From ed278ff548152098263c574a35bf24dd63491189 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=ED=83=9C=EC=9A=A9?= Date: Mon, 25 Sep 2023 21:17:04 +0900 Subject: [PATCH 1/5] =?UTF-8?q?refactor:=20=EB=A1=9C=EA=B7=B8=EC=95=84?= =?UTF-8?q?=EC=9B=83=20=EB=B9=84=EC=A6=88=EB=8B=88=EC=8A=A4=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EB=A6=AC=ED=8C=A9=ED=86=A0=EB=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/controller/AuthController.java | 17 +++++++------- .../domain/auth/service/AuthService.java | 23 ++++++++++++++----- 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java b/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java index e47cd79c1..19ad0cc89 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java @@ -46,15 +46,14 @@ public void socialLoginRedirect(@PathVariable(name = "oauthName") String oauthNa } @DeleteMapping("/logout") - public EnvelopeResponse logout(@CookieValue(value = "accessToken", defaultValue = "") String accessToken, - @CookieValue(value = "refreshToken", defaultValue = "") String refreshToken, - HttpServletResponse response) { - - if (!accessToken.equals("") || !refreshToken.equals("")) { - authService.deleteTokens(accessToken, refreshToken); - cookieProvider.setResponseWithCookies(response, null, null); - } - return EnvelopeResponse.builder().build(); + public EnvelopeResponse logout( + @CookieValue(value = "accessToken") String accessToken, + @CookieValue(value = "refreshToken") String refreshToken, + HttpServletResponse response) { + authService.deleteTokens(accessToken, refreshToken); + cookieProvider.setResponseWithCookies(response, null, null); + return EnvelopeResponse.builder() + .build(); } @GetMapping("/reissue") diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java index 3b478717a..ff210f168 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java @@ -17,14 +17,17 @@ import com.ssafy.ssafsound.domain.member.exception.MemberException; import com.ssafy.ssafsound.domain.member.repository.MemberLoginLogRepository; import com.ssafy.ssafsound.domain.member.repository.MemberTokenRepository; +import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import javax.servlet.http.HttpServletResponse; import java.time.Clock; import java.time.LocalDateTime; +import java.util.Objects; @Service +@Slf4j public class AuthService { private final OauthProviderFactory oauthProviderFactory; @@ -72,13 +75,21 @@ public CreateMemberTokensResDto createToken(AuthenticatedMember authenticatedMem @Transactional public void deleteTokens(String accessToken, String refreshToken) { Long memberId = null; - if (jwtTokenProvider.isValid(accessToken)) { - AuthenticatedMember authenticatedMember = jwtTokenProvider.getParsedClaims(accessToken); - memberId = authenticatedMember.getMemberId(); - } else if (jwtTokenProvider.isValid(refreshToken)) { - memberId = jwtTokenProvider.getMemberIdByRefreshToken(refreshToken); + + try { + if (!accessToken.equals("")) { + AuthenticatedMember authenticatedMember = jwtTokenProvider.getParsedClaims(accessToken); + memberId = authenticatedMember.getMemberId(); + } else if (!refreshToken.equals("")) { + memberId = jwtTokenProvider.getMemberIdByRefreshToken(refreshToken); + } + + if (Objects.nonNull(memberId)) { + memberTokenRepository.deleteById(memberId); + } + } catch (AuthException e) { + log.debug("유효하지 않은 토큰입니다."); } - if(memberId != null) memberTokenRepository.deleteById(memberId); } @Transactional(readOnly = true) From 15665a845e7884778a7e7a42b1f070e6e05da3ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=ED=83=9C=EC=9A=A9?= Date: Mon, 25 Sep 2023 21:21:12 +0900 Subject: [PATCH 2/5] =?UTF-8?q?fix:=20=EB=A9=94=EC=84=9C=EB=93=9C=20?= =?UTF-8?q?=EB=84=A4=EC=9D=B4=EB=B0=8D=20=EB=B3=80=EA=B2=BD=20=EB=B0=8F=20?= =?UTF-8?q?=EB=A9=94=EC=84=9C=EB=93=9C=20=EB=A7=A4=EA=B0=9C=EB=B3=80?= =?UTF-8?q?=EC=88=98=20=EB=84=A4=EC=9D=B4=EB=B0=8D=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ssafy/ssafsound/domain/auth/service/AuthService.java | 2 +- .../domain/auth/service/token/JwtTokenProvider.java | 4 ++-- .../auth/validator/AuthenticationArgumentResolver.java | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java index ff210f168..6f6f42ba4 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java @@ -78,7 +78,7 @@ public void deleteTokens(String accessToken, String refreshToken) { try { if (!accessToken.equals("")) { - AuthenticatedMember authenticatedMember = jwtTokenProvider.getParsedClaims(accessToken); + AuthenticatedMember authenticatedMember = jwtTokenProvider.getParsedClaimsByAccessToken(accessToken); memberId = authenticatedMember.getMemberId(); } else if (!refreshToken.equals("")) { memberId = jwtTokenProvider.getMemberIdByRefreshToken(refreshToken); diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java index 35f48d065..8dd8ee7e4 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java @@ -68,13 +68,13 @@ public Long getMemberIdByRefreshToken(String token) { return claims.get("memberId", Long.class); } - public AuthenticatedMember getParsedClaims(String token) { + public AuthenticatedMember getParsedClaimsByAccessToken(String accessToken) { Claims claims; try { claims = Jwts.parserBuilder() .setSigningKey(key) .build() - .parseClaimsJws(token) + .parseClaimsJws(accessToken) .getBody(); } catch (ExpiredJwtException e) { throw new AuthException(AuthErrorInfo.AUTH_TOKEN_EXPIRED); diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/validator/AuthenticationArgumentResolver.java b/src/main/java/com/ssafy/ssafsound/domain/auth/validator/AuthenticationArgumentResolver.java index 8d7424244..44185474a 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/validator/AuthenticationArgumentResolver.