diff --git a/adapters/in-web/src/main/kotlin/com/pokit/auth/dto/request/ApiRevokeRequest.kt b/adapters/in-web/src/main/kotlin/com/pokit/auth/dto/request/ApiRevokeRequest.kt index c3b5cd9f..b6659c79 100644 --- a/adapters/in-web/src/main/kotlin/com/pokit/auth/dto/request/ApiRevokeRequest.kt +++ b/adapters/in-web/src/main/kotlin/com/pokit/auth/dto/request/ApiRevokeRequest.kt @@ -5,12 +5,12 @@ import com.pokit.token.model.AuthPlatform import io.swagger.v3.oas.annotations.media.Schema data class ApiRevokeRequest( - @Schema(description = "플랫폼에서 받은 인가코드") - val authorizationCode: String, + @Schema(description = "플랫폼에서 받은 Refresh Token") + val refreshToken: String, val authPlatform: String ) internal fun ApiRevokeRequest.toDto() = RevokeRequest( - authorizationCode = this.authorizationCode, + refreshToken = this.refreshToken, authPlatform = AuthPlatform.of(this.authPlatform) ) diff --git a/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/AppleFeignClient.kt b/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/AppleFeignClient.kt index edddb2bf..b1ec78f6 100644 --- a/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/AppleFeignClient.kt +++ b/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/AppleFeignClient.kt @@ -3,14 +3,12 @@ package com.pokit.auth.common.support import com.pokit.auth.common.config.OpenFeignConfig import com.pokit.auth.common.dto.ApplePublicKeys import com.pokit.auth.common.dto.AppleRevokeRequest -import com.pokit.auth.common.dto.AppleTokenResponse import feign.Response import org.springframework.cloud.openfeign.FeignClient import org.springframework.http.MediaType import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.PostMapping import org.springframework.web.bind.annotation.RequestBody -import org.springframework.web.bind.annotation.RequestParam @FeignClient( @@ -22,17 +20,9 @@ interface AppleFeignClient { @GetMapping("/keys") fun getApplePublicKeys(): ApplePublicKeys - @PostMapping("/revoke", produces = [MediaType.APPLICATION_FORM_URLENCODED_VALUE]) + @PostMapping("/revoke", consumes = [MediaType.APPLICATION_FORM_URLENCODED_VALUE]) fun revoke( @RequestBody appleRevokeRequest: AppleRevokeRequest ): Response - @PostMapping("/token", produces = [MediaType.APPLICATION_FORM_URLENCODED_VALUE]) - fun getToken( - @RequestParam("client_id") clientId: String, - @RequestParam("client_secret") clientSecret: String, - @RequestParam("code") code: String, - @RequestParam("grant_type") grantType: String, - ): AppleTokenResponse? - } diff --git a/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/GoogleFeignClient.kt b/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/GoogleFeignClient.kt index 9c45591b..3f53a2d3 100644 --- a/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/GoogleFeignClient.kt +++ b/adapters/out-web/src/main/kotlin/com/pokit/auth/common/support/GoogleFeignClient.kt @@ -1,10 +1,10 @@ package com.pokit.auth.common.support import com.pokit.auth.common.config.OpenFeignConfig -import com.pokit.auth.common.dto.GoogleTokenResponse import com.pokit.auth.common.dto.GoogleUserResponse import feign.Response import org.springframework.cloud.openfeign.FeignClient +import org.springframework.http.MediaType import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.PostMapping import org.springframework.web.bind.annotation.RequestParam @@ -18,14 +18,6 @@ interface GoogleFeignClient { @GetMapping("/tokeninfo") fun getUserInfo(@RequestParam("id_token") idToken: String): GoogleUserResponse - @PostMapping("/token") - fun getToken( - @RequestParam("code") authorizationCode: String, - @RequestParam("client_id") clientId: String, - @RequestParam("client_secret") clientSecret: String, - @RequestParam("grant_type") grantType: String - ): GoogleTokenResponse? - - @PostMapping("/revoke") - fun revoke(@RequestParam("token") accessToken: String): Response + @PostMapping("/revoke", consumes = [MediaType.APPLICATION_FORM_URLENCODED_VALUE]) + fun revoke(@RequestParam("token") refreshToken: String): Response } diff --git a/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/AppleApiAdapter.kt b/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/AppleApiAdapter.kt index f98d2967..d461ded0 100644 --- a/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/AppleApiAdapter.kt +++ b/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/AppleApiAdapter.kt @@ -1,7 +1,6 @@ package com.pokit.auth.impl import com.pokit.auth.common.dto.AppleRevokeRequest -import com.pokit.auth.common.dto.AppleTokenResponse import com.pokit.auth.common.property.AppleProperty import com.pokit.auth.common.support.AppleFeignClient import com.pokit.auth.common.support.AppleKeyGenerator @@ -30,15 +29,12 @@ class AppleApiAdapter( return UserInfo(email = email, authPlatform = AuthPlatform.APPLE) } - override fun revoke(authorizationCode: String) { + override fun