[FIX] 공통메서드인 validateToken 예외 처리 책임 변경

nonsoolmate · Jan 17, 2024 · 784aacf · 784aacf
1 parent d82b76d
commit 784aacf
Showing 1 changed file with 11 additions and 14 deletions.
diff --git a/...Server/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java b/...Server/src/main/java/com/nonsoolmate/nonsoolmateServer/global/jwt/service/JwtService.java
@@ -61,7 +61,7 @@ public MemberAuthResponseDTO issueToken(MemberSignUpVO vo) {
         String accessToken = jwtTokenProvider.createAccessToken(vo.email(), vo.memberId(), accessTokenExpirationPeriod);
 
         if (vo.role().equals(Role.USER)) {
-            String refreshToken = jwtTokenProvider.createRefreshToken(refreshTokenExpirationPeriod);
+            String refreshToken = jwtTokenProvider.createRefreshToken(vo.memberId(), refreshTokenExpirationPeriod);
             updateRefreshTokenByMemberId(vo.memberId(), refreshToken);
             return MemberAuthResponseDTO.of(vo.memberId(), vo.authType(), vo.name(), accessToken, refreshToken);
         }
@@ -71,13 +71,16 @@ public MemberAuthResponseDTO issueToken(MemberSignUpVO vo) {
 
     public MemberReissueResponseDTO reissueToken(HttpServletRequest request) {
         String refreshToken = extractRefreshToken(request);
-        String accessToken = extractAccessToken(request);
 
-        if (!validateToken(refreshToken)) {
+        try {
+            validateToken(refreshToken);
+        } catch (MalformedJwtException e) {
             throw new AuthException(INVALID_REFRESH_TOKEN);
+        } catch (ExpiredJwtException e){
+            throw new AuthException(UNAUTHORIZED_REFRESH_TOKEN);
         }
 
-        Claims tokenClaims = jwtTokenProvider.getTokenClaims(accessToken);
+        Claims tokenClaims = jwtTokenProvider.getTokenClaims(refreshToken);
         RefreshTokenVO foundRefreshToken = redisTokenRepository.findByMemberIdOrElseThrowException(
                 String.valueOf(tokenClaims.get(MEMBER_ID_CLAIM)));
 
@@ -90,7 +93,7 @@ public MemberReissueResponseDTO reissueToken(HttpServletRequest request) {
         String email = (String) tokenClaims.get(EMAIL_CLAIM);
 
         String newAccessToken = jwtTokenProvider.createAccessToken(email, memberId, accessTokenExpirationPeriod);
-        String newRefreshToken = jwtTokenProvider.createRefreshToken(refreshTokenExpirationPeriod);
+        String newRefreshToken = jwtTokenProvider.createRefreshToken(memberId, refreshTokenExpirationPeriod);
 
         updateRefreshTokenByMemberId(memberId, newRefreshToken);
 
@@ -103,15 +106,9 @@ public Long extractMemberIdFromAccessToken(final String atk) throws JsonProcessi
         return jwtTokenProvider.getMemberIdFromClaim(tokenClaims, AUTH_USER);
     }
 
-    public Boolean validateToken(final String atk) {
-        try {
-            Claims tokenClaims = jwtTokenProvider.getTokenClaims(atk);
-            return !tokenClaims.getExpiration().before(new Date());
-        } catch (MalformedJwtException e) {
-            throw new AuthException(INVALID_ACCESS_TOKEN);
-        } catch (ExpiredJwtException e){
-            throw new AuthException(UNAUTHORIZED_REFRESH_TOKEN);
-        }
+    public Boolean validateToken(final String atk) throws ExpiredJwtException, MalformedJwtException {
+        Claims tokenClaims = jwtTokenProvider.getTokenClaims(atk);
+        return !tokenClaims.getExpiration().before(new Date());
     }
 
     private String extractRefreshToken(HttpServletRequest request) {