From 760bf590105d675ed90227c72b2b1efe5c18ddda Mon Sep 17 00:00:00 2001 From: seungwookc97 Date: Mon, 22 Sep 2025 09:44:54 +0900 Subject: [PATCH 1/2] =?UTF-8?q?feat=20:=20=EA=B8=B0=EC=A1=B4=20=EC=95=A1?= =?UTF-8?q?=EC=84=B8=EC=8A=A4=20=ED=86=A0=ED=81=B0=20=EB=8C=80=EC=8B=A0=20?= =?UTF-8?q?=EB=A6=AC=ED=94=84=EB=A0=88=EC=8B=9C=20=ED=86=A0=ED=81=B0=20?= =?UTF-8?q?=EA=B0=99=EC=9D=B4=20=EB=B0=9C=EA=B8=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../CustomOAuth2LoginSuccessHandler.java | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java b/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java index 107671a9..2f96a3ec 100644 --- a/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java +++ b/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java @@ -1,8 +1,6 @@ package com.back.global.security; -import com.back.domain.user.service.UserService; -import com.back.global.jwt.JwtUtil; -import com.back.global.rq.Rq; +import com.back.domain.user.service.UserAuthService; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; @@ -13,14 +11,12 @@ import org.springframework.stereotype.Component; import java.io.IOException; -import java.util.concurrent.TimeUnit; @Component @RequiredArgsConstructor public class CustomOAuth2LoginSuccessHandler implements AuthenticationSuccessHandler { - private final Rq rq; - private final JwtUtil jwtUtil; - private final UserService userService; + + private final UserAuthService userAuthService; @Value("${FRONTEND_URL}") private String frontendUrl; @@ -29,11 +25,8 @@ public class CustomOAuth2LoginSuccessHandler implements AuthenticationSuccessHan public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { SecurityUser securityUser = (SecurityUser) authentication.getPrincipal(); - // Access Token 생성 - String accessToken = jwtUtil.generateAccessToken(securityUser.getId(), securityUser.getEmail()); - - // 쿠키에 토큰 저장 - rq.setCrossDomainCookie("accessToken", accessToken, (int) TimeUnit.MINUTES.toSeconds(20)); + // Access Token과 Refresh Token 발급 + userAuthService.issueTokens(response, securityUser.getId(), securityUser.getEmail()); // 프론트엔드로 리다이렉트 String redirectUrl = frontendUrl + "/oauth/success"; From 86f63226ade277ac9f8307a6c00c88437de91a9e Mon Sep 17 00:00:00 2001 From: seungwookc97 Date: Mon, 22 Sep 2025 10:02:46 +0900 Subject: [PATCH 2/2] =?UTF-8?q?feat=20:=20jwt=ED=86=A0=ED=81=B0=EC=97=90?= =?UTF-8?q?=20=EB=8B=89=EB=84=A4=EC=9E=84=20=ED=8C=8C=EB=9D=BC=EB=AF=B8?= =?UTF-8?q?=ED=84=B0=20=EC=B6=94=EA=B0=80=20=EB=B0=8F=20=EC=BD=94=EB=93=9C?= =?UTF-8?q?=20=EB=A6=AC=ED=8C=A9=ED=86=A0=EB=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../back/domain/user/service/UserAuthService.java | 13 ++++++++++--- src/main/java/com/back/global/jwt/JwtUtil.java | 14 ++------------ src/main/java/com/back/global/rq/Rq.java | 2 +- .../security/CustomAuthenticationFilter.java | 2 +- .../security/CustomOAuth2LoginSuccessHandler.java | 2 +- .../com/back/global/security/SecurityUser.java | 12 ++++++++---- 6 files changed, 23 insertions(+), 22 deletions(-) diff --git a/src/main/java/com/back/domain/user/service/UserAuthService.java b/src/main/java/com/back/domain/user/service/UserAuthService.java index 0440b1b3..e27322a4 100644 --- a/src/main/java/com/back/domain/user/service/UserAuthService.java +++ b/src/main/java/com/back/domain/user/service/UserAuthService.java @@ -87,8 +87,8 @@ public String generateUniqueNickname(String baseNickname) { // 리프레시 토큰 관련 - public void issueTokens(HttpServletResponse response, Long userId, String email) { - String accessToken = jwtUtil.generateAccessToken(userId, email); + public void issueTokens(HttpServletResponse response, Long userId, String email, String nickname) { + String accessToken = jwtUtil.generateAccessToken(userId, email, nickname); String refreshToken = refreshTokenService.generateRefreshToken(userId, email); jwtUtil.addAccessTokenToCookie(response, accessToken); @@ -112,8 +112,15 @@ public boolean refreshTokens(HttpServletRequest request, HttpServletResponse res Long userId = refreshTokenEntity.getUserId(); String email = refreshTokenEntity.getEmail(); + // DB에서 현재 nickname 조회 + Optional user = userRepository.findById(userId); + if (user.isEmpty()) { + return false; + } + String nickname = user.get().getNickname(); + String newRefreshToken = refreshTokenService.rotateToken(oldRefreshToken); - String newAccessToken = jwtUtil.generateAccessToken(userId, email); + String newAccessToken = jwtUtil.generateAccessToken(userId, email, nickname); jwtUtil.addAccessTokenToCookie(response, newAccessToken); jwtUtil.addRefreshTokenToCookie(response, newRefreshToken); diff --git a/src/main/java/com/back/global/jwt/JwtUtil.java b/src/main/java/com/back/global/jwt/JwtUtil.java index 011142e6..e49108fb 100644 --- a/src/main/java/com/back/global/jwt/JwtUtil.java +++ b/src/main/java/com/back/global/jwt/JwtUtil.java @@ -28,13 +28,14 @@ public JwtUtil(@Value("${custom.jwt.secretKey}") String secretKey, this.accessTokenExpiration = accessTokenExpiration * 1000; } - public String generateAccessToken(Long userId, String email) { + public String generateAccessToken(Long userId, String email, String nickname) { Date now = new Date(); Date expiration = new Date(now.getTime() + accessTokenExpiration); return Jwts.builder() .subject(String.valueOf(userId)) .claim("email", email) + .claim("nickname", nickname) .issuedAt(now) .expiration(expiration) .signWith(secretKey) @@ -50,17 +51,6 @@ public void addAccessTokenToCookie(HttpServletResponse response, String accessTo response.addCookie(cookie); } - public String getAccessTokenFromCookie(HttpServletRequest request) { - Cookie[] cookies = request.getCookies(); - if (cookies != null) { - for (Cookie cookie : cookies) { - if (ACCESS_TOKEN_COOKIE_NAME.equals(cookie.getName())) { - return cookie.getValue(); - } - } - } - return null; - } public void removeAccessTokenCookie(HttpServletResponse response) { Cookie cookie = new Cookie(ACCESS_TOKEN_COOKIE_NAME, null); diff --git a/src/main/java/com/back/global/rq/Rq.java b/src/main/java/com/back/global/rq/Rq.java index ba09f564..cf10341a 100644 --- a/src/main/java/com/back/global/rq/Rq.java +++ b/src/main/java/com/back/global/rq/Rq.java @@ -48,7 +48,7 @@ public User getActor() { return User.builder() .id(securityUser.getId()) .email(securityUser.getEmail()) - .nickname(securityUser.getName()) + .nickname(securityUser.getNickname()) .role(role) .build(); }) diff --git a/src/main/java/com/back/global/security/CustomAuthenticationFilter.java b/src/main/java/com/back/global/security/CustomAuthenticationFilter.java index 58bfed5a..2aec9dd7 100644 --- a/src/main/java/com/back/global/security/CustomAuthenticationFilter.java +++ b/src/main/java/com/back/global/security/CustomAuthenticationFilter.java @@ -116,7 +116,7 @@ private void work(HttpServletRequest request, HttpServletResponse response, Filt // accessToken이 만료됐으면 새로 발급 if (isAccessTokenExists && !isAccessTokenValid) { - String newAccessToken = jwtUtil.generateAccessToken(user.getId(), user.getEmail()); + String newAccessToken = jwtUtil.generateAccessToken(user.getId(), user.getEmail(), user.getNickname()); rq.setCrossDomainCookie("accessToken", newAccessToken, accessTokenExpiration); } diff --git a/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java b/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java index 2f96a3ec..4fc70819 100644 --- a/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java +++ b/src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java @@ -26,7 +26,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo SecurityUser securityUser = (SecurityUser) authentication.getPrincipal(); // Access Token과 Refresh Token 발급 - userAuthService.issueTokens(response, securityUser.getId(), securityUser.getEmail()); + userAuthService.issueTokens(response, securityUser.getId(), securityUser.getEmail(), securityUser.getNickname()); // 프론트엔드로 리다이렉트 String redirectUrl = frontendUrl + "/oauth/success"; diff --git a/src/main/java/com/back/global/security/SecurityUser.java b/src/main/java/com/back/global/security/SecurityUser.java index 25aa02b6..023ce3cf 100644 --- a/src/main/java/com/back/global/security/SecurityUser.java +++ b/src/main/java/com/back/global/security/SecurityUser.java @@ -13,7 +13,7 @@ public class SecurityUser extends User implements OAuth2User { private Long id; @Getter - private String name; + private String nickname; @Getter private String email; @@ -24,13 +24,13 @@ public class SecurityUser extends User implements OAuth2User { public SecurityUser( long id, String email, - String name, + String nickname, Collection authorities, Map attributes ) { super(email, "", authorities); // OAuth2에서는 빈 패스워드 this.id = id; - this.name = name; + this.nickname = nickname; this.email = email; this.attributes = attributes; } @@ -42,6 +42,10 @@ public Map getAttributes() { @Override public String getName() { - return name; // OAuth2User 인터페이스용 + return nickname; // OAuth2User 인터페이스용 - nickname 반환 + } + + public String getNickname() { + return getName(); } }