diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index a578220..0618cae 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -55,9 +55,29 @@ jobs: spring.jpa.properties.hibernate.show_sql=true spring.jpa.hibernate.ddl-auto=create-drop spring.jpa.properties.hibernate.format_sql=true + + + jwt.issuer=${{ secrets.JWT_ISSUER }} + jwt.secret_key=${{ secrets.JWT_SECRET_KEY }} + + # OAuth + spring.security.oauth2.client.registration.google.client-id=${{ secrets.GOOGLE_CLIENT_ID }} + spring.security.oauth2.client.registration.google.client-secret=${{ secrets.GOOGLE_CLIENT_SECRET }} + spring.security.oauth2.client.registration.google.scope=email,profile + spring.security.oauth2.client.provider.google.authorization-uri=https://accounts.google.com/o/oauth2/v2/auth + spring.security.oauth2.client.provider.google.token-uri=https://oauth2.googleapis.com/token + spring.security.oauth2.client.provider.google.user-info-uri=https://www.googleapis.com/oauth2/v3/userinfo + + #Redis spring.data.redis.host=localhost + spring.data.redis.port=6379 + + spring.data.redis.lettuce.pool.max-active=10 + spring.data.redis.lettuce.pool.max-idle=10 + spring.data.redis.lettuce.pool.min-idle=1 + spring.data.redis.lettuce.pool.max-wait=1000ms EOT shell: bash diff --git a/build.gradle b/build.gradle index 91e3c51..f592933 100644 --- a/build.gradle +++ b/build.gradle @@ -34,11 +34,29 @@ dependencies { testImplementation 'org.springframework.boot:spring-boot-starter-test' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' - implementation 'org.redisson:redisson-spring-boot-starter:3.25.2' + //test + testImplementation 'org.projectlombok:lombok' + testAnnotationProcessor 'org.projectlombok:lombok' - implementation 'org.springframework.boot:spring-boot-starter-data-redis' - implementation 'org.apache.commons:commons-pool2' + //spring security + implementation 'org.springframework.boot:spring-boot-starter-security' + testImplementation 'org.springframework.security:spring-security-test' + + //jwt + implementation 'io.jsonwebtoken:jjwt:0.12.6' + implementation 'io.jsonwebtoken:jjwt-api:0.12.6' + runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6' + runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6' + implementation 'javax.xml.bind:jaxb-api:2.4.0-b180830.0359' + // Spring Security OAuth2 클라이언트 (구글/카카오 로그인 등) + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + + //Redis + implementation 'org.springframework.boot:spring-boot-starter-data-redis' + implementation 'org.springframework.data:spring-data-redis' + implementation 'org.apache.commons:commons-pool2' // 커넥션 풀 + implementation 'org.redisson:redisson-spring-boot-starter:3.25.2' } tasks.named('test') { diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java new file mode 100644 index 0000000..e9f59fb --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/JwtPropertiesOAuth.java @@ -0,0 +1,13 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; + +@Getter +@Setter +@ConfigurationProperties(prefix = "jwt") +public class JwtPropertiesOAuth { + private String issuer; + private String secretKey; +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java new file mode 100644 index 0000000..c3df6c7 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/OAuth2LoginSuccessHandlerOAuth.java @@ -0,0 +1,53 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.quickpick.ureca.OAuth.auth.dto.UserLoginResponseOAuth; +import com.quickpick.ureca.OAuth.auth.service.RefreshTokenServiceOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.stereotype.Component; + +import java.io.IOException; +import java.time.Duration; + +@Component +@RequiredArgsConstructor +public class OAuth2LoginSuccessHandlerOAuth implements AuthenticationSuccessHandler { //OAuth 인증 성공시 jwt 발급 및 리디렉션 + private final TokenProviderOAuth tokenProvider; + private final UserServiceOAuth userService; + private final RefreshTokenServiceOAuth refreshTokenService; + private final ObjectMapper objectMapper; + + @Override + public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, + Authentication authentication) throws IOException { + + OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal(); + String email = oAuth2User.getAttribute("email"); + + // 사용자 DB에 저장 (없으면 새로 추가) + UserOAuth user = userService.findById(email) + .orElseGet(() -> userService.saveFromOAuth2(oAuth2User)); + + // JWT 발급 + String accessToken = tokenProvider.generateToken(user, Duration.ofHours(2)); // Access token + String refreshToken = tokenProvider.generateToken(user, Duration.ofDays(14)); // Refresh token (필요시 DB 저장) + + // Refresh token을 DB에 저장 + refreshTokenService.save(user.getUserId(), refreshToken); + + // 기존 로그인 응답 DTO 사용 + UserLoginResponseOAuth responseDto = new UserLoginResponseOAuth(accessToken, refreshToken); + + response.setContentType("application/json"); + response.setCharacterEncoding("utf-8"); + response.setStatus(HttpServletResponse.SC_OK); + objectMapper.writeValue(response.getWriter(), responseDto); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java new file mode 100644 index 0000000..12681aa --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/RedisConfigOAuth.java @@ -0,0 +1,20 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.connection.RedisConnectionFactory; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.data.redis.serializer.StringRedisSerializer; + +@Configuration +public class RedisConfigOAuth { + + @Bean + public