Merge pull request #410 from APP-Android2/408-feature-api보안-강화를-위한-gc…

…p-api-적용

[#408] [Feature] 구글 시크릿 매니저 -> 파이어스토어 적용

app/build.gradle.kts

@@ -42,15 +42,6 @@ android {
         buildConfigField("String", "DB_USER", databaseUser)
         buildConfigField("String", "DB_PASSWORD", databasePassword)
 
-        // aws s3
-        val bucketAccessKey = localProperties.getProperty("bucket_accessKey") ?:""
-        val bucketSecretKey = localProperties.getProperty("bucket_secretKey") ?:""
-        val bucketName = localProperties.getProperty("bucket_name") ?:""
-
-        buildConfigField("String", "BK_ACCESSKEY", bucketAccessKey)
-        buildConfigField("String", "BK_SECRETKEY", bucketSecretKey)
-        buildConfigField("String", "BK_NAME", bucketName)
-
         // Notification 관련 설정
         val serviceAccountType = localProperties.getProperty("service_account_type") ?: ""
         val projectId = localProperties.getProperty("project_id") ?: ""

app/src/main/java/kr/co/lion/modigm/db/FirestoreKeyProvider.kt

@@ -0,0 +1,18 @@
+package kr.co.lion.modigm.db
+
+import com.google.firebase.firestore.FirebaseFirestore
+import kotlinx.coroutines.tasks.await
+
+class FirestoreKeyProvider {
+    private val firestore = FirebaseFirestore.getInstance()
+
+    // Firestore에서 AWS 키를 가져오는 함수
+    suspend fun getAwsKeys(): Triple<String, String, String> {
+        val document = firestore.collection("keys").document("aws_keys").get().await()
+        val accessKey = document.getString("accessKey") ?: throw IllegalStateException("Access Key not found")
+        val secretKey = document.getString("secretKey") ?: throw IllegalStateException("Secret Key not found")
+        val bucketName = document.getString("bucketName") ?: throw IllegalStateException("Bucket Name not found")
+
+        return Triple(accessKey, secretKey, bucketName)
+    }
+}

app/src/main/java/kr/co/lion/modigm/db/detail/RemoteDetailDao.kt

@@ -3,10 +3,11 @@ package kr.co.lion.modigm.db.detail
 import android.util.Log
 import com.amazonaws.auth.BasicAWSCredentials
 import com.amazonaws.services.s3.AmazonS3Client
-import kotlinx.coroutines.*
+import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.flow.Flow
 import kotlinx.coroutines.flow.flow
-import kr.co.lion.modigm.BuildConfig
+import kotlinx.coroutines.withContext
+import kr.co.lion.modigm.db.FirestoreKeyProvider
 import kr.co.lion.modigm.db.HikariCPDataSource
 import kr.co.lion.modigm.model.StudyData
 import kr.co.lion.modigm.model.UserData
@@ -463,10 +464,9 @@ class RemoteDetailDao {
     // S3에 저장된 이미지를 삭제하는 메서드
     suspend fun deleteImageFromS3(fileName: String): Boolean = withContext(Dispatchers.IO) {
         try {
-            // AWS 자격 증명 (BuildConfig에서 관리)
-            val accessKey = BuildConfig.BK_ACCESSKEY
-            val secretKey = BuildConfig.BK_SECRETKEY
-            val bucketName = BuildConfig.BK_NAME
+            // Firestore에서 AWS 키 가져오기
+            val keyProvider = FirestoreKeyProvider()
+            val (accessKey, secretKey, bucketName) = keyProvider.getAwsKeys()
 
             // AWS S3 클라이언트 초기화
             val awsCredentials = BasicAWSCredentials(accessKey, secretKey)

app/src/main/java/kr/co/lion/modigm/db/profile/RemoteProfileDao.kt

@@ -19,12 +19,10 @@ import com.amazonaws.mobileconnectors.s3.transferutility.TransferState
 import com.amazonaws.mobileconnectors.s3.transferutility.TransferUtility
 import com.amazonaws.services.s3.AmazonS3Client
 import com.amazonaws.services.s3.model.CannedAccessControlList
-import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.async
-import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
 import kr.co.lion.modigm.BuildConfig
+import kr.co.lion.modigm.db.FirestoreKeyProvider
 import kr.co.lion.modigm.db.HikariCPDataSource
 import kr.co.lion.modigm.model.StudyData
 import kr.co.lion.modigm.model.UserData
@@ -174,11 +172,9 @@ class RemoteProfileDao {
             ActivityCompat.requestPermissions(context as Activity, arrayOf(Manifest.permission.READ_EXTERNAL_STORAGE), 1)
         }
 
-        // AWS 자격 증명
-        val accessKey = BuildConfig.BK_ACCESSKEY
-        val secretKey = BuildConfig.BK_SECRETKEY
-        val bucketName = BuildConfig.BK_NAME
-//        val region = "AP_NORTHEAST_2"
+        // Firestore에서 AWS 키 가져오기
+        val keyProvider = FirestoreKeyProvider()
+        val (accessKey, secretKey, bucketName) = keyProvider.getAwsKeys()
 
         // AWS S3 클라이언트 초기화
         val credentials = BasicAWSCredentials(accessKey, secretKey)

app/src/main/java/kr/co/lion/modigm/db/write/RemoteWriteStudyDao.kt

@@ -15,7 +15,7 @@ import com.amazonaws.services.s3.AmazonS3Client
 import com.amazonaws.services.s3.model.CannedAccessControlList
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.withContext
-import kr.co.lion.modigm.BuildConfig
+import kr.co.lion.modigm.db.FirestoreKeyProvider
 import kr.co.lion.modigm.db.HikariCPDataSource
 import kr.co.lion.modigm.model.StudyData
 import java.io.File
@@ -32,10 +32,9 @@ class RemoteWriteStudyDao {
         val filePath = getRealPathFromURI(context, uri) // URI로부터 실제 파일 경로를 얻음
         val file = File(filePath ?: throw IllegalArgumentException("Invalid file: $uri"))
 
-        // AWS 자격 증명
-        val accessKey = BuildConfig.BK_ACCESSKEY
-        val secretKey = BuildConfig.BK_SECRETKEY
-        val bucketName = BuildConfig.BK_NAME
+        // Firestore에서 AWS 키 가져오기
+        val keyProvider = FirestoreKeyProvider()
+        val (accessKey, secretKey, bucketName) = keyProvider.getAwsKeys()
 
         // AWS S3 클라이언트 초기화
         val credentials = BasicAWSCredentials(accessKey, secretKey)