Merge pull request #150 from Boggle-Boggle/refactor/#145

- 회원 API URI 수정
- 약관 조회 api 리팩토링
- 회원탈퇴 API 리팩토링
- 변경사항에 대한 Test 작성 및 Rest docs 작성

Author: cheshireHYUN

src/docs/asciidoc/index.adoc

@@ -17,8 +17,14 @@ include::info.adoc[]
 //소셜 로그인
 include::oauth2-api.adoc[]
 
+//약관
+include::terms.adoc[]
+
+//유저
+include::user.adoc[]
+
 //책
 include::book-api.adoc[]
 
 //독서기록
-include::record-api.adoc[]
+include::record-api.adoc[]

src/docs/asciidoc/oauth2-api.adoc

@@ -16,10 +16,10 @@ include::{snippets}/auth/oauth2-authorize/query-parameters.adoc[]
 [discrete]
 ==== 응답
 include::{snippets}/auth/oauth2-authorize/http-response.adoc[]
-include::{snippets}/auth/oauth2-authorize/response-fields.adoc[]
+include::{snippets}/auth/oauth2-authorize/response-fields-data.adoc[]
 
 
-=== 소셜 로그인 콜백 처리
+=== 소셜 로그인 콜백
 
 [discrete]
 ==== 응답 예시
@@ -48,4 +48,22 @@ include::{snippets}/auth/oauth2-authorize/response-fields.adoc[]
 ==== 실제 응답
 
 include::{snippets}/auth/oauth2-callback/http-response.adoc[]
-include::{snippets}/auth/oauth2-callback/response-fields-data.adoc[]
+include::{snippets}/auth/oauth2-callback/response-fields-data.adoc[]
+
+
+=== 회원가입 요청
+
+소셜 로그인 후 `SIGNUP_REQUIRED` 상태로 받은 `preSignupId`를 활용해 회원가입을 진행합니다.
+
+[discrete]
+==== 요청
+include::{snippets}/auth/oauth2-signup/http-request.adoc[]
+include::{snippets}/auth/oauth2-signup/request-fields.adoc[]
+
+[discrete]
+==== 응답
+---
+쿠키에 DEVICE_CODE 및 REFRESH_TOKEN이 셋팅됨(30 Days 영구쿠키)
+
+include::{snippets}/auth/oauth2-signup/http-response.adoc[]
+include::{snippets}/auth/oauth2-signup/response-fields-data.adoc[]

src/docs/asciidoc/terms.adoc

@@ -0,0 +1,20 @@
+[[terms-api]]
+== 📃 약관 API
+
+앱 회원가입 시 약관 목록을 조회할 수 있습니다.
+항상 최신 버전의 약관이 반환됩니다.
+
+=== 약관 목록 조회
+
+현재 유효한 약관 리스트를 반환합니다.
+회원가입 시 사용자에게 보여줘야 할 약관들입니다.
+
+[discrete]
+==== 요청
+include::{snippets}/terms/get-latest-terms/http-request.adoc[]
+
+[discrete]
+==== 응답
+
+include::{snippets}/terms/get-latest-terms/http-response.adoc[]
+include::{snippets}/terms/get-latest-terms/response-fields-terms.adoc[]

src/docs/asciidoc/user.adoc

@@ -0,0 +1,36 @@
+[[user-api]]
+== 👤 사용자 API
+
+회원 정보 관련 기능을 제공합니다.
+
+=== 회원 탈퇴
+
+회원 탈퇴를 수행하고, 관련 쿠키를 삭제합니다.
+
+[discrete]
+==== 요청
+
+include::{snippets}/user/delete-user/http-request.adoc[]
+include::{snippets}/user/delete-user/request-fields.adoc[]
+
+[discrete]
+==== 탈퇴 사유 코드 (WithdrawType)
+
+|===
+|코드 |설명
+
+|PRIVACY_CONCERN |개인정보 및 보안이 우려돼요
+|REJOIN_AFTER_WITHDRAWAL |탈퇴 후 신규가입할 거예요
+|SERVICE_ERROR |서비스 장애와 오류가 있어요
+|LACK_OF_FEATURES |원하는 기능이 부족해요
+|TOO_TEDIOUS |기록하기가 번거롭고 귀찮아요
+|BAD_UI_UX |인터페이스가 불편하거나 직관적이지 않아요
+|NO_LONGER_NEEDED |더 이상 독서기록이 필요하지 않아요
+|ETC |기타
+|===
+
+[discrete]
+==== 응답
+
+include::{snippets}/user/delete-user/http-response.adoc[]
+include::{snippets}/user/delete-user/response-fields.adoc[]

src/main/java/com/boggle_boggle/bbegok/config/properties/OAuthProperties.java

@@ -1,8 +1,22 @@
 package com.boggle_boggle.bbegok.config.properties;
 
