prgrms-web-devcourse-final-project · m-a-king · Nov 27, 2024 · Nov 27, 2024 · Nov 27, 2024 · Nov 27, 2024
diff --git a/src/main/java/com/somemore/auth/cookie/CookieService.java b/src/main/java/com/somemore/auth/cookie/CookieService.java
@@ -0,0 +1,36 @@
+package com.somemore.auth.cookie;
+
+import com.somemore.auth.jwt.domain.TokenType;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.ResponseCookie;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class CookieService implements CookieUseCase {
+
+    @Override
+    public void setAccessToken(HttpServletResponse response, String value) {
+        ResponseCookie cookie = generateCookie(TokenType.ACCESS, value);
+        response.addHeader("Set-Cookie", cookie.toString());
+    }
+
+    @Override
+    public void deleteAccessToken(HttpServletResponse response) {
+        ResponseCookie cookie = generateCookie(TokenType.SIGNOUT, TokenType.SIGNOUT.name());
+        response.addHeader("Set-Cookie", cookie.toString());
+    }
+
+    private static ResponseCookie generateCookie(TokenType tokenType, String value) {
+        return ResponseCookie.from(TokenType.ACCESS.name(), value) // 덮어쓰기 위해서 고정 값
+                .httpOnly(true)
+                .secure(true)
+                .path("/")
+                .maxAge(tokenType.getPeriodInSeconds())
+                .sameSite("Lax")
+                .build();
+    }
+}
diff --git a/src/main/java/com/somemore/auth/cookie/CookieUseCase.java b/src/main/java/com/somemore/auth/cookie/CookieUseCase.java
@@ -0,0 +1,9 @@
+package com.somemore.auth.cookie;
+
+import jakarta.servlet.http.HttpServletResponse;
+
+public interface CookieUseCase {
+    void setAccessToken(HttpServletResponse response, String value);
+
+    void deleteAccessToken(HttpServletResponse response);
+}
diff --git a/src/main/java/com/somemore/auth/cookie/SetCookieService.java b/src/main/java/com/somemore/auth/cookie/SetCookieService.java
diff --git a/src/main/java/com/somemore/auth/cookie/SetCookieUseCase.java b/src/main/java/com/somemore/auth/cookie/SetCookieUseCase.java
diff --git a/src/main/java/com/somemore/auth/jwt/domain/TokenType.java b/src/main/java/com/somemore/auth/jwt/domain/TokenType.java
@@ -5,7 +5,8 @@
 @Getter
 public enum TokenType {
     ACCESS(1000 * 60 * 30),
-    REFRESH(1000 * 60 * 60 * 24 * 7);
+    REFRESH(1000 * 60 * 60 * 24 * 7),
+    SIGNOUT(0);
 
     private final int period;
 

diff --git a/src/main/java/com/somemore/auth/jwt/filter/JwtAuthFilter.java b/src/main/java/com/somemore/auth/jwt/filter/JwtAuthFilter.java
@@ -1,6 +1,5 @@
 package com.somemore.auth.jwt.filter;
 
-import com.somemore.auth.UserRole;
 import com.somemore.auth.jwt.domain.EncodedToken;
 import com.somemore.auth.jwt.exception.JwtErrorType;
 import com.somemore.auth.jwt.exception.JwtException;

diff --git a/...main/java/com/somemore/auth/UserRole.java → ...om/somemore/auth/jwt/filter/UserRole.java b/...main/java/com/somemore/auth/UserRole.java → ...om/somemore/auth/jwt/filter/UserRole.java
@@ -1,4 +1,4 @@
-package com.somemore.auth;
+package com.somemore.auth.jwt.filter;
 
 public enum UserRole {
     VOLUNTEER,

diff --git a/src/main/java/com/somemore/auth/jwt/refresh/manager/RedisRefreshTokenManager.java b/src/main/java/com/somemore/auth/jwt/refresh/manager/RedisRefreshTokenManager.java
@@ -26,10 +26,8 @@ public void save(RefreshToken refreshToken) {
     }
 
