reissue로직교체

Soongsil-CoffeeChat · Jan 8, 2025 · 33845b8 · 33845b8
1 parent a56484c
commit 33845b8
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 2 deletions.
diff --git a/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java b/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java
@@ -62,7 +62,13 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
                 System.out.println(header + ": " + response.getHeader(header))
         );
         response.setStatus(HttpStatus.OK.value());
-        response.sendRedirect("https://coffeego-ssu.web.app/callback");
+        String redirectUrl = String.format(
+                "https://coffeego-ssu.web.app/callback?refreshToken=%s&loginStatus=%s",
+                refreshToken, role.equals("ROLE_USER") ? "signup" : "main"
+        );
+        response.sendRedirect(redirectUrl);
+
+        //response.sendRedirect("https://coffeego-ssu.web.app/callback");
         //response.sendRedirect("http://localhost:8080/swagger-ui/index.html");
     }
 

diff --git a/src/main/java/com/soongsil/CoffeeChat/controller/RefreshTokenController.java b/src/main/java/com/soongsil/CoffeeChat/controller/RefreshTokenController.java
@@ -3,6 +3,7 @@
 import com.soongsil.CoffeeChat.config.jwt.JWTUtil;
 import com.soongsil.CoffeeChat.controller.handler.ApiResponseGenerator;
 import com.soongsil.CoffeeChat.dto.MobileTokenResponseDTO;
+import com.soongsil.CoffeeChat.dto.ReissueDto;
 import com.soongsil.CoffeeChat.service.CustomOAuth2UserService;
 import com.soongsil.CoffeeChat.service.RefreshTokenService;
 import io.swagger.v3.oas.annotations.Operation;
@@ -29,12 +30,17 @@ public class RefreshTokenController {  //Refresh토큰으로 Access토큰 발급
     @PostMapping("/reissue")
     @Operation(summary = "리프레쉬 토큰으로 액세스 토큰 reissue")
     @ApiResponse(responseCode = "200", description = "헤더 : access, refresh, loginStatus")
+    /*
     public ResponseEntity<ApiResponseGenerator<String>> reissue(HttpServletRequest request,
                                                                 HttpServletResponse response) {
+
+     */
+    public ResponseEntity<ApiResponseGenerator<ReissueDto>> reissue(@RequestBody String refresh){
         //System.out.println("ㅇㅇ");
         return ResponseEntity.ok().body(
                 ApiResponseGenerator.onSuccessOK(
-                        refreshTokenService.reissueByRefreshToken(request, response)
+                        //refreshTokenService.reissueByRefreshToken(request, response)
+                        refreshTokenService.reissueByRefreshToken2(refresh)
                 )
         );
     }

diff --git a/src/main/java/com/soongsil/CoffeeChat/dto/ReissueDto.java b/src/main/java/com/soongsil/CoffeeChat/dto/ReissueDto.java
@@ -0,0 +1,15 @@
+package com.soongsil.CoffeeChat.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Getter
+@NoArgsConstructor
+@AllArgsConstructor
+@Data
+public class ReissueDto {
+    private String refreshToken;
+    private String accessToken;
+}
diff --git a/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java b/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java
@@ -3,6 +3,7 @@
 
 import com.soongsil.CoffeeChat.config.jwt.JWTUtil;
 import com.soongsil.CoffeeChat.controller.exception.CustomException;
+import com.soongsil.CoffeeChat.dto.ReissueDto;
 import com.soongsil.CoffeeChat.entity.Refresh;
 import com.soongsil.CoffeeChat.repository.RefreshRepository;
 import io.jsonwebtoken.ExpiredJwtException;
@@ -129,6 +130,52 @@ public String reissueByRefreshToken(HttpServletRequest request, HttpServletRespo
         return "새로운 access, refresh 토큰이 발급되었습니다.";
     }
 
+    public ReissueDto reissueByRefreshToken2(String refresh) {
+        System.out.println("들어옴");
+
+
+
+        // 토큰이 refresh인지 확인 (발급 시 페이로드에 명시)
+
+
+        // DB에 저장되어 있는지 확인
+        Boolean isExist = refreshRepository.existsByRefresh(refresh);
+        if (!isExist) {
+            // Response status code 400 (들어온 refresh 토큰이 내 DB에 저장된 목록에 없음)
+            throw new CustomException(
+                    REFRESH_NOT_MATCHED.getHttpStatusCode(),
+                    REFRESH_NOT_MATCHED.getErrorMessage()
+            );
+        }
+
+        String username = jwtUtil.getUsername(refresh);
+        System.out.println("username = " + username);
+        String role = jwtUtil.getRole(refresh);
+
+        // Make new JWT
+
+        String newAccess = jwtUtil.createJwt("access", username, role, 1800000000L);
+        String newRefresh = jwtUtil.createJwt("refresh", username, role, 86400000L);
+
+        // Refresh 토큰 저장: DB에 기존의 Refresh 토큰 삭제 후 새 Refresh 토큰 저장
+        refreshRepository.deleteByRefresh(refresh);
+        addRefreshEntity(username, newRefresh, 86400000L);
+
+
+        // SameSite 설정을 포함한 쿠키 추가
+        ResponseCookie responseCookie = ResponseCookie.from("refresh", newRefresh)
+                .httpOnly(true)
+                .secure(true)
+                .path("/")
+                .maxAge(24 * 60 * 60)
+                .sameSite("None")
+                .build();
+
+        ReissueDto reissueDto=new ReissueDto(newRefresh, newAccess);
+        return reissueDto;
+    }
+
+
     public Map<String, String> reissueByRefreshTokenWithResponseBody(String refreshToken) {
 		// 1. Refresh 토큰 존재 여부 확인
         if (refreshToken == null || refreshToken.isEmpty()) {