revoke(refreshToken: String) { val clientSecret = appleSecretGenerator.createClientSecret() - val tokenResponse = getAuthToken(authorizationCode, clientSecret) - ?: throw ClientValidationException(AuthErrorCode.INVALID_AUTHORIZATION_CODE) - revokeAuth(tokenResponse.accessToken, clientSecret) + revokeAuth(refreshToken, clientSecret) } - // 애플에게 공개 키 요청 후 공개키로 idToken 내 고객 정보 추출 private fun decodeAndVerifyIdToken(idToken: String): Map { val publicKeys = appleFeignClient.getApplePublicKeys() @@ -48,21 +44,12 @@ class AppleApiAdapter( return claims } - private fun getAuthToken(authorizationCode: String, clientSecret: String): AppleTokenResponse? { - return appleFeignClient.getToken( - appleProperty.clientId, - clientSecret, - authorizationCode, - "authorization_code" - ) - } - - private fun revokeAuth(accessToken: String, clientSecret: String) { + private fun revokeAuth(refreshToken: String, clientSecret: String) { val request = AppleRevokeRequest( appleProperty.clientId, clientSecret, - accessToken, - "access_token" + refreshToken, + "refresh_token" ) val response = appleFeignClient.revoke(request) if (response.status() != HttpStatus.SC_OK) { diff --git a/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/GoogleApiAdapter.kt b/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/GoogleApiAdapter.kt index fce4ad95..4d82abbe 100644 --- a/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/GoogleApiAdapter.kt +++ b/adapters/out-web/src/main/kotlin/com/pokit/auth/impl/GoogleApiAdapter.kt @@ -13,7 +13,6 @@ import org.springframework.stereotype.Component @Component class GoogleApiAdapter( private val googleFeignClient: GoogleFeignClient, - private val googleProperty: GoogleProperty ) : GoogleApiClient { override fun getUserInfo(idToken: String): UserInfo { val response = googleFeignClient.getUserInfo(idToken) @@ -24,15 +23,8 @@ class GoogleApiAdapter( ) } - override fun revoke(authorizationCode: String) { - val tokenResponse = googleFeignClient.getToken( - authorizationCode, - googleProperty.clientId, - googleProperty.clientSecret, - "authorization_code" - ) ?: throw ClientValidationException(AuthErrorCode.INVALID_AUTHORIZATION_CODE) - - val revokeResponse = googleFeignClient.revoke(tokenResponse.accessToken) + override fun revoke(refreshToken: String) { + val revokeResponse = googleFeignClient.revoke(refreshToken) if (revokeResponse.status() != HttpStatus.SC_OK) { throw ClientValidationException(AuthErrorCode.FAILED_TO_REVOKE) diff --git a/application/src/main/kotlin/com/pokit/auth/port/out/AppleApiClient.kt b/application/src/main/kotlin/com/pokit/auth/port/out/AppleApiClient.kt index 5cf93c74..c93b9127 100644 --- a/application/src/main/kotlin/com/pokit/auth/port/out/AppleApiClient.kt +++ b/application/src/main/kotlin/com/pokit/auth/port/out/AppleApiClient.kt @@ -5,5 +5,5 @@ import com.pokit.user.dto.UserInfo interface AppleApiClient { fun getUserInfo(idToken: String): UserInfo - fun revoke(authorizationCode: String) + fun revoke(refreshToken: String) } diff --git a/application/src/main/kotlin/com/pokit/auth/port/out/GoogleApiClient.kt b/application/src/main/kotlin/com/pokit/auth/port/out/GoogleApiClient.kt index e9ba4c87..03e8597a 100644 --- a/application/src/main/kotlin/com/pokit/auth/port/out/GoogleApiClient.kt +++ b/application/src/main/kotlin/com/pokit/auth/port/out/GoogleApiClient.kt @@ -5,5 +5,5 @@ import com.pokit.user.dto.UserInfo interface GoogleApiClient { fun getUserInfo(idToken: String): UserInfo - fun revoke(authorizationCode: String) + fun revoke(refreshToken: String) } diff --git a/application/src/main/kotlin/com/pokit/auth/port/service/AuthService.kt b/application/src/main/kotlin/com/pokit/auth/port/service/AuthService.kt index 5df5b962..b98688d4 100644 --- a/application/src/main/kotlin/com/pokit/auth/port/service/AuthService.kt +++ b/application/src/main/kotlin/com/pokit/auth/port/service/AuthService.kt @@ -51,8 +51,8 @@ class AuthService( } when (request.authPlatform) { - AuthPlatform.GOOGLE -> googleApiClient.revoke(request.authorizationCode) - AuthPlatform.APPLE -> appleApiClient.revoke(request.authorizationCode) + AuthPlatform.GOOGLE -> googleApiClient.revoke(request.refreshToken) + AuthPlatform.APPLE -> appleApiClient.revoke(request.refreshToken) } contentPort.deleteByUserId(user.id) userPort.delete(user) diff --git a/domain/src/main/kotlin/com/pokit/token/dto/request/RevokeRequest.kt b/domain/src/main/kotlin/com/pokit/token/dto/request/RevokeRequest.kt index 4bb421c9..b0dbf096 100644 --- a/domain/src/main/kotlin/com/pokit/token/dto/request/RevokeRequest.kt +++ b/domain/src/main/kotlin/com/pokit/token/dto/request/RevokeRequest.kt @@ -3,6 +3,6 @@ package com.pokit.token.dto.request import com.pokit.token.model.AuthPlatform data class RevokeRequest( - val authorizationCode: String, + val refreshToken: String, val authPlatform: AuthPlatform )