Skip to content

test: add google login test #264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
CSE-Shaco merged 2 commits into from
Dec 26, 2025
Merged

test: add google login test #264

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2e2bc86
Merge pull request #263 from GDGoCINHA/develop
CSE-Shaco Dec 19, 2025
188ba6a
test: add google login test
CSE-Shaco Dec 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions src/main/java/inha/gdgoc/domain/test/controller/TestController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
package inha.gdgoc.domain.test.controller;

import inha.gdgoc.global.dto.response.ApiResponse;
import java.util.Map;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/api/v1/test")
public class TestController {
Comment on lines +1 to +14
Copy link

@coderabbitai coderabbitai bot Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

PR 제λͺ©κ³Ό κ΅¬ν˜„ λ‚΄μš©μ΄ λΆˆμΌμΉ˜ν•©λ‹ˆλ‹€.

PR 제λͺ©μ€ "test: add google login test"μ΄μ§€λ§Œ, 이 μ»¨νŠΈλ‘€λŸ¬λŠ” Google λ‘œκ·ΈμΈμ„ ν…ŒμŠ€νŠΈν•˜μ§€ μ•ŠμŠ΅λ‹ˆλ‹€. λ‹¨μˆœνžˆ 토큰과 ν—€λ”μ˜ 쑴재 μ—¬λΆ€λ§Œ ν™•μΈν•©λ‹ˆλ‹€.

  • Google OAuth 둜그인 ν”Œλ‘œμš°λ₯Ό μ‹€μ œλ‘œ ν…ŒμŠ€νŠΈν•˜λ €λ©΄, Google 인증 μ„œλΉ„μŠ€μ™€μ˜ 톡합을 검증해야 ν•©λ‹ˆλ‹€
  • ν˜„μž¬ κ΅¬ν˜„μ€ 토큰 쑴재 μ—¬λΆ€λ§Œ ν™•μΈν•˜λŠ” 일반적인 인증 μƒνƒœ 체크 μ—”λ“œν¬μΈνŠΈμž…λ‹ˆλ‹€

PR 제λͺ©μ„ κ΅¬ν˜„μ— 맞게 μˆ˜μ •ν•˜κ±°λ‚˜, Google λ‘œκ·ΈμΈμ„ μ‹€μ œλ‘œ ν…ŒμŠ€νŠΈν•˜λŠ” λ‘œμ§μ„ μΆ”κ°€ν•˜λŠ” 것을 ꢌμž₯ν•©λ‹ˆλ‹€.


@GetMapping("/login_test")
public ResponseEntity<ApiResponse<Map<String, Object>, Void>> loginTest(
@CookieValue(value = "refresh_token", required = false) String refreshToken,
@RequestHeader(value = "Authorization", required = false) String authorization
) {
boolean hasRefreshToken = refreshToken != null && !refreshToken.isBlank();
boolean hasAuthorization = authorization != null && !authorization.isBlank();

Map<String, Object> data = Map.of(
"has_refresh_token", hasRefreshToken,
"has_authorization", hasAuthorization
);

return ResponseEntity.ok(ApiResponse.ok("LOGIN_TEST_OK", data));
}
Comment on lines +16 to +30
Copy link

@coderabbitai coderabbitai bot Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

ν”„λ‘œλ•μ…˜ ν™˜κ²½μ—μ„œ ν…ŒμŠ€νŠΈ μ—”λ“œν¬μΈνŠΈ λ…ΈμΆœμ„ μ œν•œν•΄μ•Ό ν•©λ‹ˆλ‹€.

이 ν…ŒμŠ€νŠΈ μ—”λ“œν¬μΈνŠΈκ°€ λͺ¨λ“  ν™˜κ²½μ—μ„œ 곡개적으둜 μ ‘κ·Ό κ°€λŠ₯ν•˜λ„λ‘ μ„€μ •λ˜μ–΄ μžˆμŠ΅λ‹ˆλ‹€. ν”„λ‘œλ•μ…˜ ν™˜κ²½μ—μ„œ ν…ŒμŠ€νŠΈ μ—”λ“œν¬μΈνŠΈλ₯Ό λ…ΈμΆœν•˜λ©΄ λ³΄μ•ˆ μœ„ν—˜μ΄ λ°œμƒν•  수 μžˆμŠ΅λ‹ˆλ‹€.

λ‹€μŒ 쀑 ν•˜λ‚˜λ₯Ό μ μš©ν•˜λŠ” 것을 ꢌμž₯ν•©λ‹ˆλ‹€:

  • Spring Profile을 μ‚¬μš©ν•˜μ—¬ 개발/ν…ŒμŠ€νŠΈ ν™˜κ²½μ—μ„œλ§Œ ν™œμ„±ν™”
  • Feature flag둜 μ œμ–΄
  • λ³„λ„μ˜ ν…ŒμŠ€νŠΈ λͺ¨λ“ˆλ‘œ 뢄리
πŸ”Ž ν”„λ‘œν•„ 기반 ν™œμ„±ν™” μ œμ•ˆ 
+import org.springframework.context.annotation.Profile;
+
+@Profile({"local", "dev", "test"})
 @RestController
 @RequestMapping("/api/v1/test")
 public class TestController {

λ˜λŠ” 쑰건뢀 빈 등둝을 μ‚¬μš©:

+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+
+@ConditionalOnProperty(name = "feature.test-endpoints.enabled", havingValue = "true")
 @RestController
 @RequestMapping("/api/v1/test")
 public class TestController {

Committable suggestion skipped: line range outside the PR's diff.

πŸ€– Prompt for AI Agents 
In src/main/java/inha/gdgoc/domain/test/controller/TestController.java around
lines 16-30 the login_test endpoint is always exposed; restrict it so it is not
available in production by enabling it only for non-production profiles or via a
feature flag. Fix by annotating the controller (or its @Configuration) with a
profile/condition such as @Profile({"dev","test"}) or @Profile("!prod") or use a
conditional on a property (e.g.,
@ConditionalOnProperty(name="feature.test-endpoints.enabled",
havingValue="true", matchIfMissing=false)) and add the corresponding property to
dev/test configs (false or absent in production), then update docs and tests to
ensure the endpoint is only reachable in intended environments.

}
1 change: 1 addition & 0 deletions src/main/java/inha/gdgoc/global/security/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
"/v3/api-docs/**",
"/swagger-ui.html",
"/api/v1/auth/**",
"/api/v1/test/**",
"/api/v1/game/**",
"/api/v1/apply/**",
"/api/v1/check/**",
Expand Down
Loading