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/validator/AuthenticationArgumentResolver.java @@ -24,11 +24,11 @@ public boolean supportsParameter(MethodParameter parameter) { @Override public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) { HttpServletRequest request = webRequest.getNativeRequest(HttpServletRequest.class); - String token = AuthorizationExtractor.extractToken("accessToken", request); - if (token == null && request.getMethod().equals("GET")) { + String accessToken = AuthorizationExtractor.extractToken("accessToken", request); + if (accessToken == null && request.getMethod().equals("GET")) { return AuthenticatedMember.builder().build(); } - return jwtTokenProvider.getParsedClaims(token); + return jwtTokenProvider.getParsedClaimsByAccessToken(accessToken); } } From b470a8ad582b5a853b4e042b7f56d314bf2e1bba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=ED=83=9C=EC=9A=A9?= Date: Mon, 25 Sep 2023 21:32:20 +0900 Subject: [PATCH 3/5] =?UTF-8?q?chore:=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20import=20=EB=AC=B8=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ssafsound/domain/auth/controller/AuthController.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java b/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java index 19ad0cc89..7004715fa 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/controller/AuthController.java @@ -12,8 +12,6 @@ import com.ssafy.ssafsound.domain.member.dto.PostMemberReqDto; import com.ssafy.ssafsound.domain.member.service.MemberService; import com.ssafy.ssafsound.global.common.response.EnvelopeResponse; -import javax.servlet.http.HttpServletResponse; -import javax.validation.Valid; import org.springframework.http.HttpHeaders; import org.springframework.http.ResponseCookie; import org.springframework.web.bind.annotation.CookieValue; @@ -25,6 +23,9 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; +import javax.servlet.http.HttpServletResponse; +import javax.validation.Valid; + @RestController @RequestMapping("/auth") public class AuthController { From f6a3a6e9ada7e1bd356aa8b1ad0565410afab71c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=ED=83=9C=EC=9A=A9?= Date: Mon, 25 Sep 2023 21:33:08 +0900 Subject: [PATCH 4/5] =?UTF-8?q?refactor:=20=EC=95=A1=EC=84=B8=EC=8A=A4=20?= =?UTF-8?q?=ED=86=A0=ED=81=B0=EC=9C=BC=EB=A1=9C=EB=B6=80=ED=84=B0=20Claims?= =?UTF-8?q?=EB=A5=BC=20=EC=96=BB=EC=96=B4=EC=98=A4=EB=8A=94=20=EC=98=88?= =?UTF-8?q?=EC=99=B8=20=EC=B2=98=EB=A6=AC=20=EB=A6=AC=ED=8C=A9=ED=86=A0?= =?UTF-8?q?=EB=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/service/token/JwtTokenProvider.java | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java index 8dd8ee7e4..17c88397d 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/service/token/JwtTokenProvider.java @@ -1,12 +1,17 @@ package com.ssafy.ssafsound.domain.auth.service.token; import com.ssafy.ssafsound.domain.auth.dto.AuthenticatedMember; -import com.ssafy.ssafsound.domain.auth.exception.AuthException; import com.ssafy.ssafsound.domain.auth.exception.AuthErrorInfo; -import io.jsonwebtoken.*; +import com.ssafy.ssafsound.domain.auth.exception.AuthException; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jws; +import io.jsonwebtoken.JwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; -import io.jsonwebtoken.security.Keys; + import java.nio.charset.StandardCharsets; import java.security.Key; import java.util.Date; @@ -78,7 +83,10 @@ public AuthenticatedMember getParsedClaimsByAccessToken(String accessToken) { .getBody(); } catch (ExpiredJwtException e) { throw new AuthException(AuthErrorInfo.AUTH_TOKEN_EXPIRED); + } catch (JwtException | IllegalArgumentException e) { + throw new AuthException(AuthErrorInfo.AUTH_TOKEN_INVALID); } + Long memberId = claims.get("memberId", Long.class); String memberRole = claims.get("memberRole", String.class); From d9cc1126bbc29ac546e261814a486641c4563d8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=ED=83=9C=EC=9A=A9?= Date: Tue, 26 Sep 2023 17:59:32 +0900 Subject: [PATCH 5/5] =?UTF-8?q?fix:=20=EB=B9=88=EB=AC=B8=EC=9E=90=EC=97=B4?= =?UTF-8?q?=20=EC=B2=B4=ED=81=AC=20StringUtils=20=EC=82=AC=EC=9A=A9?= =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/ssafy/ssafsound/domain/auth/service/AuthService.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java index 6f6f42ba4..287af8265 100644 --- a/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java +++ b/src/main/java/com/ssafy/ssafsound/domain/auth/service/AuthService.java @@ -20,6 +20,7 @@ import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletResponse; import java.time.Clock; @@ -77,10 +78,10 @@ public void deleteTokens(String accessToken, String refreshToken) { Long memberId = null; try { - if (!accessToken.equals("")) { + if (StringUtils.hasText(accessToken)) { AuthenticatedMember authenticatedMember = jwtTokenProvider.getParsedClaimsByAccessToken(accessToken); memberId = authenticatedMember.getMemberId(); - } else if (!refreshToken.equals("")) { + } else if (StringUtils.hasText(refreshToken)) { memberId = jwtTokenProvider.getMemberIdByRefreshToken(refreshToken); }