Merge pull request #18 from AI-Tutor-2024/auth

[FIX] sign-in api 작동 오류에 따른 변경사항

Author: EunbeenDev

src/main/java/com/example/ai_tutor/domain/auth/application/AuthService.java

@@ -32,7 +32,7 @@
 @Transactional(readOnly = true)
 public class AuthService {
 
-    private final JwtUtil jwtUtil;
+    private final CustomTokenProviderService customTokenProviderService;
     private final AuthenticationManager authenticationManager;
 
     private final TokenRepository tokenRepository;
@@ -47,17 +47,17 @@ public ResponseEntity<?> refresh(RefreshTokenReq tokenRefreshRequest){
 
         Token token = tokenRepository.findByRefreshToken(tokenRefreshRequest.getRefreshToken())
                 .orElseThrow(InvalidTokenException::new);
-        Authentication authentication = jwtUtil.getAuthenticationByEmail(token.getUserEmail());
+        Authentication authentication = customTokenProviderService.getAuthenticationByEmail(token.getUserEmail());
 
         //refresh token 정보 값을 업데이트 한다.
         //시간 유효성 확인
         TokenMapping tokenMapping;
 
-        Long expirationTime = jwtUtil.getExpiration(tokenRefreshRequest.getRefreshToken());
+        Long expirationTime = customTokenProviderService.getExpiration(tokenRefreshRequest.getRefreshToken());
         if(expirationTime > 0){
-            tokenMapping = jwtUtil.refreshToken(authentication, token.getRefreshToken());
+            tokenMapping = customTokenProviderService.refreshToken(authentication, token.getRefreshToken());
         }else{
-            tokenMapping = jwtUtil.createToken(authentication);
+            tokenMapping = customTokenProviderService.createToken(authentication);
         }
 
         Token updateToken = token.updateRefreshToken(tokenMapping.getRefreshToken());
@@ -93,15 +93,15 @@ public ResponseEntity<?> signOut(UserPrincipal userPrincipal){
     private boolean valid(String refreshToken){
 
         //1. 토큰 형식 물리적 검증
-        boolean validateCheck = jwtUtil.validateToken(refreshToken);
+        boolean validateCheck = customTokenProviderService.validateToken(refreshToken);
         DefaultAssert.isTrue(validateCheck, "Token 검증에 실패하였습니다.");
 
         //2. refresh token 값을 불러온다.
         Optional<Token> token = tokenRepository.findByRefreshToken(refreshToken);
         DefaultAssert.isTrue(token.isPresent(), "탈퇴 처리된 회원입니다.");
 
         //3. email 값을 통해 인증값을 불러온다
-        Authentication authentication = jwtUtil.getAuthenticationByEmail(token.get().getUserEmail());
+        Authentication authentication = customTokenProviderService.getAuthenticationByEmail(token.get().getUserEmail());
         DefaultAssert.isTrue(token.get().getUserEmail().equals(authentication.getName()), "사용자 인증에 실패하였습니다.");
 
         return true;
@@ -120,10 +120,10 @@ public ResponseEntity<?> signIn(SignInReq signInReq) {
         );
         SecurityContextHolder.getContext().setAuthentication(authentication);
 
-        TokenMapping tokenMapping = jwtUtil.createToken(authentication);
+        TokenMapping tokenMapping = customTokenProviderService.createToken(authentication);
         Token token = Token.builder()
                 .refreshToken(tokenMapping.getRefreshToken())
-                .userEmail(tokenMapping.getUserEmail())
+                .userEmail(tokenMapping.getEmail())
                 .build();
         tokenRepository.save(token);
 

…tor/domain/auth/application/JwtUtil.java …lication/CustomTokenProviderService.javasrc/main/java/com/example/ai_tutor/domain/auth/application/JwtUtil.java renamed to src/main/java/com/example/ai_tutor/domain/auth/application/CustomTokenProviderService.java src/main/java/com/example/ai_tutor/domain/auth/application/JwtUtil.java renamed to src/main/java/com/example/ai_tutor/domain/auth/application/CustomTokenProviderService.java

@@ -6,27 +6,25 @@
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.io.Decoders;
 import io.jsonwebtoken.security.Keys;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Service;
 
+import java.nio.charset.StandardCharsets;
 import java.security.Key;
 import java.util.Date;
 
 @Slf4j
 @Service
-public class JwtUtil {
-
-    @Autowired
-    private OAuth2Config oAuth2Config;
-
-    @Autowired
-    private CustomUserDetailsService customUserDetailsService;
-
+@RequiredArgsConstructor
+public class CustomTokenProviderService {
 
+    private final OAuth2Config oAuth2Config;
+    private final CustomUserDetailsService customUserDetailsService;
 
     public TokenMapping createToken(Authentication authentication) {
         UserPrincipal userPrincipal = (UserPrincipal) authentication.getPrincipal();
@@ -36,9 +34,8 @@ public TokenMapping createToken(Authentication authentication) {
         Date accessTokenExpiresIn = new Date(now.getTime() + oAuth2Config.getAuth().getAccessTokenExpirationMsec());
         Date refreshTokenExpiresIn = new Date(now.getTime() + oAuth2Config.getAuth().getRefreshTokenExpirationMsec());
 
