Test: 테스트 작성 및 관련 코드 개선

Author: joyewon0705

src/main/java/com/back/domain/user/service/UserService.java

@@ -144,8 +144,13 @@ public void logout(HttpServletRequest request, HttpServletResponse response) {
         // 쿠키에서 Refresh Token 추출
         String refreshToken = resolveRefreshToken(request);
 
-        // 토큰 검증
-        if (refreshToken == null || !jwtTokenProvider.validateToken(refreshToken)) {
+        // Refresh Token 존재 여부 확인
+        if (refreshToken == null) {
+            throw new CustomException(ErrorCode.BAD_REQUEST);
+        }
+
+        // Refresh Token 검증
+        if (!jwtTokenProvider.validateToken(refreshToken)) {
             throw new CustomException(ErrorCode.INVALID_TOKEN);
         }
 

src/test/java/com/back/domain/user/controller/AuthControllerTest.java

@@ -4,6 +4,7 @@
 import com.back.domain.user.entity.UserProfile;
 import com.back.domain.user.entity.UserStatus;
 import com.back.domain.user.repository.UserRepository;
+import jakarta.servlet.http.Cookie;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -367,4 +368,77 @@ void login_deletedUser() throws Exception {
                 .andExpect(status().isGone())
                 .andExpect(jsonPath("$.code").value("USER_009"));
     }
+
+    @Test
+    @DisplayName("정상 로그아웃 → 200 OK + RefreshToken 쿠키 만료")
+    void logout_success() throws Exception {
+        // given: 회원가입 + 로그인으로 refreshToken 쿠키 확보
+        String rawPassword = "P@ssw0rd!";
+        String registerBody = """
+            {
+              "username": "logoutuser",
+              "email": "[email protected]",
+              "password": "%s",
+              "nickname": "홍길동"
+            }
+            """.formatted(rawPassword);
+
+        mvc.perform(post("/api/auth/register")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(registerBody))
+                .andExpect(status().isCreated());
+
+        String loginBody = """
+            {
+              "username": "logoutuser",
+              "password": "%s"
+            }
+            """.formatted(rawPassword);
+
+        ResultActions loginResult = mvc.perform(post("/api/auth/login")
+                        .contentType(MediaType.APPLICATION_JSON)
+                        .content(loginBody))
+                .andExpect(status().isOk());
+
+        // 로그인 응답에서 refreshToken 쿠키 추출
+        String refreshCookie = loginResult.andReturn()
+                .getResponse()
+                .getCookie("refreshToken")
+                .getValue();
+
+        // when: 로그아웃 요청 (쿠키 포함)
+        ResultActions logoutResult = mvc.perform(post("/api/auth/logout")
+                        .cookie(new Cookie("refreshToken", refreshCookie)))
+                .andDo(print());
+
+        // then: 200 OK + 성공 메시지 + 쿠키 만료
+        logoutResult
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.success").value(true))
+                .andExpect(jsonPath("$.message").value("로그아웃 되었습니다."))
+                .andExpect(cookie().maxAge("refreshToken", 0));
+    }
+
+    @Test
+    @DisplayName("RefreshToken 누락 → 400 Bad Request")
+    void logout_noToken() throws Exception {
+        // when & then
+        mvc.perform(post("/api/auth/logout"))
+                .andDo(print())
+                .andExpect(status().isBadRequest())
+                .andExpect(jsonPath("$.code").value("COMMON_400"));
+    }
+
+    @Test
+    @DisplayName("유효하지 않은 RefreshToken → 401 Unauthorized")
+    void logout_invalidToken() throws Exception {
+        // given: 잘못된 refreshToken 쿠키
+        Cookie invalid = new Cookie("refreshToken", "fake-token");
+
+        // when & then
+        mvc.perform(post("/api/auth/logout").cookie(invalid))
+                .andDo(print())
+                .andExpect(status().isUnauthorized())
+                .andExpect(jsonPath("$.code").value("AUTH_401"));
+    }
 }

src/test/java/com/back/domain/user/service/UserServiceTest.java

@@ -7,13 +7,15 @@
 import com.back.domain.user.entity.UserStatus;
 import com.back.domain.user.repository.UserProfileRepository;
 import com.back.domain.user.repository.UserRepository;
+import com.back.domain.user.repository.UserTokenRepository;
 import com.back.global.exception.CustomException;
 import com.back.global.exception.ErrorCode;
 import jakarta.servlet.http.Cookie;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.test.context.ActiveProfiles;
@@ -36,6 +38,9 @@ class UserServiceTest {
     @Autowired
     private UserProfileRepository userProfileRepository;
 
+    @Autowired
+    private UserTokenRepository userTokenRepository;
+
     @Autowired
     private PasswordEncoder passwordEncoder;
 
@@ -263,4 +268,59 @@ void login_deletedUser() {
                 .isInstanceOf(CustomException.class)
                 .hasMessage(ErrorCode.USER_DELETED.getMessage());
     }
+    @Test
+    @DisplayName("정상 로그아웃 성공 → RefreshToken DB 삭제 + 쿠키 만료")
+    void logout_success() {
+        // given: 정상 로그인된 사용자
+        String rawPassword = "P@ssw0rd!";
+        User user = setupUser("logoutuser", "[email protected]", rawPassword, "닉네임", UserStatus.ACTIVE);
+        MockHttpServletResponse loginResponse = new MockHttpServletResponse();
+
+        userService.login(new LoginRequest("logoutuser", rawPassword), loginResponse);
+        Cookie refreshCookie = loginResponse.getCookie("refreshToken");
+        assertThat(refreshCookie).isNotNull();
+
+        MockHttpServletResponse logoutResponse = new MockHttpServletResponse();
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(refreshCookie); // 쿠키를 요청에 실어줌
+
+        // when: 로그아웃 실행
+        userService.logout(request, logoutResponse);
+
+        // then: DB에서 refreshToken 삭제됨
+        assertThat(userTokenRepository.findByRefreshToken(refreshCookie.getValue())).isEmpty();
+
+        // 응답 쿠키는 만료 처리됨
+        Cookie cleared = logoutResponse.getCookie("refreshToken");
+        assertThat(cleared).isNotNull();
+        assertThat(cleared.getMaxAge()).isZero();
+        assertThat(cleared.getValue()).isNull();
+    }
+
+    @Test
+    @DisplayName("RefreshToken 없으면 INVALID_TOKEN 예외 발생")
+    void logout_noToken() {
+        // given: 쿠키 없이 로그아웃 요청
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        MockHttpServletResponse response = new MockHttpServletResponse();
+
+        // when & then
+        assertThatThrownBy(() -> userService.logout(request, response))
+                .isInstanceOf(CustomException.class)
+                .hasMessage(ErrorCode.BAD_REQUEST.getMessage());
+    }
+
+    @Test
+    @DisplayName("유효하지 않은 RefreshToken이면 INVALID_TOKEN 예외 발생")
+    void logout_invalidToken() {
+        // given: 잘못된 토큰 쿠키 세팅
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie("refreshToken", "invalidToken"));
+        MockHttpServletResponse response = new MockHttpServletResponse();
+
+        // when & then
+        assertThatThrownBy(() -> userService.logout(request, response))
+                .isInstanceOf(CustomException.class)
+                .hasMessage(ErrorCode.INVALID_TOKEN.getMessage());
+    }
 }