depromeet · helenason · Feb 28, 2025 · Feb 25, 2025 · Feb 25, 2025 · Feb 25, 2025
@@ -0,0 +1,27 @@
+package com.evenly.took.feature.auth.api;
+
+import org.springframework.stereotype.Component;
+
+import com.evenly.took.global.exception.auth.jwt.AuthErrorCode;
+import com.evenly.took.global.exception.auth.oauth.InvalidTokenException;
+
+import jakarta.servlet.http.HttpServletRequest;
+
+@Component
+public class HeaderHandler {
+
+	private static final String HEADER_KEY_OF_AUTH = "Authorization";
+	private static final String HEADER_VALUE_PREFIX_OF_AUTH = "Bearer ";
+
+	public String resolveAccessToken(HttpServletRequest request) {
+		String bearerToken = request.getHeader(HEADER_KEY_OF_AUTH);
+		validateAuthHeader(bearerToken);
+		return bearerToken.substring(HEADER_VALUE_PREFIX_OF_AUTH.length());
+	}
+
+	private void validateAuthHeader(String bearerToken) {
+		if (bearerToken == null || !bearerToken.startsWith(HEADER_VALUE_PREFIX_OF_AUTH)) {
+			throw new InvalidTokenException(AuthErrorCode.JWT_UNAUTHORIZED);
+		}
+	}
+}
@@ -1,12 +1,12 @@
 package com.evenly.took.feature.auth.api;
 
-import java.io.IOException;
-
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestParam;
 
 import com.evenly.took.feature.auth.domain.OAuthType;
+import com.evenly.took.feature.auth.dto.response.AuthResponse;
+import com.evenly.took.feature.auth.dto.response.OAuthUrlResponse;
 import com.evenly.took.global.response.SuccessResponse;
 
 import io.swagger.v3.oas.annotations.Operation;
@@ -15,30 +15,31 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import jakarta.servlet.http.HttpServletResponse;
 
 @Tag(name = "[1. OAuth]")
 public interface OAuthApi {
 
 	@Operation(
 		summary = "소셜 로그인 인가 URL 리다이렉트",
-		description = "지정된 OAuthType에 따른 소셜 로그인 인가 코드 요청 URL로 클라이언트를 리다이렉트합니다."
-	)
-	@ApiResponse(responseCode = "302", description = "리다이렉트 성공")
+		description = "지정된 OAuthType에 따른 소셜 로그인 인가 코드 요청 URL로 클라이언트를 리다이렉트합니다.")
+	@ApiResponse(
+		responseCode = "302",
+		description = "리다이렉트 성공",
+		content = @Content(schema = @Schema(implementation = SuccessResponse.class)))
 	@GetMapping("/{oauthType}")
-	void redirectAuthRequestUrl(
+	SuccessResponse<OAuthUrlResponse> redirectAuthRequestUrl(
 		@Parameter(description = "소셜 공급자 타입 (예: GOOGLE, KAKAO, APPLE)", required = true, example = "GOOGLE")
-		@PathVariable OAuthType oauthType,
-		HttpServletResponse response) throws IOException;
+		@PathVariable OAuthType oauthType);
 
 	@Operation(
-		summary = "소셜 로그인 및 JWT 토큰 발급",
-		description = "소셜 로그인 인가 코드를 통해 JWT 토큰(Access Token)을 발급받습니다."
-	)
-	@ApiResponse(responseCode = "200", description = "로그인 성공",
+		summary = "소셜 로그인 및 토큰 발급",
+		description = "소셜 로그인 인가 코드를 통해 토큰(Access Token & Refresh Token)을 발급받습니다.")
+	@ApiResponse(
+		responseCode = "200",
+		description = "로그인 성공",
 		content = @Content(schema = @Schema(implementation = SuccessResponse.class)))
 	@GetMapping("/login/{oauthType}")
-	SuccessResponse login(
+	SuccessResponse<AuthResponse> login( // TODO 에러 응답 추가
 		@Parameter(description = "소셜 공급자 타입 (예: GOOGLE, KAKAO, APPLE)", required = true, example = "GOOGLE")
 		@PathVariable OAuthType oauthType,
 		@Parameter(description = "소셜 서버로부터 전달받은 인가 코드", required = true)