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
 import lombok.Getter;
 import lombok.Setter;
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import org.bouncycastle.openssl.PEMParser;
+import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.core.io.ClassPathResource;
+
+import java.io.IOException;
+import java.io.Reader;
+import java.io.StringReader;
+import java.security.PrivateKey;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
 
 @ConfigurationProperties(prefix = "oauth")
 @Getter

src/main/java/com/boggle_boggle/bbegok/config/security/AppleKeyConfig.java

@@ -13,6 +13,7 @@
 import java.security.interfaces.ECPrivateKey;
 import java.security.spec.PKCS8EncodedKeySpec;
 
+//p8 key 읽어서 ECPrivateKey를 Bean으로 등록
 @Configuration
 @RequiredArgsConstructor
 public class AppleKeyConfig {

src/main/java/com/boggle_boggle/bbegok/config/security/SecurityConfig.java

@@ -54,7 +54,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                         .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                         .requestMatchers("/actuator/**").permitAll()
                         .requestMatchers("/auth/**").permitAll()
-                        .requestMatchers("/user/**").permitAll()
+                        .requestMatchers("/terms/**").permitAll()
                         .anyRequest().hasAuthority(RoleType.USER.getCode()))
 
                 //토큰 검증 필터

src/main/java/com/boggle_boggle/bbegok/controller/OAuth2AuthController.java

@@ -3,16 +3,19 @@
 import com.boggle_boggle.bbegok.config.properties.AppProperties;
 import com.boggle_boggle.bbegok.dto.OAuthLoginResponse;
 import com.boggle_boggle.bbegok.dto.base.DataResponseDto;
+import com.boggle_boggle.bbegok.dto.request.SignupRequest;
 import com.boggle_boggle.bbegok.enums.SignStatus;
 import com.boggle_boggle.bbegok.oauth.client.OAuth2RedirectUriBuilder;
 import com.boggle_boggle.bbegok.oauth.entity.ProviderType;
 import com.boggle_boggle.bbegok.service.OAuth2LoginService;
 import com.boggle_boggle.bbegok.service.QueryService;
+import com.boggle_boggle.bbegok.service.UserService;
 import com.boggle_boggle.bbegok.utils.CookieUtil;
 import com.boggle_boggle.bbegok.utils.OauthValidateUtil;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.servlet.http.HttpSession;
+import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.beans.factory.annotation.Value;
@@ -24,15 +27,30 @@
 import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.DEVICE_CODE;
 
 @RestController
-@RequestMapping("/auth/oauth2")
+@RequestMapping("/auth")
 @RequiredArgsConstructor
 public class OAuth2AuthController {
 
     private final OAuth2LoginService oauth2LoginService;
     private final QueryService queryService;
+    private final UserService userService;
     private final OAuth2RedirectUriBuilder oAuth2RedirectUriBuilder;
 
-    @GetMapping("/authorize")
+    //회원가입
+    @PostMapping("/signup")
+    public DataResponseDto<OAuthLoginResponse> signup(@Valid @RequestBody SignupRequest signupRequest,
+                                                      HttpServletRequest request,
+                                                      HttpServletResponse response) {
+        OAuthLoginResponse oauthLoginResponse = userService.signup(signupRequest.getPreSignupId(), signupRequest.getNickname(), signupRequest.getAgreements());
+        if(oauthLoginResponse.getStatus() == SignStatus.EXISTING_USER) {
+            queryService.setLoginCookie(request, response, oauthLoginResponse);
+            oauthLoginResponse.clearLoginData();
+        }
+        return DataResponseDto.of(oauthLoginResponse);
+    }
+
+    //리다이렉트할 인증서버URI를 리턴
+    @GetMapping("/oauth2/authorize")
     public DataResponseDto<Map<String, String>> authorize(@RequestParam("provider") ProviderType providerType, HttpSession session) {
         String state = UUID.randomUUID().toString();
         session.setAttribute("oauth2_state", state);
@@ -42,7 +60,7 @@ public DataResponseDto<Map<String, String>> authorize(@RequestParam("provider")
     }
 
