✅ test: qa 테스트 전용 토큰 발급 컨트롤러 추가

strongmhk · strongmhk · commit 3a18a9c88d1b · 2026-03-01T16:33:42.000+09:00
diff --git a/src/main/java/akuma/whiplash/domains/auth/presentation/QaAuthController.java b/src/main/java/akuma/whiplash/domains/auth/presentation/QaAuthController.java
@@ -0,0 +1,52 @@
+package akuma.whiplash.domains.auth.presentation;
+
+import akuma.whiplash.domains.member.domain.contants.Role;
+import akuma.whiplash.domains.member.persistence.entity.MemberEntity;
+import akuma.whiplash.domains.member.persistence.repository.MemberRepository;
+import akuma.whiplash.global.config.security.jwt.JwtProvider;
+import akuma.whiplash.global.response.ApplicationResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Profile;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * QA 전용 토큰 발급 컨트롤러
+ *
+ * - @Profile("qa") 로 QA 서버에서만 활성화, prod 배포 시 Bean 자체가 생성되지 않음
+ * - 소셜 로그인 없이 socialId 기반으로 JWT를 발급
+ * - k6 setup() 단계에서 호출해 테스트용 토큰을 자동 발급받는 용도
+ *
+ * 사용 예시:
+ *   POST /qa/auth/token?socialId=QA_DUMMY_001&deviceId=k6-device-001
+ */
+@Profile("qa")
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/qa/auth")
+public class QaAuthController {
+
+    private final MemberRepository memberRepository;
+    private final JwtProvider jwtProvider;
+
+    private static final String BEARER_PREFIX = "Bearer ";
+
+    @PostMapping("/token")
+    public ApplicationResponse<String> issueToken(
+        @RequestParam String socialId,
+        @RequestParam(defaultValue = "k6-device") String deviceId
+    ) {
+        MemberEntity member = memberRepository.findBySocialId(socialId)
+            .orElseThrow(() -> new IllegalArgumentException("존재하지 않는 socialId: " + socialId));
+
+        String accessToken = jwtProvider.generateAccessToken(
+            member.getId(),
+            Role.USER,
+            deviceId
+        );
+
+        return ApplicationResponse.onSuccess(BEARER_PREFIX + accessToken);
+    }
+}
diff --git a/src/main/java/akuma/whiplash/global/config/security/RequestMatcherHolder.java b/src/main/java/akuma/whiplash/global/config/security/RequestMatcherHolder.java
@@ -64,6 +64,9 @@ public class RequestMatcherHolder {
         // actuator
         new RequestInfo(GET, "/actuator/**", null),
 
+        // QA 전용 토큰 발급 (SecurityConfig에서 qa 프로파일에서만 등록)
+        new RequestInfo(POST, "/qa/auth/token", null),
+
         // 빌드 에러 방지를 위해 각 권한에 대한 RequestInfo가 최소 1개씩은 리스트에 있어야함
         new RequestInfo(GET, "/api/admin/**", ADMIN)
     );