@@ -1,18 +1,20 @@
 package com.evenly.took.feature.auth.api;
 
-import java.io.IOException;
-
+import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 import com.evenly.took.feature.auth.application.OAuthService;
 import com.evenly.took.feature.auth.domain.OAuthType;
-import com.evenly.took.feature.auth.dto.response.JwtResponse;
+import com.evenly.took.feature.auth.dto.request.RefreshTokenRequest;
+import com.evenly.took.feature.auth.dto.response.AuthResponse;
+import com.evenly.took.feature.auth.dto.response.OAuthUrlResponse;
+import com.evenly.took.feature.auth.dto.response.TokenResponse;
 import com.evenly.took.global.response.SuccessResponse;
 
-import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
 
 @RestController
@@ -22,15 +24,20 @@ public class OAuthController implements OAuthApi {
 	private final OAuthService oauthService;
 
 	@GetMapping("/api/oauth/{oauthType}")
-	public void redirectAuthRequestUrl(@PathVariable OAuthType oauthType, HttpServletResponse response) throws
-		IOException {
-		String url = oauthService.getAuthCodeRequestUrl(oauthType);
-		response.sendRedirect(url);
+	public SuccessResponse<OAuthUrlResponse> redirectAuthRequestUrl(@PathVariable OAuthType oauthType) {
+		OAuthUrlResponse response = oauthService.getAuthCodeRequestUrl(oauthType);
+		return SuccessResponse.of(HttpStatus.FOUND, response);
 	}
 
 	@GetMapping("/api/oauth/login/{oauthType}")
-	public SuccessResponse login(@PathVariable OAuthType oauthType, @RequestParam String code) {
-		JwtResponse jwtResponse = oauthService.loginAndGenerateToken(oauthType, code);
-		return SuccessResponse.of(jwtResponse.accessToken());
+	public SuccessResponse<AuthResponse> login(@PathVariable OAuthType oauthType, @RequestParam String code) {
+		AuthResponse response = oauthService.loginAndGenerateToken(oauthType, code);
+		return SuccessResponse.of(response);
+	}
+
+	@GetMapping("/api/oauth/refresh")
+	public SuccessResponse<TokenResponse> refreshToken(@RequestBody RefreshTokenRequest request) {
+		TokenResponse response = oauthService.refreshToken(request);
+		return SuccessResponse.of(response);
 	}
 }
@@ -3,12 +3,15 @@
 import org.springframework.stereotype.Service;
 
 import com.evenly.took.feature.auth.domain.OAuthType;
-import com.evenly.took.feature.auth.dto.response.JwtResponse;
+import com.evenly.took.feature.auth.dto.TokenDto;
+import com.evenly.took.feature.auth.dto.request.RefreshTokenRequest;
+import com.evenly.took.feature.auth.dto.response.AuthResponse;
+import com.evenly.took.feature.auth.dto.response.OAuthUrlResponse;
+import com.evenly.took.feature.auth.dto.response.TokenResponse;
 import com.evenly.took.feature.user.dao.UserRepository;
 import com.evenly.took.feature.user.domain.User;
 import com.evenly.took.global.security.client.AuthCodeRequestUrlProviderComposite;
 import com.evenly.took.global.security.client.UserClientComposite;
-import com.evenly.took.global.security.jwt.JwtTokenProvider;
 
 import lombok.RequiredArgsConstructor;
 
@@ -19,19 +22,24 @@ public class OAuthService {
 	private final AuthCodeRequestUrlProviderComposite authCodeComposite;
 	private final UserClientComposite userClientComposite;
 	private final UserRepository userRepository;
-	private final JwtTokenProvider jwtTokenProvider;
+	private final TokenProvider tokenProvider;
 
