[refactor] #115 JWT 기반 인증 필터 구현 및 RequestAttribute 기반 인증 적용

[2hyunjinn]

📌 PR 제목

[refactor] #115 JWT 기반 인증 필터 구현 및 RequestAttribute 기반 인증 적용

📌 PR 내용

• JWT 기반 인증 필터(JwtAuthFilter) 구현
• JwtParser 분리 및 토큰 파싱/검증 책임 명확화
• SecurityConfig에서 커스텀 JWT 필터 등록
• 컨트롤러에서 @RequestAttribute("userId")로 인증된 사용자 정보 사용
• 기존 request header 파싱 및 인증 로직을 필터로 통합

🛠 작업 내용

• JwtParser 컴포넌트 구현
• JwtAuthFilter(OncePerRequestFilter) 작성
• SecurityConfig 리팩토링 및 필터 체인 등록
• 컨트롤러에서 @RequestAttribute 방식으로 userId 주입

🔍 관련 이슈

Closes #115

📸 스크린샷 (Optional)

📚 레퍼런스 (Optional)

Spring Security에서 JWT 인증/인가 – RequestAttribute 실전 적용기
데굴데굴 개발자의 기록: SpringBoot 3 JWT 인증/인가 구조
길은 가면, 뒤에 있다: JWT란?

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Introduced JWT-based authentication, enabling secure user identification via request attributes.
  • Added new components for JWT token creation and parsing to enhance authentication processes.

• Refactor

  • Simplified controller methods to directly receive user IDs, removing the need to manually parse tokens in each endpoint.
  • Delegated JWT responsibilities to specialized components for improved maintainability and clarity.

• Chores

  • Updated Docker and project configuration for improved environment setup and data persistence.
  • Enhanced logging for authentication actions.

[coderabbitai]

"""

Walkthrough

This update introduces a refactor of JWT authentication handling across the application. Controllers now receive the authenticated user ID via a request attribute instead of parsing it from the Authorization header. Core JWT logic is modularized into new components: JwtTokenProvider for token generation and JwtParser for parsing and validation. A new JwtAuthFilter is added to the security filter chain.

Changes

File(s)	Change Summary
.gitignore	Added rule to ignore /mysql-data/ directory under VS Code section.
docker-compose.yaml	Explicitly set version, fixed MySQL image version, added container name, volume mount, and restart policy.
src/main/java/org/festimate/team/api/admin/AdminController.java	Replaced manual JWT parsing with @RequestAttribute("userId") in all endpoints; removed JwtService dependency.
src/main/java/org/festimate/team/api/auth/AuthController.java	Updated log message in login method for clarity.
src/main/java/org/festimate/team/api/facade/LoginFacade.java src/main/java/org/festimate/team/api/facade/SignUpFacade.java	Switched JWT operations from JwtService to JwtTokenProvider in both facades.
src/main/java/org/festimate/team/api/festival/FestivalController.java	Replaced JWT parsing with @RequestAttribute("userId") in endpoints; removed JwtService usage.
src/main/java/org/festimate/team/api/matching/MatchingController.java	Replaced JWT parsing with @RequestAttribute("userId") in endpoints; removed JwtService usage.
src/main/java/org/festimate/team/api/participant/ParticipantController.java	Replaced JWT parsing with @RequestAttribute("userId") in endpoints; removed JwtService usage.
src/main/java/org/festimate/team/api/point/PointController.java	Replaced JWT parsing with @RequestAttribute("userId") in endpoint; removed JwtService usage.
src/main/java/org/festimate/team/api/user/UserController.java	Replaced JWT parsing with @RequestAttribute("userId") in endpoints; removed JwtService usage.
src/main/java/org/festimate/team/infra/config/SecurityConfig.java	Added JwtAuthFilter to security filter chain; injected JwtParser.
src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java	New filter class for extracting and validating JWT, setting userId as request attribute.
src/main/java/org/festimate/team/infra/jwt/JwtParser.java	New component for parsing and validating JWT tokens and extracting claims.
src/main/java/org/festimate/team/infra/jwt/JwtService.java	Refactored to delegate all JWT logic to JwtTokenProvider and JwtParser; removed internal JWT handling.
src/main/java/org/festimate/team/infra/jwt/JwtTokenProvider.java	New component for generating JWT access and refresh tokens using configured properties.
src/test/java/org/festimate/team/api/facade/LoginFacadeTest.java	Replaced JwtService mock with JwtTokenProvider mock for token creation methods.
src/test/java/org/festimate/team/api/facade/SignUpFacadeTest.java	Replaced JwtService mock with JwtTokenProvider mock for token creation methods.

