Merge pull request #29 from YAPP-Github/feat/PRODUCT-104

[Feat] 서비스 인증/인가 기능 구현

Author: leegwichan

build.gradle

@@ -65,6 +65,11 @@ dependencies {
     runtimeOnly 'com.h2database:h2'
     runtimeOnly 'com.mysql:mysql-connector-j'
 
+    // JWT
+    implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
+    implementation 'io.jsonwebtoken:jjwt-impl:0.11.5'
+    implementation 'io.jsonwebtoken:jjwt-gson:0.11.5'
+
     // Test
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'

src/main/java/timeeat/config/WebConfig.java

@@ -0,0 +1,21 @@
+package timeeat.config;
+
+import java.util.List;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import timeeat.controller.web.auth.AuthMemberArgumentResolver;
+import timeeat.controller.web.jwt.JwtManager;
+
+@Configuration
+@RequiredArgsConstructor
+public class WebConfig implements WebMvcConfigurer {
+
+    private final JwtManager jwtManager;
+
+    @Override
+    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
+        argumentResolvers.add(new AuthMemberArgumentResolver(jwtManager));
+    }
+}

src/main/java/timeeat/controller/auth/AuthController.java

@@ -0,0 +1,54 @@
+package timeeat.controller.auth;
+
+import java.net.URI;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+import timeeat.controller.web.jwt.JwtManager;
+import timeeat.service.auth.AuthService;
+
+@RestController
+@RequiredArgsConstructor
+public class AuthController {
+
+    private final JwtManager jwtManager;
+    private final AuthService authService;
+
+    @GetMapping("/api/auth/login/oauth")
+    public ResponseEntity<Void> redirectOauthLoginPage() {
+        URI oauthLoginUrl = authService.getOauthLoginUrl();
+
+        return ResponseEntity
+                .status(HttpStatus.FOUND)
+                .location(oauthLoginUrl)
+                .build();
+    }
+
+    @PostMapping("/api/auth/login")
+    public ResponseEntity<TokenResponse> login(@RequestBody MemberLoginRequest request) {
+        authService.login(request);
+
+        TokenResponse response = new TokenResponse(
+                jwtManager.issueAccessToken(1L),
+                jwtManager.issueRefreshToken(1L));
+        return ResponseEntity
+                .status(HttpStatus.CREATED)
+                .body(response);
+    }
+
+    @PostMapping("/api/auth/reissue")
+    public ResponseEntity<TokenResponse> reissueToken(@RequestBody ReissueRequest request) {
+        long id = jwtManager.resolveRefreshToken(request.refreshToken());
+
+        TokenResponse response = new TokenResponse(
+                jwtManager.issueAccessToken(id),
+                jwtManager.issueRefreshToken(id));
+        return ResponseEntity
+                .status(HttpStatus.CREATED)
+                .body(response);
+    }
+}

…ontroller/member/MemberLoginRequest.java …/controller/auth/MemberLoginRequest.javasrc/main/java/timeeat/controller/member/MemberLoginRequest.java renamed to src/main/java/timeeat/controller/auth/MemberLoginRequest.java src/main/java/timeeat/controller/member/MemberLoginRequest.java renamed to src/main/java/timeeat/controller/auth/MemberLoginRequest.java

@@ -1,4 +1,4 @@
-package timeeat.controller.member;
+package timeeat.controller.auth;
 
 public record MemberLoginRequest(String code) {
 }

src/main/java/timeeat/controller/auth/ReissueRequest.java

@@ -0,0 +1,4 @@
+package timeeat.controller.auth;
+
+public record ReissueRequest(String refreshToken) {
+}

src/main/java/timeeat/controller/auth/TokenResponse.java

@@ -0,0 +1,4 @@
+package timeeat.controller.auth;
+
+public record TokenResponse(String accessToken, String refreshToken) {
+}

