From aaf01560fac890bdd785874ffeca327d9450e5f7 Mon Sep 17 00:00:00 2001 From: chanwoo7 Date: Wed, 11 Sep 2024 22:17:05 +0900 Subject: [PATCH] =?UTF-8?q?[feat]=20#146=20=ED=85=8C=EC=8A=A4=ED=8A=B8?= =?UTF-8?q?=EC=9A=A9=20=EC=86=8C=EC=85=9C=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?API=20=EA=B5=AC=ED=98=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/controller/AuthController.java | 30 +++++++++++++++++-- .../domain/auth/service/OAuthService.java | 13 ++++++-- .../book/backend/global/SecurityConfig.java | 3 +- .../java/com/book/backend/util/JwtUtil.java | 23 ++++++++++++++ 4 files changed, 63 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/book/backend/domain/auth/controller/AuthController.java b/src/main/java/com/book/backend/domain/auth/controller/AuthController.java index 02a5694..cfa7af2 100644 --- a/src/main/java/com/book/backend/domain/auth/controller/AuthController.java +++ b/src/main/java/com/book/backend/domain/auth/controller/AuthController.java @@ -55,7 +55,7 @@ public ResponseEntity deleteAccount(HttpServletRequest request) { description = LoginSuccessResponseDto.description)}) @PostMapping("/kakaoLogin") public ResponseEntity kakaoLogin(@RequestParam String idToken) { - LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.KAKAO, idToken); + LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.KAKAO, idToken, false); return responseTemplate.success(loginSuccessResponseDto, HttpStatus.OK); } @@ -68,7 +68,33 @@ public ResponseEntity kakaoLogin(@RequestParam String idToken) { description = LoginSuccessResponseDto.description)}) @PostMapping("/appleLogin") public ResponseEntity appleLogin(@RequestParam String idToken) { - LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.APPLE, idToken); + LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.APPLE, idToken, false); + + return responseTemplate.success(loginSuccessResponseDto, HttpStatus.OK); + } + + @Operation(summary = "카카오 로그인 (테스트용)", description = "테스트용 카카오 로그인 API입니다. 만료기한이 3분인 엑세스 토큰을 반환합니다.", + parameters = { + @Parameter(name = "idToken", description = "id_token 값") + }, + responses = {@ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LoginSuccessResponseDto.class)), + description = LoginSuccessResponseDto.description)}) + @PostMapping("/testKakaoLogin") + public ResponseEntity customKakaoLogin(@RequestParam String idToken) { + LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.KAKAO, idToken, true); + + return responseTemplate.success(loginSuccessResponseDto, HttpStatus.OK); + } + + @Operation(summary = "애플 로그인 (테스트용)", description = "테스트용 애플 로그인 API입니다. 만료기한이 3분인 엑세스 토큰을 반환합니다.", + parameters = { + @Parameter(name = "idToken", description = "id_token 값") + }, + responses = {@ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LoginSuccessResponseDto.class)), + description = LoginSuccessResponseDto.description)}) + @PostMapping("/testAppleLogin") + public ResponseEntity customAppleLogin(@RequestParam String idToken) { + LoginSuccessResponseDto loginSuccessResponseDto = OAuthService.oAuthLogin(Provider.APPLE, idToken, true); return responseTemplate.success(loginSuccessResponseDto, HttpStatus.OK); } diff --git a/src/main/java/com/book/backend/domain/auth/service/OAuthService.java b/src/main/java/com/book/backend/domain/auth/service/OAuthService.java index 3dc3714..8464bc8 100644 --- a/src/main/java/com/book/backend/domain/auth/service/OAuthService.java +++ b/src/main/java/com/book/backend/domain/auth/service/OAuthService.java @@ -33,9 +33,9 @@ public class OAuthService { private final JwtUtil jwtUtil; private final OidcProviderFactory oidcProviderFactory; - // 카카오 로그인 + // 소셜 로그인 @Transactional - public LoginSuccessResponseDto oAuthLogin(Provider provider, String idToken) { + public LoginSuccessResponseDto oAuthLogin(Provider provider, String idToken, Boolean isCustom) { // isCustom: 개발용 log.trace("OAuthService > oAuthLogin()"); if (idToken == null || idToken.isEmpty()){ @@ -67,7 +67,14 @@ public LoginSuccessResponseDto oAuthLogin(Provider provider, String idToken) { // UserDetailsService를 사용하여 UserDetails 객체 생성 UserDetails userDetails = userDetailsService.loadUserByUsername(providerId); - JwtTokenDto jwtTokenDto = jwtUtil.generateToken(userDetails); + + // 개발용 + JwtTokenDto jwtTokenDto; + if (isCustom != null && isCustom) { + jwtTokenDto = jwtUtil.generateCustomToken(userDetails); + } else { + jwtTokenDto = jwtUtil.generateToken(userDetails); + } // 사용자 인증 정보 생성 및 SecurityContext에 저장 Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); diff --git a/src/main/java/com/book/backend/global/SecurityConfig.java b/src/main/java/com/book/backend/global/SecurityConfig.java index 2daa1f5..ba68245 100644 --- a/src/main/java/com/book/backend/global/SecurityConfig.java +++ b/src/main/java/com/book/backend/global/SecurityConfig.java @@ -39,7 +39,8 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { .authorizeHttpRequests((authorize) -> authorize .requestMatchers("/swagger-ui/**", "/v3/api-docs/**").permitAll() // Swagger 관련 경로 .requestMatchers("/login/oauth2/**").permitAll() // OAuth2 Callback 경로 - .requestMatchers("/api/auth/signup", "/api/auth/login", "/api/auth/kakaoLogin", "/api/auth/appleLogin", "/api/auth/reissueToken").permitAll() // 회원가입, 로그인 경로 + .requestMatchers("/api/auth/signup", "/api/auth/login", "/api/auth/kakaoLogin", "/api/auth/appleLogin", "/api/auth/reissueToken").permitAll() // 로그인 경로 + .requestMatchers("/api/auth/testKakaoLogin", "/api/auth/testAppleLogin").permitAll() // 테스트용 로그인 경로 (개발용) .requestMatchers("/.well-known/**").permitAll() .requestMatchers("/ws-stomp/**").permitAll() // stomp 통신 // .requestMatchers("/**").permitAll() // 모든 API에 대한 인증 비활성화 (개발용) diff --git a/src/main/java/com/book/backend/util/JwtUtil.java b/src/main/java/com/book/backend/util/JwtUtil.java index 3ba4b50..4ada042 100644 --- a/src/main/java/com/book/backend/util/JwtUtil.java +++ b/src/main/java/com/book/backend/util/JwtUtil.java @@ -43,6 +43,17 @@ public JwtTokenDto generateToken(UserDetails userDetails) { .build(); } + // 개발용, 커스텀 유효기간 토큰 생성 + public JwtTokenDto generateCustomToken(UserDetails userDetails) { + Claims claims = Jwts.claims(); + claims.put("username", userDetails.getUsername()); + + return JwtTokenDto.builder() + .accessToken(createCustomAccessToken(claims)) + .refreshToken(createRefreshToken(claims)) + .build(); + } + private String createAccessToken(Claims claims) { return Jwts.builder() .setClaims(claims) @@ -52,6 +63,18 @@ private String createAccessToken(Claims claims) { .compact(); } + // 개발용, 커스텀 엑세스 토큰 생성 + private String createCustomAccessToken(Claims claims) { + // 개발용, 커스텀 유효기간 + long customAccessTokenExpireTime = 180000L; + return Jwts.builder() + .setClaims(claims) + .setIssuedAt(new Date(System.currentTimeMillis())) + .setExpiration(new Date(System.currentTimeMillis() + customAccessTokenExpireTime)) + .signWith(SignatureAlgorithm.HS256, secret) + .compact(); + } + private String createRefreshToken(Claims claims) { return Jwts.builder() .setClaims(claims)