feat: 토큰 응답 시 사용자 권한 응답 추가

ysw789 · web-flow · commit 1917f710217f · 2025-02-15T23:18:08.000+09:00
* feat: 토큰 생성 응답 DTO에 사용자 권한 필드 추가

* feat: 토큰 생성, 갱신 로직 수정
- 토큰과 사용자 권한을 같이 응답시키도록 구현
diff --git a/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java b/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java
@@ -64,6 +64,7 @@ public ResponseEntity<Void> tokenRotation(@AuthenticationPrincipal final UserDet
         final HttpHeaders headers = new HttpHeaders();
         headers.add("Access-Token", tokenBox.getAccessToken());
         headers.add("Refresh-Token", tokenBox.getRefreshToken());
+        headers.add("Authority", tokenBox.getAuthority());
 
         return ResponseEntity.ok().headers(headers).build();
     }
diff --git a/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java b/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java
@@ -9,10 +9,14 @@
 import dmu.dasom.api.global.auth.jwt.JwtUtil;
 import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.Collection;
+import java.util.Iterator;
+
 @RequiredArgsConstructor
 @Service
 @Transactional(readOnly = true)
@@ -49,7 +53,13 @@ public void signUp(final SignupRequestDto request) {
     // 토큰 갱신
     @Override
     public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
-        return jwtUtil.tokenRotation(userDetails);
+        final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
+        final Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
+        final GrantedAuthority auth = iterator.next();
+
+        final String authority = auth.getAuthority();
+
+        return jwtUtil.tokenRotation(userDetails.getUsername(), authority);
     }
 
 }
diff --git a/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java b/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java
@@ -19,4 +19,8 @@ public class TokenBox {
     @NotNull
     private String refreshToken;
 
+    @Schema(description = "권한")
+    @NotNull
+    private String authority;
+
 }
diff --git a/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java b/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java
@@ -17,9 +17,12 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import java.io.IOException;
+import java.util.Collection;
+import java.util.Iterator;
 
 @RequiredArgsConstructor
 public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@@ -47,12 +50,19 @@ protected void successfulAuthentication(final HttpServletRequest request, final
         // 기존 토큰 만료 처리
         jwtUtil.blacklistTokens(authResult.getName());
 
+        final Collection<? extends GrantedAuthority> authorities = authResult.getAuthorities();
+        final Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
+        final GrantedAuthority auth = iterator.next();
+
+        final String authority = auth.getAuthority();
+
         // 토큰 생성
-        final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName());
+        final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName(), authority);
 
         response.setStatus(HttpStatus.OK.value());
         response.setHeader("Access-Token", tokenBox.getAccessToken());
         response.setHeader("Refresh-Token", tokenBox.getRefreshToken());
+        response.setHeader("Authority", tokenBox.getAuthority());
     }
 
     @Override
diff --git a/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java b/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java
@@ -38,10 +38,11 @@ public JwtUtil(@Value("${jwt.secret}") final String secretKey, final StringRedis
     }
 
     // Access, Refresh 토큰 생성
-    public TokenBox generateTokenBox(final String email) {
+    public TokenBox generateTokenBox(final String email, final String authority) {
         final TokenBox tokenBox = TokenBox.builder()
                 .accessToken(generateToken(email, accessTokenExpiration))
                 .refreshToken(generateToken(email, refreshTokenExpiration))
+                .authority(authority)
                 .build();
 
         saveTokens(tokenBox, email);
@@ -132,9 +133,9 @@ public boolean isExpired(final String token) {
     }
 
     // Access, Refresh 토큰 갱신
-    public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
-        blacklistTokens(userDetails.getUsername());
-        return generateTokenBox(userDetails.getUsername());
+    public TokenBox tokenRotation(final String email, final String authority) {
+        blacklistTokens(email);
+        return generateTokenBox(email, authority);
     }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -64,6 +64,7 @@ public ResponseEntity<Void> tokenRotation(@AuthenticationPrincipal final UserDet`
`64`	`64`	`final HttpHeaders headers = new HttpHeaders();`
`65`	`65`	`headers.add("Access-Token", tokenBox.getAccessToken());`
`66`	`66`	`headers.add("Refresh-Token", tokenBox.getRefreshToken());`
	`67`	`+ headers.add("Authority", tokenBox.getAuthority());`
`67`	`68`
`68`	`69`	`return ResponseEntity.ok().headers(headers).build();`
`69`	`70`	`}`
Original file line number	Diff line number	Diff line change
`@@ -19,4 +19,8 @@ public class TokenBox {`
`19`	`19`	`@NotNull`
`20`	`20`	`private String refreshToken;`
`21`	`21`
	`22`	`+ @Schema(description = "권한")`
	`23`	`+ @NotNull`
	`24`	`+ private String authority;`
	`25`	`+`
`22`	`26`	`}`
Original file line number	Diff line number	Diff line change
`@@ -38,10 +38,11 @@ public JwtUtil(@Value("${jwt.secret}") final String secretKey, final StringRedis`
`38`	`38`	`}`
`39`	`39`
`40`	`40`	`// Access, Refresh 토큰 생성`
`41`		`- public TokenBox generateTokenBox(final String email) {`
	`41`	`+ public TokenBox generateTokenBox(final String email, final String authority) {`
`42`	`42`	`final TokenBox tokenBox = TokenBox.builder()`
`43`	`43`	`.accessToken(generateToken(email, accessTokenExpiration))`
`44`	`44`	`.refreshToken(generateToken(email, refreshTokenExpiration))`
	`45`	`+ .authority(authority)`
`45`	`46`	`.build();`
`46`	`47`
`47`	`48`	`saveTokens(tokenBox, email);`
`@@ -132,9 +133,9 @@ public boolean isExpired(final String token) {`
`132`	`133`	`}`
`133`	`134`
`134`	`135`	`// Access, Refresh 토큰 갱신`
`135`		`- public TokenBox tokenRotation(final UserDetailsImpl userDetails) {`
`136`		`- blacklistTokens(userDetails.getUsername());`
`137`		`- return generateTokenBox(userDetails.getUsername());`
	`136`	`+ public TokenBox tokenRotation(final String email, final String authority) {`
	`137`	`+ blacklistTokens(email);`
	`138`	`+ return generateTokenBox(email, authority);`
`138`	`139`	`}`
`139`	`140`
`140`	`141`	`}`