Skip to content

Commit 1f146fd

Browse files
authored
Merge pull request #516 from PromptPlace/fix/#515-oauth-redirect-uri-fallback
[FIX] OAuth 토큰 교환 redirect_uri 누락 시 환경변수 fallback (#515)
2 parents 4561454 + bce8223 commit 1f146fd

2 files changed

Lines changed: 24 additions & 7 deletions

File tree

src/auth/controllers/auth.controller.ts

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import { Request, Response } from "express";
2-
import AuthService, { assertAllowedRedirectUri } from "../services/auth.service";
2+
import AuthService, { resolveRedirectUri } from "../services/auth.service";
33
import { AppError } from "../../errors/AppError";
44
import { CompleteSignupDto } from "../dtos/complete-signup.dto";
55
import { validate } from "class-validator";
@@ -328,8 +328,8 @@ class AuthController {
328328
});
329329
}
330330

331-
const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
332-
const result = await AuthService.exchangeKakaoToken(code, validatedRedirectUri);
331+
const resolvedRedirectUri = resolveRedirectUri("KAKAO", redirect_uri);
332+
const result = await AuthService.exchangeKakaoToken(code, resolvedRedirectUri);
333333

334334
res.status(200).json({
335335
message: "카카오 로그인이 완료되었습니다.",
@@ -365,8 +365,8 @@ class AuthController {
365365
});
366366
}
367367

368-
const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
369-
const result = await AuthService.exchangeGoogleToken(code, validatedRedirectUri);
368+
const resolvedRedirectUri = resolveRedirectUri("GOOGLE", redirect_uri);
369+
const result = await AuthService.exchangeGoogleToken(code, resolvedRedirectUri);
370370

371371
res.status(200).json({
372372
message: "구글 로그인이 완료되었습니다.",
@@ -402,8 +402,8 @@ class AuthController {
402402
});
403403
}
404404

405-
const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
406-
const result = await AuthService.exchangeNaverToken(code, validatedRedirectUri);
405+
const resolvedRedirectUri = resolveRedirectUri("NAVER", redirect_uri);
406+
const result = await AuthService.exchangeNaverToken(code, resolvedRedirectUri);
407407

408408
res.status(200).json({
409409
message: "네이버 로그인이 완료되었습니다.",

src/auth/services/auth.service.ts

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,23 @@ export const assertAllowedRedirectUri = (redirectUri: string | undefined): strin
3535
return redirectUri;
3636
};
3737

38+
// 호환성 fallback: body의 redirect_uri가 없을 때 환경변수의 provider별 callback URL을 사용한다.
39+
// 프론트 단계적 반영을 위한 임시 호환 경로.
40+
export const resolveRedirectUri = (
41+
provider: "GOOGLE" | "KAKAO" | "NAVER",
42+
bodyRedirectUri: string | undefined
43+
): string => {
44+
if (bodyRedirectUri) {
45+
return assertAllowedRedirectUri(bodyRedirectUri);
46+
}
47+
const envKey = `${provider}_CALLBACK_URL` as const;
48+
const fallback = process.env[envKey];
49+
if (!fallback) {
50+
throw new AppError("redirect_uri가 필요합니다.", 400, "BadRequest");
51+
}
52+
return fallback;
53+
};
54+
3855
class AuthService {
3956
async generateTokens(user: any): Promise<Tokens> {
4057
const accessToken = jwt.sign(

0 commit comments

Comments
 (0)