     //oauth 인증서버에서 인가코드를 리다이렉트(302)하는 콜백 API
-    @GetMapping("/callback/{provider}")
+    @GetMapping("/oauth2/callback/{provider}")
     public DataResponseDto<OAuthLoginResponse> oauth2Callback(
             @PathVariable("provider") ProviderType providerType,
             @RequestParam("code") String code,

src/main/java/com/boggle_boggle/bbegok/controller/TermsController.java

@@ -0,0 +1,35 @@
+package com.boggle_boggle.bbegok.controller;
+
+import com.boggle_boggle.bbegok.dto.TermsAgreement;
+import com.boggle_boggle.bbegok.dto.base.DataResponseDto;
+import com.boggle_boggle.bbegok.dto.response.TermsResponse;
+import com.boggle_boggle.bbegok.service.TermsService;
+import com.boggle_boggle.bbegok.service.UserService;
+import jakarta.validation.Valid;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping("/terms")
+@RequiredArgsConstructor
+public class TermsController {
+    private final UserService userService;
+    private final TermsService termsService;
+
+    //약관조회
+    @GetMapping
+    public DataResponseDto<TermsResponse> getLatestTerms() {
+        return DataResponseDto.of(termsService.getLatestTerms());
+    }
+
+    /** 약관동의
+    @PutMapping
+    public DataResponseDto<Void> agreeToTerms(@RequestBody @Valid List<TermsAgreement> request,
+                                              @AuthenticationPrincipal UserDetails userDetails) {
+        userService.agreeToTerms(request,userDetails.getUsername());
+        return DataResponseDto.empty();
+    }
+  **/
+}

src/main/java/com/boggle_boggle/bbegok/controller/UserController.java

@@ -35,28 +35,18 @@ public class UserController {
     private final QueryService queryService;
     private final UserService userService;
 
-    @PostMapping()
-    public DataResponseDto<OAuthLoginResponse> signup(@Valid @RequestBody SignupRequest signupRequest,
-                                                      HttpServletRequest request,
-                                                      HttpServletResponse response) {
-        OAuthLoginResponse oauthLoginResponse = userService.signup(signupRequest.getPreSignupId(), signupRequest.getNickname(), signupRequest.getAgreements());
-        if(oauthLoginResponse.getStatus() == SignStatus.EXISTING_USER) {
-            queryService.setLoginCookie(request, response, oauthLoginResponse);
-            oauthLoginResponse.clearLoginData();
-        }
-        return DataResponseDto.of(oauthLoginResponse);
-    }
-/*
+
     @DeleteMapping
     public DataResponseDto<Void> deleteUser(HttpServletRequest request, HttpServletResponse response,
                                             @Valid @RequestBody WithdrawReasonRequest withdrawReasonRequest,
                                             @AuthenticationPrincipal UserDetails userDetails) throws IOException {
+        //계정 삭제 및 revoke 처리
         revokeService.deleteAccount(userDetails.getUsername(), withdrawReasonRequest);
-        CookieUtil.deleteCookie(request, response, REFRESH_TOKEN,domain);
-        CookieUtil.deleteCookie(request, response, DEVICE_CODE,domain);
+        //쿠키삭제
+        queryService.clearAllCookie(request, response);
         return DataResponseDto.empty();
     }
-
+/*
     //닉네임 수정
     @PatchMapping("/nickname")
     public DataResponseDto<Void> updateNickname(@AuthenticationPrincipal UserDetails userDetails,
@@ -78,18 +68,5 @@ public DataResponseDto<String> getAuthorization(@AuthenticationPrincipal UserDet
         return DataResponseDto.of(userService.getAuthorization(userDetails.getUsername()));
     }
 
-    //약관조회
-    @GetMapping("/terms")
-    public DataResponseDto<TermsResponse> getLatestTerms(@AuthenticationPrincipal UserDetails userDetails) {
-        return DataResponseDto.of(userService.getLatestTerms(userDetails.getUsername()));
-    }
-    
-    //약관동의
-    @PutMapping("/terms")
-    public DataResponseDto<Void> agreeToTerms(@RequestBody @Valid List<TermsAgreement> request,
-                                              @AuthenticationPrincipal UserDetails userDetails) {
-        userService.agreeToTerms(request,userDetails.getUsername());
-        return DataResponseDto.empty();
-    }
  */
 }