     @Override
-    public void removeRefreshToken(EncodedToken accessToken) {
-        RefreshToken refreshToken = refreshTokenRepository.findByAccessToken(accessToken.value())
-                .orElseThrow(() -> new JwtException(JwtErrorType.EXPIRED_TOKEN));
-
-        refreshTokenRepository.delete(refreshToken);
+    public void removeRefreshToken(String userId) {
+        refreshTokenRepository.findByUserId(userId)
+                .ifPresent(refreshTokenRepository::delete);
     }
 }
diff --git a/src/main/java/com/somemore/auth/jwt/refresh/manager/RefreshTokenManager.java b/src/main/java/com/somemore/auth/jwt/refresh/manager/RefreshTokenManager.java
@@ -8,5 +8,5 @@ public interface RefreshTokenManager {
 
     void save(RefreshToken refreshToken);
 
-    void removeRefreshToken(EncodedToken accessToken);
+    void removeRefreshToken(String userId);
 }
diff --git a/src/main/java/com/somemore/auth/jwt/refresh/repository/RefreshTokenRepository.java b/src/main/java/com/somemore/auth/jwt/refresh/repository/RefreshTokenRepository.java
@@ -10,4 +10,6 @@
 public interface RefreshTokenRepository extends CrudRepository<RefreshToken, Integer> {
 
     Optional<RefreshToken> findByAccessToken(String accessToken);
+
+    Optional<RefreshToken> findByUserId(String userId);
 }
diff --git a/src/main/java/com/somemore/auth/jwt/service/JwtService.java b/src/main/java/com/somemore/auth/jwt/service/JwtService.java
@@ -1,6 +1,6 @@
 package com.somemore.auth.jwt.service;
 
-import com.somemore.auth.cookie.SetCookieUseCase;
+import com.somemore.auth.cookie.CookieUseCase;
 import com.somemore.auth.jwt.domain.EncodedToken;
 import com.somemore.auth.jwt.domain.TokenType;
 import com.somemore.auth.jwt.exception.JwtErrorType;
@@ -24,7 +24,7 @@ public class JwtService implements JwtUseCase {
     private final JwtParser jwtParser;
     private final JwtValidator jwtValidator;
     private final JwtRefresher jwtRefresher;
-    private final SetCookieUseCase setCookieUseCase;
+    private final CookieUseCase cookieUseCase;
 
     @Override
     public EncodedToken generateToken(String userId, String role, TokenType tokenType) {
@@ -48,7 +48,7 @@ public Claims getClaims(EncodedToken token) {
     private void handleJwtExpiredException(JwtException e, EncodedToken accessToken, HttpServletResponse response) {
         if (e.getErrorType() == JwtErrorType.EXPIRED_TOKEN) {
             EncodedToken refreshedToken = jwtRefresher.refreshAccessToken(accessToken);
-            setCookieUseCase.setToken(response, refreshedToken.value(), TokenType.ACCESS);
+            cookieUseCase.setAccessToken(response, refreshedToken.value());
             return;
         }
         throw e;

diff --git a/src/main/java/com/somemore/auth/oauth/handler/success/CustomOAuthSuccessHandler.java b/src/main/java/com/somemore/auth/oauth/handler/success/CustomOAuthSuccessHandler.java
@@ -1,13 +1,12 @@
 package com.somemore.auth.oauth.handler.success;
 
-import com.somemore.auth.cookie.SetCookieUseCase;
+import com.somemore.auth.cookie.CookieUseCase;
 import com.somemore.auth.jwt.domain.EncodedToken;
-import com.somemore.auth.jwt.domain.TokenType;
 import com.somemore.auth.jwt.usecase.command.GenerateTokensOnLoginUseCase;
 import com.somemore.auth.oauth.OAuthProvider;
 import com.somemore.auth.oauth.naver.service.query.ProcessNaverOAuthUserService;
 import com.somemore.auth.redirect.RedirectUseCase;
-import com.somemore.volunteer.usecase.query.FindVolunteerIdUseCase;
+import com.somemore.volunteer.usecase.FindVolunteerIdUseCase;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
@@ -29,10 +28,10 @@ public class CustomOAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHan
     private final ProcessNaverOAuthUserService processNaverOAuthService;
     private final FindVolunteerIdUseCase findVolunteerIdUseCase;
     private final GenerateTokensOnLoginUseCase generateTokensOnLoginUseCase;
-    private final SetCookieUseCase setCookieUseCase;
+    private final CookieUseCase cookieUseCase;
     private final RedirectUseCase redirectUseCase;
 
-    @Value("${frontend.url}")
+    @Value("${app.front-url}")
     private String frontendRootUrl;
 
