fix(oauth): 로그인 마다 refresh token 갱신되던 오류 수정

[huhdy32]

• 수정 대상
  • 로그인 마다 refresh token 을 갱신하는 로직이였음.
  • 구글 oauth에서, 회원가입 이후의 로그인에서 refresh token이 오지 않음에 따라
  • 서버에 저장되는 refresh token이 null로 변경되는 오류 존재.
  • 이에 따라 회원 탈퇴 시, refresh token 이 null임으로 인해 실패
• 해결 결과
  • 따라서, 로그인마다 refresh token 갱신하던 로직 삭제
  • 첫 회원가입 시에 발급받은 refresh token으로 회원탈퇴에 적용 ( 구글의 경우 )

Summary by CodeRabbit

• Refactor
  • Simplified OAuth login flow by removing token refresh during authentication. Login functionality remains unchanged, but OAuth tokens will no longer be updated upon each login attempt.

[coderabbitai]

Walkthrough

The change removes the refresh token update mechanism from the OAuth login flow by deleting the refreshTokenInfo() private method call from the login process and removing its implementation entirely. Token refresh no longer occurs upon login.

Changes

Cohort / File(s)	Summary
OAuth Token Refresh Removal domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/service/OAuthLoginService.java	Deleted private method refreshTokenInfo(final MemberInfo memberInfo, final Member member) and removed its invocation from the login flow, eliminating automatic refresh token updates during login

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Clarify intent: Confirm whether removing the refresh token update is intentional or addresses a specific issue
• OAuth flow impact: Verify implications of no longer refreshing tokens on login for token lifecycle and expiration handling

Poem

🐰 A token less refreshed, a simpler way,
The login dance grows leaner, day by day,
No extra calls, just straight and clean,
A rabbit's code: precise, serene! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: fixing an error where the refresh token was being updated on every login. This directly matches the changeset which removes the refresh token update logic.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/oauth

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 837b721 and 9abfdce.

📒 Files selected for processing (1)

• domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/service/OAuthLoginService.java (0 hunks)

💤 Files with no reviewable changes (1)

• domain/mathrank-auth-domain/src/main/java/kr/co/mathrank/domain/auth/service/OAuthLoginService.java

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: test

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @huhdy32, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

이 PR은 OAuth 로그인 과정에서 리프레시 토큰이 잘못 갱신되어 발생하던 문제를 해결합니다. 특히 구글 OAuth 사용자의 경우, 재로그인 시 리프레시 토큰이 제공되지 않아 기존에 저장된 토큰이 널(null)로 변경되고, 이로 인해 회원 탈퇴와 같은 중요한 기능이 제대로 작동하지 않던 오류를 수정했습니다. 이제 최초 로그인 시 발급받은 리프레시 토큰을 유지하여 안정적인 사용자 경험을 제공합니다.

Highlights

• 리프레시 토큰 갱신 로직 제거: 로그인 시마다 리프레시 토큰을 갱신하던 기존 로직을 제거했습니다.
• 널(null) 토큰 문제 해결: 구글 OAuth의 경우 재로그인 시 리프레시 토큰이 제공되지 않아 서버에 저장된 토큰이 널(null)이 되던 문제를 해결했습니다.
• 회원 탈퇴 오류 방지: 리프레시 토큰이 널(null)이 되어 회원 탈퇴가 실패하던 문제를 방지하고, 최초 가입 시 발급받은 토큰을 사용하도록 변경했습니다.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

안녕하세요. 코드 변경 사항을 검토했습니다.

이번 변경은 로그인할 때마다 OAuth 리프레시 토큰을 갱신하는 로직을 제거하여 중요한 버그를 수정한 것입니다. 특히 구글 OAuth와 같이 첫 인증 시에만 리프레시 토큰을 발급하는 제공자의 경우, 후속 로그인에서 리프레시 토큰이 null로 덮어쓰여져 회원 탈퇴 등의 기능이 실패하는 문제를 해결하셨습니다.

문제의 원인을 정확히 파악하고, 불필요한 refreshTokenInfo 메서드와 해당 호출을 제거함으로써 코드를 더 안정적이고 명확하게 만드셨습니다. 훌륭한 수정입니다.