-
Notifications
You must be signed in to change notification settings - Fork 1
[BE-Feat] 구글 토큰 관리 기능 구현 #112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
20 commits
Select commit
Hold shift + click to select a range
0a37639
fix: 로그인 할 때 refresh_token을 항상 가져오도록 수정
kwon204 6aa22c4
refactor: google oauth 관련 기능 추출
kwon204 8b8af08
refactor: getAccessToken -> getGoogleTokens 로 수정
kwon204 b2bdf54
refactor: RestTemplate -> RestClient로 변경
kwon204 8e8afd4
feat: 구글 access token 재발급 기능 추가
kwon204 db490fc
feat: OAuth 요청 관련 예외 처리 추가
kwon204 1b05e2a
feat: 재발급한 access token 업데이트 기능 추가
kwon204 bfb14d3
refactor: 반복 사용 코드 메소드 추출
kwon204 4f84a63
refactor: User에서 인증 관련 기능을 Auth로 빼서 관리
kwon204 b9536a3
feat: 재발급한 구글 액세스 토큰을 db에 저장하는 기능 추가
kwon204 1b79eb0
refactor: 반복 사용되는 코드 메소드 추출
kwon204 bb2fa52
test: 사용하지 않는 UserServiceTest 삭제
kwon204 57ae903
refactor: reissueAccessToken은 토큰 재발급만 하도록 변경
kwon204 7e4ddff
fix: 구글 OAuth code와 사용자 정보 유효성 검사 코드 추가
kwon204 a0802fe
fix: Unauthorize -> Bad Request로 수정
kwon204 9cf4c37
fix: 로그인한 사용자에게 토큰 업데이트 하지 않는 버그 수정
kwon204 a3bb8c4
feat: readOnly 추가
kwon204 4c3f9d6
refactor: 좀 더 명확한 메소드 이름으로 수정
kwon204 1993600
fix: 사용하지 않는 status 삭제
kwon204 0874c90
fix: , 추가
kwon204 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
33 changes: 33 additions & 0 deletions
33
backend/src/main/java/endolphin/backend/domain/auth/AuthController.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| package endolphin.backend.domain.auth; | ||
|
|
||
| import endolphin.backend.domain.auth.dto.OAuthResponse; | ||
| import endolphin.backend.domain.auth.dto.UrlResponse; | ||
| import io.swagger.v3.oas.annotations.Operation; | ||
| import io.swagger.v3.oas.annotations.tags.Tag; | ||
| import lombok.RequiredArgsConstructor; | ||
| import org.springframework.http.ResponseEntity; | ||
| import org.springframework.web.bind.annotation.GetMapping; | ||
| import org.springframework.web.bind.annotation.RequestParam; | ||
| import org.springframework.web.bind.annotation.RestController; | ||
|
|
||
| @Tag(name = "Auth", description = "인증 관리 API") | ||
| @RestController | ||
| @RequiredArgsConstructor | ||
| public class AuthController { | ||
|
|
||
| private final AuthService authService; | ||
|
|
||
| @Operation(summary = "구글 로그인 URL", description = "구글 로그인 URL을 반환합니다.") | ||
| @GetMapping("/api/v1/google") | ||
| public ResponseEntity<UrlResponse> loginUrl() { | ||
| UrlResponse response = authService.getGoogleLoginUrl(); | ||
| return ResponseEntity.ok(response); | ||
| } | ||
|
|
||
| @Operation(summary = "구글 로그인 콜백", description = "사용자가 Google 계정으로 로그인하여 JWT 토큰을 발급받습니다.") | ||
| @GetMapping("/oauth2/callback") | ||
| public ResponseEntity<OAuthResponse> oauthCallback(@RequestParam("code") String code) { | ||
| OAuthResponse response = authService.oauth2Callback(code); | ||
| return ResponseEntity.ok(response); | ||
| } | ||
| } |
58 changes: 58 additions & 0 deletions
58
backend/src/main/java/endolphin/backend/domain/auth/AuthService.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| package endolphin.backend.domain.auth; | ||
|
|
||
| import endolphin.backend.domain.user.UserService; | ||
| import endolphin.backend.global.error.exception.ErrorCode; | ||
| import endolphin.backend.global.error.exception.OAuthException; | ||
| import endolphin.backend.global.google.dto.GoogleTokens; | ||
| import endolphin.backend.global.google.dto.GoogleUserInfo; | ||
| import endolphin.backend.domain.auth.dto.OAuthResponse; | ||
| import endolphin.backend.domain.auth.dto.UrlResponse; | ||
| import endolphin.backend.domain.user.entity.User; | ||
| import endolphin.backend.global.config.GoogleOAuthProperties; | ||
| import endolphin.backend.global.google.GoogleOAuthService; | ||
| import endolphin.backend.global.security.JwtProvider; | ||
| import lombok.RequiredArgsConstructor; | ||
| import org.springframework.stereotype.Service; | ||
| import org.springframework.transaction.annotation.Transactional; | ||
|
|
||
| @Service | ||
| @RequiredArgsConstructor | ||
| public class AuthService { | ||
|
|
||
| private final GoogleOAuthProperties googleOAuthProperties; | ||
| private final GoogleOAuthService googleOAuthService; | ||
| private final UserService userService; | ||
