♻️ /revoke를 refresh토큰 기준으로 변경

Author: cheshireHYUN

src/main/java/com/boggle_boggle/bbegok/config/properties/AppleProperties.java

@@ -49,11 +49,11 @@ public String getAppleLoginUrl(String redirectUri) {
     }
 
 
-    public String getAppleRevokeData(String accessToken) throws IOException {
+    public String getAppleRevokeData(String refreshToken) throws IOException {
         return "client_id="  + aud
                 +"&client_secret=" + createClientSecretKey()
-                +"&token=" + accessToken
-                +"&token_type_hint=access_token";
+                +"&token=" + refreshToken
+                +"&token_type_hint=refresh_token";
     }
 
     public String generateAuthToken(String code) throws IOException {

src/main/java/com/boggle_boggle/bbegok/entity/user/User.java

@@ -38,9 +38,13 @@ public class User {
     private String password;
 
     @JsonIgnore
-    @Column(name = "access_token", length = 512)
+    @Column(name = "oauth2_access_token", length = 512)
     private String oauth2AccessToken;
 
+    @JsonIgnore
+    @Column(name = "oauth2_refresh_token", length = 512)
+    private String oauth2RefreshToken;
+
     @Column(name = "email", length = 512, unique = true, nullable = true)
     @Size(max = 512)
     private String email;
@@ -105,14 +109,16 @@ protected User(
             RoleType roleType,
             LocalDateTime createdAt,
             LocalDateTime modifiedAt,
-            String accessToken) {
+            String accessToken,
+            String refreshToken) {
         this.userId = userId;
         this.emailVerifiedYn = emailVerifiedYn;
         this.providerType = providerType;
         this.roleType = roleType;
         this.createdAt = createdAt;
         this.modifiedAt = modifiedAt;
         this.oauth2AccessToken = accessToken;
+        this.oauth2RefreshToken = refreshToken;
     }
 
 
@@ -133,9 +139,10 @@ public static User createUser(
             @NotNull RoleType roleType,
             @NotNull LocalDateTime createdAt,
             @NotNull LocalDateTime modifiedAt,
-            @NotNull String accessToken
+            @NotNull String accessToken,
+            @NotNull String refreshToken
     ){
-        return new User(userId, emailVerifiedYn, providerType, roleType, createdAt, modifiedAt, accessToken);
+        return new User(userId, emailVerifiedYn, providerType, roleType, createdAt, modifiedAt, accessToken, refreshToken);
     }
 
     public void updateNickName(String nickName){
@@ -153,7 +160,8 @@ public void updateGuestToUser(String latestVersion) {
         this.agreedVersion = latestVersion;
     }
 
-    public void updateAccessToken(String accessToken) {
+    public void updateAccessToken(String accessToken, String refreshToken) {
         this.oauth2AccessToken = accessToken;
+        this.oauth2RefreshToken = refreshToken;
     }
 }

src/main/java/com/boggle_boggle/bbegok/service/AppleService.java

@@ -60,9 +60,7 @@ public User process(String code) {
             JSONParser jsonParser = new JSONParser();
             JSONObject jsonObj = (JSONObject) jsonParser.parse(appleProperties.generateAuthToken(code));
             String accessToken = String.valueOf(jsonObj.get("access_token"));
-            String refresh_token  = String.valueOf(jsonObj.get("refresh_token"));
-            log.debug("%%%%%access_token : {}",accessToken);
-            log.debug("%%%%%refresh_token : {}",refresh_token);
+            String refreshToken  = String.valueOf(jsonObj.get("refresh_token"));
 
             // ID TOKEN을 통해 회원 고유 식별자 받기
             SignedJWT signedJWT = SignedJWT.parse(String.valueOf(jsonObj.get("id_token")));
@@ -81,9 +79,9 @@ public User process(String code) {
                                     " account. Please use your " + savedUser.getProviderType() + " account to login."
                     );
                 }
-                savedUser.updateAccessToken(accessToken);
+                savedUser.updateAccessToken(accessToken, refreshToken);
             } else {
-                savedUser = createAppleUser(userId,accessToken);
+                savedUser = createAppleUser(userId,accessToken, refreshToken);
                 userSettingsRepository.saveAndFlush(UserSettings.createUserSettings(savedUser));
             }
 
@@ -125,7 +123,7 @@ public String determineSuccessRedirectUrl(String accessToken, String baseUrl) {
                 .build().toUriString();
     }
 
-    private User createAppleUser(String userId, String accessToken) {
+    private User createAppleUser(String userId, String accessToken, String refreshToken) {
         log.debug("# ACCESS TOKEN =>>>>> {}",accessToken);
         LocalDateTime now = LocalDateTime.now();
         User user = User.createUser(
@@ -135,7 +133,8 @@ private User createAppleUser(String userId, String accessToken) {
                 RoleType.GUEST,
                 now,
                 now,
-                accessToken
+                accessToken,
+                refreshToken
         );
 
         return userRepository.saveAndFlush(user);

src/main/java/com/boggle_boggle/bbegok/service/RevokeService.java

@@ -50,13 +50,13 @@ public void deleteAccount(String userId) throws IOException {
 
         switch (user.getProviderType()) {
             case APPLE -> deleteAppleAccount(user);
-            case GOOGLE -> deleteGoogleAccount(user);
-            case KAKAO -> deleteKakaoAccount(user);
+            //case GOOGLE -> deleteGoogleAccount(user);
+            //case KAKAO -> deleteKakaoAccount(user);
         }
     }
 
     public void deleteAppleAccount(User user) throws IOException {
-        String data = appleProperties.getAppleRevokeData(user.getOauth2AccessToken());
+        String data = appleProperties.getAppleRevokeData(user.getOauth2RefreshToken());
         sendRevokeRequest(data, ProviderType.APPLE, null);
     }