Merge remote-tracking branch 'origin/dev' into dev

Author: hodoon

src/main/java/dmu/dasom/api/domain/google/service/GoogleApiService.java

@@ -7,37 +7,44 @@
 import com.google.api.services.sheets.v4.Sheets;
 import com.google.api.services.sheets.v4.model.UpdateValuesResponse;
 import com.google.api.services.sheets.v4.model.ValueRange;
+import com.google.auth.Credentials;
 import com.google.auth.http.HttpCredentialsAdapter;
 import com.google.auth.oauth2.GoogleCredentials;
 import dmu.dasom.api.domain.common.exception.CustomException;
 import dmu.dasom.api.domain.common.exception.ErrorCode;
+import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.stereotype.Service;
 
+import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
 import java.util.Collections;
 import java.util.List;
 
+@RequiredArgsConstructor
 @Service
 public class GoogleApiService {
 
     private static final Logger logger = LoggerFactory.getLogger(GoogleApiService.class);
     private static final String APPLICATION_NAME = "Recruit Form";
     private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
-    @Value("${google.credentials.file.path}")
-    private String credentialsFilePath;
+    @Value("${google.credentials.json}")
+    private String credentialsJson;
     private Sheets sheetsService;
 
-    // 해당 메소드는 sheets의 인스턴스를 얻는데 사용
+    // Google Sheets API 서비스 객체를 생성하는 메소드
     private Sheets getSheetsService() throws IOException, GeneralSecurityException{
         if(sheetsService == null){
+            ByteArrayInputStream credentialsStream = new ByteArrayInputStream(credentialsJson.getBytes(StandardCharsets.UTF_8));
             GoogleCredentials credentials = GoogleCredentials
-                    .fromStream(new ClassPathResource(credentialsFilePath).getInputStream())
+                    .fromStream(credentialsStream)
                     .createScoped(Collections.singletonList("https://www.googleapis.com/auth/spreadsheets"));
+
             sheetsService = new Sheets.Builder(GoogleNetHttpTransport.newTrustedTransport(), JSON_FACTORY, new HttpCredentialsAdapter(credentials))
                     .setApplicationName(APPLICATION_NAME)
                     .build();

src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java

@@ -3,6 +3,8 @@
 import dmu.dasom.api.domain.common.exception.ErrorResponse;
 import dmu.dasom.api.domain.member.dto.SignupRequestDto;
 import dmu.dasom.api.domain.member.service.MemberService;
+import dmu.dasom.api.global.auth.dto.TokenBox;
+import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.ExampleObject;
@@ -11,11 +13,10 @@
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.*;
 
 @RestController
 @RequestMapping("/api")
@@ -39,16 +40,32 @@ public class MemberController {
                                     ),
                                     @ExampleObject(
                                             name = "이메일 또는 비밀번호 형식 올바르지 않음",
-                                            value = "{ \"code\": \"C007\", \"message\": \"요청한 값이 올바르지 않습니다.\" }"
-                                    )
-                            }
-                    )
-            )
-    })
+                                            value = "{ \"code\": \"C007\", \"message\": \"요청한 값이 올바르지 않습니다.\" }")}))})
     @PostMapping("/auth/signup")
     public ResponseEntity<Void> signUp(@Valid @RequestBody final SignupRequestDto request) {
         memberService.signUp(request);
         return ResponseEntity.ok().build();
     }
 
