Merge pull request #65 from TinU-Official/issue63/refresh-token-logic…

…-feat

Issue63/refresh token logic feat

build.gradle

@@ -51,6 +51,9 @@ dependencies {
 	implementation "io.jsonwebtoken:jjwt-api:0.11.5"
 	implementation "io.jsonwebtoken:jjwt-impl:0.11.5"
 	implementation("io.jsonwebtoken:jjwt-jackson:0.11.5")
+
+	//OAuth2 관련 의존성 추가
+	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
 }
 
 kotlin {

src/main/kotlin/com/tinuproject/tinu/domain/entity/RefreshToken.kt

@@ -0,0 +1,19 @@
+package com.tinuproject.tinu.domain.entity
+
+import com.tinuproject.tinu.domain.entity.base.BaseEntity
+import jakarta.persistence.*
+import java.util.*
+
+@Entity
+class RefreshToken(
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    var id : Long?= null,
+
+    @Column(unique = true)
+    var userId : UUID,
+
+    @Column(unique = true)
+    var token : String
+){
+}

src/main/kotlin/com/tinuproject/tinu/domain/enum/Social.kt

@@ -3,5 +3,14 @@ package com.tinuproject.tinu.domain.enum
 enum class Social(var code:Int, var company : String) {
     KAKAO(0, "카카오"),
     GOOGLE(1, "구글"),
-    NAVER(2, "네이버")
+    NAVER(2, "네이버");
+
+
+    companion object{
+        fun getSocial(provider : String) : Social{
+            if(provider == "kakao") return KAKAO
+            else  return NAVER
+        }
+    }
+
 }

src/main/kotlin/com/tinuproject/tinu/domain/exception/token/InvalidedToken.kt

@@ -2,5 +2,6 @@ package com.tinuproject.tinu.domain.exception.token
 
 import com.tinuproject.tinu.domain.exception.base.BaseException
 
-class InvalidedToken:BaseException(TokenErrorCode.TOKEN_INVALIDED) {
-}
+class InvalidedToken(
+
+):BaseException(tokenErrorCode=TokenErrorCode.TOKEN_INVALIDED) {}

src/main/kotlin/com/tinuproject/tinu/domain/socialmember/repository/SocialMemberRepository.kt

@@ -0,0 +1,13 @@
+package com.tinuproject.tinu.domain.socialmember.repository
+
+import com.tinuproject.tinu.domain.entity.SocialMember
+import org.springframework.data.repository.CrudRepository
+import org.springframework.stereotype.Repository
+import java.util.*
+
+@Repository
+interface SocialMemberRepository:CrudRepository<SocialMember, Long> {
+    fun findByUserId(userId : UUID) : SocialMember?
+
+    fun findByProviderId(providerId : String) : SocialMember?
+}

src/main/kotlin/com/tinuproject/tinu/domain/socialmember/service/SocialMemberService.kt

@@ -0,0 +1,4 @@
+package com.tinuproject.tinu.domain.socialmember.service
+
+interface SocialMemberService {
+}

src/main/kotlin/com/tinuproject/tinu/security/RefreshTokenRepository.kt

@@ -0,0 +1,19 @@
+package com.tinuproject.tinu.security
+
+import com.tinuproject.tinu.domain.entity.RefreshToken
+import jakarta.persistence.ManyToOne
+import jakarta.transaction.Transactional
+import org.springframework.data.jpa.repository.Modifying
+import org.springframework.data.repository.CrudRepository
+import org.springframework.stereotype.Repository
+import java.util.*
+
+@Repository
+interface RefreshTokenRepository:CrudRepository<RefreshToken, Long> {
+
+    fun findByUserId(userId : UUID) : RefreshToken
+
+    @Transactional
+    @Modifying
+    fun deleteByUserId(userId : UUID)
+}

src/main/kotlin/com/tinuproject/tinu/security/config/SecurityConfig.kt

@@ -1,5 +1,9 @@
 package com.tinuproject.tinu.security.config
 
+import com.tinuproject.tinu.security.filter.JwtTokenFilter
+import com.tinuproject.tinu.security.jwt.JwtUtil
+import com.tinuproject.tinu.security.oauth2.handler.OAuthLoginFailureHandler
+import com.tinuproject.tinu.security.oauth2.handler.OAuthLoginSuccessHandler
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.Customizer
@@ -17,18 +21,22 @@ import org.springframework.security.config.annotation.web.configurers.SessionMan
 import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer
 import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.web.SecurityFilterChain
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
 
 @Configuration
 @EnableWebSecurity
 class SecurityConfig(
+    private val jwtUtil: JwtUtil,
+    private val oauth2LoginSuccessHandler: OAuthLoginSuccessHandler,
+    private val oAuthLoginFailureHandler: OAuthLoginFailureHandler
 ) {
 
     @Bean
     fun configure(): WebSecurityCustomizer? {
         return WebSecurityCustomizer { web: WebSecurity ->
             //로그인이 아예 안되어 있어도 괜찮은 api
             //해당 ""에 API 추가시 해당 API는 필터를 거치지 않음.
-            web.ignoring().requestMatchers("")
+//            web.ignoring().requestMatchers("")
         }
     }
 
