Merge pull request #55 from YAPP-Github/develop

[Feat] 로그인 기능 메인 서버 배포

Author: lvalentine6

.github/workflows/sonarcloud.yml

@@ -4,9 +4,11 @@ on:
   push:
     branches:
       - main
+      - develop
   pull_request:
     branches:
       - main
+      - develop
 env:
   AWS_REGION: ap-northeast-2
 

Dockerfile

@@ -1,3 +1,3 @@
 FROM eclipse-temurin:21
-ARG JAR_FILE=build/libs/time-eat-0.0.1-SNAPSHOT.jar
+ARG JAR_FILE=build/libs/eatda-0.0.1-SNAPSHOT.jar
 COPY ${JAR_FILE} api.jar

build.gradle

@@ -12,7 +12,7 @@ plugins {
     id("org.sonarqube") version "6.2.0.5505"
 }
 
-group = 'time-eat'
+group = 'net.eatda'
 version = '0.0.1-SNAPSHOT'
 
 java {
@@ -124,14 +124,22 @@ generateSwaggerUI {
 }
 
 openapi3 {
-    servers = [ // 서버 상황에 맞춰 추가 예정
+    servers = [
+                {
+                    url = "https://api-dev.eatda.net"
+                    description = "Develop Server"
+                },
+                {
+                    url = "https://api.eatda.net"
+                    description = "Production Server"
+                },
                 {
                     url = "http://localhost:8080"
                     description = "Local Server"
                 }
     ]
-    title = "Time Eat API"
-    description = "Time Eat API 명세서"
+    title = "EatDa API"
+    description = "EatDa API 명세서"
     version = "0.0.1"
     format = "yaml"
     outputDirectory = "build/resources/main/static/docs"

settings.gradle

@@ -1 +1 @@
-rootProject.name = 'time-eat'
+rootProject.name = 'eatda'

src/main/java/timeeat/client/oauth/OauthClient.java

@@ -9,6 +9,8 @@
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestClient;
 import org.springframework.web.util.UriComponentsBuilder;
+import timeeat.exception.BusinessErrorCode;
+import timeeat.exception.BusinessException;
 
 @Component
 @EnableConfigurationProperties(OauthProperties.class)
@@ -17,27 +19,32 @@ public class OauthClient {
     private final RestClient restClient;
     private final OauthProperties properties;
 
-    public OauthClient(RestClient.Builder restClientBuilder, OauthProperties oauthProperties) {
+    public OauthClient(RestClient.Builder restClientBuilder,
+                       OauthProperties oauthProperties) {
         this.restClient = restClientBuilder
                 .defaultStatusHandler(HttpStatusCode::is5xxServerError, new OauthServerErrorHandler())
                 .build();
         this.properties = oauthProperties;
     }
 
-    public URI getOauthLoginUrl() {
+    public URI getOauthLoginUrl(String origin) {
+        validateOrigin(origin);
+
         return UriComponentsBuilder.fromUriString("https://kauth.kakao.com/oauth/authorize")
                 .queryParam("client_id", properties.getClientId())
-                .queryParam("redirect_uri", properties.getRedirectUri())
+                .queryParam("redirect_uri", createRedirectUri(origin))
                 .queryParam("response_type", "code")
                 .build()
                 .toUri();
     }
 
-    public OauthToken requestOauthToken(String code) {
+    public OauthToken requestOauthToken(String code, String origin) {
+        validateOrigin(origin);
+
         MultiValueMap<String, String> body = new LinkedMultiValueMap<>();
         body.add("grant_type", "authorization_code");
         body.add("client_id", properties.getClientId());
-        body.add("redirect_uri", properties.getRedirectUri());
+        body.add("redirect_uri", createRedirectUri(origin));
         body.add("code", code);
 
         return restClient.post()
@@ -48,6 +55,19 @@ public OauthToken requestOauthToken(String code) {
                 .body(OauthToken.class);
     }
 
+    private void validateOrigin(String origin) {
+        if (!properties.isAllowedOrigin(origin)) {
+            throw new BusinessException(BusinessErrorCode.UNAUTHORIZED_ORIGIN);
+        }
+    }
+
+    private String createRedirectUri(String origin) {
+        return UriComponentsBuilder.fromUriString(origin)
+                .path(properties.getRedirectPath())
+                .build()
+                .toString();
+    }
+
     public OauthMemberInformation requestMemberInformation(OauthToken token) {
         return restClient.get()
                 .uri("https://kapi.kakao.com/v2/user/me")

src/main/java/timeeat/client/oauth/OauthMemberInformation.java

@@ -2,9 +2,14 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import timeeat.domain.member.Member;
 
 @JsonDeserialize(using = OauthMemberInformationDeserializer.class)
 @JsonIgnoreProperties(ignoreUnknown = true)
 public record OauthMemberInformation(long socialId, String nickname) {
+
+    public Member toMember() {
+        return new Member(Long.toString(socialId), nickname);
+    }
 }
 

src/main/java/timeeat/client/oauth/OauthProperties.java

@@ -1,14 +1,68 @@
 package timeeat.client.oauth;
 
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import lombok.AllArgsConstructor;
+import java.net.URI;
+import java.util.List;
 import lombok.Getter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import timeeat.exception.InitializeException;
 