Sequence Diagram(s)

sequenceDiagram
    participant Client
    participant JwtAuthFilter
    participant JwtParser
    participant Controller

    Client->>JwtAuthFilter: HTTP request with Authorization header
    JwtAuthFilter->>JwtParser: Parse and validate JWT token
    JwtParser-->>JwtAuthFilter: userId (if valid)
    JwtAuthFilter->>Controller: Set request attribute "userId"
    Controller->>Controller: Access userId via @RequestAttribute
    Controller-->>Client: Response

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Implement JwtParser component to parse JWT and extract userId and platformId (#115)	✅
Create JwtAuthFilter to parse JWT, validate it, and set userId as request attribute (#115)	✅
Register JwtAuthFilter in SecurityConfig before UsernamePasswordAuthenticationFilter (#115)	✅
Refactor controllers to use @RequestAttribute("userId") for authenticated user info (#115)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope or unrelated code changes were detected in this pull request.

Possibly related PRs

• [refactor] #100 폴더링 리팩토링 및 계층 간 의존성 분리 작업 #101: Refactoring controllers and facades to improve layering and data flow, related to restructuring controller logic and dependencies as in this PR.

Poem

In the warren of code, a change hops through,
JWTs now parsed by a filter, not you!
Controllers rejoice, their burden is light,
With user IDs handed, their logic is right.
New providers and parsers keep secrets in tow—
Oh, what a secure and modular flow! 🐇✨
"""

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bf53420 and b3814d5.

📒 Files selected for processing (4)

• .gitignore (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtParser.java (1 hunks)
• src/test/java/org/festimate/team/api/facade/SignUpFacadeTest.java (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

• .gitignore
• src/test/java/org/festimate/team/api/facade/SignUpFacadeTest.java
• src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java
• src/main/java/org/festimate/team/infra/jwt/JwtParser.java

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Test Results

45 tests   45 ✅  1s ⏱️
10 suites   0 💤
10 files     0 ❌

Results for commit b3814d5.

♻️ This comment has been updated with latest results.

[coderabbitai]

Actionable comments posted: 7

🧹 Nitpick comments (5)

docker-compose.yaml (1)

1-1: Specify Compose file version more precisely

Using version: "3" is valid, but consider pinning to a more specific minor or patch-level (e.g., 3.8) for clarity about feature support and backward compatibility.

src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java (1)

29-31: Consider more specific exception handling.

While logging authentication failures is good practice, catching all exceptions might hide important issues like configuration problems or token provider failures. Consider catching more specific exceptions and potentially failing fast for critical issues.

Consider catching specific JWT-related exceptions separately from general exceptions:

 try {
     Long userId = jwtParser.getUserIdFromToken(token);
     request.setAttribute(USER_ID, userId);
-} catch (Exception e) {
-    log.warn("JWT 인증 실패: {}", e.getMessage());
+} catch (FestimateException e) {
+    log.warn("JWT 인증 실패: {}", e.getMessage());
+} catch (Exception e) {
+    log.error("예상치 못한 JWT 처리 오류: {}", e.getMessage());
 }

src/main/java/org/festimate/team/infra/config/SecurityConfig.java (1)

24-25: Document or configure CORS settings.

The CORS configuration is currently empty. This might be intentional, but it should be documented or properly configured based on your application's requirements.

Consider either documenting the intention or adding proper CORS configuration:

-.cors(cors -> {
-})
+.cors(cors -> {
+    // TODO: Configure CORS based on application requirements
+    // or remove if not needed
+})

src/main/java/org/festimate/team/infra/jwt/JwtTokenProvider.java (1)

56-58: Consider caching the secret key.

The getSecretKey() method recreates the key from bytes on every call. For better performance, consider caching the SecretKey instance since it's immutable.

