[feat #60] 탈퇴 로직 수정 (#63)

* feat : 인가 코드 -> 리프레쉬 토큰으로 탈퇴로 수

* remove : 미사용 api 제거

adapters/in-web/src/main/kotlin/com/pokit/auth/dto/request/ApiRevokeRequest.kt

@@ -5,12 +5,12 @@ import com.pokit.token.model.AuthPlatform
 import io.swagger.v3.oas.annotations.media.Schema
 
 data class ApiRevokeRequest(
-    @Schema(description = "플랫폼에서 받은 인가코드")
-    val authorizationCode: String,
+    @Schema(description = "플랫폼에서 받은 Refresh Token")
+    val refreshToken: String,
     val authPlatform: String
 )
 
 internal fun ApiRevokeRequest.toDto() = RevokeRequest(
-    authorizationCode = this.authorizationCode,
+    refreshToken = this.refreshToken,
     authPlatform = AuthPlatform.of(this.authPlatform)
 )

adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/AppleFeignClient.kt

@@ -3,14 +3,12 @@ package com.pokit.auth.common.support
 import com.pokit.auth.common.config.OpenFeignConfig
 import com.pokit.auth.common.dto.ApplePublicKeys
 import com.pokit.auth.common.dto.AppleRevokeRequest
-import com.pokit.auth.common.dto.AppleTokenResponse
 import feign.Response
 import org.springframework.cloud.openfeign.FeignClient
 import org.springframework.http.MediaType
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PostMapping
 import org.springframework.web.bind.annotation.RequestBody
-import org.springframework.web.bind.annotation.RequestParam
 
 
 @FeignClient(
@@ -22,17 +20,9 @@ interface AppleFeignClient {
     @GetMapping("/keys")
     fun getApplePublicKeys(): ApplePublicKeys
 
-    @PostMapping("/revoke", produces = [MediaType.APPLICATION_FORM_URLENCODED_VALUE])
+    @PostMapping("/revoke", consumes = [MediaType.APPLICATION_FORM_URLENCODED_VALUE])
     fun revoke(
         @RequestBody appleRevokeRequest: AppleRevokeRequest
     ): Response
 
-    @PostMapping("/token", produces = [MediaType.APPLICATION_FORM_URLENCODED_VALUE])
-    fun getToken(
-        @RequestParam("client_id") clientId: String,
-        @RequestParam("client_secret") clientSecret: String,
-        @RequestParam("code") code: String,
-        @RequestParam("grant_type") grantType: String,
-    ): AppleTokenResponse?
-
 }

adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/GoogleFeignClient.kt

@@ -1,10 +1,10 @@
 package com.pokit.auth.common.support
 
 import com.pokit.auth.common.config.OpenFeignConfig
-import com.pokit.auth.common.dto.GoogleTokenResponse
 import com.pokit.auth.common.dto.GoogleUserResponse
 import feign.Response
 import org.springframework.cloud.openfeign.FeignClient
+import org.springframework.http.MediaType
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.PostMapping
 import org.springframework.web.bind.annotation.RequestParam
@@ -18,14 +18,6 @@ interface GoogleFeignClient {
     @GetMapping("/tokeninfo")
     fun getUserInfo(@RequestParam("id_token") idToken: String): GoogleUserResponse
 
-    @PostMapping("/token")
-    fun getToken(
-        @RequestParam("code") authorizationCode: String,
-        @RequestParam("client_id") clientId: String,
-        @RequestParam("client_secret") clientSecret: String,
-        @RequestParam("grant_type") grantType: String
-    ): GoogleTokenResponse?
-
-    @PostMapping("/revoke")
-    fun revoke(@RequestParam("token") accessToken: String): Response
+    @PostMapping("/revoke", consumes = [MediaType.APPLICATION_FORM_URLENCODED_VALUE])
+    fun revoke(@RequestParam("token") refreshToken: String): Response
 }

adapters/out-web/src/main/kotlin/com/pokit/auth/impl/AppleApiAdapter.kt

@@ -1,7 +1,6 @@
 package com.pokit.auth.impl
 
 import com.pokit.auth.common.dto.AppleRevokeRequest
-import com.pokit.auth.common.dto.AppleTokenResponse
 import com.pokit.auth.common.property.AppleProperty
 import com.pokit.auth.common.support.AppleFeignClient
 import com.pokit.auth.common.support.AppleKeyGenerator
@@ -30,15 +29,12 @@ class AppleApiAdapter(
         return UserInfo(email = email, authPlatform = AuthPlatform.APPLE)
     }
 