 @Getter
-@AllArgsConstructor
 @ConfigurationProperties(prefix = "oauth")
 public class OauthProperties {
 
     private final String clientId;
-    private final String redirectUri;
+    private final String redirectPath;
+    private final List<String> allowedOrigins;
+
+    public OauthProperties(String clientId, String redirectPath, List<String> allowedOrigins) {
+        validateClientId(clientId);
+        validateRedirectPath(redirectPath);
+        validateOrigins(allowedOrigins);
+
+        this.clientId = clientId;
+        this.redirectPath = redirectPath;
+        this.allowedOrigins = allowedOrigins;
+    }
+
+    private void validateClientId(String clientId) {
+        if (clientId == null || clientId.isBlank()) {
+            throw new InitializeException("Client ID must not be null or empty");
+        }
+    }
+
+    private void validateRedirectPath(String redirectPath) {
+        if (redirectPath == null || !redirectPath.startsWith("/")) {
+            throw new InitializeException("Redirect path must not be null or start with '/'");
+        }
+    }
+
+    private void validateOrigins(List<String> origins) {
+        if (origins == null || origins.isEmpty()) {
+            throw new InitializeException("Allowed origins must not be null or empty");
+        }
+        origins.forEach(this::validateOrigin);
+    }
+
+    private void validateOrigin(String origin) {
+        URI uri;
+        try {
+            uri = new URI(origin);
+        } catch (Exception e) {
+            throw new InitializeException("Allowed origin must be a valid origin form: " + origin, e);
+        }
+
+        if (uri.getScheme() == null || uri.getHost() == null || !uri.getPath().isBlank()) {
+            throw new InitializeException("Allowed origin must be a valid origin form: " + origin);
+        }
+    }
+
+    public boolean isAllowedOrigin(String origin) {
+        return allowedOrigins.stream()
+                .anyMatch(allowedOrigin -> isMatchedOrigin(allowedOrigin, origin));
+    }
+
+    private boolean isMatchedOrigin(String allowedOrigin, String origin) {
+        return origin.trim().equals(allowedOrigin)
+                || origin.trim().equals(allowedOrigin + "/");
+    }
 }

src/main/java/timeeat/client/oauth/OauthServerErrorHandler.java

@@ -5,13 +5,14 @@
 import org.springframework.http.client.ClientHttpResponse;
 import org.springframework.stereotype.Component;
 import org.springframework.web.client.RestClient.ResponseSpec.ErrorHandler;
+import timeeat.exception.BusinessErrorCode;
+import timeeat.exception.BusinessException;
 
 @Component
 public class OauthServerErrorHandler implements ErrorHandler {
 
     @Override
     public void handle(HttpRequest request, ClientHttpResponse response) throws IOException {
-        // TODO : 500 에러 처리
-        throw new RuntimeException("Oauth server error occurred");
+        throw new BusinessException(BusinessErrorCode.OAUTH_SERVER_ERROR);
     }
 }

src/main/java/timeeat/config/CorsConfig.java

@@ -5,6 +5,7 @@
 import org.springframework.http.HttpMethod;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import timeeat.exception.InitializeException;
 
 @Configuration
 public class CorsConfig implements WebMvcConfigurer {
@@ -18,11 +19,11 @@ public CorsConfig(CorsProperties corsProperties) {
 
     private void validate(List<String> corsOriginList) {
         if (corsOriginList == null || corsOriginList.isEmpty()) {
-            throw new RuntimeException("Initialization Error: CORS origin cannot be empty.");
+            throw new InitializeException("CORS origin cannot be empty.");
         }
         for (String origin : corsOriginList) {
             if (origin == null || origin.isBlank()) {
-                throw new RuntimeException("Initialization Error: CORS origin string cannot be blank.");
+                throw new InitializeException("CORS origin string cannot be blank.");
             }
         }
     }

src/main/java/timeeat/controller/auth/AuthController.java

@@ -1,13 +1,16 @@
 package timeeat.controller.auth;
 
 import java.net.URI;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
-import lombok.RequiredArgsConstructor;
+import timeeat.controller.member.MemberResponse;
 import timeeat.controller.web.jwt.JwtManager;
 import timeeat.service.auth.AuthService;
 
@@ -19,8 +22,8 @@ public class AuthController {
     private final AuthService authService;
 
     @GetMapping("/api/auth/login/oauth")
-    public ResponseEntity<Void> redirectOauthLoginPage() {
-        URI oauthLoginUrl = authService.getOauthLoginUrl();
+    public ResponseEntity<Void> redirectOauthLoginPage(@RequestHeader(HttpHeaders.REFERER) String origin) {
+        URI oauthLoginUrl = authService.getOauthLoginUrl(origin);
 
         return ResponseEntity
                 .status(HttpStatus.FOUND)
@@ -29,15 +32,14 @@ public ResponseEntity<Void> redirectOauthLoginPage() {
     }
 
     @PostMapping("/api/auth/login")
-    public ResponseEntity<TokenResponse> login(@RequestBody MemberLoginRequest request) {
-        authService.login(request);
-
-        TokenResponse response = new TokenResponse(
-                jwtManager.issueAccessToken(1L),
-                jwtManager.issueRefreshToken(1L));
+    public ResponseEntity<LoginResponse> login(@RequestBody LoginRequest request) {
+        MemberResponse member = authService.login(request);
+        TokenResponse token = new TokenResponse(
+                jwtManager.issueAccessToken(member.id()),
+                jwtManager.issueRefreshToken(member.id()));
         return ResponseEntity
                 .status(HttpStatus.CREATED)
-                .body(response);
+                .body(new LoginResponse(token, member));
     }
 
     @PostMapping("/api/auth/reissue")