+    private SecretKey secretKey;
+
 public SecretKey getSecretKey() {
-    return Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8));
+    if (secretKey == null) {
+        secretKey = Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8));
+    }
+    return secretKey;
 }

src/main/java/org/festimate/team/infra/jwt/JwtParser.java (1)

41-46: Consider null safety improvement.

The platform ID extraction handles null values but could be more explicit about the validation.

 public String getPlatformIdFromToken(String token) {
     Claims claims = parseClaims(token);
     Object platformId = claims.get(PLATFORM_ID);
-    if (platformId != null) return platformId.toString();
+    if (platformId != null && !platformId.toString().trim().isEmpty()) {
+        return platformId.toString();
+    }
+    log.error("platformId claim missing or empty in token");
     throw new FestimateException(ResponseError.INVALID_TOKEN);
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1d1125f and 4ddea7e.

📒 Files selected for processing (16)

• .gitignore (1 hunks)
• docker-compose.yaml (1 hunks)
• src/main/java/org/festimate/team/api/admin/AdminController.java (1 hunks)
• src/main/java/org/festimate/team/api/auth/AuthController.java (1 hunks)
• src/main/java/org/festimate/team/api/facade/LoginFacade.java (3 hunks)
• src/main/java/org/festimate/team/api/facade/SignUpFacade.java (2 hunks)
• src/main/java/org/festimate/team/api/festival/FestivalController.java (1 hunks)
• src/main/java/org/festimate/team/api/matching/MatchingController.java (1 hunks)
• src/main/java/org/festimate/team/api/participant/ParticipantController.java (1 hunks)
• src/main/java/org/festimate/team/api/point/PointController.java (1 hunks)
• src/main/java/org/festimate/team/api/user/UserController.java (1 hunks)
• src/main/java/org/festimate/team/infra/config/SecurityConfig.java (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtParser.java (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtService.java (1 hunks)
• src/main/java/org/festimate/team/infra/jwt/JwtTokenProvider.java (1 hunks)

🧰 Additional context used

🧬 Code Graph Analysis (7)

src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java (1)

src/main/java/org/festimate/team/infra/jwt/JwtService.java (1)

• RequiredArgsConstructor (10-31)

src/main/java/org/festimate/team/api/festival/FestivalController.java (1)

src/main/java/org/festimate/team/global/response/ResponseBuilder.java (1)

• ResponseBuilder (5-19)

src/main/java/org/festimate/team/api/user/UserController.java (1)

src/main/java/org/festimate/team/global/response/ResponseBuilder.java (1)

• ResponseBuilder (5-19)

src/main/java/org/festimate/team/infra/jwt/JwtParser.java (3)

src/main/java/org/festimate/team/infra/jwt/JwtService.java (1)

• RequiredArgsConstructor (10-31)

src/main/java/org/festimate/team/infra/jwt/JwtAuthFilter.java (1)

• Slf4j (12-36)

src/main/java/org/festimate/team/infra/jwt/JwtTokenProvider.java (1)

• Component (13-59)

src/main/java/org/festimate/team/api/matching/MatchingController.java (1)

src/main/java/org/festimate/team/global/response/ResponseBuilder.java (1)

• ResponseBuilder (5-19)

src/main/java/org/festimate/team/api/admin/AdminController.java (1)

src/main/java/org/festimate/team/global/response/ResponseBuilder.java (1)

• ResponseBuilder (5-19)

src/main/java/org/festimate/team/api/participant/ParticipantController.java (1)

src/main/java/org/festimate/team/global/response/ResponseBuilder.java (1)

• ResponseBuilder (5-19)

🔇 Additional comments (27)

docker-compose.yaml (3)

4-5: Good: Pinning MySQL version and naming container

Specifying mysql:8.0 ensures a stable database version, and a consistent container_name improves manageability.

---

9-9: Port mapping is correct

Exposing "3306:3306" aligns host and container ports as expected.

---

11-12: Persisted volumes and restart policy

Mounting ./mysql-data ensures data persistence, and restart: unless-stopped helps maintain service availability.

src/main/java/org/festimate/team/api/auth/AuthController.java (1)

29-29: LGTM! Improved logging clarity.

The log message change from "Code" to "kakaoAccessToken" makes the logging more descriptive and improves debugging experience.

src/main/java/org/festimate/team/api/facade/LoginFacade.java (2)

9-9: LGTM! Improved separation of concerns.