RedisTemplate redisTemplate(RedisConnectionFactory connectionFactory) { + RedisTemplate template = new RedisTemplate<>(); + template.setConnectionFactory(connectionFactory); + template.setKeySerializer(new StringRedisSerializer()); + template.setValueSerializer(new StringRedisSerializer()); // 토큰은 일반 문자열이므로 String 직렬화면 충분 + return template; + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java new file mode 100644 index 0000000..bb60c10 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenAuthenticationFilterOAuth.java @@ -0,0 +1,68 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import io.jsonwebtoken.JwtException; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +@RequiredArgsConstructor +public class TokenAuthenticationFilterOAuth extends OncePerRequestFilter { + private final TokenProviderOAuth tokenProvider; + private final RedisTemplate redisTemplate; + private final static String HEADER_AUTHORIZATION = "Authorization"; + private final static String BEARER = "Bearer "; + + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { + //요청 헤더의 auth 키의 값 조회 + String authHeader = request.getHeader(HEADER_AUTHORIZATION); + String token = getAccessToken(authHeader); //접두사 제거해서 토큰 가져오기 + + try { + if (token != null) { + tokenProvider.validToken(token); //예외가 발생하면 catch문으로 + if (isBlacklisted(token)) { //블랙리스트에 있는 토큰이면 예외 발생 + throw new JwtException("Blacklisted token"); + } + //토큰이 유효하고 블랙리스트에 없다면 인증 정보 설정 + Authentication auth = tokenProvider.getAuthentication(token); + SecurityContextHolder.getContext().setAuthentication(auth); + } + + filterChain.doFilter(request, response); + } catch (JwtException e) { + setErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, e.getMessage()); + } + } + //에러 메세지 설정 메서드 + private void setErrorResponse(HttpServletResponse response, int status, String message) throws IOException { + response.setStatus(status); + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); + + String responseBody = String.format("{\"error\": \"%s\"}", message); + response.getWriter().write(responseBody); + } + + private boolean isBlacklisted(String token) { + //redis 내 블랙리스트에 있는지 검사 + return redisTemplate.hasKey("blacklist:" + token); + } + + private String getAccessToken(String authHeader) { + if (authHeader != null && authHeader.startsWith(BEARER)) { + return authHeader.substring(BEARER.length()); + } + return null; + } + +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java new file mode 100644 index 0000000..e0a2f7c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/TokenProviderOAuth.java @@ -0,0 +1,90 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import io.jsonwebtoken.*; +import io.jsonwebtoken.security.Keys; +import io.jsonwebtoken.security.SecurityException; +import lombok.RequiredArgsConstructor; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.stereotype.Service; + +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Collections; +import java.util.Date; +import java.util.Set; + +@RequiredArgsConstructor +@Service +public class TokenProviderOAuth { + + private final JwtPropertiesOAuth jwtProperties; + + public String generateToken(UserOAuth user, Duration expiredAt) { + Date now = new Date(); + return makeToken(user, new Date( now.getTime() + expiredAt.toMillis())); + } // expriedAt 만큼의 유효기간을 가진 토큰 생성 + + public String makeToken(UserOAuth user, Date expiry) { + + return Jwts.builder() + .issuer(jwtProperties.getIssuer()) + .expiration(expiry) + .subject(user.getId()) + .claim("user_id", user.getUserId()) + .signWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .compact(); + } + + //토큰 검증 메서드 + public void validToken(String token) { + try{ + Jwts.parser() + .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .build() + .parseSignedClaims(token); + } catch (SecurityException | MalformedJwtException e) { //서명이 불일치한 경우 / 구조가 손상된 경우 + throw new JwtException("Invalid JWT signature"); + } catch (ExpiredJwtException e) { //만료된 토큰인 경우 + throw new JwtException("JWT token expired"); + } catch (UnsupportedJwtException e) { //지원하지 않는 토큰인 경우 + throw new JwtException("Unsupported JWT token"); + } catch (IllegalArgumentException e) { //토큰이 아예 없거나 비정상적으로 전달된 경우? + throw new JwtException("JWT token is invalid"); + } + } + + public Authentication getAuthentication(String token) { + Claims claims = getClaims(token); + Set authorities + = Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")); + + return new UsernamePasswordAuthenticationToken( + new org.springframework.security.core.userdetails.User( + claims.getSubject(), "", authorities) + , token + , authorities); + } + + public Long getUserId(String token) { + Claims claims = getClaims(token); + return claims.get("user_id", Long.class); + } + + //Claims 가져오기 + private Claims getClaims(String token) { + return Jwts.parser() + .verifyWith(Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8))) + .build() + .parseSignedClaims(token) + .getPayload(); //getBody()가 deprecated되어 이걸 쓸 것 + } + + //남은 토큰 유효시간 계산 + public long getRemainingValidity(String token) { + Claims claims = getClaims(token); + return claims.getExpiration().getTime() - System.currentTimeMillis(); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java new file mode 100644 index 0000000..47c3309 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/config/WebSecurityConfigOAuth.java @@ -0,0 +1,70 @@ +package com.quickpick.ureca.OAuth.auth.