-        String secretKey = oAuth2Config.getAuth().getTokenSecret();
-
-        byte[] keyBytes = Decoders.BASE64.decode(secretKey);
+        String base64SecretKey = oAuth2Config.getAuth().getTokenSecret();
+        byte[] keyBytes = Decoders.BASE64.decode(base64SecretKey);
         Key key = Keys.hmacShaKeyFor(keyBytes);
 
         String accessToken = Jwts.builder()
@@ -54,7 +51,7 @@ public TokenMapping createToken(Authentication authentication) {
                 .compact();
 
         return TokenMapping.builder()
-                .userEmail(userPrincipal.getEmail())
+                .email(userPrincipal.getEmail())
                 .accessToken(accessToken)
                 .refreshToken(refreshToken)
                 .build();
@@ -71,14 +68,14 @@ public TokenMapping refreshToken(Authentication authentication, String refreshTo
         Key key = Keys.hmacShaKeyFor(keyBytes);
 
         String accessToken = Jwts.builder()
-                .setSubject(Long.toString(userPrincipal.getId()))
+                .setSubject(userPrincipal.getEmail())
                 .setIssuedAt(new Date())
                 .setExpiration(accessTokenExpiresIn)
                 .signWith(key, SignatureAlgorithm.HS512)
                 .compact();
 
         return TokenMapping.builder()
-                .userEmail(userPrincipal.getEmail())
+                .email(userPrincipal.getEmail())
                 .accessToken(accessToken)
                 .refreshToken(refreshToken)
                 .build();
@@ -101,33 +98,52 @@ public UsernamePasswordAuthenticationToken getAuthenticationById(String token){
         return authentication;
     }
 
-    public UsernamePasswordAuthenticationToken getAuthenticationByEmail(String email){
+
+
+    public String getEmailFromToken(String token) {
+        log.debug("Extracting email from token: {}", token);  // 추가된 로깅
+        Claims claims = Jwts.parserBuilder()
+                .setSigningKey(oAuth2Config.getAuth().getTokenSecret())
+                .build()
+                .parseClaimsJws(token)
+                .getBody();
+
+        String email = claims.getSubject();
+        log.debug("Email extracted: {}", email);  // 추가된 로깅
+        return email;
+    }
+
+    public UsernamePasswordAuthenticationToken getAuthenticationByEmail(String token) {
+        String email = getEmailFromToken(token);
         UserDetails userDetails = customUserDetailsService.loadUserByUsername(email);
-        UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
-        return authentication;
+        return new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
     }
 
     public Long getExpiration(String token) {
         // accessToken 남은 유효시간
-        Date expiration = Jwts.parserBuilder().setSigningKey(oAuth2Config.getAuth().getTokenSecret()).build().parseClaimsJws(token).getBody().getExpiration();
+        Date expiration = Jwts.parserBuilder()
+                .setSigningKey(oAuth2Config.getAuth().getTokenSecret())
+                .build()
+                .parseClaimsJws(token)
+                .getBody()
+                .getExpiration();
         // 현재 시간
         Long now = new Date().getTime();
-        //시간 계산
+        // 시간 계산
         return (expiration.getTime() - now);
     }
 
     public boolean validateToken(String token) {
         try {
-            log.info("JWT 검증 시작 - 토큰: {}", token);
+            log.info("Validating token: {}", token);
+
+            String base64SecretKey = oAuth2Config.getAuth().getTokenSecret();
+            byte[] keyBytes = Decoders.BASE64.decode(base64SecretKey);
+            Key key = Keys.hmacShaKeyFor(keyBytes);
 
-            String secretKey = oAuth2Config.getAuth().getTokenSecret();
-            if (secretKey == null || secretKey.isEmpty()) {
-                log.error("JWT 서명 검증 실패 - Secret Key가 설정되지 않았음");
-                return false;
-            }
 
             Jwts.parserBuilder()
-                    .setSigningKey(secretKey)
+                    .setSigningKey(key)
                     .build()
                     .parseClaimsJws(token);
 
@@ -150,7 +166,6 @@ public boolean validateToken(String token) {
         } catch (Exception ex) {
             log.error("예기치 않은 JWT 검증 오류 발생: {}", ex.getMessage(), ex);
         }
-
         return false;
     }
 

src/main/java/com/example/ai_tutor/domain/auth/application/CustomUserDetailsService.java

@@ -6,13 +6,15 @@
 import com.example.ai_tutor.global.config.security.token.UserPrincipal;
 import jakarta.transaction.Transactional;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 
 import java.util.Optional;
 
+@Slf4j
 @RequiredArgsConstructor
 @Service
 public class CustomUserDetailsService implements UserDetailsService {
@@ -21,21 +23,21 @@ public class CustomUserDetailsService implements UserDetailsService {
 