The refactoring to use JwtTokenProvider instead of JwtService follows the single responsibility principle by delegating token creation to a dedicated component.

Also applies to: 18-18

---

31-31: LGTM! Consistent token creation delegation.

All token creation operations are now properly delegated to JwtTokenProvider, maintaining consistency across the facade.

Also applies to: 34-34, 42-42

src/main/java/org/festimate/team/api/facade/SignUpFacade.java (2)

12-12: LGTM! Consistent refactoring pattern.

The migration from JwtService to JwtTokenProvider follows the same pattern as LoginFacade, creating architectural consistency across facade classes.

Also applies to: 19-19

---

39-40: LGTM! Proper token creation delegation.

Token creation operations are correctly delegated to JwtTokenProvider, maintaining the same functionality with improved separation of concerns.

src/main/java/org/festimate/team/infra/config/SecurityConfig.java (2)

27-27: Review permissive authorization configuration.

The current configuration permits all requests without authentication. Ensure this aligns with your security requirements, especially for production environments.

Please verify that permitAll() is the intended authorization strategy for all endpoints, or if specific endpoints should require authentication.

---

28-28: JWT filter integration looks good.

The JWT authentication filter is correctly positioned before the UsernamePasswordAuthenticationFilter in the filter chain, which will allow JWT-based authentication to be processed first.

src/main/java/org/festimate/team/infra/jwt/JwtTokenProvider.java (1)

13-59: Well-structured JWT token provider implementation.

The JwtTokenProvider class demonstrates good separation of concerns and follows consistent patterns across all token creation methods. The use of JwtProperties for configuration and proper HMAC SHA key generation are excellent practices.

src/main/java/org/festimate/team/infra/jwt/JwtParser.java (1)

21-32: JWT parsing implementation looks solid.

The parseClaims method correctly uses the JJWT library for token validation and provides appropriate error handling with custom exceptions.

src/main/java/org/festimate/team/api/festival/FestivalController.java (2)

21-21: Clean refactor to centralized authentication pattern.

The change from manual JWT token parsing to @RequestAttribute("userId") injection is an excellent architectural improvement that separates authentication concerns from controller logic.

---

30-30: Consistent implementation across endpoints.

Good consistency in applying the same authentication pattern across both endpoints in this controller.

src/main/java/org/festimate/team/api/user/UserController.java (3)

59-59: Good refactor to centralized authentication.

The change to use @RequestAttribute("userId") simplifies the controller logic and aligns with the architectural improvements seen across other controllers.

---

67-67: Consistent application of the new pattern.

Excellent consistency in applying the same authentication approach across both authenticated endpoints.

---

32-32:

Details

✅ Verification successful

Verify JwtService dependency is still needed.

The JwtService dependency is retained, which appears correct since it's used in the signUp method (line 50) for extracting platform user ID from tokens. This is a different use case than the authenticated endpoints.

Let me verify that JwtService is actually used in this controller:

---

🏁 Script executed:

#!/bin/bash
# Description: Check if JwtService is used in UserController
# Expected: Should find usage in signup method

rg -A 3 -B 3 "jwtService\." src/main/java/org/festimate/team/api/user/UserController.java

Length of output: 436

---

JwtService dependency is required

Confirmed that jwtService.extractPlatformUserIdFromToken(accessToken) is invoked in the signUp method (around line 50) to retrieve the platform user ID. No changes needed.

src/main/java/org/festimate/team/api/matching/MatchingController.java (3)

21-21: Excellent refactor implementation.

The migration to @RequestAttribute("userId") is cleanly implemented and removes authentication complexity from the controller layer.

---

30-30: Consistent pattern application.

Good consistency in applying the same authentication approach across all endpoints.

---

39-39: Complete migration to centralized authentication.

All endpoints in this controller have been successfully migrated to the new authentication pattern, demonstrating thorough refactoring.

src/main/java/org/festimate/team/infra/jwt/JwtService.java (4)

12-12: Appropriate annotation change.

The change from @Component to @Service is semantically correct since this class provides business logic services rather than just being a generic Spring component.

---

18-26: Clean delegation in reIssueToken method.

The method effectively delegates JWT operations to the appropriate specialized components while maintaining the core business logic for token reissuance. The flow is clear and follows good separation of concerns.

---

28-30: Consistent delegation pattern.

