-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* chore: 시큐리티 form 로그인 및 세션 등 비활성화 처리 * chore: oauth 의존성 추가 * chore: 시큐리티 yml 파일 작성 * feat: OAuth 정보로 조회하는 메서드 추가 * feat: OAuth 정보 필드를 멤버 엔티티에 추가 * feat: 게스트 멤버 유저 생성 메서드 구현 * chore: 공통 프로파일 분리 * chore: jwt 의존성 추가 * chore: 시큐리티 전용 설정 파일 분리 * feat: 시큐리티 yml에 만료시간 및 발급자 추가 * feat: JwtProperties 추가 * feat: JwtTokenProvider 구현 * feat: 에러코드 추가 * feat: 리프레시 토큰 및 레포지터리 임시 구현 * feat: OIDC 유저 서비스 구현 * feat: 성공 핸들러 임시 추가 * feat: 엑세스 토큰 DTO 추가 * feat: 시큐리티 OAuth 설정 반영 * fix: MemberRole이 게스트 상태를 가지도록 수정 * feat: 게스트 역할 여부 확인을 위한 커스텀 OIDC 유저 구현 * feat: 표준 스코프 스펙과 관계없이 userinfo를 가져오도록 빈 스코프로 설정 * refactor: OIDC 유저 서비스가 OidcUser 인터페이스에 의존하도록 변경 * feat: 시큐리티 관련 상수 클래스 추가 * feat: OIDC 로그인 성공 핸들러 구현 * refactor: 상수 클래스로 대체 * docs: 주석 변경 * fix: 토큰 키가 필요한 시점에 초기화되도록 수정 * fix: 오타 및 포매팅 수정 * refactor: 테스트 시 JPA 관련 빈 로딩 제외를 위해 설정 클래스 분리 * refactor: 리프레시 토큰의 ttl을 인자로 받도록 수정 * test: 리프레시 토큰 레포지터리 테스트 작성 * refactor: token 패키지를 auth 패키지로 변경 * feat: 마지막 로그인 시간 업데이트 기능 구현 * feat: 게스트 멤버 회원가입 구현 * test: 멤버 도메인 유닛 테스트 변경 및 회원가입 테스트 작성 * feat: 회원가입 서비스 및 컨트롤러 구현 * refactor: 필터와 토큰 간 결합도 낮추기 위해 프로바이더와 서비스 분리 * refactor: 리다이렉트 경로 및 상수 수정 * feat: JWT 인증 필터 구현 * feat: 토큰 재발급 로직 구현 * feat: 멤버 가입 DTO 추가 * feat: 토큰 만료 여부 확인 메서드 구현 * style: spotlessApply * fix: 토큰이 있는 경우에만 체크하도록 수정 * refactor: 로컬 환경에서는 디비 스키마 항상 새로 생성 * refactor: 프론트 회원가입 페이지 url 반영 * feat: 허용된 URL 외에는 인증 수행하도록 변경 * feat: JWT 인증 필터 추가 * refactor: 회원가입 필요 여부는 헤더에 담아서 응답하도록 변경 * feat: atk, rtk 둘 다 만료 아닌 경우 rtk 재발급하는 로직 추가 * refactor: 커스텀 헤더 이름 변경 * refactor: 상수 클래스의 인스턴스화 막기 * refactor: 에러코드 위치 변경 * style: 포매팅 수정 * docs: 인증 API 스웨거 태그 추가 * chore: 환경변수 디폴트값 지정 * fix: 누락된 쉼표 추가 * style: 개행 추가 * fix: 컨트롤러 테스트에서 시큐리티 설정 제외 * feat: 애플 키파일로 시크릿 만드는 로직 임시 구현 * chore: 애플 프로바이더 및 클라이언트 정보 추가 * feat: 애플 요청 엔티티 컨버터 구현 * feat: 애플 요청 엔티티 컨버터 V2 구현 * feat: 애플 프로퍼티 로드하는 로직 구현 * docs: TODO 추가 * feat: 에러코드 추가 * feat: OIDC 로그인 실패 핸들러 추가 * feat: 커스텀 OAuth 엑세스 토큰 클라이언트 구현 * refactor: 한 라인에 한번의 작업만 수행하도록 개선 * fix: 오타 수정 * feat: 컨트롤러 테스트 임시 비활성화 처리 * refactor: 컴포넌트 추가 * feat: 시큐리티 설정 추가 * style: spotless 적용 * chore: 엑세스 토큰 시간 변경 * fix: OAuth 관련 설정 비활성화 * fix: OAuth 관련 환경변수 디폴트값 설정 * fix: 필터 모킹 추가 * docs: 주석 수정 * style: spotless 적용
- Loading branch information
Showing
38 changed files
with
1,170 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
31 changes: 31 additions & 0 deletions
31
src/main/java/com/depromeet/domain/auth/api/AuthController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
package com.depromeet.domain.auth.api; | ||
|
||
import com.depromeet.domain.auth.application.AuthService; | ||
import com.depromeet.domain.auth.application.JwtTokenService; | ||
import com.depromeet.domain.auth.dto.MemberRegisterRequest; | ||
import io.swagger.v3.oas.annotations.Operation; | ||
import io.swagger.v3.oas.annotations.tags.Tag; | ||
import jakarta.validation.Valid; | ||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.http.ResponseEntity; | ||
import org.springframework.web.bind.annotation.PostMapping; | ||
import org.springframework.web.bind.annotation.RequestBody; | ||
import org.springframework.web.bind.annotation.RequestMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
@Tag(name = "1. [인증]", description = "인증 관련 API") | ||
@RestController | ||
@RequestMapping("/auth") | ||
@RequiredArgsConstructor | ||
public class AuthController { | ||
|
||
private final JwtTokenService jwtTokenService; | ||
private final AuthService authService; | ||
|
||
@Operation(summary = "회원가입", description = "회원가입을 진행합니다.") | ||
@PostMapping("/register") | ||
public ResponseEntity<Void> memberRegister(@Valid @RequestBody MemberRegisterRequest request) { | ||
authService.registerMember(request); | ||
return ResponseEntity.ok().build(); | ||
} | ||
} |
23 changes: 23 additions & 0 deletions
23
src/main/java/com/depromeet/domain/auth/application/AuthService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
