diff --git a/src/main/java/com/api/TaveShot/domain/Member/domain/Member.java b/src/main/java/com/api/TaveShot/domain/Member/domain/Member.java index 54b59a8..824a8ff 100644 --- a/src/main/java/com/api/TaveShot/domain/Member/domain/Member.java +++ b/src/main/java/com/api/TaveShot/domain/Member/domain/Member.java @@ -25,5 +25,6 @@ public class Member extends BaseEntity { private String gitLoginId; private String gitEmail; private String gitName; + private String profileImageUrl; } diff --git a/src/main/java/com/api/TaveShot/domain/Member/dto/response/AuthResponse.java b/src/main/java/com/api/TaveShot/domain/Member/dto/response/AuthResponse.java index e74596e..8a83fb2 100644 --- a/src/main/java/com/api/TaveShot/domain/Member/dto/response/AuthResponse.java +++ b/src/main/java/com/api/TaveShot/domain/Member/dto/response/AuthResponse.java @@ -3,5 +3,5 @@ import lombok.Builder; @Builder -public record AuthResponse(Long memberId, String gitLoginId, String gitProfileImageUrl) { +public record AuthResponse(Long memberId, String gitLoginId, String mail, String gitProfileImageUrl) { } diff --git a/src/main/java/com/api/TaveShot/global/config/SecurityConfig.java b/src/main/java/com/api/TaveShot/global/config/SecurityConfig.java index dbe7d06..b56ec77 100644 --- a/src/main/java/com/api/TaveShot/global/config/SecurityConfig.java +++ b/src/main/java/com/api/TaveShot/global/config/SecurityConfig.java @@ -2,6 +2,7 @@ import com.api.TaveShot.global.jwt.JwtAuthenticationFilter; import com.api.TaveShot.global.oauth2.CustomOAuth2UserService; +import com.api.TaveShot.global.oauth2.CustomOAuthSuccessHandler; import java.util.List; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; @@ -22,6 +23,7 @@ public class SecurityConfig { private final CustomOAuth2UserService customOAuth2UserService; private final JwtAuthenticationFilter jwtAuthenticationFilter; + private final CustomOAuthSuccessHandler customOAuthSuccessHandler; @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @@ -47,18 +49,19 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { , "/api-docs/swagger-config" , "/members/login" ,"/oauth/**" + ,"/favicon.ico" ,"/login/**" // , "/**" ).permitAll() .anyRequest().authenticated()); http .oauth2Login() - .authorizationEndpoint().baseUri("/oauth/authorize") - .and() - .redirectionEndpoint().baseUri("/login/oauth2/github/code") - .and() + .authorizationEndpoint().baseUri("/login/oauth2/code/github") + .and() .userInfoEndpoint() - .userService(customOAuth2UserService); + .userService(customOAuth2UserService) + .and() + .successHandler(customOAuthSuccessHandler); http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); return http.build(); diff --git a/src/main/java/com/api/TaveShot/global/constant/OauthConstant.java b/src/main/java/com/api/TaveShot/global/constant/OauthConstant.java index 19c4afe..0f384ad 100644 --- a/src/main/java/com/api/TaveShot/global/constant/OauthConstant.java +++ b/src/main/java/com/api/TaveShot/global/constant/OauthConstant.java @@ -7,8 +7,9 @@ private OauthConstant() { } public static final String ID_PATTERN = "id"; - public static final String AVATAR_URL_PATTERN = "avatar_url"; + public static final String PROFILE_IMAGE_URL_PATTERN = "avatar_url"; public static final String LOGIN_PATTERN = "login"; + // ToDo 추후 Github에서 제공하는 Name 을 사용할지 결정 public static final String NAME_PATTERN = "name"; public static final String EMAIL_PATTERN = "email"; public static final long ACCESS_TOKEN_VALID_TIME = 15 * 60 * 1000L; diff --git a/src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java b/src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java index 8ef3d9d..0eb0001 100644 --- a/src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java +++ b/src/main/java/com/api/TaveShot/global/jwt/JwtProvider.java @@ -2,7 +2,6 @@ import static com.api.TaveShot.global.constant.OauthConstant.ACCESS_TOKEN_VALID_TIME; -import com.api.TaveShot.domain.Member.domain.Member; import com.api.TaveShot.domain.Member.repository.MemberRepository; import io.jsonwebtoken.Claims; import io.jsonwebtoken.ExpiredJwtException; @@ -10,14 +9,11 @@ import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.security.Keys; import java.nio.charset.StandardCharsets; -import java.util.ArrayList; import java.util.Date; import javax.crypto.SecretKey; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; @Component @@ -79,25 +75,14 @@ public void isValidToken(final String jwtToken) { public void