     @Override
@@ -49,7 +48,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         UUID volunteerId = findVolunteerIdUseCase.findVolunteerIdByOAuthId(oAuthId);
         EncodedToken accessToken = generateTokensOnLoginUseCase.saveRefreshTokenAndReturnAccessToken(volunteerId);
 
-        setCookieUseCase.setToken(response, accessToken.value(), TokenType.ACCESS);
+        cookieUseCase.setAccessToken(response, accessToken.value());
         redirectUseCase.redirect(request, response, frontendRootUrl);
     }
 

diff --git a/src/main/java/com/somemore/auth/oauth/naver/service/command/NaverOAuth2UserInfoService.java b/src/main/java/com/somemore/auth/oauth/naver/service/command/NaverOAuth2UserInfoService.java
@@ -4,7 +4,7 @@
 import com.somemore.auth.oauth.naver.usecase.query.CheckNaverUserUseCase;
 import com.somemore.auth.oauth.naver.usecase.command.RegisterNaverUserUseCase;
 import com.somemore.auth.oauth.naver.util.OAuthResponseConverter;
-import com.somemore.volunteer.usecase.command.RegisterVolunteerUseCase;
+import com.somemore.volunteer.usecase.RegisterVolunteerUseCase;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.oauth2.core.user.OAuth2User;

diff --git a/src/main/java/com/somemore/community/service/CommunityBoardQueryService.java b/src/main/java/com/somemore/community/service/CommunityBoardQueryService.java
@@ -9,7 +9,7 @@
 import com.somemore.community.usecase.CommunityBoardQueryUseCase;
 import com.somemore.global.exception.BadRequestException;
 import com.somemore.volunteer.dto.response.VolunteerForCommunityResponseDto;
-import com.somemore.volunteer.usecase.query.FindVolunteerIdUseCase;
+import com.somemore.volunteer.usecase.FindVolunteerIdUseCase;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

diff --git a/src/main/java/com/somemore/global/common/response/ApiResponse.java b/src/main/java/com/somemore/global/common/response/ApiResponse.java
@@ -12,26 +12,20 @@ public class ApiResponse<T> {
     private T data;
 
     public static <T> ApiResponse<T> ok(int status, T data, String message) {
-
         return new ApiResponse<>(status, message, data);
     }
 
     public static ApiResponse<?> ok(String message) {
-
         return new ApiResponse<>(200, message, "");
     }
 
     public static ApiResponse<?> error(int code, String message) {
-
         return new ApiResponse<>(code, message, "");
     }
 
-
-
     public ApiResponse(int code, String message, T data) {
         this.code = code;
         this.message = message;
         this.data = data;
     }
-
 }
diff --git a/src/main/java/com/somemore/volunteer/controller/query/VolunteerSignController.java b/src/main/java/com/somemore/volunteer/controller/query/VolunteerSignController.java
@@ -0,0 +1,53 @@
+package com.somemore.volunteer.controller.query;
+
+import com.somemore.global.common.response.ApiResponse;
+import com.somemore.global.exception.BadRequestException;
+import com.somemore.volunteer.usecase.SignOutVolunteerUseCase;
+import com.somemore.volunteer.usecase.GenerateOAuthUrlUseCase;
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.Schema;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.view.RedirectView;
+
+@RestController
+@Slf4j
+@RequiredArgsConstructor
+@RequestMapping("/api/volunteer")
+@Tag(name = "Volunteer OAuth API", description = "Handles Volunteer OAuth Sign-in, Sign-out")
+public class VolunteerSignController {
+
+    private final GenerateOAuthUrlUseCase generateOAuthUrlUseCase;
+    private final SignOutVolunteerUseCase signOutVolunteerUseCase;
+
+    @PostMapping("/sign-in/oauth/{oauthProvider}")
+    public RedirectView signIn(
+            @Parameter(name = "oauthProvider", description = "OAuth 제공자 선택", example = "naver", required = true, schema = @Schema(allowableValues = {"naver"}))
+            @PathVariable("oauthProvider") String oauthProvider) {
+
+        String redirectUrl = switch (oauthProvider.toLowerCase()) {
+            case "naver" -> generateOAuthUrlUseCase.generateUrl(oauthProvider);
+
+            default -> throw new BadRequestException("지원되지 않는 OAuth 제공자: " + oauthProvider);
+        };
+
+        return new RedirectView(redirectUrl);
+    }
+
+    @PostMapping("/sign-out")
+    public ApiResponse<?> signOut(
+            HttpServletResponse response,
+            @AuthenticationPrincipal String userId) {
+
+        signOutVolunteerUseCase.signOut(response, userId);
+
+        return ApiResponse.ok("로그아웃되었습니다");
+    }
+}
diff --git a/...service/query/FindVolunteerIdService.java → ...nteer/service/FindVolunteerIdService.java b/...service/query/FindVolunteerIdService.java → ...nteer/service/FindVolunteerIdService.java
@@ -1,9 +1,9 @@
-package com.somemore.volunteer.service.query;
+package com.somemore.volunteer.service;
 