The extractPlatformUserIdFromToken method correctly delegates to JwtParser, maintaining consistency with the overall refactoring approach.

---

14-15:

Details

✅ Verification successful

Good architectural refactor using delegation pattern.

The introduction of JwtTokenProvider and JwtParser as dependencies follows the single responsibility principle and improves code organization by separating token creation from token parsing concerns.

Let me verify that these new JWT components exist and are properly implemented:

---

🏁 Script executed:

#!/bin/bash
# Description: Verify the new JWT components exist and are properly configured
# Expected: Should find JwtTokenProvider and JwtParser classes

echo "Checking for JwtTokenProvider:"
fd "JwtTokenProvider.java" --type f

echo "Checking for JwtParser:"
fd "JwtParser.java" --type f

echo "Verifying they are Spring components:"
rg -l "@(Component|Service)" | xargs rg -l "class Jwt(TokenProvider|Parser)"

Length of output: 602

---

Verification Successful – JWT Components Present and Configured

Both JwtTokenProvider and JwtParser classes were found under src/main/java/org/festimate/team/infra/jwt/ and are properly annotated as Spring components. This confirms the refactor cleanly delegates token creation to JwtTokenProvider and parsing to JwtParser, adhering to the single responsibility principle.

No further changes required—approving these updates.

src/main/java/org/festimate/team/api/participant/ParticipantController.java (2)

22-22: Excellent refactoring - centralized authentication approach.

The change from manual JWT parsing to @RequestAttribute("userId") is a significant improvement that centralizes authentication concerns in the filter layer, following the separation of concerns principle.

---

32-32: Consistent implementation across all endpoints.

All endpoints consistently use the new @RequestAttribute("userId") pattern, ensuring uniform authentication handling throughout the controller. This eliminates code duplication and reduces the risk of authentication-related bugs.

Also applies to: 42-42, 52-52, 61-61, 71-71, 81-81

src/main/java/org/festimate/team/api/admin/AdminController.java (1)

26-26: Consistent and secure authentication refactoring.

All admin endpoints consistently implement the new authentication pattern using @RequestAttribute("userId"). This is particularly important for admin endpoints which require robust authentication, and the centralized approach reduces the attack surface by eliminating duplicate JWT parsing logic across multiple endpoints.

Also applies to: 35-35, 43-43, 52-52, 62-62, 72-72, 82-82, 92-92

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/test/java/org/festimate/team/api/facade/LoginFacadeTest.java (1)

24-24: Consider removing unused JwtService mock if no longer needed.

Similar to SignUpFacadeTest, the JwtService mock is declared but no longer used for token creation. This should be cleaned up if JwtService no longer has testable responsibilities in this class.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4ddea7e and bf53420.

📒 Files selected for processing (2)

• src/test/java/org/festimate/team/api/facade/LoginFacadeTest.java (4 hunks)
• src/test/java/org/festimate/team/api/facade/SignUpFacadeTest.java (3 hunks)

🔇 Additional comments (7)

src/test/java/org/festimate/team/api/facade/SignUpFacadeTest.java (3)

12-12: LGTM: Import added for the new JWT token provider.

The import of JwtTokenProvider aligns with the JWT authentication refactoring objectives.

---

32-33: LGTM: Mock properly added for JwtTokenProvider.

The new mock field is correctly declared and will be used for token creation in the refactored architecture.

---

77-78: LGTM: Token creation calls updated to use JwtTokenProvider.

The method calls are correctly updated to use the new jwtTokenProvider mock instead of jwtService, which aligns with the separation of responsibilities in the JWT refactoring.

src/test/java/org/festimate/team/api/facade/LoginFacadeTest.java (4)

8-8: LGTM: Import added for the new JWT token provider.

The import of JwtTokenProvider is consistent with the JWT refactoring across test files.

---

26-27: LGTM: Mock properly added for JwtTokenProvider.

The new mock field is correctly declared for the refactored JWT token creation.

---

47-48: LGTM: Regular token creation updated to use JwtTokenProvider.

The method calls for access and refresh token creation are correctly updated to use the new token provider.

---

66-67: LGTM: Temporary token creation updated to use JwtTokenProvider.

The temporary token creation methods are also correctly updated, ensuring comprehensive coverage of all token types.