-    override fun revoke(authorizationCode: String) {
+    override fun revoke(refreshToken: String) {
         val clientSecret = appleSecretGenerator.createClientSecret()
-        val tokenResponse = getAuthToken(authorizationCode, clientSecret)
-            ?: throw ClientValidationException(AuthErrorCode.INVALID_AUTHORIZATION_CODE)
 
-        revokeAuth(tokenResponse.accessToken, clientSecret)
+        revokeAuth(refreshToken, clientSecret)
     }
 
-    // 애플에게 공개 키 요청 후 공개키로 idToken 내 고객 정보 추출
     private fun decodeAndVerifyIdToken(idToken: String): Map<String, Any> {
         val publicKeys = appleFeignClient.getApplePublicKeys()
 
@@ -48,21 +44,12 @@ class AppleApiAdapter(
         return claims
     }
 
-    private fun getAuthToken(authorizationCode: String, clientSecret: String): AppleTokenResponse? {
-        return appleFeignClient.getToken(
-            appleProperty.clientId,
-            clientSecret,
-            authorizationCode,
-            "authorization_code"
-        )
-    }
-
-    private fun revokeAuth(accessToken: String, clientSecret: String) {
+    private fun revokeAuth(refreshToken: String, clientSecret: String) {
         val request = AppleRevokeRequest(
             appleProperty.clientId,
             clientSecret,
-            accessToken,
-            "access_token"
+            refreshToken,
+            "refresh_token"
         )
         val response = appleFeignClient.revoke(request)
         if (response.status() != HttpStatus.SC_OK) {

adapters/out-web/src/main/kotlin/com/pokit/auth/impl/GoogleApiAdapter.kt

@@ -13,7 +13,6 @@ import org.springframework.stereotype.Component
 @Component
 class GoogleApiAdapter(
     private val googleFeignClient: GoogleFeignClient,
-    private val googleProperty: GoogleProperty
 ) : GoogleApiClient {
     override fun getUserInfo(idToken: String): UserInfo {
         val response = googleFeignClient.getUserInfo(idToken)
@@ -24,15 +23,8 @@ class GoogleApiAdapter(
         )
     }
 
-    override fun revoke(authorizationCode: String) {
-        val tokenResponse = googleFeignClient.getToken(
-            authorizationCode,
-            googleProperty.clientId,
-            googleProperty.clientSecret,
-            "authorization_code"
-        ) ?: throw ClientValidationException(AuthErrorCode.INVALID_AUTHORIZATION_CODE)
-
-        val revokeResponse = googleFeignClient.revoke(tokenResponse.accessToken)
+    override fun revoke(refreshToken: String) {
+        val revokeResponse = googleFeignClient.revoke(refreshToken)
 
         if (revokeResponse.status() != HttpStatus.SC_OK) {
             throw ClientValidationException(AuthErrorCode.FAILED_TO_REVOKE)

application/src/main/kotlin/com/pokit/auth/port/out/AppleApiClient.kt

@@ -5,5 +5,5 @@ import com.pokit.user.dto.UserInfo
 interface AppleApiClient {
     fun getUserInfo(idToken: String): UserInfo
 
-    fun revoke(authorizationCode: String)
+    fun revoke(refreshToken: String)
 }

application/src/main/kotlin/com/pokit/auth/port/out/GoogleApiClient.kt

@@ -5,5 +5,5 @@ import com.pokit.user.dto.UserInfo
 interface GoogleApiClient {
     fun getUserInfo(idToken: String): UserInfo
 
-    fun revoke(authorizationCode: String)
+    fun revoke(refreshToken: String)
 }

application/src/main/kotlin/com/pokit/auth/port/service/AuthService.kt

@@ -51,8 +51,8 @@ class AuthService(
         }
 
         when (request.authPlatform) {
-            AuthPlatform.GOOGLE -> googleApiClient.revoke(request.authorizationCode)
-            AuthPlatform.APPLE -> appleApiClient.revoke(request.authorizationCode)
+            AuthPlatform.GOOGLE -> googleApiClient.revoke(request.refreshToken)
+            AuthPlatform.APPLE -> appleApiClient.revoke(request.refreshToken)
         }
         contentPort.deleteByUserId(user.id)
         userPort.delete(user)

domain/src/main/kotlin/com/pokit/token/dto/request/RevokeRequest.kt

@@ -3,6 +3,6 @@ package com.pokit.token.dto.request
 import com.pokit.token.model.AuthPlatform
 
 data class RevokeRequest(
-    val authorizationCode: String,
+    val refreshToken: String,
     val authPlatform: AuthPlatform
 )