From 43c3ecd99fa422353a901bfbc9ed1662b2826d0b Mon Sep 17 00:00:00 2001
From: sudago <sudago22@gmail.com>
Date: Mon, 11 Sep 2023 11:53:55 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20Refresh-Token=20=EC=84=A4=EC=A0=95=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80=20#55?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../main/java/kr/codesquad/core/config/SecurityConfig.java   | 5 ++++-
 .../jwt/service/JwtAuthenticationSuccessHandler.java         | 2 +-
 be/src/main/java/kr/codesquad/util/Constants.java            | 2 ++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java b/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java
index ff95bea7d..1e771c095 100644
--- a/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java
+++ b/be/src/main/java/kr/codesquad/core/config/SecurityConfig.java
@@ -2,6 +2,7 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
@@ -22,6 +23,7 @@
 import kr.codesquad.jwt.service.JwtAuthenticationSuccessHandler;
 import kr.codesquad.jwt.service.JwtProvider;
 import kr.codesquad.user.service.UserService;
+import kr.codesquad.util.Constants;
 import lombok.RequiredArgsConstructor;
 
 @EnableWebSecurity // spring security 설정을 활성화시켜주는 어노테이션
@@ -87,7 +89,8 @@ public CorsConfigurationSource configurationSource() {
 		configuration.addAllowedMethod("*"); // GET, POST, PUT, DELETE (Javascript 요청 허용)
 		configuration.addAllowedOriginPattern("*"); // 모든 IP 주소 허용 (프론트 앤드 IP만 허용 react)
 		configuration.setAllowCredentials(true); // 클라이언트에서 쿠키 요청 허용
-		configuration.addExposedHeader("Authorization"); // 옛날에는 디폴트 였다. 지금은 아닙니다.
+		configuration.addExposedHeader(HttpHeaders.AUTHORIZATION);// 옛날에는 디폴트 였다. 지금은 아닙니다.
+		configuration.addExposedHeader(Constants.REFRESH_TOKEN);
 		UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
 		source.registerCorsConfiguration("/**", configuration);
 		return source;
diff --git a/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java b/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java
index a3e4c1c11..ce36165a8 100644
--- a/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java
+++ b/be/src/main/java/kr/codesquad/jwt/service/JwtAuthenticationSuccessHandler.java
@@ -46,7 +46,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 		userData.put("profileImageUrl", user.getProfileImageUrl());
 
 		response.setHeader(HttpHeaders.AUTHORIZATION, Constants.TOKEN_PREFIX + jwt.getAccessToken());
-		response.setHeader("Refresh-Token", Constants.TOKEN_PREFIX + jwt.getRefreshToken());
+		response.setHeader(Constants.REFRESH_TOKEN, Constants.TOKEN_PREFIX + jwt.getRefreshToken());
 		response.setContentType(MediaType.APPLICATION_JSON_VALUE);
 		response.getWriter().write(new ObjectMapper().writeValueAsString(userData));
 	}
diff --git a/be/src/main/java/kr/codesquad/util/Constants.java b/be/src/main/java/kr/codesquad/util/Constants.java
index 09668f0ad..d0f6515b0 100644
--- a/be/src/main/java/kr/codesquad/util/Constants.java
+++ b/be/src/main/java/kr/codesquad/util/Constants.java
@@ -3,4 +3,6 @@
 public final class Constants {
 	public static final String LOGIN_ID = "loginId";
 	public static final String TOKEN_PREFIX = "Bearer ";
+
+	public static final String REFRESH_TOKEN = "Refresh-Token";
 }