Skip to content

Commit

Permalink
feat/#507: 토큰 재발급
Browse files Browse the repository at this point in the history
  • Loading branch information
LJH098 authored and hwangdaesun committed Oct 9, 2024
1 parent 05dc838 commit 092bead
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 10 deletions.
Original file line number Diff line number Diff line change
@@ -1,9 +1,13 @@
package com.gaebaljip.exceed.adapter.in.auth;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;

import com.gaebaljip.exceed.common.dto.HttpRequestDTO;
import com.gaebaljip.exceed.common.dto.ReissueTokenDTO;
import com.gaebaljip.exceed.common.exception.auth.NotFoundRefreshTokenException;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
Expand Down Expand Up @@ -44,10 +48,31 @@ public ApiResponse<ApiResponse.CustomBody<Void>> login(
return ApiResponseGenerator.success(HttpStatus.OK);
}

@Operation(summary = "엑세스 토큰 재발급", description = "엑세스 토큰 재발급 한다.")
@PostMapping("/auth/refresh")
public ApiResponse<ApiResponse.CustomBody<Void>> refresh(HttpServletRequest request, HttpServletResponse response) {
String accessToken = request.getHeader(AuthConstants.AUTH_HEADER.getValue());
String refreshToken = getCookie(request.getCookies()).getValue();
HttpRequestDTO httpRequestDTO = HttpRequestDTO.of(request.getRequestURL().toString(), request.getMethod());
ReissueTokenDTO reissueTokenDTO = authUsecase.reIssueToken(accessToken, refreshToken, httpRequestDTO);
response.setHeader(AuthConstants.AUTH_HEADER.getValue(), reissueTokenDTO.accessToken());
setCookie(response, reissueTokenDTO.refreshToken());
return ApiResponseGenerator.success(HttpStatus.OK);
}

private void setCookie(HttpServletResponse response, String refreshToken) {
Cookie cookie = new Cookie("refreshToken", refreshToken);
cookie.setHttpOnly(true);
cookie.setSecure(true);
response.addCookie(cookie);
}

private Cookie getCookie(Cookie[] cookies) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("refreshToken")) {
return cookie;
}
}
throw NotFoundRefreshTokenException.EXECPTION;
}
}
Original file line number Diff line number Diff line change
@@ -1,23 +1,19 @@
package com.gaebaljip.exceed.application.service.auth;

import com.gaebaljip.exceed.adapter.out.redis.RedisAdapter;
import com.gaebaljip.exceed.common.dto.HttpRequestDTO;
import com.gaebaljip.exceed.common.dto.ReissueTokenDTO;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import com.gaebaljip.exceed.adapter.in.auth.request.LoginRequest;
import com.gaebaljip.exceed.application.domain.member.MemberEntity;
import com.gaebaljip.exceed.application.port.in.auth.AuthUsecase;
import com.gaebaljip.exceed.application.port.out.member.MemberPort;
import com.gaebaljip.exceed.common.dto.HttpRequestDTO;
import com.gaebaljip.exceed.common.dto.LoginResponseDTO;
import com.gaebaljip.exceed.common.dto.ReissueTokenDTO;
import com.gaebaljip.exceed.common.exception.auth.PasswordMismatchException;
import com.gaebaljip.exceed.common.security.domain.JwtManager;

import com.gaebaljip.exceed.common.security.exception.InvalidJwtException;
import lombok.RequiredArgsConstructor;

import javax.servlet.http.HttpServletRequest;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
@RequiredArgsConstructor
Expand All @@ -41,4 +37,11 @@ public LoginResponseDTO execute(LoginRequest request) {
jwtManager.saveRefreshToken(member.getId().toString(), loginResponseDTO.refreshToken());
return loginResponseDTO;
}
@Override
public ReissueTokenDTO reIssueToken(String accessToken, String refreshToken, HttpRequestDTO requestDTO) {
if(jwtManager.validateRefreshToken(refreshToken, requestDTO)) {
return jwtManager.reissueToken(accessToken);
}
throw InvalidJwtException.EXECPTION;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -167,4 +167,18 @@ public Claims parseClaims(String Token) {
return e.getClaims();
}
}

public ReissueTokenDTO reissueToken(String accessToken) {
String accessTokenMemberId = parseClaims(accessToken).getSubject();
String refreshToken = redisAdapter.query(accessTokenMemberId).orElseThrow(() -> NotFoundRefreshTokenException.EXECPTION);
String refreshTokenMemberId = parseClaims(refreshToken).getSubject();

if(accessTokenMemberId.equals(refreshTokenMemberId)) {
return ReissueTokenDTO.builder()
.accessToken(generateAccessToken(Long.parseLong(accessTokenMemberId)))
.refreshToken(generateRefreshToken(Long.parseLong(refreshTokenMemberId)))
.build();
}
throw InvalidJwtException.EXECPTION;
}
}

0 comments on commit 092bead

Please sign in to comment.