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.ProviderManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; + +@Configuration +@EnableWebSecurity +@RequiredArgsConstructor +public class WebSecurityConfigOAuth { + + private final UserDetailsService userDetailsService; + private final TokenProviderOAuth tokenProvider; // TokenProvider 추가 + private final RedisTemplate redisTemplate; + + // Static 리소스는 인증 없이 접근 + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return (webSecurity) -> webSecurity.ignoring() + .requestMatchers(new AntPathRequestMatcher("/static/**")); + } + + // Security Filter Chain + @Bean + public SecurityFilterChain filterChain(HttpSecurity http, OAuth2LoginSuccessHandlerOAuth oAuth2LoginSuccessHandler) throws Exception { + return http + .sessionManagement(session -> session + .sessionCreationPolicy(SessionCreationPolicy.STATELESS)) //서버 세션 비활성화(jwt 사용하므로) + .authorizeHttpRequests(auth -> auth + .requestMatchers("/auth/login", "/signup", "/auth/token", "/oauth2/**").permitAll() // 로그인, 회원가입, 토큰 재발급, 소셜로그인은 인증 없이 접근 + .anyRequest().authenticated() // 그 외 요청은 인증 필요 + ) + .formLogin(AbstractHttpConfigurer::disable) //폼로그인 비활성화 + .csrf(AbstractHttpConfigurer::disable) // CSRF 보호 비활성화 (API 서버일 경우) + .oauth2Login(oauth2 -> oauth2 + .successHandler(oAuth2LoginSuccessHandler) // 소셜로그인 설정 + ) + .addFilterBefore(new TokenAuthenticationFilterOAuth(tokenProvider, redisTemplate), UsernamePasswordAuthenticationFilter.class) // JWT 필터 폼 로그인 필터 앞에 추가 + .build(); + } + + // AuthenticationManager 설정 (필요한가?) + @Bean + public AuthenticationManager authenticationManager(HttpSecurity http, BCryptPasswordEncoder bCryptPasswordEncoder, UserDetailsService userDetailsService) throws Exception { + DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); + authProvider.setUserDetailsService(userDetailsService); + authProvider.setPasswordEncoder(bCryptPasswordEncoder); + return new ProviderManager(authProvider); + } + + // BCryptPasswordEncoder 설정 + @Bean + public BCryptPasswordEncoder bCryptPasswordEncoder() { + return new BCryptPasswordEncoder(); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java new file mode 100644 index 0000000..5a34553 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/controller/AuthControllerOAuth.java @@ -0,0 +1,59 @@ +package com.quickpick.ureca.OAuth.auth.controller; + +import com.quickpick.ureca.OAuth.auth.dto.*; +import com.quickpick.ureca.OAuth.auth.service.AuthServiceOAuth; +import jakarta.servlet.http.HttpServletRequest; +import lombok.RequiredArgsConstructor; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RestController; + + + +@RestController +@RequiredArgsConstructor +public class AuthControllerOAuth { + private final AuthenticationManager authenticationManager; + private final AuthServiceOAuth authService; + + @PostMapping("/auth/login") //jwt를 이용한 자체 로그인 + public ResponseEntity login(@RequestBody UserLoginRequestOAuth request) { + try { + UserLoginResponseOAuth response = authService.login(request.getId(), request.getPassword()); + return ResponseEntity.ok(response); + } catch (UsernameNotFoundException | BadCredentialsException ex) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body("Login failed: " + ex.getMessage()); + } catch (Exception ex) { + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body("An unexpected error occurred."); + } + } + + @PostMapping("/auth/logout") + public ResponseEntity logout(HttpServletRequest request) { + String accessToken = authService.extractToken(request); + authService.logout(accessToken); + return ResponseEntity.ok().build(); + } + + + @PostMapping("/auth/token") //jwt 엑세스 토큰 재발급 + public ResponseEntity createNewAccessToken( //ResponseEntity-> ResponseEntity로 수정 + @RequestBody CreateAccessTokenRequestOAuth request) { + try { + String newAccessToken + = authService.createNewAccessToken(request.getRefreshToken()); + + return ResponseEntity.status(HttpStatus.CREATED) + .body(new CreateAccessTokenResponseOAuth(newAccessToken)); + } catch (Exception e) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(new CreateAccessTokenErrorResponseOAuth(e.getMessage())); + } + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java new file mode 100644 index 0000000..b898b19 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/domain/RefreshTokenOAuth.java @@ -0,0 +1,32 @@ +package com.quickpick.ureca.OAuth.auth.domain; + +import jakarta.persistence.*; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@NoArgsConstructor +@Getter +@Entity +public class RefreshTokenOAuth { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "refresh_id", updatable = false) + private Long refreshId; + + @Column(name = "user_id", nullable = false, unique = true) + private Long userId; + + @Column(name = "refresh_token", nullable = false) + private String refreshToken; + + public RefreshTokenOAuth(Long userId, String refreshToken) { + this.userId = userId; + this.refreshToken = refreshToken; + } + + public RefreshTokenOAuth update(String newRefreshToken) { + this.refreshToken = newRefreshToken; + return this; + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java new file mode 100644 index 0000000..9760e8b --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenErrorResponseOAuth.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenErrorResponseOAuth { //엑세스 토큰 생성 중 에러 발생 시 응답 dto + private String error; + + public CreateAccessTokenErrorResponseOAuth(String error) { + this.error = error; + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java new file mode 100644 index 0000000..20278c4 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenRequestOAuth.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class CreateAccessTokenRequestOAuth { //엑세스 토큰 생성 요청 + private String refreshToken; +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java new file mode 100644 index 0000000..4605e51 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/CreateAccessTokenResponseOAuth.java @@ -0,0 +1,10 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +@AllArgsConstructor +@Getter +public class CreateAccessTokenResponseOAuth { //엑세스 토큰 생성 요청에 대한 응답 + private String accessToken; +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java new file mode 100644 index 0000000..ff2c88c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginRequestOAuth.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class UserLoginRequestOAuth { //로그인 요청 dto + private String id; // 사용자 ID + private String password; // 비밀번호 +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java new file mode 100644 index 0000000..6708fda --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/dto/UserLoginResponseOAuth.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.OAuth.auth.dto; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +@Getter +@AllArgsConstructor +public class UserLoginResponseOAuth { //로그인 응답 dto + private String accessToken; + private String refreshToken; +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java new file mode 100644 index 0000000..849ef76 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/repository/RefreshTokenRepositoryOAuth.java @@ -0,0 +1,12 @@ +package com.quickpick.ureca.OAuth.auth.repository; + +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface RefreshTokenRepositoryOAuth extends JpaRepository { + Optional findByUserId(Long userId); + Optional findByRefreshToken(String refreshToken); + void deleteByUserId(Long userId); +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java new file mode 100644 index 0000000..c31f1f9 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/service/AuthServiceOAuth.java @@ -0,0 +1,92 @@ +package com.quickpick.ureca.OAuth.auth.service; + +import com.quickpick.ureca.OAuth.auth.config.TokenProviderOAuth; +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.dto.UserLoginResponseOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; +import io.jsonwebtoken.JwtException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.transaction.Transactional; +import lombok.RequiredArgsConstructor; +import org.springframework.data.redis.core.RedisTemplate; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.stereotype.Service; + +import java.time.Duration; +import java.util.concurrent.TimeUnit; + +@Service +@RequiredArgsConstructor +public class AuthServiceOAuth { + + private final UserServiceOAuth userService; + private final TokenProviderOAuth tokenProvider; + private final RefreshTokenServiceOAuth refreshTokenService; + private final RedisTemplate redisTemplate; + private final BCryptPasswordEncoder bCryptPasswordEncoder; + + //jwt 로그인 + @Transactional + public UserLoginResponseOAuth login(String id, String password) { + UserOAuth user = userService.findById(id) + .orElseThrow(()-> new IllegalArgumentException("User not found")); + + if (!bCryptPasswordEncoder.matches(password, user.getPassword())) { //비밀번호 일치 검증 + throw new BadCredentialsException("Invalid password"); + } + + String accessToken = tokenProvider.generateToken(user, Duration.ofHours(2)); + String refreshToken = tokenProvider.generateToken(user, Duration.ofDays(14)); //로그인 성공 시 토큰 발급 + + refreshTokenService.save(user.getUserId(), refreshToken); + + return new UserLoginResponseOAuth(accessToken, refreshToken); + } + + // 토큰 추출 (Authorization 헤더에서 Bearer 제거) + public String extractToken(HttpServletRequest request) { + String authHeader = request.getHeader("Authorization"); //Authorization값을 가지는 헤더 가져오기 + if (authHeader != null && authHeader.startsWith("Bearer ")) { + return authHeader.substring(7); //앞에 Bearer 를 제거해 토큰 값만 가져오기 + } + throw new RuntimeException("Missing or invalid Authorization header"); + } + + //로그아웃 + @Transactional + public void logout(String accessToken) { + + //엑세스 토큰 블랙리스트 추가 + long expiration = tokenProvider.getRemainingValidity(accessToken); //엑세스 토큰의 남은 유효시간 계산 + redisTemplate.opsForValue().set("blacklist:" + accessToken, "logout", expiration, TimeUnit.MILLISECONDS); //남은 유효시간 만큼 블랙리스트에 넣기 + + //리프레시 토큰 삭제 + Long userId = tokenProvider.getUserId(accessToken); + refreshTokenService.deleteByUserId(userId); + } + + //리프레시 토큰을 이용한 엑세스 토큰 재발급 + @Transactional + public String createNewAccessToken(String refreshToken) { + //리프레시 토큰이 유효하지 않으면 에러 + try { + tokenProvider.validToken(refreshToken); + } catch (JwtException e) { + throw new JwtException(e.getMessage()); + } + + //저장된 리프레시 토큰 값과 달라도 에러 (아마 위에서 다 걸리지겠지만 혹시 모르니까) + RefreshTokenOAuth savedRefreshToken = refreshTokenService.findByRefreshToken(refreshToken); + if (savedRefreshToken == null) { + throw new JwtException("Invalid JWT RefreshToken"); + } + + //유효성이 검증되면 유저 정보 받아와서 새 엑세스 토큰 생성 + Long userId = savedRefreshToken.getUserId(); + UserOAuth user = userService.findByUserId(userId); + + return tokenProvider.generateToken(user, Duration.ofHours(2)); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java