Merge pull request #64 from WE-ARE-RACCOONS/RAC-223

RAC-223 : �로그아웃 추가
WE-ARE-RACCOONS · Dec 11, 2023 · c09fe86 · c09fe86
2 parents a562733 + f6e19e1
commit c09fe86
Show file tree

Hide file tree

Showing 17 changed files with 103 additions and 74 deletions.
diff --git a/src/main/java/com/postgraduate/domain/auth/application/usecase/jwt/JwtUseCase.java b/src/main/java/com/postgraduate/domain/auth/application/usecase/jwt/JwtUseCase.java
@@ -2,7 +2,7 @@
 
 import com.postgraduate.domain.auth.application.dto.res.JwtTokenResponse;
 import com.postgraduate.domain.user.domain.entity.User;
-import com.postgraduate.global.config.security.jwt.JwtProvider;
+import com.postgraduate.global.config.security.jwt.util.JwtUtils;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
@@ -11,7 +11,7 @@
 @RequiredArgsConstructor
 @Service
 public class JwtUseCase {
-    private final JwtProvider jwtProvider;
+    private final JwtUtils jwtUtils;
     @Value("${jwt.refreshExpiration}")
     private int refreshExpiration;
     @Value("${jwt.accessExpiration}")
@@ -20,15 +20,19 @@ public class JwtUseCase {
     public JwtTokenResponse signIn(User user) {
         return generateToken(user);
     }
+
+    public void logout(User user) {
+        jwtUtils.makeExpired(user.getUserId());
+    }
 
     public JwtTokenResponse regenerateToken(User user, HttpServletRequest request) {
-        jwtProvider.checkRedis(user.getUserId(), request);
+        jwtUtils.checkRedis(user.getUserId(), request);
         return generateToken(user);
     }
 
     private JwtTokenResponse generateToken(User user) {
-        String accessToken = jwtProvider.generateAccessToken(user.getUserId(), user.getRole());
-        String refreshToken = jwtProvider.generateRefreshToken(user.getUserId(), user.getRole());
+        String accessToken = jwtUtils.generateAccessToken(user.getUserId(), user.getRole());
+        String refreshToken = jwtUtils.generateRefreshToken(user.getUserId(), user.getRole());
         return new JwtTokenResponse(accessToken, accessExpiration, refreshToken, refreshExpiration, user.getRole());
     }
 }
diff --git a/src/main/java/com/postgraduate/domain/auth/application/usecase/oauth/SelectOauth.java b/src/main/java/com/postgraduate/domain/auth/application/usecase/oauth/SelectOauth.java
@@ -3,18 +3,20 @@
 import com.postgraduate.domain.auth.application.usecase.SignInUseCase;
 import com.postgraduate.domain.auth.application.usecase.oauth.kakao.KakaoSignInUseCase;
 import com.postgraduate.domain.auth.exception.OauthException;
+import com.postgraduate.domain.auth.presentation.constant.Provider;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 
+import static com.postgraduate.domain.auth.presentation.constant.Provider.KAKAO;
+
 @RequiredArgsConstructor
 @Component
 public class SelectOauth {
     private final KakaoSignInUseCase kakaoSignInUseCase;
 
-    public SignInUseCase selectStrategy(String provider) {
-        switch (provider) {
-            case "KAKAO" : return kakaoSignInUseCase;
-            default: throw new OauthException();
-        }
+    public SignInUseCase selectStrategy(Provider provider) {
+        if (provider.equals(KAKAO))
+            return kakaoSignInUseCase;
+        throw new OauthException();
     }
 }
diff --git a/src/main/java/com/postgraduate/domain/auth/exception/KakaoCodeException.java b/src/main/java/com/postgraduate/domain/auth/exception/KakaoCodeException.java
@@ -1,7 +1,7 @@
 package com.postgraduate.domain.auth.exception;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.AUTH_KAKAO_CODE;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.KAKAO_CODE;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.AUTH_KAKAO_CODE;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.KAKAO_CODE;
 
 public class KakaoCodeException extends AuthException{
     public KakaoCodeException() {

