Skip to content

Fix: 리프레시토큰 재발급 api 수정 #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kjhh2605 merged 1 commit into from
Sep 11, 2025
Merged

Fix: 리프레시토큰 재발급 api 수정 #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 3 additions & 5 deletions src/main/java/com/DecodEat/domain/refreshToken/controller/TokenController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import com.DecodEat.domain.refreshToken.service.TokenService;
import com.DecodEat.global.apiPayload.ApiResponse;
import io.swagger.v3.oas.annotations.Operation;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
Expand All @@ -17,11 +18,8 @@ public class TokenController {

@PostMapping("/api/token")
@Operation(summary = "액세스 토큰 재발급 API")
public ApiResponse<CreateAccessTokenResponse> createAccessToken(@RequestBody CreateAccessTokenRequest request){
public ApiResponse<String> createAccessToken(HttpServletRequest request){

String refreshToken = request.getRefreshToken();
String newAccessToken = tokenService.createNewAccessToken(refreshToken);

return ApiResponse.onSuccess(new CreateAccessTokenResponse(newAccessToken));
return ApiResponse.onSuccess(tokenService.refreshAccessToken(request));
}
}
17 changes: 17 additions & 0 deletions src/main/java/com/DecodEat/domain/refreshToken/service/TokenService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,11 @@
import com.DecodEat.domain.users.entity.User;
import com.DecodEat.domain.users.service.UserService;
import com.DecodEat.global.config.jwt.JwtTokenProvider;
import com.DecodEat.global.config.oauth.OAuth2SuccessHandler;
import com.DecodEat.global.exception.GeneralException;
import com.DecodEat.global.util.CookieUtil;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;

Expand All @@ -31,4 +35,17 @@ public String createNewAccessToken(String refreshToken){

return jwtTokenProvider.generateToken(user, Duration.ofHours(2)); // 액세스 토큰 유효시간 : 2시간
}

public String refreshAccessToken(HttpServletRequest request){
Cookie cookie = CookieUtil
.getCookie(request, OAuth2SuccessHandler.REFRESH_TOKEN_COOKIE_NAME)
.orElseThrow(() -> new GeneralException(NO_RESULT));

String refreshToken = cookie.getValue();

if(!jwtTokenProvider.validToken(refreshToken)){
throw new GeneralException(UNEXPECTED_TOKEN);
}
return createNewAccessToken(refreshToken);
}
}
17 changes: 6 additions & 11 deletions src/main/java/com/DecodEat/global/config/oauth/OAuth2SuccessHandler.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
import org.springframework.web.util.UriComponentsBuilder;

import java.io.IOException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.Map;

Expand Down Expand Up @@ -51,7 +53,6 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo

// 2. 액세스 토큰 생성
String accessToken = tokenProvider.generateToken(user, ACCESS_TOKEN_DURATION);
addAccessTokenToCookie(request, response, accessToken);

String targetUrl = getTargetUrl(accessToken);

Expand All @@ -71,14 +72,6 @@ private void saveRefreshToken(Long userId, String newRefreshToken) {
refreshTokenRepository.save(refreshToken);
}

private void addAccessTokenToCookie(HttpServletRequest request, HttpServletResponse response, String accessToken) {
int cookieMaxAge = (int) ACCESS_TOKEN_DURATION.toSeconds();
CookieUtil.deleteCookie(request, response, ACCESS_TOKEN_COOKIE_NAME);
CookieUtil.addCookie(response, ACCESS_TOKEN_COOKIE_NAME, accessToken, cookieMaxAge);
}



// 생성된 리프레시 토큰을 쿠키에 저장
private void addRefreshTokenToCookie(HttpServletRequest request, HttpServletResponse response, String refreshToken) {
int cookieMaxAge = (int) REFRESH_TOKEN_DURATION.toSeconds();
Expand All @@ -94,9 +87,11 @@ private void clearAuthenticationAttributes(HttpServletRequest request, HttpServl

// 액세스 토큰을 리다이렉트 경로에 파라미터로 추가
private String getTargetUrl(String token) {
return UriComponentsBuilder.fromUriString("/decodeat.store") //todo:로그인 후 스웨거화면
.queryParam("token", token)
return UriComponentsBuilder.fromUriString("https://decodeat.netlify.app")
.queryParam("access_token", token)
.build()
.toUriString();
}


}
Loading