feat : 클라이언트 ip를 Oauth코드발급 요청 시점에서 받게 수정

Author: 0xC0FFE2

build.gradle.kts

@@ -74,3 +74,8 @@ allOpen {
 tasks.withType<Test> {
 	useJUnitPlatform()
 }
+
+
+tasks.bootJar {
+	duplicatesStrategy = DuplicatesStrategy.EXCLUDE
+}

src/main/kotlin/nanucloud/nanuid/domain/oauth/domain/OAuthClientAuthCode.kt

@@ -12,5 +12,6 @@ data class OAuthClientAuthCode(
     val userId: String,
     val applicationId: String,
     val authScope: Int,
-    val deviceType: DeviceType
+    val deviceType: DeviceType,
+    val userIp : String
 )

src/main/kotlin/nanucloud/nanuid/domain/oauth/entity/OAuthClientAuthCodeRedisEntity.kt

@@ -17,5 +17,6 @@ class OAuthClientAuthCodeRedisEntity(
 
     val applicationId : String,
     val authScope: Int,
-    val deviceType: DeviceType
+    val deviceType: DeviceType,
+    val userIp: String,
 )

src/main/kotlin/nanucloud/nanuid/domain/oauth/mapper/OAuthClientAuthCodeMapper.kt

@@ -13,7 +13,8 @@ class OAuthClientAuthCodeMapper {
                 userId = userId,
                 applicationId = applicationId,
                 authScope = authScope,
-                deviceType = deviceType
+                deviceType = deviceType,
+                userIp = userIp
             )
         }
     }
@@ -25,7 +26,8 @@ class OAuthClientAuthCodeMapper {
                 userId = userId,
                 applicationId = applicationId,
                 authScope = authScope,
-                deviceType = deviceType
+                deviceType = deviceType,
+                userIp = userIp
             )
         }
     }

src/main/kotlin/nanucloud/nanuid/domain/oauth/service/OAuthCodeIssueService.kt

@@ -49,7 +49,8 @@ class OAuthCodeIssueService(
             authCodeDomain.applicationId,
             application.name,
             authCodeDomain.deviceType,
-            authScopes
+            authScopes,
+            authCodeDomain.userIp
         )
     }
 }

src/main/kotlin/nanucloud/nanuid/domain/user/service/UserOAuthPrimaryLoginService.kt

@@ -1,5 +1,6 @@
 package nanucloud.nanuid.domain.user.service
 
+import jakarta.servlet.http.HttpServletRequest
 import jakarta.transaction.Transactional
 import nanucloud.nanuid.domain.application.persistence.repository.ApplicationJpaRepository
 import nanucloud.nanuid.domain.auth.domain.AuthScope
@@ -13,6 +14,7 @@ import nanucloud.nanuid.domain.user.exception.*
 import nanucloud.nanuid.domain.user.persistence.repository.UserJpaRepository
 import nanucloud.nanuid.domain.user.presentation.dto.request.UserOAuthLoginRequest
 import nanucloud.nanuid.domain.user.presentation.dto.response.UserOAuthLoginResponse
+import nanucloud.nanuid.global.base.IpUtils
 import nanucloud.nanuid.global.security.jwt.JwtProvider
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.security.crypto.password.PasswordEncoder
@@ -28,6 +30,8 @@ class UserOAuthPrimaryLoginService(
     private val applicationJpaRepository: ApplicationJpaRepository,
     private val permissionJpaRepository: PermissionJpaRepository,
     private val oAuthClientAuthCodeRedisRepository: OAuthClientAuthCodeRedisRepository,
+    private val ipUtils: IpUtils,
+    private val request: HttpServletRequest,
     @Value("\${recaptcha.secret-key}") private val recaptchaSecretKey: String
 ) {
     @Transactional
@@ -64,7 +68,8 @@ class UserOAuthPrimaryLoginService(
             userId = user.id.toString(),
             applicationId = userOAuthLoginRequest.applicationId,
             authScope = userOAuthLoginRequest.authScope,
-            deviceType = userOAuthLoginRequest.deviceType ?: DeviceType.WEB_UNKNOWN
+            deviceType = userOAuthLoginRequest.deviceType ?: DeviceType.WEB_UNKNOWN,
+            userIp = ipUtils.getClientIp(request)
         )
 
         oAuthClientAuthCodeRedisRepository.save(

src/main/kotlin/nanucloud/nanuid/domain/user/service/UserReissueService.kt

@@ -18,7 +18,7 @@ class UserReissueService(
         if (!jwtProvider.validateRefreshToken(refreshToken)) {
             throw ExpiredTokenException
         }
-        val accountId = jwtProvider.getuserIdFromToken(refreshToken)
+        val accountId = jwtProvider.getUserIdFromToken(refreshToken)
         val authScopes = jwtProvider.getAuthScopeFromToken(refreshToken)
         val accessToken = jwtProvider.generateJwtToken(accountId, JwtProvider.ACCESS_KEY, jwtProperties.accessExp, authScopes)
 

src/main/kotlin/nanucloud/nanuid/global/security/jwt/JwtProvider.kt

@@ -43,11 +43,16 @@ class JwtProvider(
     }
 
     @Transactional
-    fun generateToken(userId: String, applicationId: String,applicationName: String, deviceType: DeviceType, authScope:  Set<AuthScope>): TokenResponse {
+    fun generateToken(userId: String, applicationId: String, applicationName: String, deviceType: DeviceType, authScope: Set<AuthScope>, userIp: String? = null): TokenResponse {
         val accessToken = generateJwtToken(userId, ACCESS_KEY, jwtProperties.accessExp, authScope)
         val refreshToken = generateJwtToken(userId, REFRESH_KEY, jwtProperties.refreshExp, authScope)
         val authTime = LocalDateTime.now()
-        val userIp = ipUtils.getClientIp(request)
+
+        val userConnectIp = if (!userIp.isNullOrEmpty()) {
+            userIp
+        } else {
+            ipUtils.getClientIp(request)
+        }
 
         val refreshTokenEntity = RefreshToken(
             refreshToken = refreshToken,
@@ -56,7 +61,7 @@ class JwtProvider(
             applicationName = applicationName,
             deviceType = deviceType,
             authTime = authTime,
-            ip = userIp,
+            ip = userConnectIp
         )
         refreshTokenJpaRepository.save(refreshTokenMapper.toEntity(refreshTokenEntity))
 
@@ -154,7 +159,7 @@ class JwtProvider(
         return AuthScope.values().filter { scope -> (bitmask and scope.bit) != 0 }.toSet()
     }
 
-    fun getuserIdFromToken(token: String): String {
+    fun getUserIdFromToken(token: String): String {
         val body = getJws(token).body
         return body.subject
     }