(String code) {
// client secret 만들기
String clientSecret = createClientSecret();
// 요청
MultiValueMap<String, String> urlEncoded = TokenRequest.builder()
.clientId(aud)
.clientId(clientId)
.clientSecret(clientSecret)
.code("authorization_code_value")
.grantType("authorization_code")
Expand All @@ -74,8 +74,8 @@ private String createClientSecret() {
.setIssuer(teamId) // 토큰 발행자 = 우리 팀
.setIssuedAt(new Date(System.currentTimeMillis())) // 발행 시간 - UNIX 시간
.setExpiration(expirationDate) // 만료 시간
.setAudience(iss) // 내가 토큰을 발행하니까 애플을 aud로 반대로
.setSubject(aud) // 토큰의 주체 = 우리 앱
.setAudience(iss) // 애플이 수신자
.setSubject(clientId) // 토큰의 주체 = 우리 앱
.signWith(SignatureAlgorithm.ES256, getPrivateKey())
.compact();
} catch (IOException e) {
Expand All @@ -90,7 +90,7 @@ public String getAccessTokenByRfToken(String code) {
String appleRefreshToken = user.getAppleRefreshToken();
// 요청
MultiValueMap<String, String> urlEncoded = TokenRequest.builder()
.clientId(aud)
.clientId(clientId)
.clientSecret(clientSecret)
.refreshToken(appleRefreshToken)
.grantType("refresh_token")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
import com.onnoff.onnoff.domain.user.enums.SocialType;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;


Expand All @@ -20,15 +21,18 @@ public class KakaoLoginService implements LoginService{
private final KakaoOauth2Client kakaoOauth2Client;
private final KakaoApiClient kakaoApiClient;
private final SocialTokenValidator validator;

@Value("${kakao.client-id}")
private String clientId;
@Value("${kakao.redirect-uri}")
private String redirectUri;
/*
테스트 용으로 만든거, 실제로는 프론트에서 처리해서 액세스 토큰만 가져다 줌
*/
@Override
public TokenResponse getAccessTokenByCode(String code){
return kakaoOauth2Client.getAccessToken("authorization_code",
"32c0787d1b1e9fcabcc24af247903ba8",
"http://localhost:8080/oauth2/login/kakao",
clientId,
redirectUri,
code);
}
// id 토큰 유효성 검증
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,19 @@ public class SocialTokenValidatorImpl implements SocialTokenValidator{
private final KakaoOauth2Client kakaoOauth2Client;
private final AppleAuthClient appleAuthClient;
@Value("${kakao.iss}")
private static String kakaoIss;
@Value("${kakao.aud}")
private static String kakaoAud;
private String kakaoIss;
@Value("${kakao.client-id}")
private String kakaoAud;
@Value("${apple.iss}")
private static String appleIss;
@Value("${apple.aud}")
private static String appleAud;
private String appleIss;
@Value("${apple.client-id}")
private String appleAud;

/**
* 1. 공개키(JWK) 목록 조회하여 맞는 공개키 정보 획득
* 2. 검증에 사용할 수 있는 공개키로 변환
* 3. 공개키로 ID토큰 검증
*/
@Override
public void validate(String token, SocialType socialType) {
JwkResponse.Jwk matchingJwk = getMatchingJwk(token, socialType);
Expand All @@ -51,9 +57,9 @@ public void validate(String token, SocialType socialType) {
private Jwt<Header, Claims> verifyToken(String token, String iss, String aud, PublicKey publicKey) {
try {
return (Jwt<Header, Claims>) Jwts.parser()
.requireAudience(aud)
.requireIssuer(iss)
.verifyWith(publicKey)
.requireAudience(aud) //수신자 검증
.requireIssuer(iss) // 발급자 검증
.verifyWith(publicKey) // 시그니처 검증
.build()
.parse(token);
}
Expand Down

0 comments on commit 68d2d59

Please sign in to comment.