[YS-456] feat: OAuth 로그인 API의 redirect URI 동적 처리 (#140)

* feat: add InvalidRedirectUriException for GoogleOauthLogin API

* feat: add redirectUri field to GoogleOauthLoginRequest

* feat: add RedirectUrivalidator to ensure valid OAuth callback URLs

* feat: update Google OAuth to use redirect URI from request body

* fix: update test to handle additional parameters

* chore: add Google OAuth redirectUris configuration

* style: apply ktlint formatting fixes

* style: apply ktlint formatting fixes

* style: format code according to local ktlint rules

Author: Ji-soo708

application/src/main/kotlin/com/dobby/auth/GoogleRedirectUriProperties.kt

@@ -0,0 +1,10 @@
+package com.dobby.auth
+
+import org.springframework.boot.context.properties.ConfigurationProperties
+import org.springframework.stereotype.Component
+
+@Component
+@ConfigurationProperties(prefix = "oauth.google")
+data class GoogleRedirectUriProperties(
+    var redirectUris: List<String> = emptyList()
+)

application/src/main/kotlin/com/dobby/auth/RedirectUriValidator.kt

@@ -0,0 +1,10 @@
+package com.dobby.auth
+
+import org.springframework.stereotype.Component
+
+@Component
+class RedirectUriValidator(
+    private val properties: GoogleRedirectUriProperties
+) {
+    fun isValidGoogleRedirectUri(uri: String): Boolean = properties.redirectUris.contains(uri)
+}

application/src/main/kotlin/com/dobby/service/AuthService.kt

@@ -1,5 +1,7 @@
 package com.dobby.service
 
+import com.dobby.auth.RedirectUriValidator
+import com.dobby.exception.InvalidRedirectUriException
 import com.dobby.usecase.auth.FetchGoogleUserInfoUseCase
 import com.dobby.usecase.auth.FetchNaverUserInfoUseCase
 import com.dobby.usecase.auth.GenerateTestTokenUseCase
@@ -12,12 +14,20 @@ class AuthService(
     private val fetchGoogleUserInfoUseCase: FetchGoogleUserInfoUseCase,
     private val fetchNaverUserInfoUseCase: FetchNaverUserInfoUseCase,
     private val generateTokenWithRefreshTokenUseCase: GenerateTokenWithRefreshTokenUseCase,
-    private val generateTestTokenUseCase: GenerateTestTokenUseCase
+    private val generateTestTokenUseCase: GenerateTestTokenUseCase,
+    private val redirectUriValidator: RedirectUriValidator
 ) {
     fun getGoogleUserInfo(input: FetchGoogleUserInfoUseCase.Input): FetchGoogleUserInfoUseCase.Output {
+        validateGoogleRedirectUri(input.redirectUri)
         return fetchGoogleUserInfoUseCase.execute(input)
     }
 
+    private fun validateGoogleRedirectUri(uri: String) {
+        if (!redirectUriValidator.isValidGoogleRedirectUri(uri)) {
+            throw InvalidRedirectUriException
+        }
+    }
+
     fun getNaverUserInfo(input: FetchNaverUserInfoUseCase.Input): FetchNaverUserInfoUseCase.Output {
         return fetchNaverUserInfoUseCase.execute(input)
     }

application/src/main/kotlin/com/dobby/usecase/auth/FetchGoogleUserInfoUseCase.kt

@@ -17,7 +17,8 @@ class FetchGoogleUserInfoUseCase(
 
     data class Input(
         val authorizationCode: String,
-        val role: RoleType
+        val role: RoleType,
+        val redirectUri: String
     )
 
     data class Output(
@@ -33,7 +34,7 @@ class FetchGoogleUserInfoUseCase(
     )
 
     override fun execute(input: Input): Output {
-        val oauthToken = googleAuthGateway.getAccessToken(input.authorizationCode).accessToken
+        val oauthToken = googleAuthGateway.getAccessToken(input.authorizationCode, input.redirectUri).accessToken
         val userInfo = googleAuthGateway.getUserInfo(oauthToken)
         val email = userInfo.email
         val member = email.let { memberGateway.findByOauthEmailAndStatus(email, MemberStatus.ACTIVE) }

application/src/test/kotlin/com/dobby/usecase/auth/FetchGoogleUserInfoUseCaseTest.kt

