[36] 파트너 회원 생성

src/main/java/org/example/commerce_site/application/auth/KeycloakAuthService.java

@@ -1,7 +1,24 @@
 package org.example.commerce_site.application.auth;
 
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
 import org.example.commerce_site.application.auth.dto.OAuthAccessTokenResponse;
+import org.example.commerce_site.application.partner.dto.PartnerRequestDto;
+import org.example.commerce_site.attribute.UserRoles;
+import org.example.commerce_site.common.exception.CustomException;
+import org.example.commerce_site.common.exception.ErrorCode;
 import org.example.commerce_site.config.KeycloakProperties;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.resource.ClientsResource;
+import org.keycloak.admin.client.resource.UserResource;
+import org.keycloak.admin.client.resource.UsersResource;
+import org.keycloak.representations.idm.ClientRepresentation;
+import org.keycloak.representations.idm.CredentialRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.representations.idm.UserRepresentation;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
@@ -10,13 +27,17 @@
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestTemplate;
 
+import jakarta.ws.rs.core.Response;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 
+@Slf4j
 @Service
 @RequiredArgsConstructor
 public class KeycloakAuthService {
-	private final RestTemplate restTemplate = new RestTemplate();
+	private final Keycloak keycloak;
 	private final KeycloakProperties keycloakProperties;
+	private final RestTemplate restTemplate;
 
 	public OAuthAccessTokenResponse.Keycloak getAccessToken(String code) {
 		MultiValueMap<String, String> info = new LinkedMultiValueMap<>();
@@ -34,4 +55,68 @@ public OAuthAccessTokenResponse.Keycloak getAccessToken(String code) {
 		return restTemplate.postForEntity(keycloakProperties.getUri().getToken(), httpEntity,
 			OAuthAccessTokenResponse.Keycloak.class).getBody();
 	}
+
+	public void createPartner(PartnerRequestDto.Create requestDto) {
+		UserRepresentation user = createUserRepresentation(requestDto);
+		UsersResource usersResource = keycloak.realm(keycloakProperties.getRealm()).users();
+		String userId = null;
+		try (Response response = usersResource.create(user)) {
+			if (response.getStatus() == 201) {
+				userId = response.getLocation().getPath().replaceAll(".*/([^/]+)$", "$1");
+
+				resetUserPassword(userId, requestDto.getPassword());
+				assignClientRoleToUser(userId, keycloakProperties.getCredentials().getClient(),
+					UserRoles.ROLE_PARTNER.name());
+			} else {
+				throw new CustomException(ErrorCode.CREATE_KEYCLOAK_USER_ERROR);
+			}
+		} catch (Exception e) {
+			log.error(e.getMessage(), e);
+			throw new CustomException(ErrorCode.CREATE_KEYCLOAK_USER_ERROR);
+		}
+	}
+
+	private UserRepresentation createUserRepresentation(PartnerRequestDto.Create partner) {
+		UserRepresentation user = new UserRepresentation();
+		user.setUsername(partner.getEmail());
+		user.setFirstName(partner.getFirstName());
+		user.setLastName(partner.getLastName());
+		user.setEmail(partner.getEmail());
+		user.setEnabled(true);
+
+		Map<String, List<String>> resourceAccess = new HashMap<>();
+		resourceAccess.put("bizId", Collections.singletonList(partner.getBusinessNumber()));
+		resourceAccess.put("shopName", Collections.singletonList(partner.getShopName()));
+		user.setAttributes(resourceAccess);
+
+		return user;
+	}
+
+	private void resetUserPassword(String userId, String password) {
+		CredentialRepresentation credential = new CredentialRepresentation();
+		credential.setTemporary(false);
+		credential.setType(CredentialRepresentation.PASSWORD);
+		credential.setValue(password);
+
+		UsersResource usersResource = keycloak.realm(keycloakProperties.getRealm()).users();
+		usersResource.get(userId).resetPassword(credential);
+	}
+
+	private void assignClientRoleToUser(String userId, String clientId, String roleName) {
+		ClientsResource clientsResource = keycloak.realm(keycloakProperties.getRealm()).clients();
+		ClientRepresentation oauth2Client = clientsResource.findByClientId(clientId).getFirst();
+
+		if (oauth2Client == null) {
+			throw new CustomException(ErrorCode.CREATE_KEYCLOAK_USER_ERROR);
+		}
+
+		RoleRepresentation userClientRole = keycloak.realm(keycloakProperties.getRealm())
+			.clients().get(oauth2Client.getId())
+			.roles().get(roleName).toRepresentation();
+
+		UserResource userResource = keycloak.realm(keycloakProperties.getRealm()).users().get(userId);
+		userResource.roles()
+			.clientLevel(oauth2Client.getId())
+			.add(List.of(userClientRole));
+	}
 }

