diff --git a/backend/src/main/java/in/backend/core/auth/application/TokenReissue.java b/backend/src/main/java/in/backend/core/auth/application/TokenReissue.java index 0f4c5b4..42aa152 100644 --- a/backend/src/main/java/in/backend/core/auth/application/TokenReissue.java +++ b/backend/src/main/java/in/backend/core/auth/application/TokenReissue.java @@ -1,9 +1,7 @@ package in.backend.core.auth.application; -import in.backend.core.auth.application.payload.IssuedToken; -import in.backend.core.auth.domain.Visitor; -import in.backend.core.auth.infrastrcutrue.RefreshTokenWriter; +import in.backend.core.auth.infrastrcutrue.RefreshTokenReader; import in.backend.global.provider.JwtProvider; import java.time.Instant; import lombok.RequiredArgsConstructor; @@ -12,21 +10,16 @@ @Service @RequiredArgsConstructor public class TokenReissue { - private final JwtProvider jwtProvider; - private final RefreshTokenWriter refreshTokenWriter; - - public IssuedToken publish(Visitor visitor) { - var now = Instant.now(); + private final RefreshTokenReader refreshTokenReader; - var accessToken = jwtProvider.createAccessToken(visitor.memberId(), now); - var refreshToken = jwtProvider.createRefreshToken(visitor.memberId(), now); + public String publish(String refreshToken) { + jwtProvider.validRefreshToken(refreshToken); - refreshTokenWriter.write(visitor.memberId(), refreshToken); - - return IssuedToken.builder() - .accessToken(accessToken) - .refreshToken(refreshToken) - .build(); + return jwtProvider.createAccessToken( + refreshTokenReader.read(refreshToken).getId(), + Instant.now() + ); } + } diff --git a/backend/src/main/java/in/backend/core/auth/entity/RefreshTokenEntity.java b/backend/src/main/java/in/backend/core/auth/entity/RefreshTokenEntity.java index 433abf6..f6e968b 100644 --- a/backend/src/main/java/in/backend/core/auth/entity/RefreshTokenEntity.java +++ b/backend/src/main/java/in/backend/core/auth/entity/RefreshTokenEntity.java @@ -5,9 +5,11 @@ import jakarta.persistence.Entity; import jakarta.persistence.Id; import jakarta.persistence.Table; +import lombok.Getter; import lombok.NoArgsConstructor; +@Getter @Entity @NoArgsConstructor @Table(name = "REFRESH_TOKENS") diff --git a/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenReader.java b/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenReader.java index de466f9..2144600 100644 --- a/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenReader.java +++ b/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenReader.java @@ -1,6 +1,9 @@ package in.backend.core.auth.infrastrcutrue; +import in.backend.core.auth.entity.RefreshTokenEntity; +import in.backend.global.exception.GlobalExceptionCode; +import in.backend.global.exception.RefreshTokenException; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -14,4 +17,9 @@ public class RefreshTokenReader { public boolean existsBy(Long memberId) { return refreshTokenRepository.existsById(memberId); } + + public RefreshTokenEntity read(String refreshToken) { + return refreshTokenRepository.findByToken(refreshToken) + .orElseThrow(() -> new RefreshTokenException(GlobalExceptionCode.NOT_FOUND_REFRESH_TOKEN)); + } } diff --git a/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenRepository.java b/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenRepository.java index 61028e5..880a01f 100644 --- a/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenRepository.java +++ b/backend/src/main/java/in/backend/core/auth/infrastrcutrue/RefreshTokenRepository.java @@ -1,7 +1,10 @@ package in.backend.core.auth.infrastrcutrue; import in.backend.core.auth.entity.RefreshTokenEntity; +import java.util.Optional; import org.springframework.data.jpa.repository.JpaRepository; public interface RefreshTokenRepository extends JpaRepository { + + Optional findByToken(String refreshToken); } diff --git a/backend/src/main/java/in/backend/core/auth/presentation/AuthApi.java b/backend/src/main/java/in/backend/core/auth/presentation/AuthApi.java index 26268d9..726b8f0 100644 --- a/backend/src/main/java/in/backend/core/auth/presentation/AuthApi.java +++ b/backend/src/main/java/in/backend/core/auth/presentation/AuthApi.java @@ -20,6 +20,7 @@ import jakarta.validation.Valid; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.CookieValue; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.ModelAttribute; @@ -69,17 +70,14 @@ public OAuthProfileResponse getProfile(@ModelAttribute OAuthProfileRequest profi return socialLoginProcessor.findProfile(profile); } - @MemberOnly @PostMapping("/token/reissue") public ResponseEntity reIssue( - @Auth Visitor visitor, - HttpServletResponse response + @CookieValue("refreshToken") final String refreshToken ) { - var issuedToken = tokenReissue.publish(visitor); - response.addHeader(SET_COOKIE, cookieProvider.createCookie(issuedToken.refreshToken()).toString()); + var accessToken = tokenReissue.publish(refreshToken); return ResponseEntity.status(CREATED) - .body(new AccessTokenResponse(issuedToken.accessToken())); + .body(new AccessTokenResponse(accessToken)); } diff --git a/backend/src/main/java/in/backend/global/provider/JwtProvider.java b/backend/src/main/java/in/backend/global/provider/JwtProvider.java index 8bbd5cb..ad19c23 100644 --- a/backend/src/main/java/in/backend/global/provider/JwtProvider.java +++ b/backend/src/main/java/in/backend/global/provider/JwtProvider.java @@ -60,14 +60,6 @@ private Map decode(final String token) { return jwtDecoder.decode(token).getClaims(); } - - public Long extractToValueFrom(final String token) { - return Long.parseLong(this.decode(token) - .get("id") - .toString() - ); - } - public Long decodeAccessToken(final String accessToken) { try { return Long.parseLong(String.valueOf(this.decode(accessToken).get("id"))); @@ -91,10 +83,18 @@ public Long decodeRefreshToken(final String refreshToken) { public String extractToken(final HttpServletRequest request) { final String token = request.getHeader(HEADER_AUTHORIZATION); - if (!Objects.isNull(token) && token.startsWith(TOKEN_PREFIX)) { - return token.substring(TOKEN_PREFIX.length()); + return extractToken(token); + + } + + public String extractToken(final String headerValue) { + if (!Objects.isNull(headerValue) && headerValue.startsWith(TOKEN_PREFIX)) { + return headerValue.substring(TOKEN_PREFIX.length()); } return null; } + public void validRefreshToken(String refreshToken) { + decodeRefreshToken(refreshToken); + } }