🔀 Merge main

MemberService 충돌 해결
dnd-side-project · Sep 5, 2024 · 081e261 · 081e261
2 parents 0cc829b + 5c364fd
commit 081e261
Show file tree

Hide file tree

Showing 42 changed files with 818 additions and 108 deletions.
diff --git a/src/main/java/com/dnd/dndtravel/auth/controller/AuthController.java b/src/main/java/com/dnd/dndtravel/auth/controller/AuthController.java
@@ -2,6 +2,7 @@
 
 import com.dnd.dndtravel.auth.controller.request.AppleWithdrawRequest;
 import com.dnd.dndtravel.auth.controller.request.ReIssueTokenRequest;
+import com.dnd.dndtravel.auth.controller.swagger.AuthControllerSwagger;
 import com.dnd.dndtravel.auth.service.dto.response.AppleIdTokenPayload;
 import com.dnd.dndtravel.auth.service.AppleOAuthService;
 import com.dnd.dndtravel.auth.service.JwtTokenService;
@@ -20,19 +21,18 @@
 
 @RequiredArgsConstructor
 @RestController
-public class AuthController {
+public class AuthController implements AuthControllerSwagger {
     private final AppleOAuthService appleOAuthService;
     private final JwtTokenService jwtTokenService;
     private final MemberService memberService;
 
-    //todo 클라이언트에서 실제 인증코드 보내주면 테스트 진행 필요
     @PostMapping("/login/oauth2/apple")
     public ResponseEntity<TokenResponse> appleOAuthLogin(@RequestBody AppleLoginRequest appleLoginRequest) {
         // 클라이언트에서 준 code 값으로 apple의 IdToken Payload를 얻어온다
         AppleIdTokenPayload tokenPayload = appleOAuthService.get(appleLoginRequest.appleToken());
 
         // apple에서 가져온 유저정보를 DB에 저장
-        Member member = memberService.saveMember(tokenPayload.name(), tokenPayload.email(), appleLoginRequest.selectedColor());
+        Member member = memberService.saveMember(tokenPayload.email(), appleLoginRequest.selectedColor());
 
         // 클라이언트와 주고받을 user token(access , refresh) 생성
         TokenResponse tokenResponse = jwtTokenService.generateTokens(member.getId());

diff --git a/src/main/java/com/dnd/dndtravel/auth/controller/request/AppleLoginRequest.java b/src/main/java/com/dnd/dndtravel/auth/controller/request/AppleLoginRequest.java
@@ -1,9 +1,22 @@
 package com.dnd.dndtravel.auth.controller.request;
 