@@ -28,7 +28,11 @@ class FetchGoogleUserInfoUseCaseTest : BehaviorSpec({
     )
 
     given("Google OAuth 요청이 들어왔을 때") {
-        val input = FetchGoogleUserInfoUseCase.Input(authorizationCode = "valid-auth-code", role = RoleType.PARTICIPANT)
+        val input = FetchGoogleUserInfoUseCase.Input(
+            authorizationCode = "valid-auth-code",
+            role = RoleType.PARTICIPANT,
+            redirectUri = "http://localhost:8080/auth/google/callback"
+        )
         val mockMember = Member(
             id = "1",
             oauthEmail = "test@example.com",
@@ -44,7 +48,7 @@ class FetchGoogleUserInfoUseCaseTest : BehaviorSpec({
 
         val mockEmptyMember = null
         val mockGoogleTokenResponse = GoogleToken("mock-access-token")
-        every { googleAuthGateway.getAccessToken(any()) } returns mockGoogleTokenResponse
+        every { googleAuthGateway.getAccessToken(any(), any()) } returns mockGoogleTokenResponse
         every { googleAuthGateway.getUserInfo("mock-access-token") } returns mockk {
             every { email } returns "test@example.com"
         }
@@ -68,7 +72,12 @@ class FetchGoogleUserInfoUseCaseTest : BehaviorSpec({
         }
 
         // 테스트 2: 등록된 멤버가 없는 경우
-        every { memberGateway.findByOauthEmailAndStatus("test@example.com", MemberStatus.ACTIVE) } returns mockEmptyMember
+        every {
+            memberGateway.findByOauthEmailAndStatus(
+                "test@example.com",
+                MemberStatus.ACTIVE
+            )
+        } returns mockEmptyMember
 
         `when`("등록되지 않은 유저가 있는 경우") {
             val result: FetchGoogleUserInfoUseCase.Output = fetchGoogleUserInfoUseCase.execute(input)

domain/src/main/kotlin/com/dobby/exception/DobbyException.kt

@@ -3,14 +3,16 @@ package com.dobby.exception
 /**
  * Top-level exception class for Dobby application
  */
-sealed class DobbyException(val code: String, message: String, cause: Throwable? = null) : RuntimeException(message, cause)
+sealed class DobbyException(val code: String, message: String, cause: Throwable? = null) :
+    RuntimeException(message, cause)
 
 /**
  * ClientException: Exceptions caused by invalid client requests
  * - Authentication and authorization failures
  * - Invalid or missing request data
  */
-sealed class ClientException(code: String, message: String, cause: Throwable? = null) : DobbyException(code, message, cause)
+sealed class ClientException(code: String, message: String, cause: Throwable? = null) :
+    DobbyException(code, message, cause)
 
 /**
  * Common error codes
@@ -27,6 +29,7 @@ data object AuthenticationTokenNotValidException : ClientException("AU0002", "Au
 data object AuthenticationTokenExpiredException : ClientException("AU0003", "Authentication token has expired.")
 data object InvalidTokenTypeException : ClientException("AU0004", "Invalid token type")
 data object InvalidTokenValueException : ClientException("AU0005", "Invalid token value")
+data object InvalidRedirectUriException : ClientException("AU0006", "Invalid redirect URI")
 
 /**
  * Email Verification error codes
@@ -38,31 +41,47 @@ data object CodeNotCorrectException : ClientException("VE0004", "Verification co
 data object CodeExpiredException : ClientException("VE0005", "Verification code is expired")
 data object EmailFormatInvalidException : ClientException("VE0006", "Email is invalid format")
 data object EmailAlreadyVerifiedException : ClientException("VE0007", "This email is already verified.")
-data object TooManyVerificationRequestException : ClientException("VE0008", "You can request verification up to 3 in one day.")
+data object TooManyVerificationRequestException :
+    ClientException("VE0008", "You can request verification up to 3 in one day.")
 
 /**
  * Member error codes
  */
 data object MemberNotFoundException : ClientException("ME0001", "Member not found")
-data class MemberRoleMismatchException(val role: String) : ClientException("ME0002", "Already registered as another role: $role")
+data class MemberRoleMismatchException(val role: String) :
+    ClientException("ME0002", "Already registered as another role: $role")
+
 data object ResearcherNotFoundException : ClientException("ME0003", "Researcher Not Found.")
 data object ParticipantNotFoundException : ClientException("ME0004", "Participant Not Found.")
 data object EmailNotValidateException : ClientException("ME0005", "You should validate your school email first")
-data object SignupOauthEmailDuplicateException : ClientException("ME0006", "You've already joined with requested OAuth email")
+data object SignupOauthEmailDuplicateException :
+    ClientException("ME0006", "You've already joined with requested OAuth email")
+
 data object ContactEmailDuplicateException : ClientException("ME0007", "This contact email is already in use.")
 data object MemberConsentNotFoundException : ClientException("ME0008", "Member Consent Not Found.")
-data object SignupUnivEmailDuplicateException : ClientException("ME0009", "You've already joined with requested university email")
+data object SignupUnivEmailDuplicateException :
+    ClientException("ME0009", "You've already joined with requested university email")
 