src/main/java/org/example/commerce_site/application/partner/PartnerService.java

@@ -1,14 +1,15 @@
 package org.example.commerce_site.application.partner;
 
 import org.example.commerce_site.application.partner.dto.PartnerRequestDto;
-import org.example.commerce_site.application.partner.dto.PartnerResponseDto;
+import org.example.commerce_site.application.user.dto.UserRequestDto;
+import org.example.commerce_site.attribute.PartnerStatus;
 import org.example.commerce_site.common.exception.CustomException;
 import org.example.commerce_site.common.exception.ErrorCode;
 import org.example.commerce_site.domain.Partner;
 import org.example.commerce_site.infrastructure.partner.PartnerRepository;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
-import jakarta.transaction.Transactional;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 
@@ -19,14 +20,30 @@ public class PartnerService {
 	private final PartnerRepository partnerRepository;
 
 	@Transactional
-	public PartnerResponseDto.Create create(PartnerRequestDto.Create dto) {
-		// TODO : email 중복 체크
-		return PartnerResponseDto.Create.of(partnerRepository.save(PartnerRequestDto.Create.toEntity(dto)));
+	public Partner create(PartnerRequestDto.CreateWebHook dto) {
+		return partnerRepository.save(PartnerRequestDto.CreateWebHook.toEntity(dto));
 	}
 
+	@Transactional(readOnly = true)
 	public Partner getPartner(Long partnerId) {
 		return partnerRepository.findById(partnerId).orElseThrow(
 			() -> new CustomException(ErrorCode.PARTNER_NOT_FOUND)
 		);
 	}
+
+	@Transactional
+	public void updatePartnerStatusActive(UserRequestDto.Create dto) {
+		Partner partner = partnerRepository.findByEmail(dto.getEmail()).orElseThrow(
+			() -> new CustomException(ErrorCode.PARTNER_NOT_FOUND)
+		);
+		partner.updateStatus(PartnerStatus.ACTIVE);
+		partnerRepository.save(partner);
+	}
+
+	@Transactional
+	public void updateAuthId(Partner partner, String authId) {
+		partner.updateAuthId(authId);
+		partner.updateStatus(PartnerStatus.ACTIVE);
+		partnerRepository.save(partner);
+	}
 }

src/main/java/org/example/commerce_site/application/partner/dto/PartnerRequestDto.java

@@ -12,18 +12,30 @@ public class PartnerRequestDto {
 	@Builder
 	@ToString
 	public static class Create {
-		private String name;
+		private String firstName;
+		private String lastName;
 		private String email;
+		private String shopName;
 		private String password;
 		private String businessNumber;
+	}
+
+	@Getter
+	@Builder
+	@ToString
+	public static class CreateWebHook {
+		private String id;
+		private String name;
+		private String email;
+		private String bizId;
 
-		public static Partner toEntity(PartnerRequestDto.Create dto) {
+		public static Partner toEntity(PartnerRequestDto.CreateWebHook dto) {
 			return Partner.builder()
 				.name(dto.getName())
+				.authId(dto.getId())
 				.email(dto.getEmail())
-				.password(dto.getPassword())
+				.businessNumber(dto.getBizId())
 				.status(PartnerStatus.ACTIVE)
-				.businessNumber(dto.getBusinessNumber())
 				.build();
 		}
 	}

src/main/java/org/example/commerce_site/application/partner/dto/PartnerResponseDto.java

@@ -13,13 +13,11 @@ public class PartnerResponseDto {
 	public static class Create {
 		private String name;
 		private String email;
-		private String businessNumber;
 
 		public static PartnerResponseDto.Create of(Partner partner) {
 			return Create.builder()
 				.name(partner.getName())
 				.email(partner.getEmail())
-				.businessNumber(partner.getBusinessNumber())
 				.build();
 		}
 	}

src/main/java/org/example/commerce_site/attribute/UserRoles.java

@@ -0,0 +1,6 @@
+package org.example.commerce_site.attribute;
+
+public enum UserRoles {
+	ROLE_USER,
+	ROLE_PARTNER
+}