-//todo 필드값들 유효성 체크
-// 	todo 입력 색상 예시는 클라에서 String 타입들. RED, ORANGE, YELLOW, MELON, BLUE, PURPLE
+import static io.swagger.v3.oas.annotations.media.Schema.RequiredMode.REQUIRED;
+
+import com.dnd.dndtravel.auth.controller.request.validation.ColorValidation;
+import com.dnd.dndtravel.member.domain.SelectedColor;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+
 public record AppleLoginRequest(
+	@Schema(description = "authorization code", requiredMode = REQUIRED)
+	@NotBlank(message = "authorization code는 필수 입니다.")
+	@Size(max = 300, message = "authorization code 형식이 아닙니다")
 	String appleToken,
+
+	@Schema(description = "유저가 선택한 색상", requiredMode = REQUIRED)
+	@ColorValidation(enumClass = SelectedColor.class)
 	String selectedColor
 ){
 }
diff --git a/src/main/java/com/dnd/dndtravel/auth/controller/request/validation/ColorValidation.java b/src/main/java/com/dnd/dndtravel/auth/controller/request/validation/ColorValidation.java
@@ -0,0 +1,16 @@
+package com.dnd.dndtravel.auth.controller.request.validation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import jakarta.validation.Constraint;
+
+@Constraint(validatedBy = {ColorValidator.class})
+@Target(ElementType.FIELD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface ColorValidation {
+	String message() default "invalid region";
+	Class<? extends java.lang.Enum<?>> enumClass();
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/controller/request/validation/ColorValidator.java b/src/main/java/com/dnd/dndtravel/auth/controller/request/validation/ColorValidator.java
@@ -0,0 +1,37 @@
+package com.dnd.dndtravel.auth.controller.request.validation;
+
+import java.util.Arrays;
+
+import com.dnd.dndtravel.map.controller.request.validation.RegionCondition;
+import com.dnd.dndtravel.map.controller.request.validation.RegionEnum;
+import com.dnd.dndtravel.member.domain.SelectedColor;
+
+import jakarta.validation.ConstraintValidator;
+import jakarta.validation.ConstraintValidatorContext;
+
+public class ColorValidator implements ConstraintValidator<ColorValidation, String> {
+
+	private ColorValidation annotation;
+
+
+	@Override
+	public void initialize(ColorValidation constraintAnnotation) {
+		this.annotation = constraintAnnotation;
+	}
+
+	@Override
+	public boolean isValid(String color, ConstraintValidatorContext context) {
+		// 색상 없으면 예외
+		if (color == null || color.isBlank()) {
+			return false;
+		}
+
+		Object[] enumValues = this.annotation.enumClass().getEnumConstants();
+		if (enumValues == null) {
+			return false;
+		}
+
+		// 색상 Enum중 하나라도 해당되면 true
+		return Arrays.stream(enumValues).anyMatch(enumValue -> SelectedColor.isMatch(color));
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/controller/swagger/AuthControllerSwagger.java b/src/main/java/com/dnd/dndtravel/auth/controller/swagger/AuthControllerSwagger.java
@@ -0,0 +1,67 @@
+package com.dnd.dndtravel.auth.controller.swagger;
+
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+
+import com.dnd.dndtravel.auth.controller.request.AppleLoginRequest;
+import com.dnd.dndtravel.auth.controller.request.ReIssueTokenRequest;
+import com.dnd.dndtravel.auth.service.dto.response.ReissueTokenResponse;
+import com.dnd.dndtravel.auth.service.dto.response.TokenResponse;
+
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.Content;
+import io.swagger.v3.oas.annotations.media.Schema;
+import io.swagger.v3.oas.annotations.responses.ApiResponse;
+import io.swagger.v3.oas.annotations.responses.ApiResponses;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+@Tag(name = "auth", description = "인증 API")
+public interface AuthControllerSwagger {
+
+	String STATUS_CODE_400_BODY_MESSAGE = "{\"message\":\"잘못된 요청입니다\"}";
+
+	@Operation(
+		summary = "애플 OAuth login API"
+	)
+	@ApiResponses(value = {
+		@ApiResponse(responseCode = "200", description = "정상 로그인",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE)),
+		@ApiResponse(responseCode = "204", description = "refresh token 재발급 필요시",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE)),
+		@ApiResponse(
+			responseCode = "500", description = "서버 오류",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE,
+				schema = @Schema(example = "{\"message\":\"Internal Server Error\"}")
+			)
+		)
+	})
+	ResponseEntity<TokenResponse> appleOAuthLogin(
+		@Parameter(description = "로그인 요청 정보(authorization code, color)", required = true)
+		AppleLoginRequest appleLoginRequest
+	);
+
+	@Operation(
+		summary = "Refresh Token 재발급 API"
+	)
+	@ApiResponses(value = {
+		@ApiResponse(responseCode = "200", description = "정상 발급",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE,
+				schema = @Schema(implementation = ReissueTokenResponse.class))),
+		@ApiResponse(responseCode = "400", description = "유효하지 않은 RefreshToken 요청시",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE,
+				schema = @Schema(example = STATUS_CODE_400_BODY_MESSAGE)
+			)
+		),
+		@ApiResponse(
+			responseCode = "500", description = "서버 오류",
+			content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE,
+				schema = @Schema(example = "{\"message\":\"Internal Server Error\"}")
+			)
+		)
+	})
+	ReissueTokenResponse reissueToken(
+		@Parameter(description = "refreshToken", required = true)
+		ReIssueTokenRequest reissueTokenRequest
+	);
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/exception/AppleTokenDecodingException.java b/src/main/java/com/dnd/dndtravel/auth/exception/AppleTokenDecodingException.java
@@ -0,0 +1,9 @@
+package com.dnd.dndtravel.auth.exception;
+
+public class AppleTokenDecodingException extends RuntimeException {
+	private static final String MESSAGE = "Apple 토큰 payload 해독실패";
+
+	public AppleTokenDecodingException(Exception e) {
+		super(MESSAGE, e);
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/exception/JwtTokenDecodingException.java b/src/main/java/com/dnd/dndtravel/auth/exception/JwtTokenDecodingException.java
@@ -0,0 +1,11 @@
+package com.dnd.dndtravel.auth.exception;
+
+import io.jsonwebtoken.JwtException;
+
+public class JwtTokenDecodingException extends RuntimeException {
+	private static final String MESSAGE = "Jwt 토큰 해독 실패";
+
+	public JwtTokenDecodingException(JwtException e) {
+		super(MESSAGE, e);
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/exception/JwtTokenExpiredException.java b/src/main/java/com/dnd/dndtravel/auth/exception/JwtTokenExpiredException.java
@@ -0,0 +1,11 @@
+package com.dnd.dndtravel.auth.exception;
+
+import io.jsonwebtoken.ExpiredJwtException;
+
+public class JwtTokenExpiredException extends RuntimeException {
+	private static final String MESSAGE = "Jwt 토큰이 만료되었음";
+
+	public JwtTokenExpiredException(ExpiredJwtException e) {
+		super(MESSAGE, e);
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/exception/RefreshTokenInvalidException.java b/src/main/java/com/dnd/dndtravel/auth/exception/RefreshTokenInvalidException.java
@@ -0,0 +1,9 @@
+package com.dnd.dndtravel.auth.exception;
+
+public class RefreshTokenInvalidException extends RuntimeException {
+	private static final String MESSAGE = "유효하지 않은 RefreshToken 토큰 [refreshToken=%s]";
+
+	public RefreshTokenInvalidException(String refreshToken) {
+		super(String.format(MESSAGE, refreshToken));
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/service/AppleOAuthService.java b/src/main/java/com/dnd/dndtravel/auth/service/AppleOAuthService.java
@@ -43,7 +43,6 @@
 
