From 4b20902bda7e45ae9facbb8fe469fc94b3d2e353 Mon Sep 17 00:00:00 2001 From: Kwak Seong Joon Date: Tue, 9 Dec 2025 02:06:22 +0900 Subject: [PATCH 1/3] =?UTF-8?q?fix:=20=EC=9E=AC=EB=B0=9C=EA=B8=89,=20?= =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EC=BF=A0=ED=82=A4,=20=ED=86=A0?= =?UTF-8?q?=ED=81=B0=20=EC=88=98=EC=A0=95=20-=20#188?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/api/controller/AuthController.java | 6 ++++-- .../domain/auth/api/service/AuthService.java | 7 ++----- .../auth/core/jwt/CookieCreatorUtil.java | 20 +++++++++++++------ .../filter/JwtAuthenticationFilter.java | 5 ++++- .../RedisTicketTypeCountInitializer.java | 2 -- 5 files changed, 24 insertions(+), 16 deletions(-) diff --git a/src/main/java/com/permitseoul/permitserver/domain/auth/api/controller/AuthController.java b/src/main/java/com/permitseoul/permitserver/domain/auth/api/controller/AuthController.java index 9e0e50d4..493a734d 100644 --- a/src/main/java/com/permitseoul/permitserver/domain/auth/api/controller/AuthController.java +++ b/src/main/java/com/permitseoul/permitserver/domain/auth/api/controller/AuthController.java @@ -5,6 +5,7 @@ import com.permitseoul.permitserver.domain.auth.api.dto.SignUpRequest; import com.permitseoul.permitserver.domain.auth.core.jwt.CookieCreatorUtil; import com.permitseoul.permitserver.domain.auth.api.service.AuthService; +import com.permitseoul.permitserver.domain.auth.core.jwt.JwtProperties; import com.permitseoul.permitserver.global.Constants; import com.permitseoul.permitserver.global.aop.resolver.user.UserIdHeader; import com.permitseoul.permitserver.global.response.ApiResponseUtil; @@ -23,6 +24,7 @@ @RequiredArgsConstructor public class AuthController { private final AuthService authService; + private final JwtProperties jwtProperties; //회원가입 @PostMapping("/signup") @@ -79,8 +81,8 @@ public ResponseEntity> logout( private ResponseEntity> responseWithGeneratedCookie(final HttpServletResponse response, final TokenDto tokenDto) { - final ResponseCookie accessTokenCookie = CookieCreatorUtil.createAccessTokenCookie(tokenDto.accessToken()); - final ResponseCookie refreshTokenCookie = CookieCreatorUtil.createRefreshTokenCookie(tokenDto.refreshToken()); + final ResponseCookie accessTokenCookie = CookieCreatorUtil.createAccessTokenCookie(tokenDto.accessToken(), jwtProperties.accessTokenExpirationTime()); + final ResponseCookie refreshTokenCookie = CookieCreatorUtil.createRefreshTokenCookie(tokenDto.refreshToken(), jwtProperties.refreshTokenExpirationTime()); response.setHeader(Constants.SET_COOKIE, accessTokenCookie.toString()); response.addHeader(Constants.SET_COOKIE, refreshTokenCookie.toString()); diff --git a/src/main/java/com/permitseoul/permitserver/domain/auth/api/service/AuthService.java b/src/main/java/com/permitseoul/permitserver/domain/auth/api/service/AuthService.java index a9599323..7caac4cc 100644 --- a/src/main/java/com/permitseoul/permitserver/domain/auth/api/service/AuthService.java +++ b/src/main/java/com/permitseoul/permitserver/domain/auth/api/service/AuthService.java @@ -7,14 +7,11 @@ import com.permitseoul.permitserver.domain.auth.core.domain.Token; import com.permitseoul.permitserver.domain.auth.api.dto.TokenDto; import com.permitseoul.permitserver.domain.auth.core.dto.UserSocialInfoDto; -import com.permitseoul.permitserver.domain.auth.core.exception.AuthRTNotFoundException; +import com.permitseoul.permitserver.domain.auth.core.exception.*; import com.permitseoul.permitserver.domain.auth.core.jwt.JwtProperties; import com.permitseoul.permitserver.domain.auth.core.jwt.RefreshTokenManager; import com.permitseoul.permitserver.domain.user.core.domain.User; import com.permitseoul.permitserver.domain.user.core.exception.UserDuplicateException; -import com.permitseoul.permitserver.domain.auth.core.exception.AuthPlatformFeignException; -import com.permitseoul.permitserver.domain.auth.core.exception.AuthRTException; -import com.permitseoul.permitserver.domain.auth.core.exception.AuthWrongJwtException; import com.permitseoul.permitserver.domain.auth.core.jwt.JwtProvider; import