| private final JwtProvider jwtProvider; | ||
|
|
||
| public UrlResponse getGoogleLoginUrl() { | ||
| return new UrlResponse(String.format( | ||
| "%s?client_id=%s&redirect_uri=%s&response_type=code&scope=%s&access_type=offline&prompt=consent", | ||
| googleOAuthProperties.authUrl(), googleOAuthProperties.clientId(), | ||
| googleOAuthProperties.redirectUri(), googleOAuthProperties.scope())); | ||
| } | ||
|
|
||
| @Transactional | ||
| public OAuthResponse oauth2Callback(String code) { | ||
| if (code == null || code.isBlank()) { | ||
| throw new OAuthException(ErrorCode.INVALID_OAUTH_CODE); | ||
| } | ||
| GoogleTokens tokenResponse = googleOAuthService.getGoogleTokens(code); | ||
| GoogleUserInfo userInfo = googleOAuthService.getUserInfo(tokenResponse.accessToken()); | ||
| validateUserInfo(userInfo); | ||
| User user = userService.upsertUser(userInfo, tokenResponse); | ||
| String accessToken = jwtProvider.createToken(user.getId(), user.getEmail()); | ||
| return new OAuthResponse(accessToken); | ||
| } | ||
|
|
||
| private void validateUserInfo(GoogleUserInfo userInfo) { | ||
| if (userInfo == null) { | ||
| throw new OAuthException(ErrorCode.INVALID_OAUTH_USER_INFO); | ||
| } | ||
| if (userInfo.email() == null || userInfo.email().isBlank()) { | ||
| throw new OAuthException(ErrorCode.INVALID_OAUTH_USER_INFO); | ||
| } | ||
| if (userInfo.picture() == null || userInfo.picture().isBlank()) { | ||
| throw new OAuthException(ErrorCode.INVALID_OAUTH_USER_INFO); | ||
| } | ||
| } | ||
| } |
2 changes: 1 addition & 1 deletion
2
...ackend/domain/user/dto/OAuthResponse.java → ...ackend/domain/auth/dto/OAuthResponse.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
.../backend/domain/user/dto/UrlResponse.java → .../backend/domain/auth/dto/UrlResponse.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
86 changes: 11 additions & 75 deletions
86
backend/src/main/java/endolphin/backend/domain/user/UserService.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,112 +1,48 @@ | ||
| package endolphin.backend.domain.user; | ||
|
|
||
| import endolphin.backend.domain.user.dto.GoogleUserInfo; | ||
| import endolphin.backend.domain.user.dto.GoogleTokens; | ||
| import endolphin.backend.domain.user.dto.OAuthResponse; | ||
| import endolphin.backend.domain.user.dto.UrlResponse; | ||
| import endolphin.backend.global.google.dto.GoogleUserInfo; | ||
| import endolphin.backend.global.google.dto.GoogleTokens; | ||
| import endolphin.backend.domain.user.entity.User; | ||
| import endolphin.backend.global.config.GoogleOAuthProperties; | ||
| import endolphin.backend.global.error.exception.ApiException; | ||
| import endolphin.backend.global.error.exception.ErrorCode; | ||
| import endolphin.backend.global.security.JwtProvider; | ||
| import endolphin.backend.global.security.UserContext; | ||
| import endolphin.backend.global.security.UserInfo; | ||
| import lombok.RequiredArgsConstructor; | ||
| import lombok.extern.slf4j.Slf4j; | ||
| import org.springframework.http.HttpEntity; | ||
| import org.springframework.http.HttpHeaders; | ||
| import org.springframework.http.HttpMethod; | ||
| import org.springframework.http.MediaType; | ||
| import org.springframework.http.ResponseEntity; | ||
| import org.springframework.stereotype.Service; | ||
| import org.springframework.transaction.annotation.Transactional; | ||
| import org.springframework.util.LinkedMultiValueMap; | ||
| import org.springframework.util.MultiValueMap; | ||
| import org.springframework.web.client.RestTemplate; | ||
|
|
||
| @Service | ||
| @RequiredArgsConstructor | ||
| @Transactional | ||
| @Slf4j | ||
| public class UserService { | ||
|
|
||
| private final GoogleOAuthProperties googleOAuthProperties; | ||
| private final UserRepository userRepository; | ||
| private final JwtProvider jwtProvider; | ||
| private final RestTemplate restTemplate; | ||
|
|
||
| public UrlResponse getGoogleLoginUrl() { | ||
| return new UrlResponse(String.format( | ||
| "%s?client_id=%s&redirect_uri=%s&response_type=code&scope=%s&access_type=offline", | ||
| googleOAuthProperties.authUrl(), googleOAuthProperties.clientId(), | ||
| googleOAuthProperties.redirectUri(), googleOAuthProperties.scope())); | ||
