fix/#106 -> staging merge commit

* fix: 카카오 로그인 시 platform 파람 추가 할당

* fix: 프론트 검증을 위해 임시 배포

* fix: spotless 적용

* fix: 엑세스, 리프레쉬 토큰 expiry 변경

* fix: deploy-staging.yml fix/#106 브랜치 제거

* fix: auth Platform enum으로 타입 세이프

---------

Co-authored-by: darren <darren@darrenui-MacBookPro.local>

Author: Darren4641

src/main/kotlin/com/yapp2app/auth/api/converter/AuthCommandConverter.kt

@@ -4,6 +4,7 @@ import com.yapp2app.auth.api.dto.CreateAuthRequest
 import com.yapp2app.auth.api.dto.RefreshTokenRequest
 import com.yapp2app.auth.application.command.RefreshTokenCommand
 import com.yapp2app.auth.application.command.RegisterOauthUserCommand
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.user.domain.enums.ProviderType
 import org.springframework.stereotype.Component
 
@@ -14,6 +15,7 @@ class AuthCommandConverter {
         RegisterOauthUserCommand(
             idToken = request.idToken!!,
             providerType = ProviderType.from(providerTypeStr),
+            platform = Platform.from(request.platform),
         )
 
     fun toRefreshTokenCommand(request: RefreshTokenRequest): RefreshTokenCommand =

src/main/kotlin/com/yapp2app/auth/api/dto/AuthRequest.kt

@@ -1,13 +1,19 @@
 package com.yapp2app.auth.api.dto
 
 import jakarta.validation.constraints.NotBlank
+import jakarta.validation.constraints.Pattern
 
 /**
  * fileName       : AuthRequest
  * author         : darren
  * date           : 2025. 12. 26. 18:05
  * description    : 인증/인가 관련 요청 body
  */
-data class CreateAuthRequest(@field:NotBlank(message = "ID 토큰은 필수 입니다") val idToken: String?)
+data class CreateAuthRequest(
+    @field:NotBlank(message = "ID 토큰은 필수 입니다")
+    val idToken: String?,
+    @field:Pattern(regexp = "^(android|ios)$", message = "플랫폼은 android 또는 ios만 가능합니다")
+    val platform: String? = null,
+)
 
 data class RefreshTokenRequest(@field:NotBlank(message = "Refresh 토큰은 필수입니다") val refreshToken: String?)

src/main/kotlin/com/yapp2app/auth/application/command/AuthCommand.kt

@@ -1,5 +1,6 @@
 package com.yapp2app.auth.application.command
 
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.user.domain.enums.ProviderType
 
 /**
@@ -8,6 +9,6 @@ import com.yapp2app.user.domain.enums.ProviderType
  * date           : 2025. 12. 12. 13:18
  * description    : 인증/인가 관련 API
  */
-data class RegisterOauthUserCommand(val idToken: String, val providerType: ProviderType)
+data class RegisterOauthUserCommand(val idToken: String, val providerType: ProviderType, val platform: Platform)
 
 data class RefreshTokenCommand(val refreshToken: String)

src/main/kotlin/com/yapp2app/auth/application/port/OidcTokenValidatorPort.kt

@@ -1,6 +1,7 @@
 package com.yapp2app.auth.application.port
 
 import com.yapp2app.auth.application.contract.OauthInfoResponse
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.user.domain.enums.ProviderType
 
 /**
@@ -10,5 +11,5 @@ import com.yapp2app.user.domain.enums.ProviderType
  * description    :
  */
 interface OidcTokenValidatorPort {
-    fun validateIdToken(idToken: String, providerType: ProviderType): OauthInfoResponse
+    fun validateIdToken(idToken: String, providerType: ProviderType, platform: Platform): OauthInfoResponse
 }

src/main/kotlin/com/yapp2app/auth/application/usecase/OauthLoginUseCase.kt

@@ -45,7 +45,11 @@ class OauthLoginUseCase(
      * 4. oauthInfoResult 값 여부에 따라 회원가입 처리
      */
     fun execute(command: RegisterOauthUserCommand): GetAuthResult {
-        val oauthInfoResponse = oidcTokenValidatorPort.validateIdToken(command.idToken, command.providerType)
+        val oauthInfoResponse = oidcTokenValidatorPort.validateIdToken(
+            command.idToken,
+            command.providerType,
+            command.platform,
+        )
 