com.permitseoul.permitserver.domain.auth.core.strategy.LoginStrategyManager; import com.permitseoul.permitserver.domain.auth.api.exception.AuthSocialNotFoundApiException; @@ -111,7 +108,7 @@ public TokenDto reissue(final String refreshToken) { return TokenDto.of(newToken.getAccessToken(), newToken.getRefreshToken()); } catch (AuthWrongJwtException | AuthRTNotFoundException e) { throw new AuthUnAuthorizedException(ErrorCode.UNAUTHORIZED_WRONG_RT); - } catch (ExpiredJwtException e) { + } catch (AuthExpiredJwtException e) { throw new AuthUnAuthorizedException(ErrorCode.UNAUTHORIZED_RT_EXPIRED); } catch (AuthRTException e) { throw new AuthUnAuthorizedException(ErrorCode.INTERNAL_RT_REDIS_ERROR); diff --git a/src/main/java/com/permitseoul/permitserver/domain/auth/core/jwt/CookieCreatorUtil.java b/src/main/java/com/permitseoul/permitserver/domain/auth/core/jwt/CookieCreatorUtil.java index 5a09dca0..09e6bd21 100644 --- a/src/main/java/com/permitseoul/permitserver/domain/auth/core/jwt/CookieCreatorUtil.java +++ b/src/main/java/com/permitseoul/permitserver/domain/auth/core/jwt/CookieCreatorUtil.java @@ -7,8 +7,9 @@ @NoArgsConstructor(access = AccessLevel.PRIVATE) public class CookieCreatorUtil { - private static final long AT_MAX_AGE = 365L * 24 * 60 * 60 * 1000; // todo: 추후 변경 - private static final long RT_MAX_AGE = 369L * 24 * 60 * 60 * 1000; // todo: 추후 변경 + private static JwtProperties jwtProperties; + private static final long ACCESS_COOKIE_EXTRA_SECONDS = 5L * 60; // 5분 + private static final long REFRESH_COOKIE_EXTRA_SECONDS = 15L * 60; // 15분 private static final long RESERVED_MAX_AGE = 10L * 60; // 10분(10분간 선점 가능) public static ResponseCookie createReservationSessionCookie(final String sessionKey) { @@ -21,9 +22,10 @@ public static ResponseCookie createReservationSessionCookie(final String session .build(); } - public static ResponseCookie createAccessTokenCookie(final String accessToken) { + public static ResponseCookie createAccessTokenCookie(final String accessToken, final long accessTokenExpirationMillis) { + final long maxAgeSeconds = toCookieMaxAgeSeconds(accessTokenExpirationMillis, ACCESS_COOKIE_EXTRA_SECONDS); return ResponseCookie.from(Constants.ACCESS_TOKEN, accessToken) - .maxAge(AT_MAX_AGE) + .maxAge(maxAgeSeconds) .path("/") .httpOnly(true) .secure(true) @@ -31,9 +33,10 @@ public static ResponseCookie createAccessTokenCookie(final String accessToken) { .build(); } - public static ResponseCookie createRefreshTokenCookie(final String refreshToken) { + public static ResponseCookie createRefreshTokenCookie(final String refreshToken, final long refreshTokenExpirationMillis) { + final long maxAgeSeconds = toCookieMaxAgeSeconds(refreshTokenExpirationMillis, REFRESH_COOKIE_EXTRA_SECONDS); return ResponseCookie.from(Constants.REFRESH_TOKEN, refreshToken) - .maxAge(RT_MAX_AGE) + .maxAge(maxAgeSeconds) .path("/") .httpOnly(true) .secure(true) @@ -60,4 +63,9 @@ public static ResponseCookie deleteRefreshTokenCookie() { .sameSite("None") .build(); } + + private static long toCookieMaxAgeSeconds(long jwtExpirationMillis, long extraSeconds) { + long baseSeconds = jwtExpirationMillis / 1000; + return baseSeconds + extraSeconds; + } } diff --git a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java index e4cf2d66..63e00c35 100644 --- a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java +++ b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java @@ -24,6 +24,7 @@ import java.io.IOException; import java.util.List; +import java.util.Objects; @RequiredArgsConstructor @@ -31,6 +32,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtProvider jwtProvider; private final List whiteURIList; private final AntPathMatcher pathMatcher = new AntPathMatcher(); + private static final String REISSUE_URI = "/api/users/reissue"; + @Override protected void doFilterInternal(@NonNull final HttpServletRequest request, @@ -38,7 +41,7 @@ protected void doFilterInternal(@NonNull final HttpServletRequest request, @NonNull final FilterChain filterChain) throws ServletException, IOException { final