package com.depromeet.domain.auth.application; | ||
|
||
import com.depromeet.domain.auth.dto.MemberRegisterRequest; | ||
import com.depromeet.domain.member.dao.MemberRepository; | ||
import com.depromeet.domain.member.domain.Member; | ||
import com.depromeet.global.util.MemberUtil; | ||
import lombok.RequiredArgsConstructor; | ||
import lombok.extern.slf4j.Slf4j; | ||
import org.springframework.stereotype.Service; | ||
|
||
@Slf4j | ||
@Service | ||
@RequiredArgsConstructor | ||
public class AuthService { | ||
|
||
private final MemberRepository memberRepository; | ||
private final MemberUtil memberUtil; | ||
|
||
public void registerMember(MemberRegisterRequest request) { | ||
final Member member = memberUtil.getCurrentMember(); | ||
member.register(request.nickname()); | ||
} | ||
} |
87 changes: 87 additions & 0 deletions
87
src/main/java/com/depromeet/domain/auth/application/JwtTokenService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
package com.depromeet.domain.auth.application; | ||
|
||
import com.depromeet.domain.auth.dao.RefreshTokenRepository; | ||
import com.depromeet.domain.auth.domain.RefreshToken; | ||
import com.depromeet.domain.auth.dto.AccessToken; | ||
import com.depromeet.domain.member.dao.MemberRepository; | ||
import com.depromeet.domain.member.domain.Member; | ||
import com.depromeet.domain.member.domain.MemberRole; | ||
import com.depromeet.global.config.security.PrincipalDetails; | ||
import com.depromeet.global.security.JwtTokenProvider; | ||
import java.util.NoSuchElementException; | ||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.userdetails.UserDetails; | ||
import org.springframework.stereotype.Service; | ||
|
||
@Service | ||
@RequiredArgsConstructor | ||
public class JwtTokenService { | ||
|
||
private final JwtTokenProvider jwtTokenProvider; | ||
private final MemberRepository memberRepository; | ||
private final RefreshTokenRepository refreshTokenRepository; | ||
|
||
public String createAccessToken(Long memberId, MemberRole memberRole) { | ||
return jwtTokenProvider.generateAccessToken(memberId, memberRole); | ||
} | ||
|
||
public String createRefreshToken(Long memberId) { | ||
String token = jwtTokenProvider.generateRefreshToken(memberId); | ||
RefreshToken refreshToken = | ||
RefreshToken.builder() | ||
.memberId(memberId) | ||
.token(token) | ||
.ttl(jwtTokenProvider.getRefreshTokenExpirationTime()) | ||
.build(); | ||
refreshTokenRepository.save(refreshToken); | ||
return token; | ||
} | ||
|
||
public String reissueAccessToken(String refreshToken) { | ||
Member member = getMemberFrom(refreshToken); | ||
return createAccessToken(member.getId(), member.getRole()); | ||
} | ||
|
||
public String reissueAccessToken(AccessToken accessToken) { | ||
return createAccessToken(accessToken.memberId(), accessToken.memberRole()); | ||
} | ||
|
||
public String reissueRefreshToken(String refreshToken) { | ||
Member member = getMemberFrom(refreshToken); | ||
return createRefreshToken(member.getId()); | ||
} | ||
|
||
public String reissueRefreshToken(AccessToken accessToken) { | ||
return createRefreshToken(accessToken.memberId()); | ||
} | ||
|
||
private Member getMemberFrom(String refreshToken) throws NoSuchElementException { | ||
Long memberId = jwtTokenProvider.parseRefreshToken(refreshToken); | ||
return memberRepository.findById(memberId).orElseThrow(); | ||
} | ||
|
||
public Authentication getAuthentication(String accessToken) { | ||
AccessToken parsedAccessToken = jwtTokenProvider.parseAccessToken(accessToken); | ||
|
||
UserDetails userDetails = | ||
new PrincipalDetails( | ||
parsedAccessToken.memberId(), parsedAccessToken.memberRole().name()); | ||
|
||
return new UsernamePasswordAuthenticationToken( | ||
userDetails, null, userDetails.getAuthorities()); | ||
} | ||
|
||
public boolean isAccessTokenExpired(String accessToken) { | ||
return jwtTokenProvider.isAccessTokenExpired(accessToken); | ||
} | ||
|
||
