[Refactor] #275 - 토큰 내 유저 id 검증 방법 변경 (파라미터로 유저 id 요청 => 토큰에서 파싱

src/main/java/shop/cazait/domain/auth/api/AuthController.java

@@ -61,23 +61,21 @@ public SuccessResponse<PostLoginRes> logIn(
 
 
     @NoAuth
-    @GetMapping(value = "/refresh/{userIdx}")
+    @GetMapping(value = "/refresh")
     @Operation(summary = "토큰 재발급", description = "인터셉터에서 accesstoken이 만료되고 난 후 클라이언트에서 해당 api로 토큰 재발급 요청 필요")
     @Parameters({
             @Parameter(name = "role", description = "유저인지 마스터인지(user/master)",example = "user"),
             @Parameter(name = "Authorization", description = "발급 받은 accesstoken"),
             @Parameter(name = "REFRESH-TOKEN", description = "발급 받은 refreshtoken"),
-            @Parameter(name = "userIdx", description = "response로 발급 받은 계정 ID번호",example="1"),
     })
     public SuccessResponse<PostLoginRes> refreshToken(
-            @PathVariable(name = "userIdx") Long userIdx,
             @RequestParam @NotBlank String role,
             @RequestHeader(value = "Authorization") String accessToken,
             @RequestHeader(value = "REFRESH-TOKEN") String refreshToken) throws UserException, BaseException, MasterException {
 
-        jwtService.isValidAccessTokenId(userIdx);
+        System.out.println("accessToken = " + accessToken);
         Role exactRole = Role.of(role);
-        PostLoginRes postLoginRes = authService.reIssueTokensByRole(exactRole, accessToken, refreshToken, userIdx);
+        PostLoginRes postLoginRes = authService.reIssueTokensByRole(exactRole, accessToken, refreshToken);
         return new SuccessResponse<>(SUCCESS, postLoginRes);
     }
 }

src/main/java/shop/cazait/domain/auth/service/AuthService.java

@@ -51,9 +51,9 @@ public class AuthService {
 
     private final UserRepository userRepository;
 
-    public PostLoginRes reIssueTokensByRole(Role exactRole, String accessToken, String refreshToken, Long userIdx) throws MasterException, UserException {
+    public PostLoginRes reIssueTokensByRole(Role exactRole, String accessToken, String refreshToken) throws MasterException, UserException {
         if (exactRole.equals(USER)) {
-            return userService.reIssueTokens(accessToken, refreshToken, userIdx);
+            return userService.reIssueTokens(accessToken, refreshToken);
         } else {
             return masterService.issueAccessToken(accessToken, refreshToken);
         }

src/main/java/shop/cazait/domain/user/service/UserService.java

@@ -221,10 +221,10 @@ public SuccessResponse<String> checkduplicateNickname(PostCheckDuplicateNickname
 //        return PostLoginRes.of(user,accessToken,refreshToken,USER);
 //    }
 
-    public PostLoginRes reIssueTokens(String accessToken,String refreshToken, Long userIdx) throws UserException{
+    public PostLoginRes reIssueTokens(String accessToken,String refreshToken) throws UserException{
 
         User user = null;
-
+        Long userIdx = jwtService.getUserIdx(accessToken);
         log.info("accessToken = " + accessToken);
         log.info("refreshToken = " + refreshToken);
 

src/main/java/shop/cazait/global/config/encrypt/JwtService.java

@@ -149,7 +149,7 @@ public Long getUserIdx(String token) throws UserException {
         } catch (ExpiredJwtException exception) {
             Long userIdx = exception.getClaims().get("userIdx", Long.class);
             return userIdx;
-        } catch (JwtException exception) {
+        } catch (JwtException | IllegalArgumentException exception) {
             log.error("Token tampered.");
             throw new UserException(INVALID_JWT);
         } catch (NullPointerException exception) {