-	public String getAuthCodeRequestUrl(OAuthType oauthType) {
-		return authCodeComposite.provide(oauthType);
+	public OAuthUrlResponse getAuthCodeRequestUrl(OAuthType oauthType) {
+		String url = authCodeComposite.provide(oauthType);
+		return new OAuthUrlResponse(url);
 	}
 
-	public JwtResponse loginAndGenerateToken(OAuthType oauthType, String authCode) {
+	public AuthResponse loginAndGenerateToken(OAuthType oauthType, String authCode) {
 		User user = userClientComposite.fetch(oauthType, authCode);
 		User savedUser = userRepository.findByOauthIdentifier(user.getOauthIdentifier())
 			.orElseGet(() -> userRepository.save(user));
+		TokenDto tokens = tokenProvider.provideTokens(savedUser);
+		return new AuthResponse(tokens, user);
+	}
 
-		String accessToken = jwtTokenProvider.generateAccessToken(savedUser);
-
-		return new JwtResponse(accessToken);
+	public TokenResponse refreshToken(RefreshTokenRequest request) {
+		String refreshToken = request.refreshToken();
+		String accessToken = tokenProvider.provideAccessTokenByRefreshToken(refreshToken);
+		return new TokenResponse(accessToken, refreshToken);
 	}
 }
@@ -0,0 +1,33 @@
+package com.evenly.took.feature.auth.application;
+
+import org.springframework.stereotype.Component;
+
+import com.evenly.took.feature.auth.dto.TokenDto;
+import com.evenly.took.feature.user.domain.User;
+import com.evenly.took.global.security.auth.JwtTokenProvider;
+import com.evenly.took.global.security.auth.UuidTokenProvider;
+
+import lombok.RequiredArgsConstructor;
+
+@Component
+@RequiredArgsConstructor
+public class TokenProvider {
+
+	private final JwtTokenProvider jwtTokenProvider;
+	private final UuidTokenProvider uuidTokenProvider;
+
+	public void validateAccessToken(String accessToken) {
+		jwtTokenProvider.validateToken(accessToken);
+	}
+
+	public TokenDto provideTokens(User user) {
+		String accessToken = jwtTokenProvider.generateAccessToken(user.getId().toString());
+		String refreshToken = uuidTokenProvider.generateRefreshToken(user.getId().toString());
+		return new TokenDto(accessToken, refreshToken);
+	}
+
+	public String provideAccessTokenByRefreshToken(String refreshToken) {
+		String userId = uuidTokenProvider.getUserId(refreshToken);
+		return jwtTokenProvider.generateAccessToken(userId);
+	}
+}
@@ -0,0 +1,7 @@
+package com.evenly.took.feature.auth.dto;
+
+public record TokenDto(
+	String accessToken,
+	String refreshToken
+) {
+}
@@ -0,0 +1,6 @@
+package com.evenly.took.feature.auth.dto.request;
+
+public record RefreshTokenRequest(
+	String refreshToken
+) {
+}
@@ -0,0 +1,18 @@
+package com.evenly.took.feature.auth.dto.response;
+
+import com.evenly.took.feature.auth.dto.TokenDto;
+import com.evenly.took.feature.user.domain.User;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+
+@Schema(description = "로그인 응답")
+public record AuthResponse(
+	@Schema(description = "액세스 토큰 및 리프레시 토큰 정보") TokenResponse token,
+	@Schema(description = "로그인 사용자 정보") UserResponse user
+) {
+
+	public AuthResponse(TokenDto tokens, User user) {
+		this(new TokenResponse(tokens.accessToken(), tokens.refreshToken()),
+			new UserResponse(user));
+	}
+}
@@ -1,6 +1,6 @@
 package com.evenly.took.feature.auth.dto.response;
 
