From f616e29e961cb0c7f703d04723d45bbdd6c28b43 Mon Sep 17 00:00:00 2001
From: baeksom <97323941+baeksom@users.noreply.github.com>
Date: Sun, 26 May 2024 21:16:51 +0900
Subject: [PATCH] =?UTF-8?q?[UPDATE]:=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?=
 =?UTF-8?q?=EC=BF=A0=ED=82=A4=20=EC=84=A4=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../user/controller/TokenController.java      |  7 ++-----
 .../user/service/auth/TokenService.java       |  1 +
 .../global/security/filter/JwtAuthFilter.java | 19 ++++++++++++++++---
 3 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java b/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java
index d56fb1e..c5cb6b0 100644
--- a/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java
+++ b/src/main/java/KGUcapstone/OutDecision/domain/user/controller/TokenController.java
@@ -9,7 +9,6 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
@@ -35,14 +34,12 @@ public ApiResponse<Object> logout(HttpServletResponse response) {
         return ApiResponse.onSuccess(null);
     }
 
-    @GetMapping("/token/refresh")
+    @PostMapping("/token/refresh")
     public ResponseEntity<ApiResponse<Object>> refresh(HttpServletResponse response) {
         String accessToken = findMemberService.getTokenFromCookies();
-        System.out.println("accessToken = " + accessToken);
         String newAccessToken = tokenService.republishAccessToken(accessToken, response);
-        System.out.println("newAccessToken = " + newAccessToken);
         if (StringUtils.hasText(newAccessToken)) {
-            System.out.println("변경 완");
+            // 클라이언트에게 응답할 때 쿠키를 변경한다.
             return ResponseEntity.ok(ApiResponse.onSuccess(newAccessToken));
         }
 
diff --git a/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java b/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java
index b86dfc2..6a2c35c 100644
--- a/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java
+++ b/src/main/java/KGUcapstone/OutDecision/domain/user/service/auth/TokenService.java
@@ -54,6 +54,7 @@ public String republishAccessToken(String accessToken, HttpServletResponse respo
             // 액세스 토큰의 값을 수정해준다.
             resultToken.updateAccessToken(newAccessToken);
             tokenRepository.save(resultToken);
+            addCookie(response, "Authorization", newAccessToken, 60*60);
             log.info("Attempting to republish accessToken: {}", newAccessToken);
             // 새로운 액세스 토큰을 반환해준다.
             return newAccessToken;
diff --git a/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java b/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java
index cee2ce9..a1ac6e6 100644
--- a/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java
+++ b/src/main/java/KGUcapstone/OutDecision/global/security/filter/JwtAuthFilter.java
@@ -58,10 +58,23 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             String newAccessToken = tokenService.republishAccessToken(atc, response);
 
             if (newAccessToken != null) {
-                addCookie(response, "Authorization", newAccessToken, 60 * 60);
                 log.info("토큰 발급 완료 필터 newAccessToken = {}", newAccessToken);
 
-                filterChain.doFilter(request, response);
+                // 원래 요청을 새로 만든 토큰으로 다시 수행
+                HttpServletRequestWrapper requestWrapper = new HttpServletRequestWrapper(request) {
+                    @Override
+                    public Cookie[] getCookies() {
+                        Cookie[] cookies = super.getCookies();
+                        for (Cookie cookie : cookies) {
+                            if ("Authorization".equals(cookie.getName())) {
+                                cookie.setValue(newAccessToken);
+                            }
+                        }
+                        return cookies;
+                    }
+                };
+
+                filterChain.doFilter(requestWrapper, response);
                 return;
             } else {
                 log.error("새로운 토큰 발급 실패");
@@ -95,4 +108,4 @@ public Authentication getAuthentication(SecurityUserDto member) {
         return new UsernamePasswordAuthenticationToken(member, "",
                 List.of(new SimpleGrantedAuthority(member.getRole())));
     }
-}
+}
\ No newline at end of file