src/main/java/org/example/commerce_site/config/AppConfig.java

@@ -0,0 +1,13 @@
+package org.example.commerce_site.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.client.RestTemplate;
+
+@Configuration
+public class AppConfig {
+	@Bean
+	public RestTemplate restTemplate() {
+		return new RestTemplate();
+	}
+}

src/main/java/org/example/commerce_site/config/OpenApiConfig.java

@@ -53,7 +53,7 @@ public GroupedOpenApi userOpenApi() {
 
 	@Bean
 	public GroupedOpenApi partnerOpenApi() {
-		String[] paths = {"/partner/**"};
+		String[] paths = {"/partners/**"};
 		return GroupedOpenApi.builder().group("PARTNER API").pathsToMatch(paths).build();
 	}
 
@@ -65,7 +65,7 @@ public GroupedOpenApi productOpenApi() {
 
 	@Bean
 	public GroupedOpenApi categoryOpenApi() {
-		String[] paths = {"/category/**"};
+		String[] paths = {"/categories/**"};
 		return GroupedOpenApi.builder().group("CATEGORY API").pathsToMatch(paths).build();
 	}
 

src/main/java/org/example/commerce_site/config/SecurityConfig.java

@@ -47,7 +47,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
 			.oauth2ResourceServer(
 				oauth2 -> oauth2.jwt(jwt -> jwt.jwtAuthenticationConverter(jwtAuthenticationConverter)))
 			.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin));
-		
+
 		return http.build();
 	}
 }

src/main/java/org/example/commerce_site/domain/Partner.java

@@ -20,9 +20,17 @@
 @Table(name = "partners")
 public class Partner extends BaseTimeEntity {
 	private String name;
+	private String authId;
 	private String businessNumber;
-	private String password;
 	private String email;
 	@Enumerated(EnumType.STRING)
 	private PartnerStatus status;
+
+	public void updateStatus(PartnerStatus partnerStatus) {
+		this.status = partnerStatus;
+	}
+
+	public void updateAuthId(String authId) {
+		this.authId = authId;
+	}
 }

src/main/java/org/example/commerce_site/infrastructure/partner/PartnerRepository.java

@@ -1,9 +1,12 @@
 package org.example.commerce_site.infrastructure.partner;
 
+import java.util.Optional;
+
 import org.example.commerce_site.domain.Partner;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
 @Repository
 public interface PartnerRepository extends JpaRepository<Partner, Long> {
+	Optional<Partner> findByEmail(String email);
 }

src/main/java/org/example/commerce_site/representation/partner/PartnerController.java

@@ -1,13 +1,17 @@
 package org.example.commerce_site.representation.partner;
 
+import org.example.commerce_site.application.auth.KeycloakAuthService;
 import org.example.commerce_site.application.partner.PartnerService;
 import org.example.commerce_site.common.response.ApiSuccessResponse;
-import org.example.commerce_site.representation.partner.request.PartnerRequest;
-import org.example.commerce_site.representation.partner.response.PartnerResponse;
+import org.example.commerce_site.config.KeycloakProperties;
+import org.example.commerce_site.representation.partner.dto.PartnerRequest;
+import org.springframework.http.HttpStatus;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.server.ResponseStatusException;
 
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
@@ -19,11 +23,23 @@
 @RequestMapping("/partners")
 public class PartnerController {
 	private final PartnerService partnerService;
+	private final KeycloakAuthService keycloakAuthService;
+	private final KeycloakProperties keycloakProperties;
 
 	@PostMapping()
-	public ApiSuccessResponse<PartnerResponse.Create> createPartner(
+	public ApiSuccessResponse createPartner(
 		@Valid @RequestBody PartnerRequest.Create request) {
-		return ApiSuccessResponse.success(
-			PartnerResponse.Create.of(partnerService.create(PartnerRequest.Create.toDTO(request))));
+		keycloakAuthService.createPartner(PartnerRequest.Create.toDTO(request));
+		return ApiSuccessResponse.success();
+	}
+
+	@PostMapping("/keycloak/webhook")
+	public void createPartnerWebhook(
+		@RequestHeader("X-API-KEY") String apiKey,
+		@RequestBody PartnerRequest.CreateWebHook request) {
+		if (!keycloakProperties.getApiKey().equals(apiKey)) {
+			throw new ResponseStatusException(HttpStatus.FORBIDDEN, "Invalid API Key");
+		}
+		partnerService.create(PartnerRequest.CreateWebHook.toDTO(request));
 	}
 }