src/main/java/timeeat/controller/member/MemberController.java

@@ -0,0 +1,36 @@
+package timeeat.controller.web.auth;
+
+import lombok.AllArgsConstructor;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.HttpHeaders;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+import timeeat.controller.web.jwt.JwtManager;
+import timeeat.exception.BusinessErrorCode;
+import timeeat.exception.BusinessException;
+
+@AllArgsConstructor
+public class AuthMemberArgumentResolver implements HandlerMethodArgumentResolver {
+
+    private final JwtManager jwtManager;
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.getParameterType().equals(LoginMember.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter,
+                                  ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest,
+                                  WebDataBinderFactory binderFactory) throws Exception {
+        String accessToken = webRequest.getHeader(HttpHeaders.AUTHORIZATION);
+        if (accessToken == null) {
+            throw new BusinessException(BusinessErrorCode.UNAUTHORIZED_MEMBER);
+        }
+        long memberId = jwtManager.resolveAccessToken(accessToken);
+        return new LoginMember(memberId);
+    }
+}

src/main/java/timeeat/controller/web/auth/AuthMemberArgumentResolver.java

@@ -0,0 +1,4 @@
+package timeeat.controller.web.auth;
+
+public record LoginMember(long id) {
+}

src/main/java/timeeat/controller/web/auth/LoginMember.java

@@ -0,0 +1,73 @@
+package timeeat.controller.web.jwt;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.Jwts;
+import java.time.Duration;
+import java.util.Date;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.stereotype.Component;
+import timeeat.exception.BusinessErrorCode;
+import timeeat.exception.BusinessException;
+
+@Component
+@EnableConfigurationProperties(JwtProperties.class)
+public class JwtManager {
+
+    private final JwtProperties jwtProperties;
+
+    public JwtManager(JwtProperties jwtProperties) {
+        this.jwtProperties = jwtProperties;
+    }
+
+    public String issueAccessToken(long id) {
+        return createToken(id, jwtProperties.getAccessTokenExpiration(), TokenType.ACCESS_TOKEN);
+    }
+
+    public String issueRefreshToken(long id) {
+        return createToken(id, jwtProperties.getRefreshTokenExpiration(), TokenType.REFRESH_TOKEN);
+    }
+
+    private String createToken(long identifier, Duration expiration, TokenType tokenType) {
+        Date now = new Date();
+        Date expired = new Date(now.getTime() + expiration.toMillis());
+        return Jwts.builder()
+                .setSubject(Long.toString(identifier))
+                .setIssuedAt(now)
+                .setExpiration(expired)
+                .claim("type", tokenType.name())
+                .signWith(jwtProperties.getSecretKey())
+                .compact();
+    }
+
+    public long resolveAccessToken(String accessToken) {
+        return resolveToken(accessToken, TokenType.ACCESS_TOKEN);
+    }
+
+    public long resolveRefreshToken(String refreshToken) {
+        return resolveToken(refreshToken, TokenType.REFRESH_TOKEN);
+    }
+
+    private long resolveToken(String token, TokenType tokenType) {
+        try {
+            Claims claims = Jwts.parserBuilder()
+                    .setSigningKey(jwtProperties.getSecretKey())
+                    .build()
+                    .parseClaimsJws(token)
+                    .getBody();
+            validateTokenType(claims, tokenType);
+            return Long.parseLong(claims.getSubject());
+        } catch (ExpiredJwtException exception) {
+            throw new BusinessException(BusinessErrorCode.EXPIRED_TOKEN);
+        } catch (Exception e) {
+            throw new BusinessException(BusinessErrorCode.UNAUTHORIZED_MEMBER);
+        }
+    }
+
+    private void validateTokenType(Claims claims, TokenType tokenType) {
+        String extractTokenType = claims.get("type", String.class);
+        if (!extractTokenType.equals(tokenType.name())) {
+            throw new BusinessException(BusinessErrorCode.UNAUTHORIZED_MEMBER);
+        }
+    }
+}