public boolean isRefreshTokenExpired(String refreshToken) { | ||
return jwtTokenProvider.isRefreshTokenExpired(refreshToken); | ||
} | ||
|
||
public AccessToken parseAccessToken(String accessToken) { | ||
return jwtTokenProvider.parseAccessToken(accessToken); | ||
} | ||
} |
6 changes: 6 additions & 0 deletions
6
src/main/java/com/depromeet/domain/auth/dao/RefreshTokenRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
package com.depromeet.domain.auth.dao; | ||
|
||
import com.depromeet.domain.auth.domain.RefreshToken; | ||
import org.springframework.data.repository.CrudRepository; | ||
|
||
public interface RefreshTokenRepository extends CrudRepository<RefreshToken, Long> {} |
23 changes: 23 additions & 0 deletions
23
src/main/java/com/depromeet/domain/auth/domain/RefreshToken.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
package com.depromeet.domain.auth.domain; | ||
|
||
import lombok.Builder; | ||
import lombok.Getter; | ||
import org.springframework.data.annotation.Id; | ||
import org.springframework.data.redis.core.RedisHash; | ||
import org.springframework.data.redis.core.TimeToLive; | ||
|
||
@Getter | ||
@RedisHash(value = "refreshToken") | ||
public class RefreshToken { | ||
|
||
@Id private Long memberId; | ||
private String token; | ||
@TimeToLive private long ttl; | ||
|
||
@Builder | ||
public RefreshToken(Long memberId, String token, long ttl) { | ||
this.memberId = memberId; | ||
this.token = token; | ||
this.ttl = ttl; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
package com.depromeet.domain.auth.dto; | ||
|
||
import com.depromeet.domain.member.domain.MemberRole; | ||
|
||
public record AccessToken(Long memberId, MemberRole memberRole) {} |
5 changes: 5 additions & 0 deletions
5
src/main/java/com/depromeet/domain/auth/dto/MemberRegisterRequest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
package com.depromeet.domain.auth.dto; | ||
|
||
public record MemberRegisterRequest(String nickname) { | ||
// TODO: Add validation | ||
} |
7 changes: 6 additions & 1 deletion
7
src/main/java/com/depromeet/domain/member/dao/MemberRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,11 @@ | ||
package com.depromeet.domain.member.dao; | ||
|
||
import com.depromeet.domain.member.domain.Member; | ||
import com.depromeet.domain.member.domain.OauthInfo; | ||
import java.util.Optional; | ||
import org.springframework.data.jpa.repository.JpaRepository; | ||
|
||
public interface MemberRepository extends JpaRepository<Member, Long> {} | ||
public interface MemberRepository extends JpaRepository<Member, Long> { | ||
|
||
Optional<Member> findByOauthInfo(OauthInfo oauthInfo); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
18 changes: 18 additions & 0 deletions
18
src/main/java/com/depromeet/domain/member/domain/OauthInfo.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
package com.depromeet.domain.member.domain; | ||
|
||
import jakarta.persistence.Embeddable; | ||
import lombok.AllArgsConstructor; | ||
import lombok.Builder; | ||
import lombok.Getter; | ||
import lombok.NoArgsConstructor; | ||
|
||
@Embeddable | ||
@Getter | ||
@Builder | ||
@NoArgsConstructor | ||
@AllArgsConstructor | ||
public class OauthInfo { | ||
|
||
private String oauthId; | ||
private String oauthProvider; | ||
} |
12 changes: 12 additions & 0 deletions
12
src/main/java/com/depromeet/global/common/constants/SecurityConstants.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
package com.depromeet.global.common.constants; | ||
|
||
public final class SecurityConstants { | ||
|
||
private SecurityConstants() {} | ||
|
||
public static final String TOKEN_ROLE_NAME = "role"; | ||
public static final String TOKEN_PREFIX = "Bearer "; | ||
public static final String ACCESS_TOKEN_HEADER = "Authorization"; | ||
public static final String REFRESH_TOKEN_HEADER = "Refresh-Token"; | ||
public static final String REGISTER_REQUIRED_HEADER = "Registration-Required"; | ||
} |
Oops, something went wrong.