     @Override
     public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
-
+        log.debug("Trying to load user by email: {}", email);
         User user = userRepository.findByEmail(email)
-                .orElseThrow(() ->
-                        new UsernameNotFoundException("유저 정보를 찾을 수 없습니다.")
-                );
+                .orElseThrow(() -> new UsernameNotFoundException("유저 정보를 찾을 수 없습니다."));
 
+        log.debug("User found: {}", user);
         return UserPrincipal.create(user);
     }
 
     @Transactional
     public UserDetails loadUserById(Long id) {
+        log.debug("Trying to load user by ID: {}", id);
         Optional<User> user = userRepository.findById(id);
         DefaultAssert.isOptionalPresent(user);
 
+        log.debug("User found by ID: {}", user);
         return UserPrincipal.create(user.get());
     }
-
-}
+}

src/main/java/com/example/ai_tutor/domain/auth/dto/TokenMapping.java

@@ -1,22 +1,16 @@
 package com.example.ai_tutor.domain.auth.dto;
 
+import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
 @Getter
 public class TokenMapping {
-    private String userEmail;
+    private String email;
     private String accessToken;
     private String refreshToken;
-
-    public TokenMapping(){}
-
-    @Builder
-    public TokenMapping(String userEmail, String accessToken, String refreshToken){
-        this.userEmail = userEmail;
-        this.accessToken = accessToken;
-        this.refreshToken = refreshToken;
-    }
-
 }

src/main/java/com/example/ai_tutor/global/config/security/handler/CustomSimpleUrlAuthenticationSuccessHandler.java

@@ -1,36 +1,27 @@
 package com.example.ai_tutor.global.config.security.handler;
 
-import com.example.ai_tutor.domain.auth.application.JwtUtil;
+import com.example.ai_tutor.domain.auth.application.CustomTokenProviderService;
 import com.example.ai_tutor.domain.auth.domain.Token;
 import com.example.ai_tutor.domain.auth.domain.repository.CustomAuthorizationRequestRepository;
 import com.example.ai_tutor.domain.auth.domain.repository.TokenRepository;
 import com.example.ai_tutor.domain.auth.dto.TokenMapping;
-import com.example.ai_tutor.global.DefaultAssert;
-import com.example.ai_tutor.global.config.security.OAuth2Config;
-import com.example.ai_tutor.global.config.security.util.CustomCookie;
 import jakarta.servlet.ServletException;
-import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
-import org.springframework.web.util.UriComponentsBuilder;
 
 import java.io.IOException;
-import java.net.URI;
-import java.util.Optional;
-
-import static com.example.ai_tutor.domain.auth.domain.repository.CustomAuthorizationRequestRepository.REDIRECT_URI_PARAM_COOKIE_NAME;
 
 @Slf4j
 @RequiredArgsConstructor
 @Component
 public class CustomSimpleUrlAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
 
-    private final JwtUtil jwtUtil;             // JWT 생성 유틸
+    private final CustomTokenProviderService customTokenProviderService;             // JWT 생성 유틸
     private final TokenRepository tokenRepository;
     private final CustomAuthorizationRequestRepository customAuthorizationRequestRepository;
 
@@ -46,11 +37,11 @@ public void onAuthenticationSuccess(HttpServletRequest request,
         }
 
         // 1) JWT 토큰 생성
-        TokenMapping tokenMapping = jwtUtil.createToken(authentication);
+        TokenMapping tokenMapping = customTokenProviderService.createToken(authentication);
 
-        // 2) RefreshToken 저장 (DB or Redis etc.)
+        // 2) RefreshToken 저장
         Token token = Token.builder()
-                .userEmail(tokenMapping.getUserEmail())
+                .userEmail(tokenMapping.getEmail())
                 .refreshToken(tokenMapping.getRefreshToken())
                 .build();
         tokenRepository.save(token);

src/main/java/com/example/ai_tutor/global/config/security/token/JwtAuthenticationFilter.java

@@ -1,6 +1,6 @@
 package com.example.ai_tutor.global.config.security.token;
 
-import com.example.ai_tutor.domain.auth.application.JwtUtil;
+import com.example.ai_tutor.domain.auth.application.CustomTokenProviderService;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -19,7 +19,7 @@
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
     @Autowired
-    private JwtUtil jwtUtil;
+    private CustomTokenProviderService customTokenProviderService;
 
     public static final String AUTHORIZATION_HEADER_NAME = "Authorization";
     public static final String BEARER_TOKEN_PREFIX = "Bearer ";
@@ -29,8 +29,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         String jwt = getJwtFromRequest(request);
 
-        if (StringUtils.hasText(jwt) && jwtUtil.validateToken(jwt)) {
-            UsernamePasswordAuthenticationToken authentication = jwtUtil.getAuthenticationById(jwt);
+        if (StringUtils.hasText(jwt) && customTokenProviderService.validateToken(jwt)) {
+            UsernamePasswordAuthenticationToken authentication = customTokenProviderService.getAuthenticationByEmail(jwt);
             authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
             SecurityContextHolder.getContext().setAuthentication(authentication);
         }