fix: TT-210 token을 "<type> <credential>"구조로 입력받음

Autorization에서 받아오는 token에서 type이 Bearer일 때 credential(JWT)을 decode한다.
twenty-three-23 · Jul 7, 2024 · 9d1ea20 · 9d1ea20
1 parent 901a515
commit 9d1ea20
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/src/main/java/com/twentythree/peech/auth/resolver/AuthArgumentResolver.java b/src/main/java/com/twentythree/peech/auth/resolver/AuthArgumentResolver.java
@@ -29,6 +29,9 @@ public boolean supportsParameter(MethodParameter parameter) {
     @Override
     public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
         try {
+
+            final String BEARER = "Bearer ";
+
             HttpServletRequest request = (HttpServletRequest) webRequest.getNativeRequest();
 
             String token = request.getHeader("Authorization");
@@ -37,7 +40,15 @@ public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer m
                 throw new UserAlreadyExistException("로그인을 다시 해주세요");
             }
 
-            Long userId = Long.parseLong(jwtUtils.parseJWT(token).getPayload().get("userId").toString());
+            String credential;
+
+            if (token.startsWith(BEARER)) {
+                credential = token.substring(BEARER.length());
+            } else {
+                throw new IllegalArgumentException("token의 type이 올바르지 않습니다.");
+            }
+
+            Long userId = Long.parseLong(jwtUtils.parseJWT(credential).getPayload().get("userId").toString());
 
             if (userId == null) {
                 throw new IllegalArgumentException("cookie의 userId가 잘 못 되었습니다");