 import com.somemore.volunteer.domain.Volunteer;
 import com.somemore.volunteer.dto.response.VolunteerForCommunityResponseDto;
 import com.somemore.volunteer.repository.VolunteerRepository;
-import com.somemore.volunteer.usecase.query.FindVolunteerIdUseCase;
+import com.somemore.volunteer.usecase.FindVolunteerIdUseCase;
 import jakarta.persistence.EntityNotFoundException;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;

diff --git a/src/main/java/com/somemore/volunteer/service/GenerateOAuthUrlService.java b/src/main/java/com/somemore/volunteer/service/GenerateOAuthUrlService.java
@@ -0,0 +1,32 @@
+package com.somemore.volunteer.service;
+
+import com.somemore.volunteer.usecase.GenerateOAuthUrlUseCase;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+import org.springframework.web.util.UriComponentsBuilder;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class GenerateOAuthUrlService implements GenerateOAuthUrlUseCase {
+
+    @Value("${app.back-url}")
+    private String backendRootUrl;
+
+    @Override
+    public String generateUrl(String oAuthProvider) {
+        return UriComponentsBuilder.fromHttpUrl(generateBaseUrl())
+                .pathSegment(oAuthProvider)
+                .build()
+                .toUriString();
+    }
+
+    private String generateBaseUrl() {
+        return UriComponentsBuilder.fromHttpUrl(backendRootUrl)
+                .path("/oauth2/authorization")
+                .build()
+                .toUriString();
+    }
+}
diff --git a/...ice/command/RegisterVolunteerService.java → ...eer/service/RegisterVolunteerService.java b/...ice/command/RegisterVolunteerService.java → ...eer/service/RegisterVolunteerService.java
@@ -1,11 +1,11 @@
-package com.somemore.volunteer.service.command;
+package com.somemore.volunteer.service;
 
 import com.somemore.volunteer.domain.Volunteer;
 import com.somemore.volunteer.domain.VolunteerDetail;
 import com.somemore.volunteer.dto.request.VolunteerRegisterRequestDto;
 import com.somemore.volunteer.repository.VolunteerDetailRepository;
 import com.somemore.volunteer.repository.VolunteerRepository;
-import com.somemore.volunteer.usecase.command.RegisterVolunteerUseCase;
+import com.somemore.volunteer.usecase.RegisterVolunteerUseCase;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;

diff --git a/src/main/java/com/somemore/volunteer/service/SignOutVolunteerService.java b/src/main/java/com/somemore/volunteer/service/SignOutVolunteerService.java
@@ -0,0 +1,30 @@
+package com.somemore.volunteer.service;
+
+import com.somemore.auth.cookie.CookieUseCase;
+import com.somemore.auth.jwt.refresh.manager.RefreshTokenManager;
+import com.somemore.volunteer.usecase.SignOutVolunteerUseCase;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+@Transactional
+public class SignOutVolunteerService implements SignOutVolunteerUseCase {
+
+    private final CookieUseCase cookieUseCase;
+    private final RefreshTokenManager refreshTokenManager;
+
+    @Override
+    public void signOut(
+            HttpServletResponse response,
+            @AuthenticationPrincipal String volunteerId) {
+
+        cookieUseCase.deleteAccessToken(response);
+        refreshTokenManager.removeRefreshToken(volunteerId);
+    }
+}
diff --git a/...usecase/query/FindVolunteerIdUseCase.java → ...nteer/usecase/FindVolunteerIdUseCase.java b/...usecase/query/FindVolunteerIdUseCase.java → ...nteer/usecase/FindVolunteerIdUseCase.java
@@ -1,4 +1,4 @@
-package com.somemore.volunteer.usecase.query;
+package com.somemore.volunteer.usecase;
 
 import com.somemore.volunteer.dto.response.VolunteerForCommunityResponseDto;