diff --git a/src/main/java/com/postgraduate/domain/auth/exception/KakaoException.java b/src/main/java/com/postgraduate/domain/auth/exception/KakaoException.java
@@ -1,7 +1,7 @@
 package com.postgraduate.domain.auth.exception;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.AUTH_INVALID_KAKAO;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.KAKAO_INVALID;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.AUTH_INVALID_KAKAO;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.KAKAO_INVALID;
 
 public class KakaoException extends AuthException{
     public KakaoException() {

diff --git a/src/main/java/com/postgraduate/domain/auth/exception/OauthException.java b/src/main/java/com/postgraduate/domain/auth/exception/OauthException.java
@@ -1,7 +1,7 @@
 package com.postgraduate.domain.auth.exception;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.NONE_PROVIDER;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.PROVIDER_NONE;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.NONE_PROVIDER;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.PROVIDER_NONE;
 
 public class OauthException extends AuthException{
     public OauthException() {

diff --git a/src/main/java/com/postgraduate/domain/auth/exception/PermissionDeniedException.java b/src/main/java/com/postgraduate/domain/auth/exception/PermissionDeniedException.java
@@ -1,7 +1,7 @@
 package com.postgraduate.domain.auth.exception;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.AUTH_DENIED;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.PERMISSION_DENIED;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.AUTH_DENIED;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.PERMISSION_DENIED;
 
 
 public class PermissionDeniedException extends AuthException {

diff --git a/src/main/java/com/postgraduate/domain/auth/presentation/AuthController.java b/src/main/java/com/postgraduate/domain/auth/presentation/AuthController.java
@@ -10,6 +10,7 @@
 import com.postgraduate.domain.auth.application.usecase.SignUpUseCase;
 import com.postgraduate.domain.auth.application.usecase.jwt.JwtUseCase;
 import com.postgraduate.domain.auth.application.usecase.SignInUseCase;
+import com.postgraduate.domain.auth.presentation.constant.Provider;
 import com.postgraduate.domain.user.domain.entity.User;
 import com.postgraduate.global.dto.ResponseDto;
 import io.swagger.v3.oas.annotations.Operation;
@@ -19,8 +20,8 @@
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.*;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.*;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.*;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.*;
 import static com.postgraduate.domain.senior.presentation.constant.SeniorResponseCode.SENIOR_CREATE;
 import static com.postgraduate.domain.senior.presentation.constant.SeniorResponseMessage.CREATE_SENIOR;
 
@@ -35,7 +36,7 @@ public class AuthController {
 
     @PostMapping("/login/{provider}")
     @Operation(summary = "소셜 로그인", description = "회원인 경우 JWT를, 회원이 아닌 경우 socialId를 반환합니다(회원가입은 진행하지 않습니다).")
-    public ResponseDto<?> authLogin(@RequestBody CodeRequest request, @PathVariable String provider) {
+    public ResponseDto<?> authLogin(@RequestBody CodeRequest request, @PathVariable Provider provider) {
         SignInUseCase signInUseCase = selectOauth.selectStrategy(provider);
         AuthUserResponse authUser = signInUseCase.getUser(request);
         if (authUser.getUser().isEmpty())
@@ -44,11 +45,12 @@ public ResponseDto<?> authLogin(@RequestBody CodeRequest request, @PathVariable
         return ResponseDto.create(AUTH_ALREADY.getCode(), SUCCESS_AUTH.getMessage(), jwtToken);
     }
 
-//    @PostMapping("/logout")
-//    @Operation(summary = "로그아웃", description = "토큰 같이 보내주세요")
-//    public ResponseDto logout() {
-//        return ResponseDto.create(AUTH_CREATE.getCode(), SUCCESS_AUTH.getMessage());
-//    }
+    @PostMapping("/logout")
+    @Operation(summary = "로그아웃", description = "토큰 같이 보내주세요")
+    public ResponseDto logout(@AuthenticationPrincipal User user) {
+        jwtUseCase.logout(user);
+        return ResponseDto.create(AUTH_DELETE.getCode(), LOGOUT_USER.getMessage());
+    }
 