-public record JwtResponse(
-	String accessToken
+public record OAuthUrlResponse(
+	String url
 ) {
 }
@@ -0,0 +1,10 @@
+package com.evenly.took.feature.auth.dto.response;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+
+@Schema(description = "로그인 토큰 정보")
+public record TokenResponse(
+	@Schema(description = "액세스 토큰 정보") String accessToken,
+	@Schema(description = "리프레시 토큰 정보") String refreshToken
+) {
+}
@@ -0,0 +1,16 @@
+package com.evenly.took.feature.auth.dto.response;
+
+import com.evenly.took.feature.user.domain.User;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+
+@Schema(description = "로그인 사용자 정보")
+public record UserResponse(
+	@Schema(description = "사용자 ID") Long id,
+	@Schema(description = "사용자 이름") String name
+) {
+
+	public UserResponse(User user) {
+		this(user.getId(), user.getName());
+	}
+}
@@ -3,10 +3,10 @@
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
-import com.evenly.took.global.config.properties.jwt.JwtProperties;
+import com.evenly.took.global.config.properties.jwt.AuthProperties;
 
 @EnableConfigurationProperties({
-	JwtProperties.class,
+	AuthProperties.class,
 })
 @Configuration
 public class PropertiesConfig {

@@ -2,10 +2,11 @@
 
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
-@ConfigurationProperties(prefix = "jwt")
-public record JwtProperties(
+@ConfigurationProperties(prefix = "auth")
+public record AuthProperties(
 	String accessTokenSecret,
-	Long accessTokenExpirationTime
+	Long accessTokenExpirationTime,
+	Long refreshTokenExpirationTime
 ) {
 
 	public Long accessTokenExpirationMilliTime() {

@@ -14,6 +14,8 @@
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
+import jakarta.servlet.http.HttpServletResponse;
+
 @Configuration
 @EnableWebSecurity
 public class WebSecurityConfig {
@@ -34,11 +36,16 @@ public SecurityFilterChain swaggerFilterChain(HttpSecurity http) throws Exceptio
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		defaultFilterChain(http);
 
-		http.authorizeHttpRequests(authorize -> authorize
-			.requestMatchers("/public/**").permitAll()
-			.requestMatchers("/api/health").permitAll()
-			.requestMatchers("/api/oauth").permitAll()
-			.anyRequest().authenticated());
+		http.exceptionHandling(exception -> exception
+				.authenticationEntryPoint((request, response, authException) -> {
+					response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage());
+				})
+			) // TODO 예외 응답 형식 통일
+			.authorizeHttpRequests(authorize -> authorize
+				.requestMatchers("/public/**").permitAll()
+				.requestMatchers("/api/health").permitAll()
+				.requestMatchers("/api/**").permitAll()
+				.anyRequest().authenticated());
 
 		return http.build();
 	}

diff --git a/src/main/java/com/evenly/took/global/exception/auth/jwt/AuthErrorCode.java b/src/main/java/com/evenly/took/global/exception/auth/jwt/AuthErrorCode.java
@@ -0,0 +1,23 @@
+package com.evenly.took.global.exception.auth.jwt;
+
+import org.springframework.http.HttpStatus;
+
+import com.evenly.took.global.exception.ErrorCode;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+public enum AuthErrorCode implements ErrorCode {
+
+	OAUTH_TYPE_NOT_FOUND(HttpStatus.NOT_FOUND, "OAuth 타입을 찾을 수 없습니다."),
+	JWT_UNAUTHORIZED(HttpStatus.UNAUTHORIZED, "JWT를 찾을 수 없습니다."),
+	EXPIRED_REFRESH_TOKEN(HttpStatus.UNAUTHORIZED, "refresh token이 만료되었습니다."),
+	EXPIRED_ACCESS_TOKEN(HttpStatus.UNAUTHORIZED, "access token이 만료되었습니다."),
+	INVALID_ACCESS_TOKEN(HttpStatus.UNAUTHORIZED, "access token이 유효하지 않습니다."),
+	;
+
+	private final HttpStatus status;
+	private final String message;
+}