         // 신규 사용자 추가
         val (user, _) = transactionRunner.run { registerOauthUserIfEmpty(oauthInfoResponse) }
@@ -105,7 +109,7 @@ class OauthLoginUseCase(
      * @throws Exception 토큰 획득 실패 시
      */
     fun getAccessTokenByCode(code: String): GetKakaoTokenResponse {
-        val clientId = oauthProperties.kakao.clientId
+        val clientId = oauthProperties.kakao.androidClientId
         val clientSecret = oauthProperties.kakao.clientSecret
 
         val params = LinkedMultiValueMap<String, String>()

src/main/kotlin/com/yapp2app/auth/domain/Platform.kt

@@ -0,0 +1,19 @@
+package com.yapp2app.auth.domain
+
+/**
+ * fileName       : Platform
+ * author         : darren
+ * date           : 2026. 2. 4
+ * description    :
+ */
+enum class Platform(val value: String) {
+    ANDROID("android"),
+    IOS("ios"),
+    ;
+
+    companion object {
+        fun from(value: String?): Platform = Platform.entries.firstOrNull { it.value == value }
+            ?: ANDROID
+        // TODO 안드로이드 심사 끝나면 해당 예외로 변경?: throw BusinessException(ResultCode.INVALID_PARAMETER)
+    }
+}

src/main/kotlin/com/yapp2app/auth/infra/oauth/OidcTokenValidator.kt

@@ -3,6 +3,7 @@ package com.yapp2app.auth.infra.oauth
 import com.yapp2app.auth.application.contract.AuthCacheKeys
 import com.yapp2app.auth.application.contract.OauthInfoResponse
 import com.yapp2app.auth.application.port.OidcTokenValidatorPort
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.auth.infra.oauth.helper.OauthHelper
 import com.yapp2app.auth.infra.oauth.oidc.Oidc
 import com.yapp2app.auth.infra.oauth.registry.OauthHelperRegistry
@@ -33,18 +34,18 @@ class OidcTokenValidator(
      * - 1차 시도: 캐시된 공개키로 토큰 검증
      * - BusinessException 발생 시: 캐시 무효화 후 재시도 (공개키 로테이션 대응)
      */
-    override fun validateIdToken(idToken: String, providerType: ProviderType): OauthInfoResponse {
+    override fun validateIdToken(idToken: String, providerType: ProviderType, platform: Platform): OauthInfoResponse {
         val oidcAdapter = oidcRegistry.getAdapter(providerType)
         val oauthHelperAdapter = oauthHelperRegistry.getAdapter(providerType)
 
         return try {
             // 1차 시도: 캐시된 공개키로 토큰 검증
-            validateTokenWithPublicKeys(idToken, oidcAdapter, oauthHelperAdapter)
+            validateTokenWithPublicKeys(idToken, oidcAdapter, oauthHelperAdapter, platform)
         } catch (e: BusinessException) {
             log.info("Kakao OIDC token expired. 갱신 로직")
             // 캐시 무효화 후 재시도
             authRedisCacheAdapter.clearPublicKeys(AuthCacheKeys.KAKAO_OIDC_KEY)
-            validateTokenWithPublicKeys(idToken, oidcAdapter, oauthHelperAdapter)
+            validateTokenWithPublicKeys(idToken, oidcAdapter, oauthHelperAdapter, platform)
         } catch (e: Exception) {
             e.printStackTrace() // TODO 인증 실패 예외 로그 모니터링용
             throw e
@@ -56,11 +57,17 @@ class OidcTokenValidator(
      * - 공개키는 Redis에 캐싱되어 있을 수 있음
      * - 검증 실패 시 BusinessException 발생
      */
-    private fun validateTokenWithPublicKeys(idToken: String, oidc: Oidc, oauthHelper: OauthHelper): OauthInfoResponse {
+    private fun validateTokenWithPublicKeys(
+        idToken: String,
+        oidc: Oidc,
+        oauthHelper: OauthHelper,
+        platform: Platform,
+    ): OauthInfoResponse {
         val publicKeys = oidc.getOIDCPublicKey()
         return oauthHelper.getOauthInfoByIdToken(
             idToken = idToken,
             publicKeys = publicKeys,
+            platform = platform,
         )
     }
 }

