카카오 IdToken 검증 #250
Merged
카카오 IdToken 검증 #250
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5tarry
reviewed
Dec 11, 2023
server/src/auth/auth.service.ts
Outdated
Comment on lines
51
to
54
| const newUser = new this.UserModel({ | ||
| ...signupRequestDto, | ||
| profileImageExtension: profileImageExtension ?? null, | ||
| }); |
There was a problem hiding this comment.
signupRequestDto에 profileImageExtension가 포함되어 있는데 이렇게 변경하신 이유가 있나요?!
/**
* 프로필 이미지 확장자
* @example 'webp'
*/
profileImageExtension?: string | null = null;There was a problem hiding this comment.
?!? 이런코드를 짠 기억이 없는데..
server/src/auth/auth.service.ts
Outdated
Comment on lines
116
to
118
| const jwks = await axios | ||
| .get(process.env.KAKAO_KEY_URL) | ||
| .then((response) => response.data.keys); |
There was a problem hiding this comment.
큰 상관은 없지만 이렇게 하는 것도 괜찮을 것 같아요!
const {keys} = (
await axios
.get(process.env.KAKAO_KEY_URL)
).data;There was a problem hiding this comment.
구조분해할당을 바로 활용하는 방법이 있었군요
jwks라는 변수명이 더 맞는것 같아서 나중에 변수명을 그대로 쓰는 경우가 있다면 꼭 사용해볼게요!!
JWK = Json Web Key, 암호화 키를 표현하기 위한 다양한 정보를 담은 JSON 객체에 관한 표준
There was a problem hiding this comment.
네네 그리고 await랑 then 같이 사용하는 부분도 확인해주시면 좋을 것 같아요~
Comment on lines
+122
to
+130
| const keyObject = createPublicKey({ | ||
| key, | ||
| format: 'jwk', | ||
| }); | ||
| const secret = keyObject.export({ type: 'pkcs1', format: 'pem' }); | ||
| await this.jwtService.verifyAsync(idToken, { | ||
| algorithms: [key.alg], | ||
| secret, | ||
| }); |
There was a problem hiding this comment.
pkcs는 Public-Key Cryptography Standard로 공개키 암호화의 프로토콜이에요.
pkcs는 15가지가 있고 각 번호별로 사용되는 알고리즘이 있어요. 몇가지 예로 들면, pkcs1이 젤 유명한 RSA고 pkcs13은 ECC (타원곡선 난해를 이용한 비대칭키 알고리즘)입니다
5tarry
previously approved these changes
Dec 11, 2023
5tarry
approved these changes
Dec 11, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
relatedTo #40
작업 내용
전달 사항