diff --git a/src/main/java/com/gdg/kkia/auth/controller/AuthController.java b/src/main/java/com/gdg/kkia/auth/controller/AuthController.java index f6815a8..16d26c9 100644 --- a/src/main/java/com/gdg/kkia/auth/controller/AuthController.java +++ b/src/main/java/com/gdg/kkia/auth/controller/AuthController.java @@ -8,6 +8,7 @@ import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.security.SecurityRequirement; import io.swagger.v3.oas.annotations.tags.Tag; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; @@ -36,8 +37,8 @@ public ResponseEntity refreshToken(@RequestBody TokenRefreshReque @Operation(summary = "Oauth 카카오 인증페이지 리다이렉트", description = "카카오 로그인 화면으로 이동한다.", security = @SecurityRequirement(name = "JWT제외")) @GetMapping("/oauth/kakao") - public ResponseEntity redirectToKakaoAuth() { - String url = kakaoApiService.getAuthorizationUrl(); + public ResponseEntity redirectToKakaoAuth(HttpServletRequest httpServletRequest) { + String url = kakaoApiService.getAuthorizationUrl(httpServletRequest); HttpHeaders headers = new HttpHeaders(); headers.setLocation(URI.create(url)); return new ResponseEntity<>(headers, HttpStatus.FOUND); @@ -45,8 +46,8 @@ public ResponseEntity redirectToKakaoAuth() { @Operation(summary = "Oauth 카카오 로그인 콜백", description = "카카오 로그인 이후 발생하는 인가코드를 통해 AccessToken과 RefreshToken을 발급한다.", security = @SecurityRequirement(name = "JWT제외")) @GetMapping("/oauth/kakao/callback") - public ResponseEntity kakaoCallback(@RequestParam("code") String code) { - TokenResponse loginResponse = memberService.kakaoLogin(code); + public ResponseEntity kakaoCallback(@RequestParam("code") String code, HttpServletRequest httpServletRequest) { + TokenResponse loginResponse = memberService.kakaoLogin(code, httpServletRequest); return ResponseEntity.ok().body(loginResponse); } } diff --git a/src/main/java/com/gdg/kkia/auth/service/KakaoApiService.java b/src/main/java/com/gdg/kkia/auth/service/KakaoApiService.java index eab2969..d1ab796 100644 --- a/src/main/java/com/gdg/kkia/auth/service/KakaoApiService.java +++ b/src/main/java/com/gdg/kkia/auth/service/KakaoApiService.java @@ -2,8 +2,10 @@ import com.gdg.kkia.auth.dto.KakaoTokenResponse; import com.gdg.kkia.auth.dto.KakaoUserResponse; +import com.gdg.kkia.common.exception.BadRequestException; import com.gdg.kkia.common.exception.NotFoundException; import com.gdg.kkia.common.properties.KakaoProperties; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.http.*; import org.springframework.stereotype.Service; @@ -19,22 +21,49 @@ public class KakaoApiService { private static final String KAKAO_AUTH_BASE_URL = "https://kauth.kakao.com/oauth"; private static final String KAKAO_API_BASE_URL = "https://kapi.kakao.com/v2/user"; + private static final String LOCALHOST_URL = "localhost:5173"; + private final RestTemplate restTemplate; private final KakaoProperties kakaoProperties; - public String getAuthorizationUrl() { + public String getAuthorizationUrl(HttpServletRequest httpServletRequest) { + String requestUrl = httpServletRequest.getHeader("Referer"); + if (requestUrl == null) { + throw new BadRequestException("해당 도메인에서는 카카오 로그인이 불가합니다."); + } + String redirectUri; + + if (requestUrl.contains(LOCALHOST_URL)) { + redirectUri = kakaoProperties.devRedirectUri(); + } else if (requestUrl.contains(kakaoProperties.frontUriWithoutHttp())) { + redirectUri = kakaoProperties.redirectUri(); + } else { + throw new BadRequestException("해당 도메인에서는 카카오 로그인이 불가합니다. requestUrl : " + requestUrl); + } return KAKAO_AUTH_BASE_URL + "/authorize?response_type=code&client_id=" - + kakaoProperties.clientId() + "&redirect_uri=" + kakaoProperties.redirectUri(); + + kakaoProperties.clientId() + "&redirect_uri=" + redirectUri; } - public KakaoTokenResponse getAccessToken(String authorizationCode) { + public KakaoTokenResponse getAccessToken(String authorizationCode, HttpServletRequest httpServletRequest) { String url = KAKAO_AUTH_BASE_URL + "/token"; HttpHeaders headers = new HttpHeaders(); headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE); - String redirectUri = kakaoProperties.redirectUri(); + String requestUrl = httpServletRequest.getHeader("Origin"); + if (requestUrl == null) { + throw new BadRequestException("해당 도메인에서는 카카오 로그인이 불가합니다."); + } + String redirectUri; + + if (requestUrl.contains(LOCALHOST_URL)) { + redirectUri = kakaoProperties.devRedirectUri(); + } else if (requestUrl.contains(kakaoProperties.frontUriWithoutHttp())) { + redirectUri = kakaoProperties.redirectUri(); + } else { + throw new BadRequestException("해당 도메인에서는 카카오 로그인이 불가합니다. requestUrl : " + requestUrl); + } LinkedMultiValueMap body = new LinkedMultiValueMap<>(); body.add("grant_type", "authorization_code"); @@ -51,22 +80,6 @@ public KakaoTokenResponse getAccessToken(String authorizationCode) { return response.getBody(); } - public KakaoTokenResponse refreshAccessToken(String refreshToken) { - String url = KAKAO_AUTH_BASE_URL + "/token"; - String body = "grant_type=refresh_token&client_id=" + kakaoProperties.clientId() - + "&refresh_token=" + refreshToken; - - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); - - HttpEntity entity = new HttpEntity<>(body, headers); - - ResponseEntity response = restTemplate.exchange( - url, HttpMethod.POST, entity, KakaoTokenResponse.class); - - return response.getBody(); - } - public KakaoUserResponse getUserInfo(String accessToken) { String url = KAKAO_API_BASE_URL + "/me"; HttpHeaders headers = new HttpHeaders(); diff --git a/src/main/java/com/gdg/kkia/common/properties/KakaoProperties.java b/src/main/java/com/gdg/kkia/common/properties/KakaoProperties.java index 89384f2..5878464 100644 --- a/src/main/java/com/gdg/kkia/common/properties/KakaoProperties.java +++ b/src/main/java/com/gdg/kkia/common/properties/KakaoProperties.java @@ -5,6 +5,9 @@ @ConfigurationProperties(prefix = "kakao") public record KakaoProperties( String clientId, - String redirectUri -) { + String redirectUri, + String devRedirectUri, + String frontUri, + String frontUriWithoutHttp + ) { } diff --git a/src/main/java/com/gdg/kkia/member/service/MemberService.java b/src/main/java/com/gdg/kkia/member/service/MemberService.java index 88cdddc..4af5fc9 100644 --- a/src/main/java/com/gdg/kkia/member/service/MemberService.java +++ b/src/main/java/com/gdg/kkia/member/service/MemberService.java @@ -13,6 +13,7 @@ import com.gdg.kkia.member.entity.Member; import com.gdg.kkia.member.repository.MemberRepository; import com.gdg.kkia.point.service.PointLogService; +import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -30,8 +31,8 @@ public class MemberService { private final PointLogService pointLogService; @Transactional - public TokenResponse kakaoLogin(String authorizationCode) { - KakaoTokenResponse kakaoTokenResponse = kakaoApiService.getAccessToken(authorizationCode); + public TokenResponse kakaoLogin(String authorizationCode, HttpServletRequest httpServletRequest) { + KakaoTokenResponse kakaoTokenResponse = kakaoApiService.getAccessToken(authorizationCode, httpServletRequest); KakaoUserResponse kakaoUserResponse = kakaoApiService.getUserInfo(kakaoTokenResponse.accessToken()); String email = kakaoUserResponse.kakaoAccount().email();