src/main/kotlin/com/yapp2app/auth/infra/oauth/helper/AppleOauthHelper.kt

@@ -5,6 +5,7 @@ import com.yapp2app.auth.application.contract.OIDCDecodePayloadResponse
 import com.yapp2app.auth.application.contract.OIDCPublicKeyDto
 import com.yapp2app.auth.application.contract.OIDCPublicKeysResponse
 import com.yapp2app.auth.application.contract.OauthInfoResponse
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.auth.infra.security.properties.OauthProperties
 import com.yapp2app.common.api.dto.ResultCode
 import com.yapp2app.common.exception.BusinessException
@@ -58,14 +59,19 @@ class AppleOauthHelper(private val oauthProperties: OauthProperties, private val
      * @param publicKeys Apple 공개키 목록
      * @return OAuth 정보 (Provider 타입, OID, email)
      */
-    override fun getOauthInfoByIdToken(idToken: String, publicKeys: OIDCPublicKeysResponse): OauthInfoResponse {
+    override fun getOauthInfoByIdToken(
+        idToken: String,
+        publicKeys: OIDCPublicKeysResponse,
+        platform: Platform,
+    ): OauthInfoResponse {
         // Step 1: 헤더에서 kid 추출
         val kid = extractKidFromTokenHeader(idToken)
 
         // Step 2: kid로 jwks 조회
         val publicKey = findPublicKeyByKid(publicKeys.keys, kid)
 
         // Step 3-6: 토큰 검증 및 Claims 추출
+        // Apple은 플랫폼 구분 불필요, 동일한 clientId 사용
         val payload = validateTokenAndExtractPayload(
             token = idToken,
             publicKey = publicKey,

src/main/kotlin/com/yapp2app/auth/infra/oauth/helper/KakaoOauthHelper.kt

@@ -5,6 +5,7 @@ import com.yapp2app.auth.application.contract.OIDCDecodePayloadResponse
 import com.yapp2app.auth.application.contract.OIDCPublicKeyDto
 import com.yapp2app.auth.application.contract.OIDCPublicKeysResponse
 import com.yapp2app.auth.application.contract.OauthInfoResponse
+import com.yapp2app.auth.domain.Platform
 import com.yapp2app.auth.infra.security.properties.OauthProperties
 import com.yapp2app.common.api.dto.ResultCode
 import com.yapp2app.common.exception.BusinessException
@@ -56,19 +57,29 @@ class KakaoOauthHelper(private val oauthProperties: OauthProperties, private val
      * @param publicKeys 카카오 공개키 목록
      * @return OAuth 정보 (Provider 타입, OID)
      */
-    override fun getOauthInfoByIdToken(idToken: String, publicKeys: OIDCPublicKeysResponse): OauthInfoResponse {
+    override fun getOauthInfoByIdToken(
+        idToken: String,
+        publicKeys: OIDCPublicKeysResponse,
+        platform: Platform,
+    ): OauthInfoResponse {
         // Step 1: 헤더에서 kid 추출 (토큰 분리 및 Base64 디코딩)
         val kid = extractKidFromTokenHeader(idToken)
 
         // Step 2: kid로 jwks 조회
         val publicKey = findPublicKeyByKid(publicKeys.keys, kid)
 
         // Step 3-7: 토큰 검증 및 Claims 추출 (iss, aud, exp, 서명 검증)
+        // 플랫폼별 clientId 선택
+        val expectedAudience = when (platform) {
+            Platform.IOS -> oauthProperties.kakao.iosClientId
+            Platform.ANDROID -> oauthProperties.kakao.androidClientId
+        }
+
         val payload = validateTokenAndExtractPayload(
             token = idToken,
             publicKey = publicKey,
             expectedIssuer = oauthProperties.kakao.issuer,
-            expectedAudience = oauthProperties.kakao.clientId,
+            expectedAudience = expectedAudience,
         )
 
         return OauthInfoResponse(

src/main/kotlin/com/yapp2app/auth/infra/oauth/helper/OauthHelper.kt

@@ -2,6 +2,7 @@ package com.yapp2app.auth.infra.oauth.helper
 
 import com.yapp2app.auth.application.contract.OIDCPublicKeysResponse
 import com.yapp2app.auth.application.contract.OauthInfoResponse
+import com.yapp2app.auth.domain.Platform
 
 /**
  * fileName       : OauthHelperPort
@@ -10,5 +11,9 @@ import com.yapp2app.auth.application.contract.OauthInfoResponse
  * description    : OAuth OIDC 검증을 위한 Port
  */
 interface OauthHelper {
-    fun getOauthInfoByIdToken(idToken: String, publicKeys: OIDCPublicKeysResponse): OauthInfoResponse
+    fun getOauthInfoByIdToken(
+        idToken: String,
+        publicKeys: OIDCPublicKeysResponse,
+        platform: Platform,
+    ): OauthInfoResponse
 }