 /**
  * Experiment error codes
  */
 data object ExperimentPostNotFoundException : ClientException("EP0001", "Experiment Post Not Found.")
-data object ExperimentAreaOverflowException : ClientException("EP0003", "You can only select up to 5 Area options in 1 Region.")
-data object ExperimentAreaInCorrectException : ClientException("EP0004", "Selected Area doesn't belong to correct Region.")
+data object ExperimentAreaOverflowException :
+    ClientException("EP0003", "You can only select up to 5 Area options in 1 Region.")
+
+data object ExperimentAreaInCorrectException :
+    ClientException("EP0004", "Selected Area doesn't belong to correct Region.")
+
 data object ExperimentPostImageSizeException : ClientException("EP0005", "Image can be uploaded maximum 3 images.")
-data object ExperimentPostRecruitStatusException : ClientException("EP0006", "You cannot update recruitStatus with closed recruitment post.")
-data object ExperimentPostUpdateDateException : ClientException("EP0007", "You cannot update startDate, endDate with closed recruitment post.")
-data object ExperimentPostInvalidOnlineRequestException : ClientException("EP0008", "place, region, area field value must be null when MatchType is online.")
+data object ExperimentPostRecruitStatusException :
+    ClientException("EP0006", "You cannot update recruitStatus with closed recruitment post.")
+
+data object ExperimentPostUpdateDateException :
+    ClientException("EP0007", "You cannot update startDate, endDate with closed recruitment post.")
+
+data object ExperimentPostInvalidOnlineRequestException :
+    ClientException("EP0008", "place, region, area field value must be null when MatchType is online.")
+
 data object ExperimentPostTitleException : ClientException("EP0009", "Title cannot be null.")
 data object ExperimentPostRewardException : ClientException("EP0010", "Reward cannot be null.")
 data object ExperimentPostContentException : ClientException("EP0011", "Content cannot be null.")
@@ -74,6 +93,7 @@ data object ExperimentPostLeadResearcherException : ClientException("EP0013", "L
  * - Database or infrastructure failures
  * - Unexpected backend processing issues
  */
-sealed class ServerException(code: String, message: String, cause: Throwable? = null) : DobbyException(code, message, cause)
+sealed class ServerException(code: String, message: String, cause: Throwable? = null) :
+    DobbyException(code, message, cause)
 
 data object UnknownServerErrorException : ServerException("DB0001", "An unknown error has occurred")

domain/src/main/kotlin/com/dobby/gateway/auth/GoogleAuthGateway.kt

@@ -4,6 +4,11 @@ import com.dobby.model.auth.GoogleToken
 import com.dobby.model.auth.GoogleUserInfo
 
 interface GoogleAuthGateway {
-    fun getAccessToken(code: String): GoogleToken
+
+    fun getAccessToken(
+        code: String,
+        redirectUri: String
+    ): GoogleToken
+
     fun getUserInfo(accessToken: String): GoogleUserInfo
 }

infrastructure/src/main/kotlin/com/dobby/external/gateway/auth/GoogleAuthGatewayImpl.kt

@@ -15,15 +15,16 @@ class GoogleAuthGatewayImpl(
     private val googleUserInfoFeignClient: GoogleUserInfoFeginClient
 ) : GoogleAuthGateway {
 
-    override fun getAccessToken(code: String): GoogleToken {
-        return googleAuthFeignClient.getAccessToken(
-            clientId = googleAuthProperties.clientId,
-            redirectUri = googleAuthProperties.redirectUri,
-            code = code,
-            clientSecret = googleAuthProperties.clientSecret,
-            grantType = googleAuthProperties.grantType
-        ).toDomain()
-    }
+    override fun getAccessToken(
+        code: String,
+        redirectUri: String
+    ): GoogleToken = googleAuthFeignClient.getAccessToken(
+        clientId = googleAuthProperties.clientId,
+        redirectUri = redirectUri,
+        code = code,
+        clientSecret = googleAuthProperties.clientSecret,
+        grantType = googleAuthProperties.grantType
+    ).toDomain()
 
     override fun getUserInfo(accessToken: String): GoogleUserInfo {
         return googleUserInfoFeignClient.getUserInfo("Bearer $accessToken")

infrastructure/src/main/resources/application.yml

@@ -87,3 +87,8 @@ cors:
 
 swagger:
   server-url: http://localhost:8080
+
+oauth:
+  google:
+    redirectUris:
+      - "http://localhost:8080/oauth2/callback/google"

infrastructure/src/main/resources/template-application-local.yml

@@ -90,3 +90,8 @@ cors:
 
 swagger:
   server-url: http://localhost:8080
+
+oauth:
+  google:
+    redirectUris:
+      - "http://localhost:8080/oauth2/callback/google"