new file mode 100644 index 0000000..07da1e1 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/auth/service/RefreshTokenServiceOAuth.java @@ -0,0 +1,31 @@ +package com.quickpick.ureca.OAuth.auth.service; + +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.repository.RefreshTokenRepositoryOAuth; +import jakarta.transaction.Transactional; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Service; + +@RequiredArgsConstructor +@Service +public class RefreshTokenServiceOAuth { + private final RefreshTokenRepositoryOAuth refreshTokenRepository; + + public RefreshTokenOAuth findByRefreshToken(String refreshToken) { + return refreshTokenRepository.findByRefreshToken(refreshToken) + .orElseThrow(() -> new IllegalArgumentException("Invalid refresh token")); + } + + //refresh 토큰 저장 (db 저장) + @Transactional + public void save(Long userId, String refreshToken) { + RefreshTokenOAuth token = new RefreshTokenOAuth(userId, refreshToken); + refreshTokenRepository.save(token); + } + + //refresh 토큰 삭제 + @Transactional + public void deleteByUserId(Long userId) { + refreshTokenRepository.deleteByUserId(userId); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java b/src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java new file mode 100644 index 0000000..fcf4813 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/common/domain/BaseEntity.java @@ -0,0 +1,26 @@ +package com.quickpick.ureca.OAuth.common.domain; + +import jakarta.persistence.Column; +import jakarta.persistence.EntityListeners; +import jakarta.persistence.MappedSuperclass; +import lombok.Getter; +import org.springframework.data.annotation.CreatedDate; +import org.springframework.data.annotation.LastModifiedDate; +import org.springframework.data.jpa.domain.support.AuditingEntityListener; + +import java.time.LocalDateTime; + +@Getter +@MappedSuperclass +@EntityListeners(AuditingEntityListener.class) +public abstract class BaseEntity { + @CreatedDate + @Column(length = 6, name = "created_at", updatable = false) + private LocalDateTime createdAt; + + @LastModifiedDate + @Column(length = 6, name = "updated_at") + private LocalDateTime updatedAt; + +} + diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java new file mode 100644 index 0000000..830b59a --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/controller/ReserveController.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.controller; + +public class ReserveController { +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java new file mode 100644 index 0000000..2e84f4f --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/domain/Reserve.java @@ -0,0 +1,28 @@ +package com.quickpick.ureca.OAuth.reserve.domain; + +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.reserve.status.ReserveStatus; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import jakarta.persistence.*; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Table +@Entity +@Getter +@NoArgsConstructor +public class Reserve extends BaseEntity { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "reserve_id") + private Long reserveId; + + @ManyToOne(fetch = FetchType.LAZY) + @JoinColumn(name = "user_id", nullable = false) + private UserOAuth user; + + @Enumerated(EnumType.STRING) + @Column(nullable = false) + private ReserveStatus status; +} \ No newline at end of file diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java new file mode 100644 index 0000000..7e75899 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/repository/ReserveRepository.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.repository; + +public class ReserveRepository { +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java new file mode 100644 index 0000000..ac7035c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/service/ReserveService.java @@ -0,0 +1,4 @@ +package com.quickpick.ureca.OAuth.reserve.service; + +public class ReserveService { +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java b/src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java new file mode 100644 index 0000000..e4c4fff --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/reserve/status/ReserveStatus.java @@ -0,0 +1,6 @@ +package com.quickpick.ureca.OAuth.reserve.status; + +public enum ReserveStatus { + SUCCESS, + FAIL +} \ No newline at end of file diff --git a/src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java b/src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java new file mode 100644 index 0000000..c02041c --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/ticket/domain/Ticket.java @@ -0,0 +1,38 @@ +package com.quickpick.ureca.OAuth.ticket.domain; + +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.userticket.domain.UserTicket; +import jakarta.persistence.