fix: 자동 로그인을 위해 access token 만료 확인 로직 제거

related to: #11
dnd-side-project · Oct 18, 2024 · d688dc7 · d688dc7
1 parent 1374da4
commit d688dc7
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 19 deletions.
diff --git a/src/main/java/com/_119/wepro/global/config/SwaggerConfig.java b/src/main/java/com/_119/wepro/global/config/SwaggerConfig.java
@@ -1,5 +1,7 @@
 package com._119.wepro.global.config;
 
+import static com._119.wepro.global.security.constant.SecurityConstants.REFRESH_TOKEN_HEADER;
+
 import io.swagger.v3.oas.models.Components;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.Info;
@@ -8,7 +10,6 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpHeaders;
-import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 @Configuration
 public class SwaggerConfig {
@@ -48,7 +49,7 @@ private SecurityScheme createRefreshTokenSecurityScheme() {
     return new SecurityScheme()
         .type(SecurityScheme.Type.APIKEY)
         .in(SecurityScheme.In.HEADER)
-        .name(AuthorizationGrantType.REFRESH_TOKEN.getValue());
+        .name(REFRESH_TOKEN_HEADER);
   }
 
   private Info createApiInfo() {

diff --git a/src/main/java/com/_119/wepro/member/service/ReissueService.java b/src/main/java/com/_119/wepro/member/service/ReissueService.java
@@ -17,8 +17,11 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
+
+@Slf4j
 @Service
 @RequiredArgsConstructor
 public class ReissueService {
@@ -31,15 +34,14 @@ public void reissue(HttpServletRequest request, HttpServletResponse response) {
     String refreshToken = request.getHeader(REFRESH_TOKEN_HEADER);
     String accessToken = extractToken(request.getHeader(ACCESS_TOKEN_HEADER));
 
-    validateAccessTokenExpired(accessToken);
-    String providerId = jwtTokenProvider.parseExpiredToken(accessToken).getSubject();
+    String memberId = jwtTokenProvider.parseExpiredToken(accessToken).getSubject();
 
-    validateRefreshToken(refreshToken, providerId);
+    validateRefreshToken(refreshToken, memberId);
 
-    Member member = memberRepository.findByProviderId(providerId)
+    Member member = memberRepository.findById(Long.parseLong(memberId))
         .orElseThrow(() -> new RestApiException(UserErrorCode.USER_NOT_FOUND));
 
-    TokenInfo newTokenInfo = jwtTokenProvider.generateToken(providerId, member.getRole());
+    TokenInfo newTokenInfo = jwtTokenProvider.generateToken(memberId, member.getRole());
     setTokenPairToResponseHeader(response, newTokenInfo.getAccessToken(),
         newTokenInfo.getRefreshToken());
   }
@@ -52,17 +54,6 @@ private String extractToken(String token) {
     return token.replace(GRANT_TYPE, "");
   }
 
-  private void validateAccessTokenExpired(String accessToken) {
-    try {
-      jwtTokenProvider.validateToken(accessToken);
-      throw new RestApiException(REFRESH_DENIED);
-    } catch (RestApiException e) {
-      if (e.getErrorCode() != EXPIRED_TOKEN) {
-        throw e;
-      }
-    }
-  }
-
   private void validateRefreshToken(String refreshToken, String memberId) {
     String savedRefreshToken = jwtTokenProvider.getRefreshToken(memberId);
     if (!refreshToken.equals(savedRefreshToken)) {
@@ -73,6 +64,6 @@ private void validateRefreshToken(String refreshToken, String memberId) {
   private void setTokenPairToResponseHeader(
       HttpServletResponse response, String accessToken, String refreshToken) {
     response.setHeader(ACCESS_TOKEN_HEADER, GRANT_TYPE + accessToken);
-    response.setHeader(REFRESH_TOKEN_HEADER, GRANT_TYPE + refreshToken);
+    response.setHeader(REFRESH_TOKEN_HEADER,  refreshToken);
   }
 }