     @PostMapping("/user/signup")
     @Operation(summary = "대학생 회원가입", description = "로그인 API에서 반환한 socialId, 닉네임, 번호, 마케팅 수신여부, 희망 학과, 희망 분야, 매칭 희망 여부")

diff --git a/...resentation/contant/AuthResponseCode.java → ...esentation/constant/AuthResponseCode.java b/...resentation/contant/AuthResponseCode.java → ...esentation/constant/AuthResponseCode.java
@@ -1,4 +1,4 @@
-package com.postgraduate.domain.auth.presentation.contant;
+package com.postgraduate.domain.auth.presentation.constant;
 
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;

diff --git a/...entation/contant/AuthResponseMessage.java → ...ntation/constant/AuthResponseMessage.java b/...entation/contant/AuthResponseMessage.java → ...ntation/constant/AuthResponseMessage.java
@@ -1,4 +1,4 @@
-package com.postgraduate.domain.auth.presentation.contant;
+package com.postgraduate.domain.auth.presentation.constant;
 
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
@@ -9,6 +9,7 @@ public enum AuthResponseMessage {
     SUCCESS_AUTH("사용자 인증에 성공하였습니다."),
     NOT_REGISTERED_USER("가입하지 않은 유저입니다."),
     SUCCESS_REGENERATE_TOKEN("토큰 재발급에 성공하였습니다."),
+    LOGOUT_USER("로그아웃에 성공하였습니다."),
 
     PERMISSION_DENIED("권한이 없습니다."),
     KAKAO_INVALID("카카오 정보가 유효하지 않습니다."),

diff --git a/src/main/java/com/postgraduate/domain/auth/presentation/constant/Provider.java b/src/main/java/com/postgraduate/domain/auth/presentation/constant/Provider.java
@@ -0,0 +1,5 @@
+package com.postgraduate.domain.auth.presentation.constant;
+
+public enum Provider {
+    KAKAO;
+}
diff --git a/src/main/java/com/postgraduate/global/config/security/SecurityConfig.java b/src/main/java/com/postgraduate/global/config/security/SecurityConfig.java
@@ -4,7 +4,7 @@
 import com.postgraduate.global.config.security.jwt.filter.CustomAccessDeniedHandler;
 import com.postgraduate.global.config.security.jwt.filter.CustomAuthenticationEntryPoint;
 import com.postgraduate.global.config.security.jwt.filter.JwtFilter;
-import com.postgraduate.global.config.security.jwt.JwtProvider;
+import com.postgraduate.global.config.security.jwt.util.JwtUtils;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
@@ -25,7 +25,7 @@
 @RequiredArgsConstructor
 public class SecurityConfig {
     private static final String[] PASS = {"/resource/**", "/css/**", "/js/**", "/img/**", "/lib/**"};
-    private final JwtProvider jwtProvider;
+    private final JwtUtils jwtProvider;
     private final CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
     private final CustomAccessDeniedHandler customAccessDeniedHandler;
     @Value("${aesBytesEncryptor.secret}")

diff --git a/src/main/java/com/postgraduate/global/config/security/jwt/constant/Type.java b/src/main/java/com/postgraduate/global/config/security/jwt/constant/Type.java
@@ -0,0 +1,5 @@
+package com.postgraduate.global.config.security.jwt.constant;
+
+public enum Type {
+    ACCESS, REFRESH
+}
diff --git a/...in/java/com/postgraduate/global/config/security/jwt/filter/CustomAccessDeniedHandler.java b/...in/java/com/postgraduate/global/config/security/jwt/filter/CustomAccessDeniedHandler.java
@@ -13,8 +13,8 @@
 
 import java.io.IOException;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.AUTH_DENIED;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.PERMISSION_DENIED;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.AUTH_DENIED;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.PERMISSION_DENIED;
 
 @Component
 @RequiredArgsConstructor

diff --git a/...va/com/postgraduate/global/config/security/jwt/filter/CustomAuthenticationEntryPoint.java b/...va/com/postgraduate/global/config/security/jwt/filter/CustomAuthenticationEntryPoint.java
@@ -14,8 +14,8 @@
 
 import java.io.IOException;
 
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseCode.AUTH_FAILED;
-import static com.postgraduate.domain.auth.presentation.contant.AuthResponseMessage.FAILED_AUTH;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseCode.AUTH_FAILED;
+import static com.postgraduate.domain.auth.presentation.constant.AuthResponseMessage.FAILED_AUTH;
 