*; +import lombok.Getter; +import lombok.NoArgsConstructor; + +import java.time.LocalDateTime; +import java.util.ArrayList; +import java.util.List; + +@Entity +@Table(name = "ticket") +@Getter +@NoArgsConstructor +public class Ticket extends BaseEntity { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "ticket_id") + private Long ticketId; + + @Column(nullable = false) + private String name; + + @Column(nullable = false) + private int quantity; + + @Column(nullable = false) + private LocalDateTime startDate; + + @Column(nullable = false) + private LocalDateTime reserveDate; + + @OneToMany(mappedBy = "ticket", cascade = CascadeType.ALL, orphanRemoval = true) + private List userTickets = new ArrayList<>(); +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java b/src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java new file mode 100644 index 0000000..f18450e --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/ticket/repository/TicketRepository.java @@ -0,0 +1,7 @@ +package com.quickpick.ureca.OAuth.ticket.repository; + +import com.quickpick.ureca.OAuth.ticket.domain.Ticket; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface TicketRepository extends JpaRepository { +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java new file mode 100644 index 0000000..80012e9 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/controller/UserControllerOAuth.java @@ -0,0 +1,26 @@ +package com.quickpick.ureca.OAuth.user.controller; + +import com.quickpick.ureca.OAuth.user.dto.UserSignUpRequestOAuth; +import com.quickpick.ureca.OAuth.user.service.UserServiceOAuth; +import lombok.RequiredArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +@RestController +@RequiredArgsConstructor +public class UserControllerOAuth { + + private final UserServiceOAuth userService; + + @PostMapping("/signup") + public ResponseEntity signup(@RequestBody UserSignUpRequestOAuth dto) { + userService.saveUser(dto); + return ResponseEntity.ok("회원가입 완료"); + } + + @GetMapping("/test") + public ResponseEntity test(){ + return ResponseEntity.ok("테스트 성공"); + } + +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java new file mode 100644 index 0000000..cb10251 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/domain/UserOAuth.java @@ -0,0 +1,89 @@ +package com.quickpick.ureca.OAuth.user.domain; + +import com.quickpick.ureca.OAuth.common.domain.BaseEntity; +import com.quickpick.ureca.OAuth.userticket.domain.UserTicket; +import jakarta.persistence.*; +import lombok.Builder; +import lombok.Getter; +import lombok.NoArgsConstructor; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +@Table +@Entity +@Getter +@NoArgsConstructor +public class UserOAuth extends BaseEntity implements UserDetails { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "user_id") + private Long userId; + + @Column(nullable = false, unique = true) + private String id; + + @Column(nullable = false) + private String password; + + @Column(nullable = false) + private String name; + + @Column(nullable = false) + private Integer age; + + @Column(nullable = false) + private String gender; + + @Builder + public UserOAuth(String id, String password, String name, Integer age, String gender) { + this.id = id; + this.password = password; + this.name = name; + this.age = age; + this.gender = gender; + } + + @OneToMany(mappedBy = "user", cascade = CascadeType.ALL, orphanRemoval = true) + private List userTickets = new ArrayList<>(); + + @Override //사용자의 권한 목록 반환 + public Collection getAuthorities() { + return List.of(new SimpleGrantedAuthority("user")); + } + + @Override //사용자 id 반환 (고유한 이름) + public String getUsername() { + return id; + } + + @Override //사용자 비밀번호 반환 + public String getPassword() { + return password; + } + + @Override //계정이 만료 되었는지 확인 + public boolean isAccountNonExpired() { + return true; + } + + @Override //계정이 잠겼는지 확인 + public boolean isAccountNonLocked() { + return true; + } + + @Override //비밀번호 만료 확인 + public boolean isCredentialsNonExpired() { + return true; + } + + @Override //계정 사용여부 확인 + public boolean isEnabled() { + return true; + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java new file mode 100644 index 0000000..1c4ac5b --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/dto/UserSignUpRequestOAuth.java @@ -0,0 +1,14 @@ +package com.quickpick.ureca.OAuth.user.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class UserSignUpRequestOAuth { //회원가입 요청 dto + private String id; // 사용자 ID + private String password; // 비밀번호 + private String name; // 이름 + private Integer age; // 나이 + private String gender; // 성별 ("M", "F") +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java new file mode 100644 index 0000000..c3e3352 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/repository/UserRepositoryOAuth.java @@ -0,0 +1,11 @@ +package com.quickpick.ureca.OAuth.user.repository; + +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface UserRepositoryOAuth extends JpaRepository { + Optional findById(String id); //id(아이디)로 사용자 정보 가져오기 + Optional findByUserId(Long userId); //user_id(고유번호)로 사용자 정보 가져오기 +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java new file mode 100644 index 0000000..8159173 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserDetailServiceOAuth.java @@ -0,0 +1,20 @@ +package com.quickpick.ureca.OAuth.user.service; + +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +@RequiredArgsConstructor +public class UserDetailServiceOAuth implements UserDetailsService { + + private final UserRepositoryOAuth userRepository; + + @Override + public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException { + return userRepository.findById(id).orElseThrow(() -> new UsernameNotFoundException(id)); + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java new file mode 100644 index 0000000..7e14f2f --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/user/service/UserServiceOAuth.java @@ -0,0 +1,59 @@ +package com.quickpick.ureca.OAuth.user.service; + +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.dto.UserSignUpRequestOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; +import