getAuthenticationFromToken(final String jwtToken) { log.info("-------------- getAuthenticationFromToken jwt token: " + jwtToken); - String gitName = getGitName(jwtToken); - registerAuthentication(jwtToken, gitName); + getGitLoginId(jwtToken); } // token 으로부터 유저 정보 확인 - private String getGitName(final String jwtToken) { + private void getGitLoginId(final String jwtToken) { Long userId = Long.valueOf(getUserIdFromToken(jwtToken)); - Member findMember = memberRepository.findById(userId).orElseThrow(() -> new RuntimeException("token 으로 Member를 찾을 수 없음")); - return findMember.getGitName(); - } - - private void registerAuthentication(final String jwtToken, final String gitName) { - // JWT 토큰이 유효하면, 사용자 정보를 연결 세션에 추가 - UsernamePasswordAuthenticationToken authenticationToken = - new UsernamePasswordAuthenticationToken(gitName, jwtToken, new ArrayList<>()); - - // SecurityContextHolder 유저 등록 - SecurityContextHolder.getContext().setAuthentication(authenticationToken); + memberRepository.findById(userId).orElseThrow(() -> new RuntimeException("token 으로 Member를 찾을 수 없음")); } // 토큰에서 유저 아이디 얻기 diff --git a/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuth2UserService.java b/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuth2UserService.java index 88fb303..41730b7 100644 --- a/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuth2UserService.java +++ b/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuth2UserService.java @@ -3,7 +3,7 @@ import static com.api.TaveShot.global.constant.OauthConstant.EMAIL_PATTERN; import static com.api.TaveShot.global.constant.OauthConstant.ID_PATTERN; import static com.api.TaveShot.global.constant.OauthConstant.LOGIN_PATTERN; -import static com.api.TaveShot.global.constant.OauthConstant.NAME_PATTERN; +import static com.api.TaveShot.global.constant.OauthConstant.PROFILE_IMAGE_URL_PATTERN; import com.api.TaveShot.domain.Member.domain.Member; import com.api.TaveShot.domain.Member.repository.MemberRepository; @@ -37,27 +37,27 @@ private Member processOAuthUser(final Map userInfo) { String gitLoginId = (String) userInfo.get(LOGIN_PATTERN); Long gitId = ((Integer) userInfo.get(ID_PATTERN)).longValue(); String gitEmail = (String) userInfo.get(EMAIL_PATTERN); - String gitName = (String) userInfo.get(NAME_PATTERN); + String profileImageUrl = (String) userInfo.get(PROFILE_IMAGE_URL_PATTERN); return memberRepository.findByGitId(gitId) - .orElseGet(() -> registerNewMember(gitId, gitLoginId, gitEmail, gitName)); + .orElseGet(() -> registerNewMember(gitId, gitLoginId, gitEmail, profileImageUrl)); } private Member registerNewMember(final Long gitId, final String gitLoginId, - final String gitEmail, final String gitName) { + final String gitEmail, final String profileImageUrl) { Member newMember = Member.builder() .gitId(gitId) .gitLoginId(gitLoginId) .gitEmail(gitEmail) - .gitName(gitName) + .profileImageUrl(profileImageUrl) .build(); return memberRepository.save(newMember); } private CustomOauth2User createCustomOauth2User(final Member member, final Map userInfo) { - GithubUserInfo githubUserInfo = generateGithubInfo(userInfo); + return CustomOauth2User.builder() .member(member) .githubUserInfo(githubUserInfo) diff --git a/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuthSuccessHandler.java b/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuthSuccessHandler.java index a0ef458..a486f71 100644 --- a/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuthSuccessHandler.java +++ b/src/main/java/com/api/TaveShot/global/oauth2/CustomOAuthSuccessHandler.java @@ -30,7 +30,6 @@ public class CustomOAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHan @Override public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException { - CustomOauth2User oauth2User = (CustomOauth2User) authentication.getPrincipal(); GithubUserInfo githubUserInfo = createGitHubUserInfo(oauth2User); @@ -38,21 +37,22 @@ public void onAuthenticationSuccess(final HttpServletRequest request, final Http log.debug("------------------ Response 전송 완료"); } - String profileImageUrl = githubUserInfo.getProfileImageUrl(); String loginId = githubUserInfo.getLoginId(); - Long gitId = githubUserInfo.getId(); - log.info("------------------ " - + "소셜 로그인 성공: " + loginId - + "프로필 이미지: " + profileImageUrl); + log.info("------------------ 소셜 로그인 성공: " + loginId); + + Integer id = githubUserInfo.getId(); + String mail = githubUserInfo.getMail(); + String profileImageUrl = githubUserInfo.getProfileImageUrl(); - Member loginMember = memberRepository.findByGitId(gitId).orElseThrow(() -> new RuntimeException("해당 gitId로 회원을 찾을 수 없음")); + Member loginMember = memberRepository.findByGitId(Long.valueOf(id)).orElseThrow(() -> new RuntimeException("해당 gitId로 회원을 찾을 수 없음")); String loginMemberId = String.valueOf(loginMember.getId()); registerHeaderToken(response, loginMemberId); AuthResponse authResponse = AuthResponse.builder() .memberId(loginMember.getId()) + .mail(mail) .gitLoginId(loginId) .gitProfileImageUrl(profileImageUrl) .build(); @@ -61,12 +61,6 @@ public void onAuthenticationSuccess(final HttpServletRequest request, final Http registerResponse(response, authResponse); } - private void registerHeaderToken(final HttpServletResponse response, final String loginMemberId) { - String ourToken = jwtProvider.generateJwtToken(loginMemberId); - // 어세스 토큰은 헤더에 담아서 응답으로 보냄 - response.setHeader("Authorization", ourToken); - } - private GithubUserInfo createGitHubUserInfo(final CustomOauth2User oauth2User) { Map userInfo = oauth2User.getAttributes(); @@ -75,16 +69,26 @@ private GithubUserInfo createGitHubUserInfo(final CustomOauth2User oauth2User) { .build(); } + private void registerHeaderToken(final HttpServletResponse response, final String loginMemberId) { + String ourToken = jwtProvider.generateJwtToken(loginMemberId); + // 어세스 토큰은 헤더에 담아서 응답으로 보냄 + response.setHeader("Authorization", ourToken); + } + private void registerResponse(final HttpServletResponse response, final AuthResponse authResponse) throws IOException { String encodedMemberId = URLEncoder.encode(String.valueOf(authResponse.memberId()), StandardCharsets.UTF_8); String encodedLoginId = URLEncoder.encode(authResponse.gitLoginId(), StandardCharsets.UTF_8); - String encodedGitProfileImageUrl = URLEncoder.encode(authResponse.gitProfileImageUrl(), StandardCharsets.UTF_8); +// String encodedGitProfileImageUrl = URLEncoder.encode(authResponse.gitProfileImageUrl(), StandardCharsets.UTF_8); // 프론트엔드 페이지로 토큰과 함께 리다이렉트 String frontendRedirectUrl = String.format( - "%s/oauth2/github/code?memberId=%s&gitLoginId=%s&profileImgUrl=%s", - REDIRECT_URL, encodedMemberId, encodedLoginId, encodedGitProfileImageUrl); + "%s/oauth2/github/code?memberId=%s&gitLoginId=%s" +// + "&profileImgUrl=%s" + , + REDIRECT_URL, encodedMemberId, encodedLoginId +// , encodedGitProfileImageUrl + ); response.sendRedirect(frontendRedirectUrl); } diff --git a/src/main/java/com/api/TaveShot/global/oauth2/CustomOauth2User.java b/src/main/java/com/api/TaveShot/global/oauth2/CustomOauth2User.java index a406d09..afe4a1f 100644 --- a/src/main/java/com/api/TaveShot/global/oauth2/CustomOauth2User.java +++ b/src/main/java/com/api/TaveShot/global/oauth2/CustomOauth2User.java @@ -34,6 +34,6 @@ public Collection getAuthorities() { @Override public String getName() { - return member.getGitName(); + return member.getGitLoginId(); } } diff --git a/src/main/java/com/api/TaveShot/global/oauth2/GithubUserInfo.java b/src/main/java/com/api/TaveShot/global/oauth2/GithubUserInfo.java index 90ce8a0..2d2fc66 100644 --- a/src/main/java/com/api/TaveShot/global/oauth2/GithubUserInfo.java +++ b/src/main/java/com/api/TaveShot/global/oauth2/GithubUserInfo.java @@ -1,10 +1,9 @@ package com.api.TaveShot.global.oauth2; -import static com.api.TaveShot.global.constant.OauthConstant.AVATAR_URL_PATTERN; +import static com.api.TaveShot.global.constant.OauthConstant.PROFILE_IMAGE_URL_PATTERN; import static com.api.TaveShot.global.constant.OauthConstant.EMAIL_PATTERN; import static com.api.TaveShot.global.constant.OauthConstant.ID_PATTERN; import static com.api.TaveShot.global.constant.OauthConstant.LOGIN_PATTERN; -import static com.api.TaveShot.global.constant.OauthConstant.NAME_PATTERN; import java.util.Map; import lombok.Builder; @@ -12,23 +11,20 @@ @Builder public record GithubUserInfo(Map userInfo) { - public String getProfileImageUrl() { - return (String) userInfo.get(AVATAR_URL_PATTERN); - } - public String getLoginId() { return (String) userInfo.get(LOGIN_PATTERN); } - public String getName() { - return (String) userInfo.get(NAME_PATTERN); + + public Integer getId() { + return (Integer) userInfo.get(ID_PATTERN); } public String getMail() { return (String) userInfo.get(EMAIL_PATTERN); } - public Long getId() { - return (Long) userInfo.get(ID_PATTERN); + public String getProfileImageUrl() { + return (String) userInfo.get(PROFILE_IMAGE_URL_PATTERN); } }