 @Component
 @RequiredArgsConstructor

diff --git a/src/main/java/com/postgraduate/global/config/security/jwt/filter/JwtFilter.java b/src/main/java/com/postgraduate/global/config/security/jwt/filter/JwtFilter.java
@@ -1,6 +1,6 @@
 package com.postgraduate.global.config.security.jwt.filter;
 
-import com.postgraduate.global.config.security.jwt.JwtProvider;
+import com.postgraduate.global.config.security.jwt.util.JwtUtils;
 import com.postgraduate.global.exception.ApplicationException;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -15,10 +15,13 @@
 
 import java.io.IOException;
 
+import static com.postgraduate.global.config.security.jwt.constant.Type.ACCESS;
+import static com.postgraduate.global.config.security.jwt.constant.Type.REFRESH;
+
 @RequiredArgsConstructor
 @Slf4j
 public class JwtFilter extends OncePerRequestFilter {
-    private final JwtProvider jwtProvider;
+    private final JwtUtils jwtProvider;
     private final String AUTHORIZATION = "Authorization";
     private final String BEARER = "Bearer";
 
@@ -27,9 +30,16 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
         String token = resolveToken(request);
         if (token != null) {
             log.info("토큰 함께 요청 : {}", token);
-            if (!jwtProvider.validateToken(response, token))
-                return;
             try {
+                if (request.getRequestURI().contains("/refresh")) {
+                    log.info("재발급 진행");
+                    if (!jwtProvider.validateToken(response, token, REFRESH))
+                        return;
+                } else {
+                    log.info("일반 접근");
+                    if (!jwtProvider.validateToken(response, token, ACCESS))
+                        return;
+                }
                 Authentication authentication = jwtProvider.getAuthentication(response, token);
                 SecurityContextHolder.getContext().setAuthentication(authentication);
                 log.info("context 인증 정보 저장 : {}", authentication.getName());

diff --git a/...obal/config/security/jwt/JwtProvider.java → ...al/config/security/jwt/util/JwtUtils.java b/...obal/config/security/jwt/JwtProvider.java → ...al/config/security/jwt/util/JwtUtils.java
@@ -1,11 +1,12 @@
-package com.postgraduate.global.config.security.jwt;
+package com.postgraduate.global.config.security.jwt.util;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.postgraduate.domain.user.exception.UserNotFoundException;
 import com.postgraduate.domain.user.domain.entity.User;
 import com.postgraduate.domain.user.domain.entity.constant.Role;
 import com.postgraduate.global.auth.AuthDetails;
 import com.postgraduate.global.auth.AuthDetailsService;
+import com.postgraduate.global.config.security.jwt.constant.Type;
 import com.postgraduate.global.config.security.jwt.exception.InvalidRefreshTokenException;
 import com.postgraduate.global.config.security.jwt.exception.InvalidTokenException;
 import com.postgraduate.global.config.redis.RedisRepository;
@@ -35,10 +36,13 @@
 import java.util.Date;
 import java.util.List;
 
+import static com.postgraduate.global.config.security.jwt.constant.Type.ACCESS;
+import static com.postgraduate.global.config.security.jwt.constant.Type.REFRESH;
+
 @Component
 @RequiredArgsConstructor
 @Slf4j
-public class JwtProvider {
+public class JwtUtils {
     private final AuthDetailsService authDetailsService;
     private final RedisRepository redisRepository;
     private final LogService logService;
@@ -49,14 +53,18 @@ public class JwtProvider {
     private int refreshExpiration;
     @Value("${jwt.accessExpiration}")
     private int accessExpiration;
-    private final String ROLE = "role";
-    private final String REFRESH = "refresh";
-    private final String AUTHORIZATION = "Authorization";
+    private static final String ROLE = "role";
+    private static final String TYPE = "type";
+    private static final String AUTHORIZATION = "Authorization";
+    private static final int STATUS = 500;
+    private static final String CONTENT_TYPE = "application/json";
+    private static final String CHARACTER_ENCODING = "UTF-8";
 