@@ -61,15 +69,15 @@ class SecurityConfig(
                 Customizer { authorize ->
                     authorize
                         //TODO(배포 전 로그인 되어 있어야만 서비스 이용가능하게 변경)
-                        .requestMatchers("/**").permitAll()//로그인 여부 상관없이 적용
+                        .requestMatchers("/**").authenticated()
+//                        .requestMatchers("/**").permitAll()//로그인 여부 상관없이 적용
                         .anyRequest().authenticated()//로그인 이후엔 모두 허용
                 }
             )
             .oauth2Login { oauth: OAuth2LoginConfigurer<HttpSecurity?> ->  // OAuth2 로그인 기능에 대한 여러 설정의 진입점
                 oauth
-                    //TODO(핸들러 제작 이후 추가)
-                    //.successHandler() // 로그인 성공 시 핸들러
-                    //.failureHandler() // 로그인 실패 시 핸들러
+                    .successHandler(oauth2LoginSuccessHandler) // 로그인 성공 시 핸들러
+                    .failureHandler(oAuthLoginFailureHandler) // 로그인 실패 시 핸들러
             }
             .sessionManagement {
                 Customizer { session: SessionManagementConfigurer<HttpSecurity?> ->
@@ -78,6 +86,8 @@ class SecurityConfig(
                 }
             }
             //TODO(이후 FILTER 제작 이후 추가)
+//            httpSecurity
+//                .addFilterBefore(JwtTokenFilter(jwtUtil), UsernamePasswordAuthenticationFilter::class.java)
 
         return httpSecurity.build()
 

src/main/kotlin/com/tinuproject/tinu/security/filter/JwtTokenFilter.kt

@@ -44,6 +44,8 @@ class JwtTokenFilter(
         val cookies = httpServeletRequest.cookies
         var hasToken : Boolean = false
         var accesToken : String = ""
+        if(cookies==null) throw Exception()
+
         for(cookie in cookies){
             //Cookie들 중 AccessToken을 갖고 있는지
             if(cookie.name.equals(ACCESSTOKEN_COOKIE)){

src/main/kotlin/com/tinuproject/tinu/security/oauth2/dto/KakaoUserInfo.kt

@@ -0,0 +1,19 @@
+package com.tinuproject.tinu.security.oauth2.dto
+
+class KakaoUserInfo(
+    private var attributes: Map<String, Any>
+) :OAuth2UserInfoDto {
+    override fun getProviderId(): String {
+        return attributes["id"].toString()
+    }
+
+    override fun getProvider(): String {
+        return "kakao"
+    }
+
+    override fun getName() :String{
+
+        return (attributes["properties"] as Map<*, *>)["nickname"].toString()
+
+    }
+}

src/main/kotlin/com/tinuproject/tinu/security/oauth2/dto/NaverUserInfo.kt

@@ -0,0 +1,17 @@
+package com.tinuproject.tinu.security.oauth2.dto
+
+class NaverUserInfo(
+    private var attributes: Map<String, Any>
+):OAuth2UserInfoDto {
+    override fun getProviderId(): String {
+        return attributes["id"].toString()
+    }
+
+    override fun getProvider(): String {
+        return "naver"
+    }
+
+    override fun getName() : String {
+        return attributes["name"].toString()
+    }
+}

src/main/kotlin/com/tinuproject/tinu/security/oauth2/dto/OAuth2UserInfoDto.kt

@@ -0,0 +1,9 @@
+package com.tinuproject.tinu.security.oauth2.dto
+
+interface OAuth2UserInfoDto {
+    fun getProviderId() : String
+
+    fun getProvider() : String
+
+    fun getName() : String
+}

src/main/kotlin/com/tinuproject/tinu/security/oauth2/dto/UserInfoDto.kt

@@ -0,0 +1,14 @@
+package com.tinuproject.tinu.security.oauth2.dto
+
+import java.util.*
+
+class UserInfoDto (
+    var uuid : UUID,
+
+    var name : String,
+
+    var providerId : String,
+
+    var provider : String
+    ) {
+}

src/main/kotlin/com/tinuproject/tinu/security/oauth2/handler/OAuthLoginFailureHandler.kt

@@ -0,0 +1,26 @@
+package com.tinuproject.tinu.security.oauth2.handler
+
+import jakarta.servlet.ServletException
+import jakarta.servlet.http.HttpServletRequest
+import jakarta.servlet.http.HttpServletResponse
+import org.slf4j.Logger
+import org.slf4j.LoggerFactory
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler
+import org.springframework.stereotype.Component
+import java.io.IOException
+
+@Component
+class OAuthLoginFailureHandler(): SimpleUrlAuthenticationFailureHandler() {
+    var log : Logger = LoggerFactory.getLogger(this::class.java)
+
+    @Throws(IOException::class, ServletException::class)
+    override fun onAuthenticationFailure(
+        request: HttpServletRequest?,
+        response: HttpServletResponse?,
+        exception: AuthenticationException
+    ) {
+        log.error("LOGIN FAILED : {}", exception.message)
+        super.onAuthenticationFailure(request, response, exception)
+    }
+}