fix: jwt유효성 검사시 member객체 없을 때의 예외 수정 및 회원탈퇴 시 authentication객체 삭제되도록 …

…수정 (#113)
AnywayClear · Aug 15, 2023 · 1f68eb5 · 1f68eb5
1 parent 5ac5009
commit 1f68eb5
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 6 deletions.
diff --git a/src/main/java/com/anywayclear/config/jwt/JwtAuthorizationFilter.java b/src/main/java/com/anywayclear/config/jwt/JwtAuthorizationFilter.java
@@ -2,7 +2,6 @@
 
 import com.anywayclear.config.JwtConfig;
 import com.anywayclear.entity.Member;
-import com.anywayclear.exception.CustomException;
 import com.anywayclear.exception.ErrorResponse;
 import com.anywayclear.exception.ExceptionCode;
 import com.anywayclear.repository.MemberRepository;
@@ -20,6 +19,7 @@
 import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
 import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
 
+import javax.persistence.EntityNotFoundException;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -66,7 +66,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             String accessToken = request.getHeader(jwtConfig.getHeader()).replace(jwtConfig.getPrefix() + " ", "");
             String userId = JWT.require(Algorithm.HMAC512(jwtConfig.getKey())).build().verify(accessToken).getClaim("userId").asString();
             if (userId != null) {
-                Member member = memberRepository.findByUserId(userId).orElseThrow(() -> new CustomException(ExceptionCode.INVALID_MEMBER));
+                Member member = memberRepository.findByUserId(userId).orElseThrow(() -> new EntityNotFoundException("해당 JWT의 member가 없습니다. userId: " + userId));
                 if (!member.isDeleted()) {
                     if (checkDuplicatedLogin(userId, accessToken, response)) return; // 중복로그인 시 예외처리
                     processValidJwt(member);

diff --git a/src/main/java/com/anywayclear/config/oauth/CustumOAuth2UserService.java b/src/main/java/com/anywayclear/config/oauth/CustumOAuth2UserService.java
@@ -1,14 +1,11 @@
 package com.anywayclear.config.oauth;
 
-import com.anywayclear.exception.CustomException;
-import com.anywayclear.exception.ExceptionCode;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
 import com.anywayclear.entity.Member;
 import com.anywayclear.repository.MemberRepository;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;

diff --git a/src/main/java/com/anywayclear/config/oauth/OAuth2AuthenticationSuccessHandler.java b/src/main/java/com/anywayclear/config/oauth/OAuth2AuthenticationSuccessHandler.java
@@ -12,7 +12,6 @@
 import org.springframework.stereotype.Component;
 import org.springframework.web.util.UriComponentsBuilder;
 
-import javax.persistence.criteria.CriteriaBuilder;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;

diff --git a/src/main/java/com/anywayclear/service/MemberService.java b/src/main/java/com/anywayclear/service/MemberService.java
@@ -59,6 +59,7 @@ public MemberResponse updateMember(String userId, MemberUpdateRequest request) {
     public MemberDeleteResponse deleteMember(String userId) {
         Member member = memberRepository.findByUserId(userId).orElseThrow(() -> new CustomException(ExceptionCode.INVALID_MEMBER));
         member.setDeleted(true);
+        SecurityContextHolder.clearContext();
         return MemberDeleteResponse.toResponse(memberRepository.save(member));
     }
 }