Merge pull request #11 from AR-TTUBEOG/feature/8

[Feat] 카카오 로그인 구체화

build.gradle

@@ -22,7 +22,7 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-webflux'
-
+	implementation 'org.mybatis.spring.boot:mybatis-spring-boot-starter:3.0.2'
 
 	implementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-ui', version: '2.3.0'
 	testImplementation group: 'org.springdoc', name: 'springdoc-openapi-starter-webmvc-api', version: '2.3.0'

src/main/java/com/ttubeog/domain/auth/config/SecurityDomainConfig.java → src/main/java/com/ttubeog/domain/auth/config/SecurityConfig.java

@@ -1,6 +1,6 @@
 package com.ttubeog.domain.auth.config;
 
-import com.ttubeog.domain.auth.application.JwtTokenService;
+import com.ttubeog.domain.auth.service.JwtTokenService;
 import com.ttubeog.domain.auth.filter.JwtFilter;
 import com.ttubeog.domain.member.application.MemberService;
 import lombok.RequiredArgsConstructor;
@@ -9,6 +9,7 @@
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -17,11 +18,11 @@
 
 @RequiredArgsConstructor
 @Configuration
-public class SecurityDomainConfig {
+public class SecurityConfig {
     private final JwtTokenService jwtTokenService;
     private final MemberService memberService;
 
-    @Bean(name = "domainAuth")
+    @Bean
     public AuthenticationManager authenticationManager(
             final AuthenticationConfiguration authenticationConfiguration
             ) throws Exception {
@@ -33,12 +34,19 @@ public SecurityFilterChain configure(final HttpSecurity httpSecurity) throws Exc
         return httpSecurity.cors(withDefaults())
                 .csrf((csrf) -> csrf.disable())
                 .authorizeHttpRequests((authorize) -> authorize
-                        .requestMatchers("/auth/login/**", "/token/refresh").permitAll()
+                        .requestMatchers("/auth/login/**").permitAll()
                         .anyRequest().authenticated())
                 .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                 .formLogin(httpSecurityFormLoginConfigurer -> httpSecurityFormLoginConfigurer.disable())    // 기본 로그인 폼 미사용
                 .httpBasic(httpSecurityHttpBasicConfigurer -> httpSecurityHttpBasicConfigurer.disable())    // 기본 http 미사용
                 .addFilterBefore(new JwtFilter(jwtTokenService, memberService), UsernamePasswordAuthenticationFilter.class) // JWT 필터 추가
                 .build();
     }
+
+    @Bean
+    public WebSecurityCustomizer webSecurityCustomizer(){
+        return web ->
+                web.ignoring()
+                        .requestMatchers("/auth/login/**");
+    }
 }

src/main/java/com/ttubeog/domain/auth/controller/OauthController.java

@@ -1,30 +1,61 @@
 package com.ttubeog.domain.auth.controller;
 
-import com.ttubeog.domain.auth.application.OauthService;
 import com.ttubeog.domain.auth.dto.OauthRequestDto;
 import com.ttubeog.domain.auth.dto.OauthResponseDto;
+import com.ttubeog.domain.auth.dto.RefreshTokenResponseDto;
+import com.ttubeog.domain.auth.service.OauthService;
+import com.ttubeog.global.error.DefaultException;
+import com.ttubeog.global.payload.ErrorCode;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
-import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.Arrays;
+import java.util.stream.Collectors;
+
 @RestController
 @RequiredArgsConstructor
+@RequestMapping("/auth")
 public class OauthController {
     private final OauthService oauthService;
 
     // 카카오 로그인
-    @PostMapping("/auth/login/kakao")
+    @PostMapping("/login/kakao")
     public OauthResponseDto loginWithKaKao(
             @RequestBody
             OauthRequestDto oauthRequestDto,
             HttpServletResponse response
     ) {
         OauthResponseDto oauthResponseDto = new OauthResponseDto();
-        String accessToken = oauthService.loginWithKakao(oauthResponseDto.getAccessToken(), response);
+        String accessToken = oauthService.loginWithKakao(oauthRequestDto.getAccessToken(), response);
         oauthResponseDto.setAccessToken(accessToken);
         return oauthResponseDto;
     }
+
+    // 리프레시 토큰으로 액세스토큰 재발급
+    @PostMapping("/token/refresh")
+    public RefreshTokenResponseDto tokenRefresh(HttpServletRequest request) {
+        RefreshTokenResponseDto refreshTokenResponseDto = new RefreshTokenResponseDto();
+        Cookie[] list = request.getCookies();
+
+        if (list == null) {
+            throw new DefaultException(ErrorCode.INVALID_CHECK);
+        }
+
+        Cookie refreshTokenCookie = Arrays.stream(list).filter(cookie ->
+                cookie.getName().equals("refresh_token")).collect(Collectors.toList()).get(0);
+
+        if (refreshTokenCookie == null) {
+            throw new DefaultException(ErrorCode.INVALID_CHECK);
+        }
+
+        String accessToken = oauthService.refreshToAccessToken(refreshTokenCookie.getValue());
+        refreshTokenResponseDto.setAccessToken(accessToken);
+        return refreshTokenResponseDto;
+    }
 }