 @RequiredArgsConstructor
 @Component
-@Slf4j
 public class AppleOAuthService {
     private final AppleClient appleClient;
     private final AppleProperties appleProperties;

diff --git a/src/main/java/com/dnd/dndtravel/auth/service/JwtProvider.java b/src/main/java/com/dnd/dndtravel/auth/service/JwtProvider.java
@@ -11,6 +11,9 @@
 
 import javax.crypto.SecretKey;
 
+import com.dnd.dndtravel.auth.exception.JwtTokenExpiredException;
+import com.dnd.dndtravel.auth.exception.JwtTokenDecodingException;
+
 @Component
 public class JwtProvider {
     private static final String CLAIM_CONTENT = "memberId";
@@ -49,14 +52,14 @@ public Claims parseClaims(String splitHeader) {
         Jws<Claims> claims;
         try {
             claims = Jwts.parser()
-                    .verifyWith(Keys.hmacShaKeyFor(Base64.getDecoder().decode(String.valueOf(this.secretKey))))
+                    .verifyWith(secretKey)
                     .build()
                     .parseSignedClaims(splitHeader);
 
         } catch (ExpiredJwtException e) {
-            throw new RuntimeException("message", e); // 유효하지 않은 토큰
+            throw new JwtTokenExpiredException(e);
         } catch (JwtException e) {
-            throw new RuntimeException("message", e); // 토큰 해독 실패
+            throw new JwtTokenDecodingException(e);
         }
 
         return claims.getPayload();

diff --git a/src/main/java/com/dnd/dndtravel/auth/service/JwtTokenService.java b/src/main/java/com/dnd/dndtravel/auth/service/JwtTokenService.java
@@ -4,6 +4,7 @@
 import org.springframework.transaction.annotation.Transactional;
 
 import com.dnd.dndtravel.auth.domain.RefreshToken;
+import com.dnd.dndtravel.auth.exception.RefreshTokenInvalidException;
 import com.dnd.dndtravel.auth.repository.RefreshTokenRepository;
 import com.dnd.dndtravel.auth.service.dto.response.TokenResponse;
 import com.dnd.dndtravel.auth.service.dto.response.ReissueTokenResponse;
@@ -16,26 +17,33 @@ public class JwtTokenService {
 	private final JwtProvider jwtProvider;
 	private final RefreshTokenRepository refreshTokenRepository;
 