jakarta.transaction.Transactional; +import lombok.RequiredArgsConstructor; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.stereotype.Service; + +import java.util.Optional; + +@Service +@RequiredArgsConstructor +public class UserServiceOAuth { + + private final UserRepositoryOAuth userRepository; + private final BCryptPasswordEncoder bCryptPasswordEncoder; + + @Transactional + //자체 로그인 유저 저장 + public void saveUser(UserSignUpRequestOAuth dto) { + userRepository.save(UserOAuth.builder() + .id(dto.getId()) + .password(bCryptPasswordEncoder.encode(dto.getPassword())) + .name(dto.getName()) + .age(dto.getAge()) + .gender(dto.getGender()) + .build()); + } + + @Transactional + //구글 소셜 로그인 유저 저장 + public UserOAuth saveFromOAuth2(OAuth2User oAuth2User) { + String email = oAuth2User.getAttribute("email"); + String name = oAuth2User.getAttribute("name"); + + return userRepository.save(UserOAuth.builder() //age와 gender는 더미로 채우기 + .id(email) + .password("SOCIAL_USER") // 비밀번호는 사용하지 않으므로 더미 + .name(name != null ? name : "소셜사용자") + .age(0) // 추후 입력 받을 수 있도록 기본값(더미값 입력) + .gender("unknown") // "male" / "female"도 가능 (더미값 입력) + .build()); + } + + //user_id(고유 번호)로 유저 검색 + public UserOAuth findByUserId(Long userId) { + return userRepository.findByUserId(userId) + .orElseThrow(()-> new IllegalArgumentException("User not found")); + } + + //id(아이디)로 유저 검색 + public Optional findById(String id) { + return userRepository.findById(id); + //.orElseThrow(()-> new IllegalArgumentException("User not found")); -> 각 사용 위치에서 예외를 처리하도록 변경 + } +} diff --git a/src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java b/src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java new file mode 100644 index 0000000..69e6d50 --- /dev/null +++ b/src/main/java/com/quickpick/ureca/OAuth/userticket/domain/UserTicket.java @@ -0,0 +1,28 @@ +package com.quickpick.ureca.OAuth.userticket.domain; + +import com.quickpick.ureca.OAuth.ticket.domain.Ticket; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import jakarta.persistence.*; +import lombok.Getter; +import lombok.NoArgsConstructor; + +@Entity +@Table +@Getter +@NoArgsConstructor +public class UserTicket { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "user_ticket_id") + private Long userTicketId; + + @ManyToOne(fetch = FetchType.LAZY) + @JoinColumn(name = "user_id") + private UserOAuth user; + + @ManyToOne(fetch = FetchType.LAZY) + @JoinColumn(name = "ticket_id") + private Ticket ticket; + +} \ No newline at end of file diff --git a/src/main/java/com/quickpick/ureca/UrecaApplication.java b/src/main/java/com/quickpick/ureca/UrecaApplication.java index 8be528e..d094861 100644 --- a/src/main/java/com/quickpick/ureca/UrecaApplication.java +++ b/src/main/java/com/quickpick/ureca/UrecaApplication.java @@ -1,13 +1,16 @@ package com.quickpick.ureca; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.data.jpa.repository.config.EnableJpaAuditing; import org.springframework.scheduling.annotation.EnableScheduling; @SpringBootApplication @EnableJpaAuditing @EnableScheduling +@EnableConfigurationProperties(JwtPropertiesOAuth.class) public class UrecaApplication { public static void main(String[] args) { diff --git a/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java new file mode 100644 index 0000000..ad0087d --- /dev/null +++ b/src/test/java/com/quickpick/ureca/config/jwt/JwtFactory.java @@ -0,0 +1,61 @@ +package com.quickpick.ureca.config.jwt; + +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; +import lombok.Builder; +import lombok.Getter; + +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +@Getter +public class JwtFactory { //test용 jwt 토큰 생성 + private String subject = "test@email.com"; + private Date issuedAt = new Date(); + private Date expiration + = new Date( new Date().getTime() + Duration.ofDays(14).toMillis() ); + private Map claims = Collections.emptyMap(); + + @Builder + public JwtFactory(String subject, Date issuedAt, Date expiration + , Map claims) { + this.subject = subject != null ? subject : this.subject; + this.issuedAt = issuedAt != null ? issuedAt : this.issuedAt; + this.expiration = expiration != null ? expiration : this.expiration; + this.claims = claims != null ? claims : this.claims; + } + + public static JwtFactory withDefaultValues() { + + return JwtFactory.builder().build(); + } // withDefaultValues + + public String createToken(JwtPropertiesOAuth jwtProperties) { + // 기본 클레임 설정 + Map tokenClaims = new HashMap<>(); + + // 표준 클레임 추가 + tokenClaims.put("sub", subject); // subject + tokenClaims.put("iss", jwtProperties.getIssuer()); // issuer + tokenClaims.put("iat", issuedAt); // issuedAt + tokenClaims.put("exp", expiration); // expiration + + // 사용자 정의 클레임 추가 (덮어쓰기 가능) + if (claims != null && !claims.isEmpty()) { + tokenClaims.putAll(claims); + } + + return Jwts.builder() + .claims(tokenClaims) + .signWith( + Keys.hmacShaKeyFor(jwtProperties.getSecretKey().getBytes(StandardCharsets.UTF_8)), + Jwts.SIG.HS256 // 서명 알고리즘 명시 필수 + ) + .compact(); + } +} diff --git a/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java new file mode 100644 index 0000000..ff61375 --- /dev/null +++ b/src/test/java/com/quickpick/ureca/config/jwt/TokenProviderTest.java @@ -0,0 +1,120 @@ +package com.quickpick.ureca.config.jwt; + +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; +import com.quickpick.ureca.OAuth.auth.config.TokenProviderOAuth; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; +import