String uri = request.getRequestURI(); try { - if(isHealthCheckUri(uri)) { + if(isHealthCheckUri(uri) || pathMatcher.match(REISSUE_URI, uri)) { filterChain.doFilter(request, response); return; } diff --git a/src/main/java/com/permitseoul/permitserver/global/redis/RedisTicketTypeCountInitializer.java b/src/main/java/com/permitseoul/permitserver/global/redis/RedisTicketTypeCountInitializer.java index 011a2389..f2ef6adf 100644 --- a/src/main/java/com/permitseoul/permitserver/global/redis/RedisTicketTypeCountInitializer.java +++ b/src/main/java/com/permitseoul/permitserver/global/redis/RedisTicketTypeCountInitializer.java @@ -28,8 +28,6 @@ public void run(ApplicationArguments args) { final List createdKeys = new ArrayList<>(ticketTypes.size()); try { - log.error("TESTTTTTTTTTTTTTTTTTTTT"); //todo: test용, 추후 삭제 - ticketTypes.forEach(ticketType -> { final String key = Constants.REDIS_TICKET_TYPE_KEY_NAME + ticketType.getTicketTypeId() + Constants.REDIS_TICKET_TYPE_REMAIN; final boolean isCreated = redisManager.setIfAbsent(key, String.valueOf(ticketType.getRemainTicketCount())); From 1e09648fffc01d35c85ee458599bdcad0c93cd5f Mon Sep 17 00:00:00 2001 From: Kwak Seong Joon Date: Tue, 9 Dec 2025 02:39:57 +0900 Subject: [PATCH 2/3] =?UTF-8?q?fix:=20login=20url=20filter=20=EC=A0=9C?= =?UTF-8?q?=EC=99=B8=20-=20#190?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../global/filter/JwtAuthenticationFilter.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java index 63e00c35..0cf95f04 100644 --- a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java +++ b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java @@ -33,7 +33,7 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private final List whiteURIList; private final AntPathMatcher pathMatcher = new AntPathMatcher(); private static final String REISSUE_URI = "/api/users/reissue"; - + private static final String LOGIN_URI = "/api/users/login"; @Override protected void doFilterInternal(@NonNull final HttpServletRequest request, @@ -41,7 +41,7 @@ protected void doFilterInternal(@NonNull final HttpServletRequest request, @NonNull final FilterChain filterChain) throws ServletException, IOException { final String uri = request.getRequestURI(); try { - if(isHealthCheckUri(uri) || pathMatcher.match(REISSUE_URI, uri)) { + if(isHealthCheckUri(uri) || isLoginOrReissueOrSignupUri(uri)) { filterChain.doFilter(request, response); return; } @@ -81,5 +81,10 @@ private boolean isWhiteListUrl(final String requestURI) { private boolean isHealthCheckUri(final String uri) { return pathMatcher.match(Constants.HEALTH_CHECK_URL, uri); } + + private boolean isLoginOrReissueOrSignupUri(final String uri) { + return pathMatcher.match(LOGIN_URI, uri) + || pathMatcher.match(REISSUE_URI, uri); + } } From 77edbf3b761f1e72936744aa3c60b72952c8dd23 Mon Sep 17 00:00:00 2001 From: Kwak Seong Joon Date: Tue, 9 Dec 2025 02:40:28 +0900 Subject: [PATCH 3/3] =?UTF-8?q?chore:=20naming=20=EB=B3=80=EA=B2=BD=20-=20?= =?UTF-8?q?#190?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../permitserver/global/filter/JwtAuthenticationFilter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java index 0cf95f04..ed54dc21 100644 --- a/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java +++ b/src/main/java/com/permitseoul/permitserver/global/filter/JwtAuthenticationFilter.java @@ -41,7 +41,7 @@ protected void doFilterInternal(@NonNull final HttpServletRequest request, @NonNull final FilterChain filterChain) throws ServletException, IOException { final String uri = request.getRequestURI(); try { - if(isHealthCheckUri(uri) || isLoginOrReissueOrSignupUri(uri)) { + if(isHealthCheckUri(uri) || isLoginOrReissue(uri)) { filterChain.doFilter(request, response); return; } @@ -82,7 +82,7 @@ private boolean isHealthCheckUri(final String uri) { return pathMatcher.match(Constants.HEALTH_CHECK_URL, uri); } - private boolean isLoginOrReissueOrSignupUri(final String uri) { + private boolean isLoginOrReissue(final String uri) { return pathMatcher.match(LOGIN_URI, uri) || pathMatcher.match(REISSUE_URI, uri); }