+    @Operation(summary = "토큰 갱신")
+    @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "토큰 갱신 성공 (Header로 토큰 반환)"),
+            @ApiResponse(responseCode = "400", description = "실패 케이스",
+                    content = @Content(
+                            mediaType = "application/json",
+                            schema = @Schema(implementation = ErrorResponse.class),
+                            examples = {
+                                    @ExampleObject(
+                                            name = "RefreshToken 만료",
+                                            value = "{ \"code\": \"C004\", \"message\": \"토큰이 만료되었습니다.\" }")}))})
+    @GetMapping("/auth/rotation")
+    public ResponseEntity<Void> tokenRotation(@AuthenticationPrincipal final UserDetailsImpl userDetails) {
+        final TokenBox tokenBox = memberService.tokenRotation(userDetails);
+        final HttpHeaders headers = new HttpHeaders();
+        headers.add("Access-Token", tokenBox.getAccessToken());
+        headers.add("Refresh-Token", tokenBox.getRefreshToken());
+
+        return ResponseEntity.ok().headers(headers).build();
+    }
+
 }

src/main/java/dmu/dasom/api/domain/member/service/MemberService.java

@@ -2,6 +2,8 @@
 
 import dmu.dasom.api.domain.member.dto.SignupRequestDto;
 import dmu.dasom.api.domain.member.entity.Member;
+import dmu.dasom.api.global.auth.dto.TokenBox;
+import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 
 public interface MemberService {
 
@@ -11,4 +13,6 @@ public interface MemberService {
 
     void signUp(final SignupRequestDto request);
 
+    TokenBox tokenRotation(final UserDetailsImpl userDetails);
+
 }

src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java

@@ -5,6 +5,9 @@
 import dmu.dasom.api.domain.member.dto.SignupRequestDto;
 import dmu.dasom.api.domain.member.entity.Member;
 import dmu.dasom.api.domain.member.repository.MemberRepository;
+import dmu.dasom.api.global.auth.dto.TokenBox;
+import dmu.dasom.api.global.auth.jwt.JwtUtil;
+import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
@@ -17,6 +20,7 @@ public class MemberServiceImpl implements MemberService {
 
     private final BCryptPasswordEncoder encoder;
     private final MemberRepository memberRepository;
+    private final JwtUtil jwtUtil;
 
     // 이메일로 사용자 조회
     @Override
@@ -42,4 +46,10 @@ public void signUp(final SignupRequestDto request) {
         memberRepository.save(request.toEntity(encoder.encode(request.getPassword())));
     }
 
+    // 토큰 갱신
+    @Override
+    public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
+        return jwtUtil.tokenRotation(userDetails);
+    }
+
 }

src/main/java/dmu/dasom/api/global/auth/config/SecurityConfig.java

@@ -68,7 +68,7 @@ public SecurityFilterChain filterChain(final HttpSecurity http, final Authentica
                         .sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers("/api/admin/**").hasRole(Role.ROLE_ADMIN.getName())
-                        .requestMatchers("/api/auth/logout").authenticated()
+                        .requestMatchers("/api/auth/logout", "/api/auth/rotation").authenticated()
                         .anyRequest().permitAll())
                 .addFilterBefore(jwtFilter, CustomAuthenticationFilter.class)
                 .addFilterAt(customAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)

src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java

@@ -3,6 +3,7 @@
 import dmu.dasom.api.domain.common.exception.CustomException;
 import dmu.dasom.api.domain.common.exception.ErrorCode;
 import dmu.dasom.api.global.auth.dto.TokenBox;
+import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 import io.jsonwebtoken.*;
 import io.jsonwebtoken.security.SignatureException;
 import org.springframework.beans.factory.annotation.Value;
@@ -130,4 +131,10 @@ public boolean isExpired(final String token) {
         }
     }
 
+    // Access, Refresh 토큰 갱신
+    public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
+        blacklistTokens(userDetails.getUsername());
+        return generateTokenBox(userDetails.getUsername());
+    }
+
 }

src/main/resources/application-credentials.yml

@@ -21,6 +21,6 @@ jwt:
   refresh-token-expiration: ${JWT_REFRESH_TOKEN_EXPIRATION}
 google:
   credentials:
-    path: ${GOOGLE_CREDENTIALS_PATH}
+    json: ${GOOGLE_CREDENTIALS_JSON}
   spreadsheet:
     id: ${GOOGLE_SPREADSHEET_ID}