Skip to content

Commit

Permalink
refactor: Provider 삭제 및 로직 이동
Browse files Browse the repository at this point in the history
  • Loading branch information
@BGuga
BGuga committed May 11, 2024
1 parent 174d1b7 commit 99a7e6b
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 76 deletions.
51 changes: 47 additions & 4 deletions backend/src/main/java/com/festago/auth/infrastructure/openid/AppleOpenIdClient.java
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,63 @@
package com.festago.auth.infrastructure.openid;

import com.festago.auth.domain.OpenIdClient;
import com.festago.auth.domain.OpenIdNonceValidator;
import com.festago.auth.domain.SocialType;
import com.festago.auth.domain.UserInfo;
import lombok.RequiredArgsConstructor;
import com.festago.common.exception.ErrorCode;
import com.festago.common.exception.UnauthorizedException;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import java.time.Clock;
import java.util.Date;
import java.util.Set;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Slf4j
@Component
@RequiredArgsConstructor
public class AppleOpenIdClient implements OpenIdClient {

private final AppleOpenIdUserInfoProvider appleOpenIdUserInfoProvider;
private static final String ISSUER = "https://appleid.apple.com";
private final OpenIdNonceValidator openIdNonceValidator;
private final OpenIdIdTokenParser idTokenParser;
private final String clientId;

public AppleOpenIdClient(
@Value("${festago.oauth2.apple.client-id}") String appleClientId,
AppleOpenIdPublicKeyLocator appleOpenIdPublicKeyLocator,
OpenIdNonceValidator openIdNonceValidator,
Clock clock
) {
this.clientId = appleClientId;
this.openIdNonceValidator = openIdNonceValidator;
this.idTokenParser = new OpenIdIdTokenParser(Jwts.parser()
.keyLocator(appleOpenIdPublicKeyLocator)
.requireIssuer(ISSUER)
.clock(() -> Date.from(clock.instant()))
.build());
}

@Override
public UserInfo getUserInfo(String idToken) {
return appleOpenIdUserInfoProvider.provide(idToken);
Claims payload = idTokenParser.parse(idToken);
openIdNonceValidator.validate(payload.get("nonce", String.class), payload.getExpiration());
validateAudience(payload.getAudience());
return UserInfo.builder()
.socialType(SocialType.APPLE)
.socialId(payload.getSubject())
.build();
}

private void validateAudience(Set<String> audiences) {
for (String audience : audiences) {
if (clientId.equals(audience)) {
return;
}
}
log.info("허용되지 않는 id 토큰의 audience 값이 요청되었습니다. audiences={}", audiences);
throw new UnauthorizedException(ErrorCode.OPEN_ID_INVALID_TOKEN);
}

@Override
Expand Down
62 changes: 0 additions & 62 deletions ...end/src/main/java/com/festago/auth/infrastructure/openid/AppleOpenIdUserInfoProvider.java
View file

This file was deleted.

20 changes: 10 additions & 10 deletions ...enid/AppleOpenIdUserInfoProviderTest.java → ...ructure/openid/AppleOpenIdClientTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,9 @@

@DisplayNameGeneration(ReplaceUnderscores.class)
@SuppressWarnings("NonAsciiCharacters")
class AppleOpenIdUserInfoProviderTest {
class AppleOpenIdClientTest {

AppleOpenIdUserInfoProvider appleOpenIdUserInfoProvider;
AppleOpenIdClient appleOpenIdClient;

AppleOpenIdPublicKeyLocator keyLocator;

Expand All @@ -37,7 +37,7 @@ class AppleOpenIdUserInfoProviderTest {
void setUp() {
keyLocator = mock();
clock = spy(Clock.systemDefaultZone());
appleOpenIdUserInfoProvider = new AppleOpenIdUserInfoProvider(
appleOpenIdClient = new AppleOpenIdClient(
"appleClientId",
keyLocator,
new NoopOpenIdNonceValidator(),
Expand All @@ -59,7 +59,7 @@ void setUp() {
.compact();

// when & then
assertThatThrownBy(() -> appleOpenIdUserInfoProvider.provide(idToken))
assertThatThrownBy(() -> appleOpenIdClient.getUserInfo(idToken))
.isInstanceOf(UnauthorizedException.class)
.hasMessage(ErrorCode.OPEN_ID_INVALID_TOKEN.getMessage());
}
Expand All @@ -78,7 +78,7 @@ void setUp() {
.compact();

// when & then
assertThatThrownBy(() -> appleOpenIdUserInfoProvider.provide(idToken))
assertThatThrownBy(() -> appleOpenIdClient.getUserInfo(idToken))
.isInstanceOf(UnauthorizedException.class)
.hasMessage(ErrorCode.OPEN_ID_INVALID_TOKEN.getMessage());
}
Expand All @@ -98,7 +98,7 @@ void setUp() {
.compact();

// when & then
assertThatThrownBy(() -> appleOpenIdUserInfoProvider.provide(idToken))
assertThatThrownBy(() -> appleOpenIdClient.getUserInfo(idToken))
.isInstanceOf(UnauthorizedException.class)
.hasMessage(ErrorCode.OPEN_ID_INVALID_TOKEN.getMessage());
}
Expand All @@ -118,7 +118,7 @@ void setUp() {
.compact();

// when & then
assertThatThrownBy(() -> appleOpenIdUserInfoProvider.provide(idToken))
assertThatThrownBy(() -> appleOpenIdClient.getUserInfo(idToken))
.isInstanceOf(UnauthorizedException.class)
.hasMessage(ErrorCode.OPEN_ID_INVALID_TOKEN.getMessage());
}
Expand All @@ -137,7 +137,7 @@ void setUp() {
.compact();

// when & then
assertThatThrownBy(() -> appleOpenIdUserInfoProvider.provide(idToken))
assertThatThrownBy(() -> appleOpenIdClient.getUserInfo(idToken))
.isInstanceOf(UnauthorizedException.class)
.hasMessage(ErrorCode.OPEN_ID_INVALID_TOKEN.getMessage());
}
Expand All @@ -158,7 +158,7 @@ void setUp() {
.compact();

// when
var expect = appleOpenIdUserInfoProvider.provide(idToken);
var expect = appleOpenIdClient.getUserInfo(idToken);

// then
assertThat(expect.socialId()).isEqualTo(socialId);
Expand All @@ -180,7 +180,7 @@ void setUp() {
.compact();

// when
var expect = appleOpenIdUserInfoProvider.provide(idToken);
var expect = appleOpenIdClient.getUserInfo(idToken);

// then
assertThat(expect.socialId()).isEqualTo(socialId);
Expand Down

0 comments on commit 99a7e6b

Please sign in to comment.