-	// todo 현재 refreshtoken하나로 계속해서 발급해주는 모델인데, 이는 리프레쉬 탈취시 보안위협있음. 추후 개선 필요
 	@Transactional
 	public TokenResponse generateTokens(Long memberId) {
 		RefreshToken refreshToken = refreshTokenRepository.findByMemberId(memberId);
 
+		// 리프레시 토큰이 없는경우
 		if (refreshToken == null) {
 			String newRefreshToken = jwtProvider.refreshToken();
 			refreshTokenRepository.save(RefreshToken.of(memberId, newRefreshToken)); // refreshToken은 DB에 저장
 			return new TokenResponse(jwtProvider.accessToken(memberId), newRefreshToken);
-		} else if (refreshToken.isExpire()) {
+		}
+
+		// 리프레시 토큰이 만료됐으면 재발급 받으라고 멘트줌
+		if (refreshToken.isExpire()) {
 			return null;
 		}
-
-		return new TokenResponse(jwtProvider.accessToken(memberId), null);
+
+		// 리프레시 토큰이 DB에 존재하고 유효한경우
+		refreshTokenRepository.delete(refreshToken);
+		String newRefreshToken = jwtProvider.refreshToken();
+		refreshTokenRepository.save(RefreshToken.of(refreshToken.getMemberId(), newRefreshToken));
+		return new TokenResponse(jwtProvider.accessToken(memberId), newRefreshToken);
 	}
 
 	@Transactional
 	public ReissueTokenResponse reIssue(String token) {
 		//validation
-		RefreshToken refreshToken = refreshTokenRepository.findByRefreshToken(token).orElseThrow(() -> new RuntimeException("유효하지 않은 토큰"));
+		RefreshToken refreshToken = refreshTokenRepository.findByRefreshToken(token).orElseThrow(() -> new RefreshTokenInvalidException(token));
 
 		//RTR
 		refreshTokenRepository.delete(refreshToken);

diff --git a/src/main/java/com/dnd/dndtravel/auth/service/MemberNameGenerator.java b/src/main/java/com/dnd/dndtravel/auth/service/MemberNameGenerator.java
@@ -0,0 +1,33 @@
+package com.dnd.dndtravel.auth.service;
+
+import java.util.Random;
+
+import org.springframework.stereotype.Component;
+
+@Component
+public class MemberNameGenerator {
+	private static final String[] ADJECTIVES = {
+		"가냘픈", "가엾은", "거센", "거친", "건조한",
+		"게으른", "고달픈", "귀여운", "그리운", "깨끗한",
+		"누런", "느린", "더러운", "덜된", "동그란", "뛰어난",
+		"무서운", "미친", "보람찬", "뽀얀", "비싼", "서툰","섣부른",
+  		"성가신","수줍은","쏜살같은","못난", "못생긴", "무거운", "빠른",
+		"용감한", "행복한", "슬픈", "탐스러운", "한결같은","희망찬"
+	};
+
+	private static final String[] ANIMALS = {
+		"사자", "호랑이", "곰", "여우", "토끼",
+		"거북이", "고양이", "늑대", "강아지", "팬더",
+		"병아리", "망아지", "코끼리", "오징어", "바퀴벌레",
+		"거머리", "개미핥기", "돌고래", "순록", "올빼미", "박쥐",
+		"펭귄", "나무늘보", "오소리", "하이에나", "햄스터"
+	};
+
+	private final Random random = new Random();
+
+	public String generateRandomName() {
+		String adjective = ADJECTIVES[this.random.nextInt(ADJECTIVES.length)];
+		String animal = ANIMALS[this.random.nextInt(ANIMALS.length)];
+		return adjective + animal;
+	}
+}
diff --git a/src/main/java/com/dnd/dndtravel/auth/service/TokenDecoder.java b/src/main/java/com/dnd/dndtravel/auth/service/TokenDecoder.java
@@ -2,6 +2,7 @@
 
 import java.util.Base64;
 
+import com.dnd.dndtravel.auth.exception.AppleTokenDecodingException;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
@@ -25,7 +26,7 @@ public static <T> T decodePayload(String token, Class<T> targetClass) {
 		try {
 			return objectMapper.readValue(payload, targetClass);
 		} catch (Exception e) {
-			throw new RuntimeException("Error decoding token payload", e);
+			throw new AppleTokenDecodingException(e);
 		}
 	}
 }