     public String generateAccessToken(Long id, Role role) {
         Instant accessDate = LocalDateTime.now().plusSeconds(accessExpiration).atZone(ZoneId.systemDefault()).toInstant();
         return Jwts.builder()
                 .claim(ROLE, role)
+                .claim(TYPE, ACCESS)
                 .setSubject(String.valueOf(id))
                 .setExpiration(Date.from(accessDate))
                 .signWith(SignatureAlgorithm.HS256, secret)
@@ -67,14 +75,27 @@ public String generateRefreshToken(Long id, Role role) {
         Instant refreshDate = LocalDateTime.now().plusSeconds(refreshExpiration).atZone(ZoneId.systemDefault()).toInstant();
         String refreshToken = Jwts.builder()
                 .claim(ROLE, role)
+                .claim(TYPE, REFRESH)
                 .setSubject(String.valueOf(id))
                 .setExpiration(Date.from(refreshDate))
                 .signWith(SignatureAlgorithm.HS256, secret)
                 .compact();
-        redisRepository.setValues(REFRESH + id, refreshToken, Duration.ofSeconds(refreshExpiration));
+        redisRepository.setValues(REFRESH.toString() + id, refreshToken, Duration.ofSeconds(refreshExpiration));
         return refreshToken;
     }
 
+    public void checkRedis(Long id, HttpServletRequest request) {
+        String refreshToken = request.getHeader(AUTHORIZATION).split(" ")[1];
+        String redisToken = redisRepository.getValues(REFRESH.toString() + id)
+                .orElseThrow(NoneRefreshTokenException::new);
+        if (!redisToken.equals(refreshToken))
+            throw new InvalidRefreshTokenException();
+    }
+
+    public void makeExpired(Long id) {
+        redisRepository.deleteValues(REFRESH.toString() + id);
+    }
+
     public Authentication getAuthentication(HttpServletResponse response, String token) throws UserNotFoundException {
         Claims claims = parseClaims(token);
         List<GrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority(claims.get(ROLE).toString()));
@@ -92,11 +113,13 @@ private AuthDetails getDetails(HttpServletResponse response, Claims claims) {
         }
     }
 
-    public boolean validateToken(HttpServletResponse response, String token) {
+    public boolean validateToken(HttpServletResponse response, String token, Type type) {
         try {
-            parseClaims(token);
+            Claims claims = parseClaims(token);
+            if (!claims.get(TYPE).equals(type.name()))
+                throw new InvalidTokenException();
             return true;
-        } catch (SignatureException | UnsupportedJwtException | IllegalArgumentException | MalformedJwtException e) {
+        } catch (ApplicationException | SignatureException | UnsupportedJwtException | IllegalArgumentException | MalformedJwtException e) {
             jwtExceptionHandler(response, new InvalidTokenException());
             return false;
         } catch (ExpiredJwtException e) {
@@ -105,23 +128,15 @@ public boolean validateToken(HttpServletResponse response, String token) {
         }
     }
 
-    public void checkRedis(Long id, HttpServletRequest request) {
-        String refreshToken = request.getHeader(AUTHORIZATION).split(" ")[1];
-        String redisToken = redisRepository.getValues(REFRESH + id)
-                .orElseThrow(NoneRefreshTokenException::new);
-        if (!redisToken.equals(refreshToken))
-            throw new InvalidRefreshTokenException();
-    }
-
-    public Claims parseClaims(String token) {
+    private Claims parseClaims(String token) {
         JwtParser parser = Jwts.parser().setSigningKey(secret);
         return parser.parseClaimsJws(token).getBody();
     }
 
     private void jwtExceptionHandler(HttpServletResponse response, ApplicationException ex) {
-        response.setStatus(500);
-        response.setContentType("application/json");
-        response.setCharacterEncoding("UTF-8");
+        response.setStatus(STATUS);
+        response.setContentType(CONTENT_TYPE);
+        response.setCharacterEncoding(CHARACTER_ENCODING);
         try {
             logService.save(new LogRequest(ex.getMessage()));
             String json = new ObjectMapper().writeValueAsString(ResponseDto.create(ex.getErrorCode(), ex.getMessage()));