io.jsonwebtoken.JwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.userdetails.UserDetails; + +import java.nio.charset.StandardCharsets; +import java.time.Duration; +import java.util.Date; +import java.util.Map; + +import static org.assertj.core.api.Assertions.assertThat; + +@SpringBootTest +public class TokenProviderTest { + @Autowired + private TokenProviderOAuth tokenProvider; + @Autowired + private UserRepositoryOAuth userRepository; + @Autowired + private JwtPropertiesOAuth jwtProperties; + + @DisplayName("토큰 생성 테스트") + @Test + void generateToken() { + UserOAuth testUser = userRepository.save(UserOAuth.builder() + .id("user@gmail.com") + .password("password") + .name("testUser") + .age(12) + .gender("male") + .build()); + + String token = tokenProvider.generateToken(testUser, Duration.ofDays(14)); + + Long userId = Jwts.parser() + .verifyWith( Keys.hmacShaKeyFor( + jwtProperties.getSecretKey().getBytes( StandardCharsets.UTF_8 ) ) ) + .build() + .parseSignedClaims(token) + .getPayload().get("user_id", Long.class); + + assertThat(userId).isEqualTo(testUser.getUserId()); + } + + @DisplayName("토큰 검증 테스트-일부러 틀리도록?") + @Test + void validateToken_fail() { + String token = JwtFactory.builder() + .expiration(new Date( new Date().getTime() - Duration.ofDays(7).toMillis() )) + .build() + .createToken(jwtProperties); + + boolean result; + try { + tokenProvider.validToken(token); + + result = true; + } catch (JwtException e) { + result = false; + } + assertThat(result).isFalse(); + } + + @DisplayName("토큰 검증 테스트-성공") + @Test + void validateToken_success() { + String token = JwtFactory.withDefaultValues() + .createToken(jwtProperties); + + boolean result; + try { + tokenProvider.validToken(token); + + result = true; + } catch (JwtException e) { + result = false; + } + assertThat(result).isTrue(); + } + + @DisplayName("토큰으로 인증 정보 가져오기") + @Test + public void getAuthentication() { + String userEmail = "user@gmail.com"; + String token = JwtFactory.builder() + .subject(userEmail) + .build() + .createToken(jwtProperties); + + Authentication authentication = tokenProvider.getAuthentication(token); + + assertThat( ( (UserDetails) authentication.getPrincipal() ).getUsername() ) + .isEqualTo(userEmail); + } // getAuthentication + + @DisplayName("토큰으로 유저 ID를 가져오기 테스트") + @Test + public void getUserId() { + Long userId = 1L; + String token = JwtFactory.builder() + .claims(Map.of("user_id", userId)) + .build() + .createToken(jwtProperties); + + Long userIdByToken = tokenProvider.getUserId(token); + + assertThat(userIdByToken).isEqualTo(userId); + } // getUserId +} diff --git a/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java new file mode 100644 index 0000000..9c32c09 --- /dev/null +++ b/src/test/java/com/quickpick/ureca/controller/TokenControllerTest.java @@ -0,0 +1,82 @@ +package com.quickpick.ureca.controller; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.quickpick.ureca.OAuth.auth.config.JwtPropertiesOAuth; +import com.quickpick.ureca.OAuth.auth.domain.RefreshTokenOAuth; +import com.quickpick.ureca.OAuth.auth.dto.CreateAccessTokenRequestOAuth; +import com.quickpick.ureca.OAuth.auth.repository.RefreshTokenRepositoryOAuth; +import com.quickpick.ureca.config.jwt.JwtFactory; +import com.quickpick.ureca.OAuth.user.domain.UserOAuth; +import com.quickpick.ureca.OAuth.user.repository.UserRepositoryOAuth; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.http.MediaType; +import org.springframework.test.web.servlet.MockMvc; +import org.springframework.test.web.servlet.ResultActions; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; +import org.springframework.web.context.WebApplicationContext; + +import java.util.Map; + +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +@SpringBootTest +@AutoConfigureMockMvc +public class TokenControllerTest { + + @Autowired + protected MockMvc mockMvc; + @Autowired + protected ObjectMapper objectMapper; + @Autowired + private WebApplicationContext context; + @Autowired + private JwtPropertiesOAuth jwtProperties; + @Autowired + private UserRepositoryOAuth userRepository; + @Autowired + private RefreshTokenRepositoryOAuth refreshTokenRepository; + + @BeforeEach + public void mockMvcSetUp() { + this.mockMvc = MockMvcBuilders.webAppContextSetup(context).build(); + userRepository.deleteAll(); + } // mockMvcSetUp + + @DisplayName("createNewAccessToken : 새로운 액세스 토큰을 발급한다.") + @Test + public void createNewAccessToken() throws Exception { + final String url = "/auth/token"; + UserOAuth testUser = userRepository.save( UserOAuth.builder() + .id("user@gmail.com") + .password("test") + .name("test") + .age(123) + .gender("male") + .build() ); + String refreshToken = JwtFactory.builder() + .claims( Map.of( "user_id", testUser.getUserId() ) ) + .build() + .createToken(jwtProperties); + refreshTokenRepository.save( new RefreshTokenOAuth(testUser.getUserId(), refreshToken) ); + + CreateAccessTokenRequestOAuth request = new CreateAccessTokenRequestOAuth(); + request.setRefreshToken(refreshToken); + final String requestBody = objectMapper.writeValueAsString(request); + + ResultActions resultActions = mockMvc.perform( post(url) + .contentType(MediaType.APPLICATION_JSON_VALUE) + .content(requestBody) ); + + resultActions + .andExpect(status().isCreated()) + .andExpect( jsonPath("$.accessToken").isNotEmpty() ); + } // createNewAccessToken + +} // class