| } | ||
|
|
||
| public OAuthResponse oauth2Callback(String code) { | ||
| GoogleTokens tokenResponse = getAccessToken(code); | ||
| GoogleUserInfo userInfo = getUserInfo(tokenResponse.accessToken()); | ||
| User user = createUser(userInfo, tokenResponse); | ||
| String accessToken = jwtProvider.createToken(user.getId(), user.getEmail()); | ||
| return new OAuthResponse(accessToken); | ||
| } | ||
|
|
||
| @Transactional(readOnly = true) | ||
| public User getCurrentUser() { | ||
| UserInfo userInfo = UserContext.get(); | ||
| return userRepository.findById(userInfo.userId()) | ||
| .orElseThrow(() -> new ApiException(ErrorCode.USER_NOT_FOUND)); | ||
| } | ||
|
|
||
| private User createUser(GoogleUserInfo userInfo, GoogleTokens tokenResponse) { | ||
| public void updateAccessToken(User user, String accessToken) { | ||
| user.setAccessToken(accessToken); | ||
| userRepository.save(user); | ||
| } | ||
|
|
||
| public User upsertUser(GoogleUserInfo userInfo, GoogleTokens tokenResponse) { | ||
| User user = userRepository.findByEmail(userInfo.email()) | ||
| .orElseGet(() -> { | ||
| return User.builder() | ||
| .email(userInfo.email()) | ||
| .name(userInfo.name()) | ||
| .picture(userInfo.picture()) | ||
| .accessToken(tokenResponse.accessToken()) | ||
| .refreshToken(tokenResponse.refreshToken()) | ||
| .build(); | ||
| }); | ||
| user.setAccessToken(tokenResponse.accessToken()); | ||
| user.setRefreshToken(tokenResponse.refreshToken()); | ||
| userRepository.save(user); | ||
| return user; | ||
| } | ||
|
|
||
| private GoogleTokens getAccessToken(String code) { | ||
| HttpHeaders headers = new HttpHeaders(); | ||
| headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); | ||
|
|
||
| HttpEntity<MultiValueMap<String, String>> request = getHttpEntity( | ||
| code, headers); | ||
| ResponseEntity<GoogleTokens> response = restTemplate.postForEntity( | ||
| googleOAuthProperties.tokenUrl(), request, | ||
| GoogleTokens.class); | ||
|
|
||
| return response.getBody(); | ||
| } | ||
|
|
||
| private HttpEntity<MultiValueMap<String, String>> getHttpEntity(String code, | ||
| HttpHeaders headers) { | ||
| MultiValueMap<String, String> params = new LinkedMultiValueMap<>(); | ||
| params.add("client_id", googleOAuthProperties.clientId()); | ||
| params.add("client_secret", googleOAuthProperties.clientSecret()); | ||
| params.add("redirect_uri", googleOAuthProperties.redirectUri()); | ||
| params.add("code", code); | ||
| params.add("grant_type", "authorization_code"); | ||
| params.add("access_type", "offline"); | ||
|
|
||
| HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers); | ||
| return request; | ||
| } | ||
|
|
||
| private GoogleUserInfo getUserInfo(String accessToken) { | ||
| HttpHeaders headers = new HttpHeaders(); | ||
| headers.setBearerAuth(accessToken); | ||
|
|
||
| HttpEntity<String> entity = new HttpEntity<>(headers); | ||
|
|
||
| ResponseEntity<GoogleUserInfo> result = restTemplate.exchange(googleOAuthProperties.userInfoUrl(), | ||
| HttpMethod.GET, entity, GoogleUserInfo.class); | ||
|
|
||
| return result.getBody(); | ||
| } | ||
| } | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
backend/src/main/java/endolphin/backend/global/error/exception/OAuthException.java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| package endolphin.backend.global.error.exception; | ||
|
|
||
| import lombok.Getter; | ||
| import org.springframework.http.HttpStatus; | ||
|
|
||
| @Getter | ||
| public class OAuthException extends RuntimeException { | ||
|
|
||
| private final ErrorCode errorCode; | ||
|
|
||
| public OAuthException(HttpStatus status, String message) { | ||
| super(message); | ||
| switch (status) { | ||
| case UNAUTHORIZED -> errorCode = ErrorCode.OAUTH_UNAUTHORIZED_ERROR; | ||
| case FORBIDDEN -> errorCode = ErrorCode.OAUTH_FORBIDDEN_ERROR; | ||
| case BAD_REQUEST -> errorCode = ErrorCode.OAUTH_BAD_REQUEST_ERROR; | ||
| default -> errorCode = ErrorCode.INTERNAL_ERROR; | ||
| } | ||
| } | ||
|
|
||
| public OAuthException(ErrorCode errorCode) { | ||
| super(errorCode.getMessage()); | ||
| this.errorCode = errorCode; | ||
| } | ||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.