Skip to content

Commit

Permalink
♻️ refactor: JWT 비밀키 서명로직 변경
Browse files Browse the repository at this point in the history
  • Loading branch information
youngreal committed Aug 23, 2024
1 parent 18825a5 commit b79c21a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 7 deletions.
16 changes: 9 additions & 7 deletions src/main/java/com/dnd/dndtravel/auth/service/JwtProvider.java
Original file line number Diff line number Diff line change
@@ -1,36 +1,38 @@
package com.dnd.dndtravel.auth.service;

import io.jsonwebtoken.*;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import java.util.Base64;
import java.util.Date;

import javax.crypto.SecretKey;

@Component
public class JwtProvider {
private static final String CLAIM_CONTENT = "memberId";
private final long accessTokenExpiredTime;
private final long refreshTokenExpiredTime;
private final String secretKey;
private final SecretKey secretKey;

public JwtProvider(
@Value("${jwt.secret-key}") String secretKey,
@Value("${jwt.secret-key}") String secretKeyString,
@Value("${jwt.access-token-expired-ms}") long accessTokenExpiredTime,
@Value("${jwt.refresh-token-expired-ms}") long refreshTokenExpiredTime
) {
this.secretKey = secretKey;
) {
this.accessTokenExpiredTime = accessTokenExpiredTime;
this.refreshTokenExpiredTime = refreshTokenExpiredTime;
this.secretKey = Keys.hmacShaKeyFor(Decoders.BASE64URL.decode(secretKeyString));
}

public String accessToken(Long memberId) {
return Jwts.builder()
.claim(CLAIM_CONTENT, memberId)
.issuedAt(new Date(System.currentTimeMillis()))
.expiration(new Date(System.currentTimeMillis() + this.accessTokenExpiredTime))
.signWith(Keys.hmacShaKeyFor(Base64.getDecoder().decode(this.secretKey)))
.signWith(secretKey)
.compact();
}

Expand All @@ -39,7 +41,7 @@ public String refreshToken(Long memberId) {
.claim(CLAIM_CONTENT, memberId)
.issuedAt(new Date(System.currentTimeMillis()))
.expiration(new Date(System.currentTimeMillis() + this.refreshTokenExpiredTime))
.signWith(Keys.hmacShaKeyFor(Base64.getDecoder().decode(this.secretKey)))
.signWith(secretKey)
.compact();
}
}
2 changes: 2 additions & 0 deletions src/main/resources/application.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ spring:
password: ${MYSQL_PASSWORD}
jpa:
open-in-view: false
hibernate:
ddl-auto: create # local에서만 사용할거고, prod 환경과 분리 필요

social-login:
provider:
Expand Down

0 comments on commit b79c21a

Please sign in to comment.