🐛 fix: Fix Callback URL, Header validation logic

waktaplay · Feb 18, 2024 · e624771 · e624771
1 parent 41d2b47
commit e624771
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 6 deletions.
diff --git a/src/auth/oauth2/oauth2.controller.ts b/src/auth/oauth2/oauth2.controller.ts
@@ -169,8 +169,19 @@ export class OAuth2Controller {
     try {
       const { code, refresh_token, grant_type, redirect_uri } = body
 
-      const [clientId, clientSecret] =
-        req.headers.Authorization?.split('Basic ')[1].split(':')
+      if (!req.headers.authorization) {
+        throw new APIException(
+          HttpStatus.UNAUTHORIZED,
+          '"Authorization" 헤더는 필수입니다.',
+        )
+      }
+
+      const [clientId, clientSecret] = Buffer.from(
+        req.headers.authorization.split('Basic ')[1],
+        'base64',
+      )
+        .toString('utf8')
+        .split(':')
 
       // 요청값 검증
       if (!clientId || !clientSecret) {
@@ -187,6 +198,10 @@ export class OAuth2Controller {
         )
       }
 
+      this.logger.debug(
+        `Access Token Request: ${grant_type} ${code} ${refresh_token}`,
+      )
+
       if (grant_type === 'authorization_code') {
         if (!code || !redirect_uri) {
           throw new APIException(

diff --git a/src/auth/strategies/discord.strategy.ts b/src/auth/strategies/discord.strategy.ts
@@ -11,7 +11,7 @@ export class DiscordStrategy extends PassportStrategy(Strategy, 'discord') {
     super({
       clientID: process.env.DISCORD_CLIENT_ID,
       clientSecret: process.env.DISCORD_CLIENT_SECRET,
-      callbackURL: 'http://localhost:4400/signin/discord',
+      callbackURL: 'https://auth.spacewak.net/signin/discord',
       scope: ['identify', 'email'],
     } as StrategyOptions)
   }

diff --git a/src/auth/strategies/google.strategy.ts b/src/auth/strategies/google.strategy.ts
@@ -16,7 +16,7 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
     super({
       clientID: process.env.GOOGLE_CLIENT_ID,
       clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-      callbackURL: 'http://localhost:4400/signin/google',
+      callbackURL: 'https://auth.spacewak.net/signin/google',
       scope: ['email', 'profile'],
     } as _StrategyOptionsBase)
   }

diff --git a/src/auth/strategies/kakao.strategy.ts b/src/auth/strategies/kakao.strategy.ts
@@ -11,7 +11,7 @@ export class KakaoStrategy extends PassportStrategy(Strategy, 'kakao') {
     super({
       clientID: process.env.KAKAO_CLIENT_ID,
       clientSecret: process.env.KAKAO_CLIENT_SECRET,
-      callbackURL: 'http://localhost:4400/signin/kakao',
+      callbackURL: 'https://auth.spacewak.net/signin/kakao',
       scope: ['profile_nickname', 'profile_image', 'account_email'],
     } as StrategyOption)
   }

diff --git a/src/auth/withdrawal/withdrawal.controller.ts b/src/auth/withdrawal/withdrawal.controller.ts
@@ -31,7 +31,7 @@ export class WithdrawalController {
     type: APIResponseDto,
   })
   async kakaoWithdrawal(
-    @Headers('Authorization') authorization,
+    @Headers('authorization') authorization,
     @Body() body: kakaoWithdrawalRequestDto,
   ): Promise<void> {
     if (authorization !== `KakaoAK ${process.env.KAKAO_ADMIN_KEY}`) {