From fd8205f1de31814bd6d0cf2311f4e28e63a69596 Mon Sep 17 00:00:00 2001
From: Seungwan Yoo <ysw99@kakao.com>
Date: Sat, 15 Feb 2025 16:33:07 +0900
Subject: [PATCH 1/2] =?UTF-8?q?feat:=20=ED=86=A0=ED=81=B0=20=EC=83=9D?=
 =?UTF-8?q?=EC=84=B1=20=EC=9D=91=EB=8B=B5=20DTO=EC=97=90=20=EC=82=AC?=
 =?UTF-8?q?=EC=9A=A9=EC=9E=90=20=EA=B6=8C=ED=95=9C=20=ED=95=84=EB=93=9C=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java b/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java
index 7ebf7b3..7d27da7 100644
--- a/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java
+++ b/src/main/java/dmu/dasom/api/global/auth/dto/TokenBox.java
@@ -19,4 +19,8 @@ public class TokenBox {
     @NotNull
     private String refreshToken;
 
+    @Schema(description = "권한")
+    @NotNull
+    private String authority;
+
 }

From 1366bf3fd600bd1f94ef41e273f0e312be8ff47f Mon Sep 17 00:00:00 2001
From: Seungwan Yoo <ysw99@kakao.com>
Date: Sat, 15 Feb 2025 16:34:33 +0900
Subject: [PATCH 2/2] =?UTF-8?q?feat:=20=ED=86=A0=ED=81=B0=20=EC=83=9D?=
 =?UTF-8?q?=EC=84=B1,=20=EA=B0=B1=EC=8B=A0=20=EB=A1=9C=EC=A7=81=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95=20-=20=ED=86=A0=ED=81=B0=EA=B3=BC=20?=
 =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90=20=EA=B6=8C=ED=95=9C=EC=9D=84=20?=
 =?UTF-8?q?=EA=B0=99=EC=9D=B4=20=EC=9D=91=EB=8B=B5=EC=8B=9C=ED=82=A4?=
 =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EA=B5=AC=ED=98=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../domain/member/controller/MemberController.java   |  1 +
 .../api/domain/member/service/MemberServiceImpl.java | 12 +++++++++++-
 .../auth/filter/CustomAuthenticationFilter.java      | 12 +++++++++++-
 .../java/dmu/dasom/api/global/auth/jwt/JwtUtil.java  |  9 +++++----
 4 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java b/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java
index 8a52f08..ee4fcc9 100644
--- a/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java
+++ b/src/main/java/dmu/dasom/api/domain/member/controller/MemberController.java
@@ -64,6 +64,7 @@ public ResponseEntity<Void> tokenRotation(@AuthenticationPrincipal final UserDet
         final HttpHeaders headers = new HttpHeaders();
         headers.add("Access-Token", tokenBox.getAccessToken());
         headers.add("Refresh-Token", tokenBox.getRefreshToken());
+        headers.add("Authority", tokenBox.getAuthority());
 
         return ResponseEntity.ok().headers(headers).build();
     }
diff --git a/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java b/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java
index 72a314f..eef3d68 100644
--- a/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java
+++ b/src/main/java/dmu/dasom/api/domain/member/service/MemberServiceImpl.java
@@ -9,10 +9,14 @@
 import dmu.dasom.api.global.auth.jwt.JwtUtil;
 import dmu.dasom.api.global.auth.userdetails.UserDetailsImpl;
 import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.Collection;
+import java.util.Iterator;
+
 @RequiredArgsConstructor
 @Service
 @Transactional(readOnly = true)
@@ -49,7 +53,13 @@ public void signUp(final SignupRequestDto request) {
     // 토큰 갱신
     @Override
     public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
-        return jwtUtil.tokenRotation(userDetails);
+        final Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
+        final Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
+        final GrantedAuthority auth = iterator.next();
+
+        final String authority = auth.getAuthority();
+
+        return jwtUtil.tokenRotation(userDetails.getUsername(), authority);
     }
 
 }
diff --git a/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java b/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java
index 1338812..63e997a 100644
--- a/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java
+++ b/src/main/java/dmu/dasom/api/global/auth/filter/CustomAuthenticationFilter.java
@@ -17,9 +17,12 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 import java.io.IOException;
+import java.util.Collection;
+import java.util.Iterator;
 
 @RequiredArgsConstructor
 public class CustomAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@@ -47,12 +50,19 @@ protected void successfulAuthentication(final HttpServletRequest request, final
         // 기존 토큰 만료 처리
         jwtUtil.blacklistTokens(authResult.getName());
 
+        final Collection<? extends GrantedAuthority> authorities = authResult.getAuthorities();
+        final Iterator<? extends GrantedAuthority> iterator = authorities.iterator();
+        final GrantedAuthority auth = iterator.next();
+
+        final String authority = auth.getAuthority();
+
         // 토큰 생성
-        final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName());
+        final TokenBox tokenBox = jwtUtil.generateTokenBox(authResult.getName(), authority);
 
         response.setStatus(HttpStatus.OK.value());
         response.setHeader("Access-Token", tokenBox.getAccessToken());
         response.setHeader("Refresh-Token", tokenBox.getRefreshToken());
+        response.setHeader("Authority", tokenBox.getAuthority());
     }
 
     @Override
diff --git a/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java b/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java
index ee5ec28..1ebe6e3 100644
--- a/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java
+++ b/src/main/java/dmu/dasom/api/global/auth/jwt/JwtUtil.java
@@ -38,10 +38,11 @@ public JwtUtil(@Value("${jwt.secret}") final String secretKey, final StringRedis
     }
 
     // Access, Refresh 토큰 생성
-    public TokenBox generateTokenBox(final String email) {
+    public TokenBox generateTokenBox(final String email, final String authority) {
         final TokenBox tokenBox = TokenBox.builder()
                 .accessToken(generateToken(email, accessTokenExpiration))
                 .refreshToken(generateToken(email, refreshTokenExpiration))
+                .authority(authority)
                 .build();
 
         saveTokens(tokenBox, email);
@@ -132,9 +133,9 @@ public boolean isExpired(final String token) {
     }
 
     // Access, Refresh 토큰 갱신
-    public TokenBox tokenRotation(final UserDetailsImpl userDetails) {
-        blacklistTokens(userDetails.getUsername());
-        return generateTokenBox(userDetails.getUsername());
+    public TokenBox tokenRotation(final String email, final String authority) {
+        blacklistTokens(email);
+        return generateTokenBox(email, authority);
     }
 
 }